TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / 5c9b40cba7e353f3fd8a5e0bd3f175b1a5980a0c / . / host / xtest / xtest_4000.c
blob: 7ec1d74e63822f39362276ac3c3e281f810f9a78 [file] [log] [blame]
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1/*
2 * Copyright (c) 2014, STMicroelectronics International N.V.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License Version 2 as
6 * published by the Free Software Foundation.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 */
13
14#include <stdio.h>
15#include <string.h>
16#include <inttypes.h>
17#include <malloc.h>
18
19#include "xtest_test.h"
20#include "xtest_helpers.h"
21
22#include <tee_api_types.h>
23#include <ta_crypt.h>
24#include <utee_defines.h>
25#include <util.h>
26
27#include <xtest_4000_data.h>
28
29#include <assert.h>
30
31static void xtest_tee_test_4001(ADBG_Case_t *Case_p);
32static void xtest_tee_test_4002(ADBG_Case_t *Case_p);
33static void xtest_tee_test_4003_no_xts(ADBG_Case_t *Case_p);
34static void xtest_tee_test_4003_xts(ADBG_Case_t *Case_p);
35static void xtest_tee_test_4004(ADBG_Case_t *Case_p);
36static void xtest_tee_test_4005(ADBG_Case_t *Case_p);
37static void xtest_tee_test_4006(ADBG_Case_t *Case_p);
38static void xtest_tee_test_4007(ADBG_Case_t *Case_p);
39static void xtest_tee_test_4008(ADBG_Case_t *Case_p);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]40static void xtest_tee_test_4009(ADBG_Case_t *Case_p);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]41
42ADBG_CASE_DEFINE(XTEST_TEE_4001, xtest_tee_test_4001,
43 /* Title */
44 "Test TEE Internal API hash operations",
45 /* Short description */
46 "Short description ...",
47 /* Requirement IDs */
48 "TEE-??",
49 /* How to implement */
50 "Description of how to implement ..."
51 );
52
53ADBG_CASE_DEFINE(XTEST_TEE_4002, xtest_tee_test_4002,
54 /* Title */
55 "Test TEE Internal API MAC operations",
56 /* Short description */
57 "Short description ...",
58 /* Requirement IDs */
59 "TEE-??",
60 /* How to implement */
61 "Description of how to implement ..."
62 );
63
64ADBG_CASE_DEFINE(XTEST_TEE_4003_NO_XTS, xtest_tee_test_4003_no_xts,
65 /* Title */
66 "Test TEE Internal API cipher operations without AES XTS",
67 /* Short description */
68 "Short description ...",
69 /* Requirement IDs */
70 "TEE-??",
71 /* How to implement */
72 "Description of how to implement ..."
73 );
74
75ADBG_CASE_DEFINE(XTEST_TEE_4003_XTS, xtest_tee_test_4003_xts,
76 /* Title */
77 "Test TEE Internal API cipher operations for AES XTS",
78 /* Short description */
79 "Short description ...",
80 /* Requirement IDs */
81 "TEE-??",
82 /* How to implement */
83 "Description of how to implement ..."
84 );
85
86ADBG_CASE_DEFINE(XTEST_TEE_4004, xtest_tee_test_4004,
87 /* Title */
88 "Test TEE Internal API get random",
89 /* Short description */
90 "Short description ...",
91 /* Requirement IDs */
92 "TEE-??",
93 /* How to implement */
94 "Description of how to implement ..."
95 );
96
97ADBG_CASE_DEFINE(XTEST_TEE_4005, xtest_tee_test_4005,
98 /* Title */
99 "Test TEE Internal API Authenticated Encryption operations",
100 /* Short description */
101 "Short description ...",
102 /* Requirement IDs */
103 "TEE-??",
104 /* How to implement */
105 "Description of how to implement ..."
106 );
107
108ADBG_CASE_DEFINE(XTEST_TEE_4006, xtest_tee_test_4006,
109 /* Title */
110 "Test TEE Internal API Asymmetric Cipher operations",
111 /* Short description */
112 "Short description ...",
113 /* Requirement IDs */
114 "TEE-??",
115 /* How to implement */
116 "Description of how to implement ..."
117 );
118
119ADBG_CASE_DEFINE(XTEST_TEE_4007, xtest_tee_test_4007,
120 /* Title */
121 "Test TEE Internal API Generate key",
122 /* Short description */
123 "Short description ...",
124 /* Requirement IDs */
125 "TEE-??",
126 /* How to implement */
127 "Description of how to implement ..."
128 );
129
130ADBG_CASE_DEFINE(XTEST_TEE_4008, xtest_tee_test_4008,
131 /* Title */
132 "Test TEE Internal API Derive key",
133 /* Short description */
134 "Short description ...",
135 /* Requirement IDs */
136 "TEE-??",
137 /* How to implement */
138 "Description of how to implement ..."
139 );
140
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]141ADBG_CASE_DEFINE(XTEST_TEE_4009, xtest_tee_test_4009,
142 /* Title */
143 "Test TEE Internal API Derive key ECDH",
144 /* Short description */
145 "Short description ...",
146 /* Requirement IDs */
147 "TEE-??",
148 /* How to implement */
149 "Description of how to implement ..."
150 );
151
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]152static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
153 TEEC_Session *s,
154 void *buf, size_t blen);
155
156static TEEC_Result ta_crypt_cmd_reset_operation(ADBG_Case_t *c, TEEC_Session *s,
157 TEE_OperationHandle oph)
158{
159 TEEC_Result res;
160 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
161 uint32_t ret_orig;
162
163 assert((uintptr_t)oph <= UINT32_MAX);
164 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
165 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
166 TEEC_NONE);
167 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RESET_OPERATION, &op,
168 &ret_orig);
169 if (res != TEEC_SUCCESS) {
170 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
171 ret_orig);
172 }
173 return res;
174}
175
176static TEEC_Result ta_crypt_cmd_copy_operation(ADBG_Case_t *c,
177 TEEC_Session *s,
178 TEE_OperationHandle dst_oph,
179 TEE_OperationHandle src_oph)
180{
181 TEEC_Result res;
182 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
183 uint32_t ret_orig;
184
185 assert((uintptr_t)dst_oph <= UINT32_MAX);
186 op.params[0].value.a = (uint32_t)(uintptr_t)dst_oph;
187
188 assert((uintptr_t)src_oph <= UINT32_MAX);
189 op.params[0].value.b = (uint32_t)(uintptr_t)src_oph;
190 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
191 TEEC_NONE);
192
193 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_COPY_OPERATION, &op,
194 &ret_orig);
195
196 if (res != TEEC_SUCCESS) {
197 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
198 ret_orig);
199 }
200 return res;
201}
202
203static TEEC_Result ta_crypt_cmd_digest_update(ADBG_Case_t *c, TEEC_Session *s,
204 TEE_OperationHandle oph,
205 const void *chunk,
206 size_t chunk_size)
207{
208 TEEC_Result res;
209 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
210 uint32_t ret_orig;
211
212 assert((uintptr_t)oph <= UINT32_MAX);
213 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
214 op.params[1].tmpref.buffer = (void *)chunk;
215 op.params[1].tmpref.size = chunk_size;
216
217 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
218 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
219 TEEC_NONE);
220
221 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_UPDATE, &op, &ret_orig);
222
223 if (res != TEEC_SUCCESS) {
224 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
225 ret_orig);
226 }
227
228 return res;
229}
230
231static TEEC_Result ta_crypt_cmd_digest_do_final(ADBG_Case_t *c, TEEC_Session *s,
232 TEE_OperationHandle oph,
233 const void *chunk,
234 size_t chunk_len, void *hash,
235 size_t *hash_len)
236{
237 TEEC_Result res;
238 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
239 uint32_t ret_orig;
240
241 assert((uintptr_t)oph <= UINT32_MAX);
242 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
243
244 op.params[1].tmpref.buffer = (void *)chunk;
245 op.params[1].tmpref.size = chunk_len;
246
247 op.params[2].tmpref.buffer = (void *)hash;
248 op.params[2].tmpref.size = *hash_len;
249
250 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
251 TEEC_MEMREF_TEMP_INPUT,
252 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
253
254 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_DO_FINAL, &op,
255 &ret_orig);
256
257 if (res != TEEC_SUCCESS) {
258 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
259 ret_orig);
260 }
261
262 if (res == TEEC_SUCCESS)
263 *hash_len = op.params[2].tmpref.size;
264
265 return res;
266}
267
268static TEE_Result ta_crypt_cmd_set_operation_key2(ADBG_Case_t *c,
269 TEEC_Session *s,
270 TEE_OperationHandle oph,
271 TEE_ObjectHandle key1,
272 TEE_ObjectHandle key2)
273{
274 TEEC_Result res;
275 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
276 uint32_t ret_orig;
277
278 assert((uintptr_t)oph <= UINT32_MAX);
279 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
280
281 assert((uintptr_t)key1 <= UINT32_MAX);
282 op.params[0].value.b = (uint32_t)(uintptr_t)key1;
283
284 assert((uintptr_t)key2 <= UINT32_MAX);
285 op.params[1].value.a = (uint32_t)(uintptr_t)key2;
286 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_INPUT,
287 TEEC_NONE, TEEC_NONE);
288
289 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_SET_OPERATION_KEY2, &op,
290 &ret_orig);
291
292 if (res != TEEC_SUCCESS) {
293 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
294 ret_orig);
295 }
296
297 return res;
298}
299
300static TEEC_Result ta_crypt_cmd_mac_init(ADBG_Case_t *c, TEEC_Session *s,
301 TEE_OperationHandle oph,
302 const void *iv, size_t iv_len)
303{
304 TEEC_Result res;
305 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
306 uint32_t ret_orig;
307
308 assert((uintptr_t)oph <= UINT32_MAX);
309 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
310
311 if (iv != NULL) {
312 op.params[1].tmpref.buffer = (void *)iv;
313 op.params[1].tmpref.size = iv_len;
314 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
315 TEEC_MEMREF_TEMP_INPUT,
316 TEEC_NONE, TEEC_NONE);
317 } else {
318 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
319 TEEC_NONE, TEEC_NONE);
320 }
321
322 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_INIT, &op, &ret_orig);
323
324 if (res != TEEC_SUCCESS) {
325 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
326 ret_orig);
327 }
328
329 return res;
330}
331
332static TEEC_Result ta_crypt_cmd_mac_update(ADBG_Case_t *c, TEEC_Session *s,
333 TEE_OperationHandle oph,
334 const void *chunk, size_t chunk_size)
335{
336 TEEC_Result res;
337 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
338 uint32_t ret_orig;
339
340 assert((uintptr_t)oph <= UINT32_MAX);
341 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
342
343 op.params[1].tmpref.buffer = (void *)chunk;
344 op.params[1].tmpref.size = chunk_size;
345
346 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
347 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
348 TEEC_NONE);
349
350 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_UPDATE, &op, &ret_orig);
351
352 if (res != TEEC_SUCCESS) {
353 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
354 ret_orig);
355 }
356
357 return res;
358}
359
360static TEEC_Result ta_crypt_cmd_mac_final_compute(ADBG_Case_t *c,
361 TEEC_Session *s,
362 TEE_OperationHandle oph,
363 const void *chunk,
364 size_t chunk_len,
365 void *hash,
366 size_t *hash_len)
367{
368 TEEC_Result res;
369 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
370 uint32_t ret_orig;
371
372 assert((uintptr_t)oph <= UINT32_MAX);
373 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
374
375 op.params[1].tmpref.buffer = (void *)chunk;
376 op.params[1].tmpref.size = chunk_len;
377
378 op.params[2].tmpref.buffer = (void *)hash;
379 op.params[2].tmpref.size = *hash_len;
380
381 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
382 TEEC_MEMREF_TEMP_INPUT,
383 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
384
385 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPUTE, &op,
386 &ret_orig);
387
388 if (res != TEEC_SUCCESS) {
389 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
390 ret_orig);
391 }
392
393 if (res == TEEC_SUCCESS)
394 *hash_len = op.params[2].tmpref.size;
395
396 return res;
397}
398
399static TEEC_Result ta_crypt_cmd_cipher_init(ADBG_Case_t *c, TEEC_Session *s,
400 TEE_OperationHandle oph,
401 const void *iv, size_t iv_len)
402{
403 TEEC_Result res;
404 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
405 uint32_t ret_orig;
406
407 assert((uintptr_t)oph <= UINT32_MAX);
408 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
409
410 if (iv != NULL) {
411 op.params[1].tmpref.buffer = (void *)iv;
412 op.params[1].tmpref.size = iv_len;
413
414 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
415 TEEC_MEMREF_TEMP_INPUT,
416 TEEC_NONE, TEEC_NONE);
417 } else {
418 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
419 TEEC_NONE, TEEC_NONE);
420 }
421
422 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_INIT, &op, &ret_orig);
423
424 if (res != TEEC_SUCCESS) {
425 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
426 ret_orig);
427 }
428
429 return res;
430}
431
432static TEEC_Result ta_crypt_cmd_cipher_update(ADBG_Case_t *c, TEEC_Session *s,
433 TEE_OperationHandle oph,
434 const void *src, size_t src_len,
435 void *dst, size_t *dst_len)
436{
437 TEEC_Result res;
438 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
439 uint32_t ret_orig;
440
441 assert((uintptr_t)oph <= UINT32_MAX);
442 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
443
444 op.params[1].tmpref.buffer = (void *)src;
445 op.params[1].tmpref.size = src_len;
446
447 op.params[2].tmpref.buffer = dst;
448 op.params[2].tmpref.size = *dst_len;
449
450 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
451 TEEC_MEMREF_TEMP_INPUT,
452 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
453
454 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_UPDATE, &op, &ret_orig);
455
456 if (res != TEEC_SUCCESS) {
457 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
458 ret_orig);
459 }
460
461 if (res == TEEC_SUCCESS)
462 *dst_len = op.params[2].tmpref.size;
463
464 return res;
465}
466
467static TEEC_Result ta_crypt_cmd_cipher_do_final(ADBG_Case_t *c,
468 TEEC_Session *s,
469 TEE_OperationHandle oph,
470 const void *src,
471 size_t src_len,
472 void *dst,
473 size_t *dst_len)
474{
475 TEEC_Result res;
476 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
477 uint32_t ret_orig;
478
479 assert((uintptr_t)oph <= UINT32_MAX);
480 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
481
482 op.params[1].tmpref.buffer = (void *)src;
483 op.params[1].tmpref.size = src_len;
484
485 op.params[2].tmpref.buffer = (void *)dst;
486 op.params[2].tmpref.size = *dst_len;
487
488 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
489 TEEC_MEMREF_TEMP_INPUT,
490 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
491
492 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_DO_FINAL, &op,
493 &ret_orig);
494
495 if (res != TEEC_SUCCESS) {
496 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
497 ret_orig);
498 }
499
500 if (res == TEEC_SUCCESS)
501 *dst_len = op.params[2].tmpref.size;
502
503 return res;
504}
505
506static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
507 TEEC_Session *s,
508 void *buf,
509 size_t blen)
510{
511 TEEC_Result res;
512 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
513 uint32_t ret_orig;
514
515 op.params[0].tmpref.buffer = buf;
516 op.params[0].tmpref.size = blen;
517
518 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE,
519 TEEC_NONE, TEEC_NONE);
520
521 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RANDOM_NUMBER_GENEREATE, &op,
522 &ret_orig);
523
524 if (res != TEEC_SUCCESS) {
525 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
526 ret_orig);
527 }
528
529 (void)ADBG_EXPECT_COMPARE_UNSIGNED(c, blen, ==,
530 op.params[0].tmpref.size);
531 return res;
532}
533
534static TEEC_Result ta_crypt_cmd_ae_init(ADBG_Case_t *c, TEEC_Session *s,
535 TEE_OperationHandle oph,
536 const void *nonce, size_t nonce_len,
537 size_t tag_len, size_t aad_len,
538 size_t payload_len)
539{
540 TEEC_Result res;
541 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
542 uint32_t ret_orig;
543
544 assert((uintptr_t)oph <= UINT32_MAX);
545 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
546 op.params[0].value.b = tag_len;
547
548 op.params[1].tmpref.buffer = (void *)nonce;
549 op.params[1].tmpref.size = nonce_len;
550
551 op.params[2].value.a = aad_len;
552 op.params[2].value.b = payload_len;
553
554 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
555 TEEC_MEMREF_TEMP_INPUT,
Jens Wiklander74a42302015-07-07 01:08:41 +0200[diff] [blame]556 TEEC_VALUE_INPUT, TEEC_NONE);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]557
558 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_INIT, &op, &ret_orig);
559
560 if (res != TEEC_SUCCESS) {
561 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
562 ret_orig);
563 }
564 return res;
565}
566
567static TEEC_Result ta_crypt_cmd_ae_update_aad(ADBG_Case_t *c, TEEC_Session *s,
568 TEE_OperationHandle oph,
569 const void *aad, size_t aad_len)
570{
571 TEEC_Result res;
572 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
573 uint32_t ret_orig;
574
575 assert((uintptr_t)oph <= UINT32_MAX);
576 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
577
578 op.params[1].tmpref.buffer = (void *)aad;
579 op.params[1].tmpref.size = aad_len;
580
581 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
582 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
583 TEEC_NONE);
584
585 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE_AAD, &op, &ret_orig);
586
587 if (res != TEEC_SUCCESS) {
588 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
589 ret_orig);
590 }
591
592 return res;
593}
594
595static TEEC_Result ta_crypt_cmd_ae_update(ADBG_Case_t *c,
596 TEEC_Session *s,
597 TEE_OperationHandle oph,
598 const void *src,
599 size_t src_len,
600 void *dst,
601 size_t *dst_len)
602{
603 TEEC_Result res;
604 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
605 uint32_t ret_orig;
606
607 assert((uintptr_t)oph <= UINT32_MAX);
608 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
609
610 op.params[1].tmpref.buffer = (void *)src;
611 op.params[1].tmpref.size = src_len;
612
613 op.params[2].tmpref.buffer = (void *)dst;
614 op.params[2].tmpref.size = *dst_len;
615
616 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
617 TEEC_MEMREF_TEMP_INPUT,
618 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
619
620 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE, &op, &ret_orig);
621
622 if (res != TEEC_SUCCESS) {
623 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
624 ret_orig);
625 }
626
627 if (res == TEEC_SUCCESS)
628 *dst_len = op.params[2].tmpref.size;
629
630 return res;
631}
632
633static TEEC_Result ta_crypt_cmd_ae_encrypt_final(ADBG_Case_t *c,
634 TEEC_Session *s,
635 TEE_OperationHandle oph,
636 const void *src,
637 size_t src_len, void *dst,
638 size_t *dst_len, void *tag,
639 size_t *tag_len)
640{
641 TEEC_Result res;
642 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
643 uint32_t ret_orig;
644
645 assert((uintptr_t)oph <= UINT32_MAX);
646 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
647
648 op.params[1].tmpref.buffer = (void *)src;
649 op.params[1].tmpref.size = src_len;
650
651 op.params[2].tmpref.buffer = (void *)dst;
652 op.params[2].tmpref.size = *dst_len;
653
654 op.params[3].tmpref.buffer = (void *)tag;
655 op.params[3].tmpref.size = *tag_len;
656
657 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
658 TEEC_MEMREF_TEMP_INPUT,
659 TEEC_MEMREF_TEMP_OUTPUT,
660 TEEC_MEMREF_TEMP_OUTPUT);
661
662 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_ENCRYPT_FINAL, &op,
663 &ret_orig);
664
665 if (res != TEEC_SUCCESS) {
666 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
667 ret_orig);
668 }
669
670 if (res == TEEC_SUCCESS) {
671 *dst_len = op.params[2].tmpref.size;
672 *tag_len = op.params[3].tmpref.size;
673 }
674
675 return res;
676}
677
678static TEEC_Result ta_crypt_cmd_ae_decrypt_final(ADBG_Case_t *c,
679 TEEC_Session *s,
680 TEE_OperationHandle oph,
681 const void *src, size_t src_len,
682 void *dst, size_t *dst_len,
683 const void *tag, size_t tag_len)
684{
685 TEEC_Result res;
686 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
687 uint32_t ret_orig;
688
689 assert((uintptr_t)oph <= UINT32_MAX);
690 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
691
692 op.params[1].tmpref.buffer = (void *)src;
693 op.params[1].tmpref.size = src_len;
694
695 op.params[2].tmpref.buffer = dst;
696 op.params[2].tmpref.size = *dst_len;
697
698 op.params[3].tmpref.buffer = (void *)tag;
699 op.params[3].tmpref.size = tag_len;
700
701 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
702 TEEC_MEMREF_TEMP_INPUT,
703 TEEC_MEMREF_TEMP_OUTPUT,
704 TEEC_MEMREF_TEMP_INPUT);
705
706 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_DECRYPT_FINAL, &op,
707 &ret_orig);
708
709 if (res != TEEC_SUCCESS) {
710 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
711 ret_orig);
712 }
713
714 if (res == TEEC_SUCCESS)
715 *dst_len = op.params[2].tmpref.size;
716
717 return res;
718}
719
720static TEEC_Result ta_crypt_cmd_asymmetric_operate(ADBG_Case_t *c,
721 TEEC_Session *s,
722 TEE_OperationHandle oph,
723 uint32_t cmd,
724 const TEE_Attribute *params,
725 uint32_t paramCount,
726 const void *src,
727 size_t src_len,
728 void *dst,
729 size_t *dst_len)
730{
731 TEEC_Result res;
732 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
733 uint32_t ret_orig;
734 uint8_t *buf;
735 size_t blen;
736
737 res = pack_attrs(params, paramCount, &buf, &blen);
738 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
739 return res;
740
741 assert((uintptr_t)oph <= UINT32_MAX);
742 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
743
744 op.params[1].tmpref.buffer = buf;
745 op.params[1].tmpref.size = blen;
746
747 op.params[2].tmpref.buffer = (void *)src;
748 op.params[2].tmpref.size = src_len;
749
750 op.params[3].tmpref.buffer = dst;
751 op.params[3].tmpref.size = *dst_len;
752
753 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
754 TEEC_MEMREF_TEMP_INPUT,
755 TEEC_MEMREF_TEMP_INPUT,
756 TEEC_MEMREF_TEMP_OUTPUT);
757
758 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
759
760 if (res != TEEC_SUCCESS) {
761 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
762 ret_orig);
763 }
764
765 if (res == TEEC_SUCCESS)
766 *dst_len = op.params[3].tmpref.size;
767
768 free(buf);
769 return res;
770}
771
772static TEEC_Result ta_crypt_cmd_asymmetric_encrypt(ADBG_Case_t *c,
773 TEEC_Session *s,
774 TEE_OperationHandle oph,
775 const TEE_Attribute *params,
776 uint32_t paramCount,
777 const void *src,
778 size_t src_len,
779 void *dst,
780 size_t *dst_len)
781{
782 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
783 TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT,
784 params, paramCount,
785 src, src_len, dst, dst_len);
786}
787
788static TEEC_Result ta_crypt_cmd_asymmetric_decrypt(ADBG_Case_t *c,
789 TEEC_Session *s,
790 TEE_OperationHandle oph,
791 const TEE_Attribute *params,
792 uint32_t paramCount,
793 const void *src,
794 size_t src_len,
795 void *dst,
796 size_t *dst_len)
797{
798 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
799 TA_CRYPT_CMD_ASYMMETRIC_DECRYPT,
800 params, paramCount,
801 src, src_len, dst, dst_len);
802}
803
804static TEEC_Result ta_crypt_cmd_asymmetric_sign(ADBG_Case_t *c,
805 TEEC_Session *s,
806 TEE_OperationHandle oph,
807 const TEE_Attribute *params,
808 uint32_t paramCount,
809 const void *digest,
810 size_t digest_len,
811 void *signature,
812 size_t *signature_len)
813{
814 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
815 TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST, params, paramCount,
816 digest, digest_len, signature, signature_len);
817}
818
819static TEEC_Result ta_crypt_cmd_asymmetric_verify(ADBG_Case_t *c,
820 TEEC_Session *s,
821 TEE_OperationHandle oph,
822 const TEE_Attribute *params,
823 uint32_t paramCount,
824 const void *digest,
825 size_t digest_len,
826 const void *signature,
827 size_t signature_len)
828{
829 TEEC_Result res;
830 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
831 uint32_t ret_orig;
832 uint8_t *buf;
833 size_t blen;
834
835 res = pack_attrs(params, paramCount, &buf, &blen);
836 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
837 return res;
838
839 assert((uintptr_t)oph <= UINT32_MAX);
840 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
841
842 op.params[1].tmpref.buffer = buf;
843 op.params[1].tmpref.size = blen;
844
845 op.params[2].tmpref.buffer = (void *)digest;
846 op.params[2].tmpref.size = digest_len;
847
848 op.params[3].tmpref.buffer = (void *)signature;
849 op.params[3].tmpref.size = signature_len;
850
851 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
852 TEEC_MEMREF_TEMP_INPUT,
853 TEEC_MEMREF_TEMP_INPUT,
854 TEEC_MEMREF_TEMP_INPUT);
855
856 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST,
857 &op, &ret_orig);
858
859 if (res != TEEC_SUCCESS) {
860 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
861 ret_orig);
862 }
863
864 free(buf);
865 return res;
866}
867
868static TEEC_Result ta_crypt_cmd_get_object_value_attribute(ADBG_Case_t *c,
869 TEEC_Session *s,
870 TEE_ObjectHandle o,
871 uint32_t attr_id,
872 uint32_t *valuea,
873 uint32_t *valueb)
874{
875 TEEC_Result res;
876 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
877 uint32_t ret_orig;
878
879 assert((uintptr_t)o <= UINT32_MAX);
880 op.params[0].value.a = (uint32_t)(uintptr_t)o;
881 op.params[0].value.b = attr_id;
882 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_OUTPUT,
883 TEEC_NONE, TEEC_NONE);
884
885 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE,
886 &op, &ret_orig);
887
888 if (res != TEEC_SUCCESS) {
889 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
890 ret_orig);
891 }
892
893 if (res == TEEC_SUCCESS) {
894 *valuea = op.params[1].value.a;
895 *valueb = op.params[1].value.b;
896 }
897
898 return res;
899}
900
901static TEEC_Result ta_crypt_cmd_generate_key(ADBG_Case_t *c,
902 TEEC_Session *s,
903 TEE_ObjectHandle o,
904 uint32_t key_size,
905 const TEE_Attribute *params,
906 uint32_t paramCount)
907{
908 TEEC_Result res;
909 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
910 uint32_t ret_orig;
911 uint8_t *buf;
912 size_t blen;
913
914 res = pack_attrs(params, paramCount, &buf, &blen);
915 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
916 return res;
917
918 assert((uintptr_t)o <= UINT32_MAX);
919 op.params[0].value.a = (uint32_t)(uintptr_t)o;
920 op.params[0].value.b = key_size;
921
922 op.params[1].tmpref.buffer = buf;
923 op.params[1].tmpref.size = blen;
924
925 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
926 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
927 TEEC_NONE);
928
929 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GENERATE_KEY, &op, &ret_orig);
930
931 if (res != TEEC_SUCCESS) {
932 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
933 ret_orig);
934 }
935
936 free(buf);
937 return res;
938}
939
940static const uint8_t hash_data_md5_in1[] = {
941 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
942};
943
944static const uint8_t hash_data_md5_out1[] = {
945 0x61, 0x12, 0x71, 0x83, 0x70, 0x8d, 0x3a, 0xc7,
946 0xf1, 0x9b, 0x66, 0x06, 0xfc, 0xae, 0x7d, 0xf6
947};
948
949static const uint8_t hash_data_sha1_in1[] = {
950 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
951};
952
953static const uint8_t hash_data_sha1_out1[] = {
954 0x4b, 0x98, 0x92, 0xb6, 0x52, 0x72, 0x14, 0xaf,
955 0xc6, 0x55, 0xb8, 0xaa, 0x52, 0xf4, 0xd2, 0x03,
956 0xc1, 0x5e, 0x7c, 0x9c
957};
958
959static const uint8_t hash_data_sha224_in1[] = {
960 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
961};
962
963static const uint8_t hash_data_sha224_out1[] = {
964 0x08, 0x21, 0x69, 0xf9, 0x77, 0x1b, 0x80, 0x15,
965 0xf3, 0x97, 0xae, 0xde, 0x5b, 0xba, 0xa2, 0x72,
966 0x2d, 0x8f, 0x5c, 0x19, 0xfe, 0xd2, 0xe2, 0x68,
967 0x92, 0x49, 0xd8, 0x44
968};
969
970static const uint8_t hash_data_sha256_in1[] = { 'a', 'b', 'c' };
971
972static const uint8_t hash_data_sha256_out1[] = {
973 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
974 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
975 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
976 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
977};
978
979static const uint8_t hash_data_sha256_in2[] = { 'e', 'f', 'g' };
980
981static const uint8_t hash_data_sha256_out2[] = {
982 0xd4, 0xff, 0xe8, 0xe9, 0xee, 0x0b, 0x48, 0xeb,
983 0xa7, 0x16, 0x70, 0x61, 0x23, 0xa7, 0x18, 0x7f,
984 0x32, 0xea, 0xe3, 0xbd, 0xcb, 0x0e, 0x77, 0x63,
985 0xe4, 0x1e, 0x53, 0x32, 0x67, 0xbd, 0x8a, 0x53
986};
987
988
989static const uint8_t hash_data_sha384_in1[] = {
990 'a', 'b', 'c', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
991};
992
993static const uint8_t hash_data_sha384_out1[] = {
994 0x4c, 0xab, 0x80, 0x9d, 0x96, 0x84, 0x01, 0x47,
995 0x67, 0x0a, 0xc1, 0x7a, 0xb6, 0xb9, 0xf7, 0x6e,
996 0x35, 0xa6, 0xb0, 0x8c, 0xf5, 0x2a, 0x3d, 0x64,
997 0x9a, 0x8c, 0x7e, 0x0c, 0x55, 0x45, 0xd3, 0x7d,
998 0x1f, 0x7f, 0x28, 0x34, 0x96, 0x14, 0x44, 0x2a,
999 0xf5, 0x98, 0xa2, 0x95, 0x24, 0x76, 0x53, 0x97
1000};
1001
1002static const uint8_t hash_data_sha512_in1[] = {
1003 'a', 'b', 'c', 'd', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
1004};
1005
1006static const uint8_t hash_data_sha512_out1[] = {
1007 0x20, 0xd8, 0x64, 0x4f, 0x54, 0xa2, 0x5f, 0x6f,
1008 0x0a, 0xf9, 0xd5, 0x27, 0x7d, 0x17, 0xa8, 0x99,
1009 0x4c, 0x64, 0x3f, 0xd0, 0xf3, 0x83, 0x36, 0xee,
1010 0x93, 0x12, 0x55, 0xcd, 0x2e, 0x12, 0x34, 0xa0,
1011 0xc2, 0xaa, 0xf9, 0xbb, 0x15, 0xc5, 0xe9, 0xfa,
1012 0xf7, 0xa7, 0xda, 0xb8, 0x2f, 0x72, 0xa0, 0x47,
1013 0xe3, 0x02, 0x04, 0xe8, 0xa0, 0x35, 0x0c, 0x96,
1014 0x26, 0xd1, 0xcb, 0x8b, 0x47, 0x45, 0x25, 0xd0
1015};
1016
1017struct xtest_hash_case {
1018 uint32_t algo;
1019 size_t in_incr;
1020 const uint8_t *in;
1021 size_t in_len;
1022 const uint8_t *out;
1023 size_t out_len;
1024};
1025
1026#define XTEST_HASH_CASE(algo, in_incr, in, out) \
1027 { (algo), (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
1028
1029static const struct xtest_hash_case hash_cases[] = {
1030 XTEST_HASH_CASE(TEE_ALG_MD5, 6, hash_data_md5_in1,
1031 hash_data_md5_out1),
1032 XTEST_HASH_CASE(TEE_ALG_SHA1, 3, hash_data_sha1_in1,
1033 hash_data_sha1_out1),
1034 XTEST_HASH_CASE(TEE_ALG_SHA224, 7, hash_data_sha224_in1,
1035 hash_data_sha224_out1),
1036 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in1,
1037 hash_data_sha256_out1),
1038 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in2,
1039 hash_data_sha256_out2),
1040 XTEST_HASH_CASE(TEE_ALG_SHA384, 1, hash_data_sha384_in1,
1041 hash_data_sha384_out1),
1042 XTEST_HASH_CASE(TEE_ALG_SHA512, 1, hash_data_sha512_in1,
1043 hash_data_sha512_out1),
1044};
1045
1046static void xtest_tee_test_4001(ADBG_Case_t *c)
1047{
1048 TEEC_Session session = { 0 };
1049 uint32_t ret_orig;
1050 size_t n;
1051
1052 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1053 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1054 &ret_orig)))
1055 return;
1056
1057
1058 for (n = 0; n < ARRAY_SIZE(hash_cases); n++) {
1059 TEE_OperationHandle op1;
1060 TEE_OperationHandle op2;
1061 uint8_t out[64];
1062 size_t out_size;
1063
1064 Do_ADBG_BeginSubCase(c, "Hash case %d algo 0x%x",
1065 (int)n, (unsigned int)hash_cases[n].algo);
1066
1067 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1068 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1069 hash_cases[n].algo,
1070 TEE_MODE_DIGEST, 0)))
1071 goto out;
1072
1073 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1074 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1075 hash_cases[n].algo,
1076 TEE_MODE_DIGEST, 0)))
1077 goto out;
1078
1079 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1080 ta_crypt_cmd_digest_update(c, &session, op1,
1081 hash_cases[n].in,
1082 hash_cases[n].in_incr)))
1083 goto out;
1084
1085 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1086 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1087 goto out;
1088
1089 out_size = sizeof(out);
1090 memset(out, 0, sizeof(out));
1091 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1092 ta_crypt_cmd_digest_do_final(c, &session, op2,
1093 hash_cases[n].in + hash_cases[n].in_incr,
1094 hash_cases[n].in_len - hash_cases[n].in_incr,
1095 out, &out_size)))
1096 goto out;
1097
1098 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1099 hash_cases[n].out_len, out, out_size);
1100
1101 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1102 ta_crypt_cmd_reset_operation(c, &session, op1)))
1103 goto out;
1104
1105 out_size = sizeof(out);
1106 memset(out, 0, sizeof(out));
1107 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1108 ta_crypt_cmd_digest_do_final(c, &session, op1,
1109 hash_cases[n].in,
1110 hash_cases[n].in_len, out,
1111 &out_size)))
1112 goto out;
1113
1114 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1115 hash_cases[n].out_len, out, out_size);
1116
Jerome Forissier1e05e262015-07-29 16:09:07 +0200[diff] [blame]1117 /*
1118 * Invoke TEE_DigestDoFinal() a second time to check that state
1119 * was properly reset
1120 */
1121 out_size = sizeof(out);
1122 memset(out, 0, sizeof(out));
1123 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1124 ta_crypt_cmd_digest_do_final(c, &session, op1,
1125 hash_cases[n].in,
1126 hash_cases[n].in_len, out,
1127 &out_size)))
1128 goto out;
1129
1130 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1131 hash_cases[n].out_len, out, out_size);
1132
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1133 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1134 ta_crypt_cmd_free_operation(c, &session, op1)))
1135 goto out;
1136
1137 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1138 ta_crypt_cmd_free_operation(c, &session, op2)))
1139 goto out;
1140
1141 Do_ADBG_EndSubCase(c, NULL);
1142 }
1143
1144out:
1145 TEEC_CloseSession(&session);
1146}
1147
1148static const uint8_t mac_data_md5_key1[10] = {
1149 0x6B, 0x65, 0x79, /* key */
1150};
1151
1152static const uint8_t mac_data_md5_in1[] = {
1153 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1154 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1155 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1156 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1157 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1158 0x64, 0x6F, 0x67, /* dog */
1159};
1160
1161static const uint8_t mac_data_md5_out1[] = {
1162 0x80, 0x07, 0x07, 0x13, 0x46, 0x3e, 0x77, 0x49,
1163 0xb9, 0x0c, 0x2d, 0xc2, 0x49, 0x11, 0xe2, 0x75
1164};
1165
1166
1167/* generated with scripts/digest_hmac.pl */
1168static const uint8_t mac_data_sha1_key1[10] = {
1169 0x6B, 0x65, 0x79, /* key */
1170};
1171
1172static const uint8_t mac_data_sha1_in1[] = {
1173 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1174 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1175 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1176 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1177 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1178 0x64, 0x6F, 0x67, /* dog */
1179};
1180
1181static const uint8_t mac_data_sha1_out1[] = {
1182 0xDE, 0x7C, 0x9B, 0x85, 0xB8, 0xB7, 0x8A, 0xA6, /* .|...... */
1183 0xBC, 0x8A, 0x7A, 0x36, 0xF7, 0x0A, 0x90, 0x70, /* ..z6...p */
1184 0x1C, 0x9D, 0xB4, 0xD9, /* .... */
1185};
1186
1187static const uint8_t mac_data_sha224_key1[24] = {
1188 0x6B, 0x65, 0x79, /* key */
1189};
1190
1191static const uint8_t mac_data_sha224_in1[] = {
1192 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1193 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1194 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1195 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1196 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1197 0x64, 0x6F, 0x67, /* dog */
1198};
1199
1200static const uint8_t mac_data_sha224_out1[] = {
1201 0x88, 0xFF, 0x8B, 0x54, 0x67, 0x5D, 0x39, 0xB8, /* ...Tg]9. */
1202 0xF7, 0x23, 0x22, 0xE6, 0x5F, 0xF9, 0x45, 0xC5, /* .#"._.E. */
1203 0x2D, 0x96, 0x37, 0x99, 0x88, 0xAD, 0xA2, 0x56, /* -.7....V */
1204 0x39, 0x74, 0x7E, 0x69, /* 9t~i */
1205};
1206
1207
1208static const uint8_t mac_data_sha256_key1[24] = {
1209 'Q', 'W', 'E', 'R', 'T', 'Y'
1210};
1211
1212static const uint8_t mac_data_sha256_in1[] = { 'a', 'b', 'c' };
1213
1214static const uint8_t mac_data_sha256_out1[] = {
1215 0xee, 0x2e, 0x5d, 0x9b, 0x51, 0xe2, 0x9c, 0x1d,
1216 0x49, 0xe9, 0xae, 0x6f, 0x0a, 0xcc, 0x15, 0x18,
1217 0xde, 0x1e, 0xa3, 0x88, 0x8e, 0xee, 0x48, 0xbb,
1218 0x82, 0x77, 0xe9, 0x09, 0x74, 0x4b, 0xa2, 0xf2
1219};
1220
1221/* generated with scripts/digest_hmac.pl */
1222static const uint8_t mac_data_sha256_key2[24] = {
1223 0x6B, 0x65, 0x79, /* key */
1224};
1225
1226static const uint8_t mac_data_sha256_in2[] = {
1227 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1228 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1229 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1230 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1231 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1232 0x64, 0x6F, 0x67, /* dog */
1233};
1234
1235static const uint8_t mac_data_sha256_out2[] = {
1236 0xF7, 0xBC, 0x83, 0xF4, 0x30, 0x53, 0x84, 0x24, /* ....0S.$ */
1237 0xB1, 0x32, 0x98, 0xE6, 0xAA, 0x6F, 0xB1, 0x43, /* .2...o.C */
1238 0xEF, 0x4D, 0x59, 0xA1, 0x49, 0x46, 0x17, 0x59, /* .MY.IF.Y */
1239 0x97, 0x47, 0x9D, 0xBC, 0x2D, 0x1A, 0x3C, 0xD8, /* .G..-.<. */
1240};
1241
1242static const uint8_t mac_data_sha384_key1[32] = {
1243 0x6B, 0x65, 0x79, /* key */
1244};
1245
1246static const uint8_t mac_data_sha384_in1[] = {
1247 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1248 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1249 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1250 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1251 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1252 0x64, 0x6F, 0x67, /* dog */
1253};
1254
1255static const uint8_t mac_data_sha384_out1[] = {
1256 0xD7, 0xF4, 0x72, 0x7E, 0x2C, 0x0B, 0x39, 0xAE, /* ..r~, .9. */
1257 0x0F, 0x1E, 0x40, 0xCC, 0x96, 0xF6, 0x02, 0x42, /* ..@....B */
1258 0xD5, 0xB7, 0x80, 0x18, 0x41, 0xCE, 0xA6, 0xFC, /* ....A... */
1259 0x59, 0x2C, 0x5D, 0x3E, 0x1A, 0xE5, 0x07, 0x00, /* Y, ]>.... */
1260 0x58, 0x2A, 0x96, 0xCF, 0x35, 0xE1, 0xE5, 0x54, /* X...5..T */
1261 0x99, 0x5F, 0xE4, 0xE0, 0x33, 0x81, 0xC2, 0x37, /* ._..3..7 */
1262};
1263
1264static const uint8_t mac_data_sha512_key1[32] = {
1265 0x6B, 0x65, 0x79, /* key */
1266};
1267
1268static const uint8_t mac_data_sha512_in1[] = {
1269 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1270 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1271 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1272 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1273 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1274 0x64, 0x6F, 0x67, /* dog */
1275};
1276
1277static const uint8_t mac_data_sha512_out1[] = {
1278 0xB4, 0x2A, 0xF0, 0x90, 0x57, 0xBA, 0xC1, 0xE2, /* ....W... */
1279 0xD4, 0x17, 0x08, 0xE4, 0x8A, 0x90, 0x2E, 0x09, /* ........ */
1280 0xB5, 0xFF, 0x7F, 0x12, 0xAB, 0x42, 0x8A, 0x4F, /* .....B.O */
1281 0xE8, 0x66, 0x53, 0xC7, 0x3D, 0xD2, 0x48, 0xFB, /* .fS.=.H. */
1282 0x82, 0xF9, 0x48, 0xA5, 0x49, 0xF7, 0xB7, 0x91, /* ..H.I... */
1283 0xA5, 0xB4, 0x19, 0x15, 0xEE, 0x4D, 0x1E, 0xC3, /* .....M.. */
1284 0x93, 0x53, 0x57, 0xE4, 0xE2, 0x31, 0x72, 0x50, /* .SW..1rP */
1285 0xD0, 0x37, 0x2A, 0xFA, 0x2E, 0xBE, 0xEB, 0x3A, /* .7.....: */
1286};
1287
1288
1289/* AES-CBC-MAC */
1290static const uint8_t mac_cbc_vect1_key[] = {
1291 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1292 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1293};
1294
1295static const uint8_t mac_cbc_vect1_data[] = {
1296 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1297 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1298 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1299 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1300 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1301 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1302 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1303 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1304 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1305 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1306 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1307 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1308 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1309 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1310 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1311 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1312 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1313 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1314 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1315 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1316};
1317
1318static const uint8_t mac_cbc_vect1_out[] = {
1319 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1320 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1321};
1322
1323/* DES-CBC-MAC */
1324static const uint8_t mac_cbc_vect2_key[] = {
1325 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1326};
1327
1328#define mac_cbc_vect2_data mac_cbc_vect1_data
1329static const uint8_t mac_cbc_vect2_out[] = {
1330 0xE9, 0x41, 0x46, 0x30, 0x69, 0x32, 0xBD, 0xD6, /* .AF0i2.. */
1331};
1332
1333/* DES3-CBC-MAC */
1334static const uint8_t mac_cbc_vect3_key[] = {
1335 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1336 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1337 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1338};
1339
1340#define mac_cbc_vect3_data mac_cbc_vect2_data
1341static const uint8_t mac_cbc_vect3_out[] = {
1342 0x1C, 0x17, 0xB7, 0xB5, 0x9F, 0x54, 0x9C, 0x63, /* .....T.c */
1343};
1344
1345/* AES-CBC-MAC PKCS#5 pad*/
1346static const uint8_t mac_cbc_vect4_key[] = {
1347 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1348 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1349 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1350 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1351};
1352
1353#define mac_cbc_vect4_data mac_cbc_vect1_data
1354static const uint8_t mac_cbc_vect4_out[] = {
1355 0x0B, 0x46, 0xC7, 0xA2, 0xE1, 0x5A, 0xE2, 0x23, /* .F...Z.# */
1356 0x83, 0x34, 0x1C, 0x86, 0x53, 0xF8, 0x51, 0x24, /* .4..S.Q$ */
1357};
1358
1359/* DES-CBC-MAC PKCS#5 pad*/
1360static const uint8_t mac_cbc_vect5_key[] = {
1361 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1362};
1363
1364#define mac_cbc_vect5_data mac_cbc_vect1_data
1365static const uint8_t mac_cbc_vect5_out[] = {
1366 0x30, 0x81, 0x4F, 0x42, 0x03, 0x7E, 0xD8, 0xA9, /* 0.OB.~.. */
1367};
1368
1369/* DES3-CBC-MAC PKCS#5 pad*/
1370static const uint8_t mac_cbc_vect6_key[] = {
1371 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1372 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1373 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1374};
1375
1376#define mac_cbc_vect6_data mac_cbc_vect1_data
1377static const uint8_t mac_cbc_vect6_out[] = {
1378 0x6E, 0x37, 0x6E, 0x14, 0x5E, 0x21, 0xDD, 0xF8, /* n7n.^!.. */
1379};
1380
1381/* AES-CBC-MAC PKCS#5 pad*/
1382#define mac_cbc_vect7_key mac_cbc_vect4_key
1383static const uint8_t mac_cbc_vect7_data[] = {
1384 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1385 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1386 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1387 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1388 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1389 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1390 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1391 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1392 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1393 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1394 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1395 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1396 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1397 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1398 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1399 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1400 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1401 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1402 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1403 0x74, 0x69, 0x6F, 0x6E, 0x2E, /* tion. */
1404};
1405
1406static const uint8_t mac_cbc_vect7_out[] = {
1407 0xFD, 0x89, 0x35, 0xB3, 0x93, 0x7F, 0xBB, 0xA2, /* ..5..... */
1408 0xFB, 0x65, 0x60, 0xC4, 0x0A, 0x62, 0xA0, 0xF9, /* .e`..b.. */
1409};
1410
1411/* DES-CBC-MAC PKCS#5 pad*/
1412#define mac_cbc_vect8_key mac_cbc_vect5_key
1413#define mac_cbc_vect8_data mac_cbc_vect7_data
1414static const uint8_t mac_cbc_vect8_out[] = {
1415 0x02, 0x2A, 0xA8, 0x2E, 0x47, 0xC6, 0xBB, 0x7C, /* ....G..| */
1416};
1417
1418/* DES3-CBC-MAC PKCS#5 pad*/
1419#define mac_cbc_vect9_key mac_cbc_vect6_key
1420#define mac_cbc_vect9_data mac_cbc_vect7_data
1421static const uint8_t mac_cbc_vect9_out[] = {
1422 0xD4, 0xF7, 0x3E, 0x27, 0x78, 0x0E, 0x1C, 0x79, /* ..>'x..y */
1423};
1424
1425/*
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1426 * DES3-CBC-MAC, with key size of 112bit
1427 * out obtained with:
1428 * echo -n "Cipher block chaining (CBC) is a common chaining mode in which the previous block's ciphertext is xored with the current block's plaintext before encryption...."|openssl enc -iv 0 -des3 -K 303132333435363738394142434445463031323334353637 |xxd
1429 */
1430/* DES3-CBC-MAC PKCS#5 pad*/
1431static const uint8_t mac_cbc_vect10_key[] = {
1432 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1433 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1434};
1435#define mac_cbc_vect10_data mac_cbc_vect1_data
1436static const uint8_t mac_cbc_vect10_out[] = {
1437 0x30, 0x92, 0x60, 0x99, 0x66, 0xac, 0x8c, 0xa6,
1438};
1439
1440
1441/*
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1442 * AES-CMAC
1443 * Test vectors from
1444 * http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
1445 */
1446
1447/* AES-128 */
1448static const uint8_t mac_cmac_vect1_key[] = {
1449 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
1450 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
1451};
1452
1453static const uint8_t mac_cmac_vect1_out[] = {
1454 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
1455 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46
1456};
1457
1458#define mac_cmac_vect2_key mac_cmac_vect1_key
1459static const uint8_t mac_cmac_vect2_data[] = {
1460 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1461 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1462};
1463
1464static const uint8_t mac_cmac_vect2_out[] = {
1465 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
1466 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
1467};
1468
1469#define mac_cmac_vect3_key mac_cmac_vect1_key
1470static const uint8_t mac_cmac_vect3_data[] = {
1471 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1472 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1473 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1474 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1475 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1476};
1477
1478static const uint8_t mac_cmac_vect3_out[] = {
1479 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30,
1480 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27
1481};
1482
1483#define mac_cmac_vect4_key mac_cmac_vect1_key
1484static const uint8_t mac_cmac_vect4_data[] = {
1485 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1486 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1487 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1488 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1489 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1490 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1491 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1492 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1493};
1494
1495static const uint8_t mac_cmac_vect4_out[] = {
1496 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
1497 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe
1498};
1499
1500/* AES-192 */
1501static const uint8_t mac_cmac_vect5_key[] = {
1502 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
1503 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
1504 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
1505};
1506
1507static const uint8_t mac_cmac_vect5_out[] = {
1508 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5,
1509 0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67
1510};
1511
1512
1513#define mac_cmac_vect6_key mac_cmac_vect5_key
1514static const uint8_t mac_cmac_vect6_data[] = {
1515 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1516 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1517};
1518
1519static const uint8_t mac_cmac_vect6_out[] = {
1520 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90,
1521 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84
1522};
1523
1524#define mac_cmac_vect7_key mac_cmac_vect5_key
1525static const uint8_t mac_cmac_vect7_data[] = {
1526 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1527 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1528 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1529 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1530 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1531};
1532
1533static const uint8_t mac_cmac_vect7_out[] = {
1534 0x8a, 0x1d, 0xe5, 0xbe, 0x2e, 0xb3, 0x1a, 0xad,
1535 0x08, 0x9a, 0x82, 0xe6, 0xee, 0x90, 0x8b, 0x0e
1536};
1537
1538#define mac_cmac_vect8_key mac_cmac_vect5_key
1539static const uint8_t mac_cmac_vect8_data[] = {
1540 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1541 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1542 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1543 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1544 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1545 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1546 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1547 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1548};
1549
1550static const uint8_t mac_cmac_vect8_out[] = {
1551 0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79,
1552 0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11
1553};
1554
1555/* AES-256 */
1556static const uint8_t mac_cmac_vect9_key[] = {
1557 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
1558 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
1559 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
1560 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
1561};
1562
1563static const uint8_t mac_cmac_vect9_out[] = {
1564 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e,
1565 0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83
1566};
1567
1568#define mac_cmac_vect10_key mac_cmac_vect9_key
1569static const uint8_t mac_cmac_vect10_data[] = {
1570 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1571 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1572};
1573
1574static const uint8_t mac_cmac_vect10_out[] = {
1575 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82,
1576 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c
1577};
1578
1579#define mac_cmac_vect11_key mac_cmac_vect9_key
1580static const uint8_t mac_cmac_vect11_data[] = {
1581 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1582 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1583 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1584 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1585 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1586};
1587
1588static const uint8_t mac_cmac_vect11_out[] = {
1589 0xaa, 0xf3, 0xd8, 0xf1, 0xde, 0x56, 0x40, 0xc2,
1590 0x32, 0xf5, 0xb1, 0x69, 0xb9, 0xc9, 0x11, 0xe6
1591};
1592
1593#define mac_cmac_vect12_key mac_cmac_vect9_key
1594static const uint8_t mac_cmac_vect12_data[] = {
1595 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1596 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1597 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1598 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1599 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1600 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1601 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1602 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1603};
1604
1605static const uint8_t mac_cmac_vect12_out[] = {
1606 0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5,
1607 0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10
1608};
1609
1610struct xtest_mac_case {
1611 uint32_t algo;
1612 uint32_t key_type;
1613 const uint8_t *key;
1614 size_t key_len;
1615 size_t in_incr;
1616 const uint8_t *in;
1617 size_t in_len;
1618 const uint8_t *out;
1619 size_t out_len;
1620};
1621
1622#define XTEST_MAC_CASE(algo, key_type, key, in_incr, in, out) \
1623 { (algo), (key_type), (key), ARRAY_SIZE(key), \
1624 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
1625
1626#define XTEST_MAC_CBC_CASE(algo, key_type, vect, in_incr) \
1627 XTEST_MAC_CASE((algo), (key_type), \
1628 mac_cbc_ ## vect ## _key, (in_incr), \
1629 mac_cbc_ ## vect ## _data, mac_cbc_ ## vect ## _out)
1630
1631#define XTEST_MAC_CMAC_CASE(vect, in_incr) \
1632 XTEST_MAC_CASE(TEE_ALG_AES_CMAC, TEE_TYPE_AES, \
1633 mac_cmac_ ## vect ## _key, (in_incr), \
1634 mac_cmac_ ## vect ## _data, mac_cmac_ ## vect ## _out)
1635
1636static const struct xtest_mac_case mac_cases[] = {
1637 XTEST_MAC_CASE(TEE_ALG_HMAC_MD5, TEE_TYPE_HMAC_MD5,
1638 mac_data_md5_key1,
1639 4, mac_data_md5_in1, mac_data_md5_out1),
1640 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA1, TEE_TYPE_HMAC_SHA1,
1641 mac_data_sha1_key1,
1642 5, mac_data_sha1_in1, mac_data_sha1_out1),
1643 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA224, TEE_TYPE_HMAC_SHA224,
1644 mac_data_sha224_key1,
1645 8, mac_data_sha224_in1, mac_data_sha224_out1),
1646 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1647 mac_data_sha256_key1,
1648 1, mac_data_sha256_in1, mac_data_sha256_out1),
1649 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1650 mac_data_sha256_key2,
1651 7, mac_data_sha256_in2, mac_data_sha256_out2),
1652 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA384, TEE_TYPE_HMAC_SHA384,
1653 mac_data_sha384_key1,
1654 11, mac_data_sha384_in1, mac_data_sha384_out1),
1655 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA512, TEE_TYPE_HMAC_SHA512,
1656 mac_data_sha512_key1,
1657 13, mac_data_sha512_in1, mac_data_sha512_out1),
1658
1659 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_NOPAD, TEE_TYPE_AES, vect1, 14),
1660 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_NOPAD, TEE_TYPE_DES, vect2, 16),
1661 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_NOPAD, TEE_TYPE_DES3, vect3,
1662 17),
1663 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect4, 11),
1664 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect5, 9),
1665 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect6, 4),
1666 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect7, 3),
1667 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect8, 23),
1668 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect9,
1669 34),
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1670 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect10, 4),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1671
1672 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect1_key,
1673 ARRAY_SIZE(mac_cmac_vect1_key), 0, NULL, 0, mac_cmac_vect1_out,
1674 ARRAY_SIZE(mac_cmac_vect1_out) },
1675 XTEST_MAC_CMAC_CASE(vect2, 9),
1676 XTEST_MAC_CMAC_CASE(vect3, 9),
1677 XTEST_MAC_CMAC_CASE(vect4, 9),
1678 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect5_key,
1679 ARRAY_SIZE(mac_cmac_vect5_key), 0, NULL, 0, mac_cmac_vect5_out,
1680 ARRAY_SIZE(mac_cmac_vect5_out) },
1681 XTEST_MAC_CMAC_CASE(vect6, 9),
1682 XTEST_MAC_CMAC_CASE(vect7, 9),
1683 XTEST_MAC_CMAC_CASE(vect8, 9),
1684 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect9_key,
1685 ARRAY_SIZE(mac_cmac_vect9_key), 0, NULL, 0, mac_cmac_vect9_out,
1686 ARRAY_SIZE(mac_cmac_vect9_out) },
1687 XTEST_MAC_CMAC_CASE(vect10, 9),
1688 XTEST_MAC_CMAC_CASE(vect11, 9),
1689 XTEST_MAC_CMAC_CASE(vect12, 9),
1690};
1691
1692static void xtest_tee_test_4002(ADBG_Case_t *c)
1693{
1694 TEEC_Session session = { 0 };
1695 TEE_OperationHandle op1;
1696 TEE_OperationHandle op2;
1697 TEE_ObjectHandle key_handle;
1698 uint8_t out[64];
1699 size_t out_size;
1700 uint32_t ret_orig;
1701 size_t n;
1702
1703 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1704 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1705 &ret_orig)))
1706 return;
1707
1708 for (n = 0; n < ARRAY_SIZE(mac_cases); n++) {
1709 TEE_Attribute key_attr;
1710 size_t key_size;
1711
1712 Do_ADBG_BeginSubCase(c, "MAC case %d algo 0x%x",
1713 (int)n, (unsigned int)mac_cases[n].algo);
1714
1715 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
1716 key_attr.content.ref.buffer = (void *)mac_cases[n].key;
1717 key_attr.content.ref.length = mac_cases[n].key_len;
1718
1719 key_size = key_attr.content.ref.length * 8;
1720 if (mac_cases[n].key_type == TEE_TYPE_DES ||
1721 mac_cases[n].key_type == TEE_TYPE_DES3)
1722 /* Exclude parity in bit size of key */
1723 key_size -= key_size / 8;
1724
1725 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1726 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1727 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1728 goto out;
1729
1730 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1731 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1732 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1733 goto out;
1734
1735 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1736 ta_crypt_cmd_allocate_transient_object(c, &session,
1737 mac_cases[n].key_type, key_size, &key_handle)))
1738 goto out;
1739
1740 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1741 ta_crypt_cmd_populate_transient_object(c, &session,
1742 key_handle, &key_attr, 1)))
1743 goto out;
1744
1745 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1746 ta_crypt_cmd_set_operation_key(c, &session, op1,
1747 key_handle)))
1748 goto out;
1749
1750 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1751 ta_crypt_cmd_free_transient_object(c, &session,
1752 key_handle)))
1753 goto out;
1754
1755 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1756 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1757 goto out;
1758
1759 if (mac_cases[n].in != NULL) {
1760 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1761 ta_crypt_cmd_mac_update(c, &session, op1,
1762 mac_cases[n].in, mac_cases[n].in_incr)))
1763 goto out;
1764 }
1765
1766 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1767 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1768 goto out;
1769
1770 out_size = sizeof(out);
1771 memset(out, 0, sizeof(out));
1772 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1773 ta_crypt_cmd_mac_final_compute(c, &session, op2,
1774 mac_cases[n].in + mac_cases[n].in_incr,
1775 mac_cases [n].in_len - mac_cases[n].in_incr,
1776 out, &out_size)))
1777 goto out;
1778
1779 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1780 mac_cases[n].out_len, out, out_size);
1781
1782 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1783 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1784 goto out;
1785
1786 out_size = sizeof(out);
1787 memset(out, 0, sizeof(out));
1788 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1789 ta_crypt_cmd_mac_final_compute(c, &session, op1,
1790 mac_cases[n].in, mac_cases[n].in_len, out,
1791 &out_size)))
1792 goto out;
1793
1794 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1795 mac_cases[n].out_len, out, out_size);
1796
1797 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1798 ta_crypt_cmd_free_operation(c, &session, op1)))
1799 goto out;
1800
1801 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1802 ta_crypt_cmd_free_operation(c, &session, op2)))
1803 goto out;
1804
1805 Do_ADBG_EndSubCase(c, NULL);
1806 }
1807out:
1808 TEEC_CloseSession(&session);
1809}
1810
1811/* generated with scripts/crypt_aes_cbc_nopad.pl */
1812static const uint8_t ciph_data_aes_key1[] = {
1813 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1814 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1815};
1816
1817static const uint8_t ciph_data_des_key1[] = {
1818 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 /* 01234567 */
1819};
1820
1821static const uint8_t ciph_data_des_key2[] = {
1822 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1823};
1824
1825
1826static const uint8_t ciph_data_des3_key1[] = {
1827 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1828 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1829 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1830};
1831
1832static const uint8_t ciph_data_des3_key2[] = {
1833 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1834 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1835 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1836};
1837
1838static const uint8_t ciph_data_des2_key1[] = {
1839 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1840 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1841};
1842
1843static const uint8_t ciph_data_in1[] = {
1844 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1845 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1846 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1847 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1848 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1849 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1850};
1851
1852static const uint8_t ciph_data_in3[] = {
1853 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1854 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1855 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1856 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1857 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1858 0x43, 0x44, 0x45, 0x46, 0x30, /* CDEF0 */
1859};
1860
1861static const uint8_t ciph_data_128_iv1[] = {
1862 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1863 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, /* 9ABCDEF0 */
1864};
1865
1866static const uint8_t ciph_data_64_iv1[] = {
1867 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1868};
1869
1870static const uint8_t ciph_data_in2[] = {
1871 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
1872};
1873
1874static const uint8_t ciph_data_aes_ecb_nopad_out1[] = {
1875 0xA5, 0xBE, 0x14, 0xD5, 0x01, 0x05, 0x24, 0x48, /* ......$H */
1876 0x58, 0x1A, 0x6B, 0x82, 0xD4, 0x41, 0xD2, 0xB3, /* X.k..A.. */
1877 0xBB, 0xF9, 0xAE, 0x37, 0x94, 0xAC, 0x18, 0x50, /* ...7...P */
1878 0x87, 0x09, 0xCC, 0x3F, 0x43, 0xD2, 0xC2, 0xB7, /* ...?C... */
1879 0xD7, 0x6F, 0x84, 0x07, 0xB4, 0x78, 0xCE, 0x34, /* .o...x.4 */
1880 0x48, 0xC9, 0x16, 0x86, 0x42, 0xB8, 0xFF, 0xCF, /* H...B... */
1881};
1882
1883static const uint8_t ciph_data_aes_cbc_nopad_out1[] = {
1884 0x8D, 0x9F, 0x88, 0xD8, 0xAF, 0x9F, 0xC1, 0x3B, /* .......; */
1885 0x02, 0x15, 0x43, 0x6A, 0x8C, 0x1E, 0x34, 0x5C, /* ..Cj..4\ */
1886 0x83, 0xF4, 0x85, 0x3E, 0x43, 0x0F, 0xE5, 0x5F, /* ...>C.._ */
1887 0x81, 0x4C, 0xC0, 0x28, 0x3F, 0xD9, 0x98, 0x53, /* .L.(?..S */
1888 0xB1, 0x44, 0x51, 0x38, 0x21, 0xAB, 0x10, 0xCE, /* .DQ8!... */
1889 0xC2, 0xEC, 0x65, 0x54, 0xDD, 0x5C, 0xEA, 0xDC, /* ..eT.\.. */
1890};
1891
1892static const uint8_t ciph_data_aes_ctr_out1[] = {
1893 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1894 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1895 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1896 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1897 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1898 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1899};
1900
1901static const uint8_t ciph_data_aes_ctr_out2[] = {
1902 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1903 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1904 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1905 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1906 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1907 0x72, 0x0E, 0x3C, 0xD1, 0xA1, /* r.<.. */
1908};
1909
1910static const uint8_t ciph_data_aes_cbc_vect1_key[] = {
1911 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1912 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1913};
1914
1915static const uint8_t ciph_data_aes_cbc_vect1_iv[] = {
1916 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1917 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1918};
1919
1920static const uint8_t ciph_data_aes_cbc_vect1_ptx[] = {
1921 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1922 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1923 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1924 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1925 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1926 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1927 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1928 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1929 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1930 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1931 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1932 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1933 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1934 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1935 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1936 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1937 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1938 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1939 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1940 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1941};
1942
1943static const uint8_t ciph_data_aes_cbc_vect1_ctx[] = {
1944 0xDD, 0x16, 0xC3, 0x47, 0x69, 0xEC, 0xF5, 0x86, /* ...Gi... */
1945 0x20, 0xB4, 0xF7, 0xE3, 0xB9, 0x36, 0xE8, 0xAC, /* ....6.. */
1946 0xC9, 0xA2, 0x11, 0x71, 0x3B, 0x10, 0x9D, 0x45, /* ...q;..E */
1947 0xCA, 0xE2, 0x49, 0xA6, 0x4E, 0x56, 0x07, 0xC5, /* ..I.NV.. */
1948 0xCE, 0xA3, 0x14, 0xB5, 0x30, 0x1B, 0x63, 0xBB, /* ....0.c. */
1949 0x2D, 0x6F, 0xE9, 0xCA, 0x0B, 0x00, 0x31, 0x3F, /* -o....1? */
1950 0xA4, 0x9A, 0x39, 0xE1, 0xC8, 0xD2, 0x24, 0x95, /* ..9...$. */
1951 0x14, 0xE9, 0xD2, 0x43, 0xE8, 0xA8, 0x1E, 0x0A, /* ...C.... */
1952 0xFE, 0x9D, 0x4F, 0xF5, 0xBB, 0x16, 0xB9, 0x54, /* ..O....T */
1953 0x78, 0x07, 0x94, 0x05, 0x8E, 0x47, 0xC3, 0xCB, /* x....G.. */
1954 0x7C, 0xEC, 0xF4, 0xF8, 0xF2, 0xA4, 0x59, 0x6E, /* |.....Yn */
1955 0xED, 0xAD, 0x7F, 0x62, 0xAF, 0x89, 0xA8, 0x5B, /* ...b...[ */
1956 0x75, 0xD4, 0x73, 0xE3, 0xBA, 0x9F, 0x9A, 0xD2, /* u.s..... */
1957 0x0F, 0xFD, 0x3C, 0xE6, 0xC6, 0xA4, 0xD6, 0x6C, /* ..<....l */
1958 0x6A, 0x09, 0xE2, 0x16, 0xB0, 0x8C, 0x69, 0x3C, /* j.....i< */
1959 0xC8, 0x1C, 0xE4, 0x3E, 0x86, 0x4D, 0xB0, 0x2B, /* ...>.M.+ */
1960 0x29, 0xA0, 0x5A, 0xA3, 0x67, 0xBA, 0xDC, 0x11, /* ).Z.g... */
1961 0x08, 0x5E, 0x69, 0xB4, 0x6F, 0xA5, 0xE2, 0xB8, /* .^i.o... */
1962 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1963 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1964};
1965
1966/* AES-CTS test vectors from http://tools.ietf.org/html/rfc3962
1967 * and http://tools.ietf.org/html/draft-raeburn-krb-rijndael-krb-02 */
1968static const uint8_t ciph_data_aes_cts_vect1_key[] = {
1969 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
1970 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
1971};
1972
1973static const uint8_t ciph_data_aes_cts_vect1_iv[16] = {
1974 0x00
1975};
1976
1977static const uint8_t ciph_data_aes_cts_vect1_ptx[] = {
1978 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1979 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1980 0x20
1981};
1982
1983static const uint8_t ciph_data_aes_cts_vect1_ctx[] = {
1984 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
1985 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
1986 0x97
1987};
1988
1989#define ciph_data_aes_cts_vect2_key ciph_data_aes_cts_vect1_key
1990#define ciph_data_aes_cts_vect2_iv ciph_data_aes_cts_vect1_iv
1991static const uint8_t ciph_data_aes_cts_vect2_ptx[] = {
1992 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1993 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1994 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1995 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20
1996};
1997
1998static const uint8_t ciph_data_aes_cts_vect2_ctx[] = {
1999 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
2000 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
2001 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2002 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
2003};
2004
2005#define ciph_data_aes_cts_vect3_key ciph_data_aes_cts_vect1_key
2006#define ciph_data_aes_cts_vect3_iv ciph_data_aes_cts_vect1_iv
2007static const uint8_t ciph_data_aes_cts_vect3_ptx[] = {
2008 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2009 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2010 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2011 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2012};
2013
2014static const uint8_t ciph_data_aes_cts_vect3_ctx[] = {
2015 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2016 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2017 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2018 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2019};
2020
2021#define ciph_data_aes_cts_vect4_key ciph_data_aes_cts_vect1_key
2022#define ciph_data_aes_cts_vect4_iv ciph_data_aes_cts_vect1_iv
2023static const uint8_t ciph_data_aes_cts_vect4_ptx[] = {
2024 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2025 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2026 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2027 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2028 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2029 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c,
2030};
2031
2032static const uint8_t ciph_data_aes_cts_vect4_ctx[] = {
2033 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2034 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2035 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
2036 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
2037 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2038 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5,
2039};
2040
2041#define ciph_data_aes_cts_vect5_key ciph_data_aes_cts_vect1_key
2042#define ciph_data_aes_cts_vect5_iv ciph_data_aes_cts_vect1_iv
2043static const uint8_t ciph_data_aes_cts_vect5_ptx[] = {
2044 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2045 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2046 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2047 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2048 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2049 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
2050};
2051
2052static const uint8_t ciph_data_aes_cts_vect5_ctx[] = {
2053 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2054 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2055 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
2056 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
2057 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2058 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2059};
2060
2061#define ciph_data_aes_cts_vect6_key ciph_data_aes_cts_vect1_key
2062#define ciph_data_aes_cts_vect6_iv ciph_data_aes_cts_vect1_iv
2063static const uint8_t ciph_data_aes_cts_vect6_ptx[] = {
2064 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2065 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2066 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2067 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2068 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2069 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
2070 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74,
2071 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e,
2072};
2073
2074static const uint8_t ciph_data_aes_cts_vect6_ctx[] = {
2075 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2076 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2077 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2078 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2079 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
2080 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
2081 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
2082 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
2083};
2084
2085static const uint8_t ciph_data_des_ecb_nopad_out1[] = {
2086 0x46, 0x2B, 0x91, 0xA8, 0x55, 0xE6, 0x7E, 0x75, /* F+..U.~u */
2087 0x5E, 0x53, 0xF4, 0x8F, 0x29, 0x41, 0x4E, 0xEF, /* ^S..)AN. */
2088 0x32, 0x1B, 0x58, 0x42, 0x9B, 0xB4, 0x3A, 0x1F, /* 2.XB..:. */
2089 0x9A, 0xEA, 0xA4, 0xB4, 0xCD, 0xE9, 0x87, 0x7C, /* .......| */
2090 0xC0, 0x05, 0x34, 0xED, 0x86, 0x3C, 0x2A, 0x81, /* ..4..<.. */
2091 0x5E, 0x93, 0x0E, 0x86, 0xA9, 0xBB, 0x80, 0xFF, /* ^....... */
2092};
2093
2094static const uint8_t ciph_data_des_ecb_nopad_out2[] = {
2095 0x85, 0xE8, 0x13, 0x54, 0x0F, 0x0A, 0xB4, 0x05
2096};
2097
2098static const uint8_t ciph_data_des_cbc_nopad_out1[] = {
2099 0xAD, 0xD6, 0xD6, 0x3E, 0x88, 0xD0, 0xDD, 0xD4, /* ...>.... */
2100 0x9A, 0x93, 0x95, 0xA0, 0x86, 0x22, 0x5B, 0x9E, /* ....."[. */
2101 0x84, 0x0C, 0x6F, 0x12, 0x04, 0x11, 0x6F, 0xD4, /* ..o...o. */
2102 0x12, 0x29, 0xC6, 0x78, 0x0C, 0xFB, 0x58, 0x5B, /* .).x..X[ */
2103 0x66, 0x82, 0x0E, 0x52, 0xDC, 0x25, 0x16, 0x51, /* f..R.%.Q */
2104 0x69, 0xDF, 0xFE, 0x4E, 0x11, 0x1D, 0x9D, 0x08, /* i..N.... */
2105};
2106
2107static const uint8_t ciph_data_des3_ecb_nopad_out1[] = {
2108 0xA7, 0x46, 0xEC, 0xA8, 0x6A, 0x7F, 0x4A, 0xF1, /* .F..j.J. */
2109 0x44, 0x60, 0x37, 0x3B, 0x7F, 0x76, 0xE5, 0xFF, /* D`7;.v.. */
2110 0xC1, 0xE7, 0xA5, 0x04, 0x9C, 0x29, 0x5C, 0xA5, /* .....)\. */
2111 0xDD, 0xC8, 0xEE, 0x36, 0x1F, 0x48, 0xE0, 0xA9, /* ...6.H.. */
2112 0x82, 0x2D, 0x53, 0x84, 0x49, 0x69, 0x78, 0xFA, /* .-S.Iix. */
2113 0x23, 0x69, 0x1D, 0xF7, 0x08, 0x38, 0x44, 0x05, /* #i...8D. */
2114};
2115
2116static const uint8_t ciph_data_des3_cbc_nopad_out1[] = {
2117 0x18, 0x09, 0xEB, 0x98, 0xE4, 0x58, 0x72, 0x11, /* .....Xr. */
2118 0x30, 0x58, 0xAB, 0x38, 0xB0, 0xC9, 0x2B, 0xED, /* 0X.8..+. */
2119 0xDA, 0xC5, 0xE8, 0xA9, 0xF6, 0x8A, 0xA7, 0x80, /* ........ */
2120 0xBE, 0x54, 0x1F, 0x63, 0xF6, 0xEE, 0xA2, 0x4C, /* .T.c...L */
2121 0x7C, 0xEB, 0x84, 0x7D, 0xDA, 0xCA, 0x1E, 0xB2, /* |..}.... */
2122 0xED, 0x5E, 0x96, 0xB8, 0x01, 0x4B, 0x77, 0x02, /* .^...Kw. */
2123};
2124
2125static const uint8_t ciph_data_des2_ecb_nopad_out1[] = {
2126 0xAB, 0x12, 0xB6, 0xE2, 0x4A, 0x3A, 0x26, 0x14, /* ....J:&. */
2127 0xF0, 0x7D, 0x23, 0xD0, 0x55, 0xDF, 0x5C, 0x16, /* .}#.U.\. */
2128 0x43, 0x59, 0x1E, 0x44, 0x01, 0x76, 0xD7, 0x50, /* CY.D.v.P */
2129 0x44, 0xC0, 0x15, 0xDF, 0x2E, 0x7F, 0x8B, 0xC5, /* D....... */
2130 0xFF, 0x8B, 0x87, 0xFE, 0x33, 0xD7, 0xCB, 0x2C, /* ....3.., */
2131 0xDA, 0x79, 0x6F, 0xA4, 0x05, 0x2B, 0x30, 0xCE, /* .yo..+0. */
2132};
2133
2134static const uint8_t ciph_data_des2_cbc_nopad_out1[] = {
2135 0x47, 0x2F, 0xB1, 0x83, 0xC4, 0xBB, 0x93, 0x16, /* G/...... */
2136 0x73, 0xF9, 0xAD, 0x6F, 0x00, 0xF9, 0xCB, 0x4A, /* s..o...J */
2137 0x0F, 0x4F, 0x75, 0x75, 0xFB, 0x39, 0x0B, 0xFC, /* .Ouu.9.. */
2138 0x9F, 0x48, 0x52, 0xAD, 0xA2, 0x75, 0x2C, 0xF1, /* .HR..u, . */
2139 0x7D, 0xC3, 0x8F, 0x16, 0xCF, 0xC9, 0x76, 0x29, /* }.....v) */
2140 0x1A, 0xBF, 0xB3, 0xD9, 0x10, 0x7E, 0xAA, 0x49, /* .....~.I */
2141};
2142
2143struct xtest_ciph_case {
2144 uint32_t algo;
2145 uint32_t mode;
2146 uint32_t key_type;
2147 const uint8_t *key1;
2148 size_t key1_len;
2149 const uint8_t *key2;
2150 size_t key2_len;
2151 const uint8_t *iv;
2152 size_t iv_len;
2153 size_t in_incr;
2154 const uint8_t *in;
2155 size_t in_len;
2156 const uint8_t *out;
2157 size_t out_len;
2158 size_t line;
2159};
2160
2161#define XTEST_CIPH_CASE_NO_IV(algo, key_type, key, in_incr, ptx, ctx) \
2162 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2163 NULL, 0, NULL, 0, \
2164 (in_incr), (ptx), ARRAY_SIZE(ptx), (ctx), ARRAY_SIZE(ctx), \
2165 __LINE__ }, \
2166 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2167 NULL, 0, NULL, 0, \
2168 (in_incr), (ctx), ARRAY_SIZE(ctx), (ptx), ARRAY_SIZE(ptx), __LINE__ }
2169
2170#define XTEST_CIPH_CASE(algo, key_type, key, iv, in_incr, ptx, ctx) \
2171 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2172 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ptx), ARRAY_SIZE(ptx), \
2173 (ctx), ARRAY_SIZE(ctx), __LINE__ }, \
2174 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2175 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ctx), ARRAY_SIZE(ctx), \
2176 (ptx), ARRAY_SIZE(ptx), __LINE__ }
2177
2178#define XTEST_CIPH_CASE_AES_XTS(vect, in_incr) \
2179 { TEE_ALG_AES_XTS, TEE_MODE_ENCRYPT, TEE_TYPE_AES, \
2180 ciph_data_aes_xts_ ## vect ## _key1, \
2181 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2182 ciph_data_aes_xts_ ## vect ## _key2, \
2183 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2184 ciph_data_aes_xts_ ## vect ## _iv, \
2185 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2186 (in_incr), \
2187 ciph_data_aes_xts_ ## vect ## _ptx, \
2188 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), \
2189 ciph_data_aes_xts_ ## vect ## _ctx, \
2190 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), __LINE__ }, \
2191 { TEE_ALG_AES_XTS, TEE_MODE_DECRYPT, TEE_TYPE_AES, \
2192 ciph_data_aes_xts_ ## vect ## _key1, \
2193 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2194 ciph_data_aes_xts_ ## vect ## _key2, \
2195 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2196 ciph_data_aes_xts_ ## vect ## _iv, \
2197 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2198 (in_incr), \
2199 ciph_data_aes_xts_ ## vect ## _ctx, \
2200 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), \
2201 ciph_data_aes_xts_ ## vect ## _ptx, \
2202 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), __LINE__ }
2203
2204#define XTEST_CIPH_CASE_AES_CBC(vect, in_incr) \
2205 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES, \
2206 ciph_data_aes_cbc_ ## vect ## _key, \
2207 ciph_data_aes_cbc_ ## vect ## _iv, \
2208 (in_incr), ciph_data_aes_cbc_ ## vect ## _ptx, \
2209 ciph_data_aes_cbc_ ## vect ## _ctx)
2210
2211#define XTEST_CIPH_CASE_AES_CTS(vect, in_incr) \
2212 XTEST_CIPH_CASE(TEE_ALG_AES_CTS, TEE_TYPE_AES, \
2213 ciph_data_aes_cts_ ## vect ## _key, \
2214 ciph_data_aes_cts_ ## vect ## _iv, \
2215 (in_incr), ciph_data_aes_cts_ ## vect ## _ptx, \
2216 ciph_data_aes_cts_ ## vect ## _ctx)
2217
2218static const struct xtest_ciph_case ciph_cases[] = {
2219 /* AES */
2220 XTEST_CIPH_CASE_NO_IV(TEE_ALG_AES_ECB_NOPAD, TEE_TYPE_AES,
2221 ciph_data_aes_key1, 11, ciph_data_in1,
2222 ciph_data_aes_ecb_nopad_out1),
2223 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES,
2224 ciph_data_aes_key1, ciph_data_128_iv1, 11,
2225 ciph_data_in1,
2226 ciph_data_aes_cbc_nopad_out1),
2227 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2228 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2229 ciph_data_in1,
2230 ciph_data_aes_ctr_out1),
2231 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2232 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2233 ciph_data_in3,
2234 ciph_data_aes_ctr_out2),
2235
2236 XTEST_CIPH_CASE_AES_CBC(vect1, 11),
2237
2238 /* AES-CTS */
2239 XTEST_CIPH_CASE_AES_CTS(vect1, 13),
2240 XTEST_CIPH_CASE_AES_CTS(vect2, 14),
2241 XTEST_CIPH_CASE_AES_CTS(vect3, 11),
2242 XTEST_CIPH_CASE_AES_CTS(vect4, 9),
2243 XTEST_CIPH_CASE_AES_CTS(vect5, 7),
2244 XTEST_CIPH_CASE_AES_CTS(vect6, 17),
2245 XTEST_CIPH_CASE_AES_CTS(vect6, 0x20),
2246
2247 /* DES */
2248 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2249 ciph_data_des_key1, 14, ciph_data_in1,
2250 ciph_data_des_ecb_nopad_out1),
2251 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2252 ciph_data_des_key2, 3, ciph_data_in2,
2253 ciph_data_des_ecb_nopad_out2),
2254 XTEST_CIPH_CASE(TEE_ALG_DES_CBC_NOPAD, TEE_TYPE_DES,
2255 ciph_data_des_key1, ciph_data_64_iv1, 15, ciph_data_in1,
2256 ciph_data_des_cbc_nopad_out1),
2257
2258 /* DES3 */
2259 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2260 ciph_data_des3_key1, 11, ciph_data_in1,
2261 ciph_data_des3_ecb_nopad_out1),
2262 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2263 ciph_data_des3_key2, 3, ciph_data_in2,
2264 ciph_data_des_ecb_nopad_out2),
2265 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2266 ciph_data_des3_key1, ciph_data_64_iv1, 11,
2267 ciph_data_in1,
2268 ciph_data_des3_cbc_nopad_out1),
2269
2270 /* DES2 */
2271 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2272 ciph_data_des2_key1, 11, ciph_data_in1,
2273 ciph_data_des2_ecb_nopad_out1),
2274 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2275 ciph_data_des2_key1, ciph_data_64_iv1, 11,
2276 ciph_data_in1,
2277 ciph_data_des2_cbc_nopad_out1),
2278};
2279
2280static const struct xtest_ciph_case ciph_cases_xts[] = {
2281 /* AES-XTS */
2282 XTEST_CIPH_CASE_AES_XTS(vect1, 3),
2283 XTEST_CIPH_CASE_AES_XTS(vect2, 6),
2284 XTEST_CIPH_CASE_AES_XTS(vect3, 7),
2285 XTEST_CIPH_CASE_AES_XTS(vect4, 8),
2286 XTEST_CIPH_CASE_AES_XTS(vect5, 9),
2287 XTEST_CIPH_CASE_AES_XTS(vect6, 13),
2288 XTEST_CIPH_CASE_AES_XTS(vect7, 1),
2289 XTEST_CIPH_CASE_AES_XTS(vect8, 3),
2290 XTEST_CIPH_CASE_AES_XTS(vect9, 2),
2291 XTEST_CIPH_CASE_AES_XTS(vect10, 5),
2292 XTEST_CIPH_CASE_AES_XTS(vect11, 6),
2293 XTEST_CIPH_CASE_AES_XTS(vect12, 7),
2294 XTEST_CIPH_CASE_AES_XTS(vect13, 3),
2295 XTEST_CIPH_CASE_AES_XTS(vect14, 2),
2296 XTEST_CIPH_CASE_AES_XTS(vect15, 0),
2297 XTEST_CIPH_CASE_AES_XTS(vect16, 9),
2298 XTEST_CIPH_CASE_AES_XTS(vect17, 6),
2299 XTEST_CIPH_CASE_AES_XTS(vect18, 8),
2300 XTEST_CIPH_CASE_AES_XTS(vect19, 23),
2301};
2302
2303static void xtest_tee_test_4003_no_xts(ADBG_Case_t *c)
2304{
2305 TEEC_Session session = { 0 };
2306 TEE_OperationHandle op;
2307 TEE_ObjectHandle key1_handle = TEE_HANDLE_NULL;
2308 TEE_ObjectHandle key2_handle = TEE_HANDLE_NULL;
2309 uint8_t out[2048];
2310 size_t out_size;
2311 size_t out_offs;
2312 uint32_t ret_orig;
2313 size_t n;
2314
2315 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2316 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2317 &ret_orig)))
2318 return;
2319
2320 for (n = 0; n < ARRAY_SIZE(ciph_cases); n++) {
2321 TEE_Attribute key_attr;
2322 size_t key_size;
2323 size_t op_key_size;
2324
2325
2326 Do_ADBG_BeginSubCase(c, "Cipher case %d algo 0x%x line %d",
2327 (int)n, (unsigned int)ciph_cases[n].algo,
2328 (int)ciph_cases[n].line);
2329
2330 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2331 key_attr.content.ref.buffer = (void *)ciph_cases[n].key1;
2332 key_attr.content.ref.length = ciph_cases[n].key1_len;
2333
2334 key_size = key_attr.content.ref.length * 8;
2335 if (ciph_cases[n].key_type == TEE_TYPE_DES ||
2336 ciph_cases[n].key_type == TEE_TYPE_DES3)
2337 /* Exclude parity in bit size of key */
2338 key_size -= key_size / 8;
2339
2340 op_key_size = key_size;
2341 if (ciph_cases[n].key2 != NULL)
2342 op_key_size *= 2;
2343
2344 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2345 ta_crypt_cmd_allocate_operation(c, &session, &op,
2346 ciph_cases[n].algo, ciph_cases[n].mode,
2347 op_key_size)))
2348 goto out;
2349
2350 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2351 ta_crypt_cmd_allocate_transient_object(c, &session,
2352 ciph_cases[n].key_type, key_size,
2353 &key1_handle)))
2354 goto out;
2355
2356 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2357 ta_crypt_cmd_populate_transient_object(c, &session,
2358 key1_handle, &key_attr, 1)))
2359 goto out;
2360
2361 if (ciph_cases[n].key2 != NULL) {
2362 key_attr.content.ref.buffer =
2363 (void *)ciph_cases[n].key2;
2364 key_attr.content.ref.length = ciph_cases[n].key2_len;
2365
2366 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2367 ta_crypt_cmd_allocate_transient_object(c,
2368 &session, ciph_cases[n].key_type,
2369 key_attr.content.ref.length * 8,
2370 &key2_handle)))
2371 goto out;
2372
2373 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2374 ta_crypt_cmd_populate_transient_object(c,
2375 &session, key2_handle, &key_attr, 1)))
2376 goto out;
2377
2378 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2379 ta_crypt_cmd_set_operation_key2(c, &session, op,
2380 key1_handle, key2_handle)))
2381 goto out;
2382 } else {
2383 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2384 ta_crypt_cmd_set_operation_key(c, &session, op,
2385 key1_handle)))
2386 goto out;
2387 }
2388
2389 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2390 ta_crypt_cmd_free_transient_object(c, &session,
2391 key1_handle)))
2392 goto out;
2393 key1_handle = TEE_HANDLE_NULL;
2394
2395 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2396 ta_crypt_cmd_free_transient_object(c, &session,
2397 key2_handle)))
2398 goto out;
2399 key2_handle = TEE_HANDLE_NULL;
2400
2401 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2402 ta_crypt_cmd_cipher_init(c, &session, op,
2403 ciph_cases[n].iv, ciph_cases[n].iv_len)))
2404 goto out;
2405
2406 out_offs = 0;
2407 out_size = sizeof(out);
2408 memset(out, 0, sizeof(out));
2409 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2410 ta_crypt_cmd_cipher_update(c, &session, op,
2411 ciph_cases[n].in, ciph_cases[n].in_incr, out,
2412 &out_size)))
2413 goto out;
2414
2415 out_offs += out_size;
2416 out_size = sizeof(out) - out_offs;
2417
2418 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2419 ta_crypt_cmd_cipher_do_final(c, &session, op,
2420 ciph_cases[n].in + ciph_cases[n].in_incr,
2421 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2422 out + out_offs,
2423 &out_size)))
2424 goto out;
2425
2426 out_offs += out_size;
2427
2428 (void)ADBG_EXPECT_BUFFER(c, ciph_cases[n].out,
2429 ciph_cases[n].out_len, out, out_offs);
2430
2431 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2432 ta_crypt_cmd_free_operation(c, &session, op)))
2433 goto out;
2434
2435 Do_ADBG_EndSubCase(c, NULL);
2436 }
2437out:
2438 TEEC_CloseSession(&session);
2439}
2440
2441/*
2442 * This is a split of the original xtest 4003 as eary version of the ST TEE.
2443 *
2444 * Core did not support xts.
2445 */
2446static void xtest_tee_test_4003_xts(ADBG_Case_t *c)
2447{
2448 TEEC_Session session = { 0 };
2449 TEE_OperationHandle op;
2450 TEE_ObjectHandle key1_handle = TEE_HANDLE_NULL;
2451 TEE_ObjectHandle key2_handle = TEE_HANDLE_NULL;
2452 uint8_t out[2048];
2453 size_t out_size;
2454 size_t out_offs;
2455 uint32_t ret_orig;
2456 size_t n;
2457
2458 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2459 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2460 &ret_orig)))
2461 return;
2462
2463 for (n = 0; n < ARRAY_SIZE(ciph_cases_xts); n++) {
2464 TEE_Attribute key_attr;
2465 size_t key_size;
2466 size_t op_key_size;
2467
2468 Do_ADBG_BeginSubCase(c, "Cipher case %d algo 0x%x line %d",
2469 (int)n,
2470 (unsigned int)ciph_cases_xts[n].algo,
2471 (int)ciph_cases_xts[n].line);
2472
2473 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2474 key_attr.content.ref.buffer = (void *)ciph_cases_xts[n].key1;
2475 key_attr.content.ref.length = ciph_cases_xts[n].key1_len;
2476
2477 key_size = key_attr.content.ref.length * 8;
2478 if (ciph_cases_xts[n].key_type == TEE_TYPE_DES ||
2479 ciph_cases_xts[n].key_type == TEE_TYPE_DES3)
2480 /* Exclude parity in bit size of key */
2481 key_size -= key_size / 8;
2482
2483 op_key_size = key_size;
2484 if (ciph_cases_xts[n].key2 != NULL)
2485 op_key_size *= 2;
2486
2487 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2488 ta_crypt_cmd_allocate_operation(c, &session, &op,
2489 ciph_cases_xts[n].algo, ciph_cases_xts[n].mode,
2490 op_key_size)))
2491 goto out;
2492
2493 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2494 ta_crypt_cmd_allocate_transient_object(c, &session,
2495 ciph_cases_xts[n].key_type, key_size,
2496 &key1_handle)))
2497 goto out;
2498
2499 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2500 ta_crypt_cmd_populate_transient_object(c, &session,
2501 key1_handle, &key_attr, 1)))
2502 goto out;
2503
2504 if (ciph_cases_xts[n].key2 != NULL) {
2505 key_attr.content.ref.buffer =
2506 (void *)ciph_cases_xts[n].key2;
2507
2508 key_attr.content.ref.length =
2509 ciph_cases_xts[n].key2_len;
2510
2511 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2512 ta_crypt_cmd_allocate_transient_object(c,
2513 &session, ciph_cases_xts[n].key_type,
2514 key_attr.content.ref.length * 8,
2515 &key2_handle)))
2516 goto out;
2517
2518 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2519 ta_crypt_cmd_populate_transient_object(c,
2520 &session, key2_handle, &key_attr, 1)))
2521 goto out;
2522
2523 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2524 ta_crypt_cmd_set_operation_key2(c, &session, op,
2525 key1_handle, key2_handle)))
2526 goto out;
2527 } else {
2528 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2529 ta_crypt_cmd_set_operation_key(c, &session, op,
2530 key1_handle)))
2531 goto out;
2532 }
2533
2534 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2535 ta_crypt_cmd_free_transient_object(c, &session,
2536 key1_handle)))
2537 goto out;
2538
2539 key1_handle = TEE_HANDLE_NULL;
2540
2541 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2542 ta_crypt_cmd_free_transient_object(c, &session,
2543 key2_handle)))
2544 goto out;
2545
2546 key2_handle = TEE_HANDLE_NULL;
2547
2548 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_cipher_init(c,
2549 &
2550 session,
2551 op,
2552 ciph_cases_xts
2553 [n].iv, ciph_cases_xts[n].iv_len)))
2554 goto out;
2555
2556 out_offs = 0;
2557 out_size = sizeof(out);
2558 memset(out, 0, sizeof(out));
2559 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2560 ta_crypt_cmd_cipher_update(c, &session, op,
2561 ciph_cases_xts[n].in, ciph_cases_xts[n].in_incr,
2562 out, &out_size)))
2563 goto out;
2564
2565 out_offs += out_size;
2566 out_size = sizeof(out) - out_offs;
2567
2568 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2569 ta_crypt_cmd_cipher_do_final(c, &session, op,
2570 ciph_cases_xts[n].in +
2571 ciph_cases_xts[n].in_incr,
2572 ciph_cases_xts[n].in_len -
2573 ciph_cases_xts[n].in_incr,
2574 out + out_offs,
2575 &out_size)))
2576 goto out;
2577 out_offs += out_size;
2578
2579 (void)ADBG_EXPECT_BUFFER(c, ciph_cases_xts[n].out,
2580 ciph_cases_xts[n].out_len, out,
2581 out_offs);
2582
2583 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2584 ta_crypt_cmd_free_operation(c, &session, op)))
2585 goto out;
2586
2587 Do_ADBG_EndSubCase(c, NULL);
2588 }
2589out:
2590 TEEC_CloseSession(&session);
2591}
2592
2593static void xtest_tee_test_4004(ADBG_Case_t *c)
2594{
2595 TEEC_Session session = { 0 };
2596 uint32_t ret_orig;
2597 uint8_t buf1[45] = { 0 };
2598 uint8_t buf2[45] = { 0 };
2599 static const uint8_t zeros[45] = { 0 };
2600
2601 Do_ADBG_BeginSubCase(c, "TEE get random");
2602 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2603 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2604 &ret_orig)))
2605 return;
2606
2607 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2608 ta_crypt_cmd_random_number_generate(c, &session, buf1,
2609 sizeof(buf1))))
2610 goto out;
2611
2612 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2613 0, !=, memcmp(buf1, zeros, sizeof(buf1)));
2614
2615 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2616 ta_crypt_cmd_random_number_generate(c, &session, buf2,
2617 sizeof(buf2))))
2618 goto out;
2619
2620 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2621 0, !=, memcmp(buf2, zeros, sizeof(buf2)));
2622
2623 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2624 0, !=, memcmp(buf2, buf1, sizeof(buf1)));
2625out:
2626 TEEC_CloseSession(&session);
2627 Do_ADBG_EndSubCase(c, "TEE get random");
2628}
2629
2630
2631struct xtest_ae_case {
2632 uint32_t algo;
2633 uint32_t mode;
2634 uint32_t key_type;
2635 const uint8_t *key;
2636 size_t key_len;
2637 const uint8_t *nonce;
2638 size_t nonce_len;
2639 size_t aad_incr;
2640 const uint8_t *aad;
2641 size_t aad_len;
2642 size_t in_incr;
2643 const uint8_t *ptx;
2644 size_t ptx_len;
2645 const uint8_t *ctx;
2646 size_t ctx_len;
2647 const uint8_t *tag;
2648 size_t tag_len;
2649 size_t line;
2650};
2651
2652
2653#define ARRAY(a) a, ARRAY_SIZE(a)
2654#define NULL_ARRAY(a) NULL, 0
2655
2656#define XTEST_AE_CASE(algo, vect, aad_incr, in_incr, \
2657 aad_array, ptx_array, ctx_array) \
2658 { (algo), TEE_MODE_ENCRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2659 ARRAY(vect ## _nonce), (aad_incr), \
2660 aad_array(vect ## _aad), (in_incr), \
2661 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2662 ARRAY(vect ## _tag), \
2663 __LINE__ }, \
2664 { (algo), TEE_MODE_DECRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2665 ARRAY(vect ## _nonce), (aad_incr), \
2666 aad_array(vect ## _aad), (in_incr), \
2667 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2668 ARRAY(vect ## _tag), \
2669 __LINE__ }
2670
2671#define XTEST_AE_CASE_AES_CCM(vect, aad_incr, in_incr) \
2672 XTEST_AE_CASE(TEE_ALG_AES_CCM, ae_data_aes_ccm_ ## vect, aad_incr, \
2673 in_incr, ARRAY, ARRAY, ARRAY)
2674
2675#define XTEST_AE_CASE_AES_GCM(vect, aad_incr, in_incr, \
2676 aad_array, ptx_array, ctx_array) \
2677 XTEST_AE_CASE(TEE_ALG_AES_GCM, ae_data_aes_gcm_ ## vect, aad_incr, \
2678 in_incr, aad_array, ptx_array, ctx_array)
2679
2680
2681
2682static const struct xtest_ae_case ae_cases[] = {
2683 XTEST_AE_CASE_AES_CCM(vect1, 3, 2),
2684 XTEST_AE_CASE_AES_CCM(vect2, 7, 13),
2685 XTEST_AE_CASE_AES_CCM(vect3, 5, 21),
2686
2687 XTEST_AE_CASE_AES_GCM(vect1, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2688 XTEST_AE_CASE_AES_GCM(vect2, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2689 XTEST_AE_CASE_AES_GCM(vect3, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2690 XTEST_AE_CASE_AES_GCM(vect3, 0, 0x20, NULL_ARRAY, ARRAY, ARRAY),
2691 XTEST_AE_CASE_AES_GCM(vect4, 5, 9, ARRAY, ARRAY, ARRAY),
2692 XTEST_AE_CASE_AES_GCM(vect5, 5, 9, ARRAY, ARRAY, ARRAY),
2693 XTEST_AE_CASE_AES_GCM(vect6, 5, 9, ARRAY, ARRAY, ARRAY),
2694 XTEST_AE_CASE_AES_GCM(vect7, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2695 XTEST_AE_CASE_AES_GCM(vect8, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2696 XTEST_AE_CASE_AES_GCM(vect9, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2697 XTEST_AE_CASE_AES_GCM(vect10, 5, 9, ARRAY, ARRAY, ARRAY),
2698 XTEST_AE_CASE_AES_GCM(vect11, 5, 9, ARRAY, ARRAY, ARRAY),
2699 XTEST_AE_CASE_AES_GCM(vect12, 5, 9, ARRAY, ARRAY, ARRAY),
2700 XTEST_AE_CASE_AES_GCM(vect13, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2701 XTEST_AE_CASE_AES_GCM(vect14, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2702 XTEST_AE_CASE_AES_GCM(vect15, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2703 XTEST_AE_CASE_AES_GCM(vect16, 5, 9, ARRAY, ARRAY, ARRAY),
2704 XTEST_AE_CASE_AES_GCM(vect17, 5, 9, ARRAY, ARRAY, ARRAY),
2705 XTEST_AE_CASE_AES_GCM(vect18, 5, 9, ARRAY, ARRAY, ARRAY),
2706};
2707
2708static void xtest_tee_test_4005(ADBG_Case_t *c)
2709{
2710 TEEC_Session session = { 0 };
2711 TEE_OperationHandle op;
2712 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
2713 TEE_Attribute key_attr;
2714 uint8_t out[512];
2715 size_t out_size;
2716 size_t out_offs;
2717 uint32_t ret_orig;
2718 size_t n;
2719
2720 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2721 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2722 &ret_orig)))
2723 return;
2724
2725 for (n = 0; n < ARRAY_SIZE(ae_cases); n++) {
2726 Do_ADBG_BeginSubCase(c, "AE case %d algo 0x%x line %d",
2727 (int)n, (unsigned int)ae_cases[n].algo,
2728 (int)ae_cases[n].line);
2729
2730 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2731 key_attr.content.ref.buffer = (void *)ae_cases[n].key;
2732 key_attr.content.ref.length = ae_cases[n].key_len;
2733
2734 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2735 ta_crypt_cmd_allocate_operation(c, &session, &op,
2736 ae_cases[n].algo, ae_cases[n].mode,
2737 key_attr.content.ref.length * 8)))
2738 goto out;
2739
2740 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2741 ta_crypt_cmd_allocate_transient_object(c, &session,
2742 ae_cases[n].key_type,
2743 key_attr.content.ref.length * 8,
2744 &key_handle)))
2745 goto out;
2746
2747 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2748 ta_crypt_cmd_populate_transient_object(c, &session,
2749 key_handle, &key_attr, 1)))
2750 goto out;
2751
2752 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2753 ta_crypt_cmd_set_operation_key(c, &session, op,
2754 key_handle)))
2755 goto out;
2756
2757 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2758 ta_crypt_cmd_free_transient_object(c, &session,
2759 key_handle)))
2760 goto out;
2761 key_handle = TEE_HANDLE_NULL;
2762
2763 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2764 ta_crypt_cmd_ae_init(c, &session, op, ae_cases[n].nonce,
2765 ae_cases[n].nonce_len, ae_cases[n].tag_len,
2766 ae_cases[n].aad_len, ae_cases[n].ptx_len)))
2767 goto out;
2768
2769 if (ae_cases[n].aad != NULL) {
2770 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2771 ta_crypt_cmd_ae_update_aad(c, &session, op,
2772 ae_cases[n].aad, ae_cases[n].aad_incr)))
2773 goto out;
2774
2775 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2776 ta_crypt_cmd_ae_update_aad(c, &session, op,
2777 ae_cases[n].aad + ae_cases[n].aad_incr,
2778 ae_cases [n].aad_len -
2779 ae_cases[n].aad_incr)))
2780 goto out;
2781 }
2782
2783 out_offs = 0;
2784 out_size = sizeof(out);
2785 memset(out, 0, sizeof(out));
2786 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2787 if (ae_cases[n].ptx != NULL) {
2788 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2789 ta_crypt_cmd_ae_update(c, &session, op,
2790 ae_cases[n].ptx,
2791 ae_cases[n].in_incr, out,
2792 &out_size)))
2793 goto out;
2794 out_offs += out_size;
2795 }
2796 } else {
2797 if (ae_cases[n].ctx != NULL) {
2798 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2799 ta_crypt_cmd_ae_update(c, &session, op,
2800 ae_cases[n].ctx,
2801 ae_cases[n].in_incr, out,
2802 &out_size)))
2803 goto out;
2804 out_offs += out_size;
2805 }
2806 }
2807
2808 out_size = sizeof(out) - out_offs;
2809 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2810 uint8_t out_tag[64];
2811 size_t out_tag_len = MIN(sizeof(out_tag),
2812 ae_cases[n].tag_len);
2813
2814 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2815 ta_crypt_cmd_ae_encrypt_final(c, &session, op,
2816 ae_cases[n].ptx + ae_cases[n].in_incr,
2817 ae_cases[n].ptx_len -
2818 ae_cases[n].in_incr,
2819 out + out_offs,
2820 &out_size, out_tag, &out_tag_len)))
2821 goto out;
2822
2823 (void)ADBG_EXPECT_BUFFER(c,
2824 ae_cases[n].tag, ae_cases[n].tag_len, out_tag,
2825 out_tag_len);
2826
2827 out_offs += out_size;
2828
2829 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2830 ae_cases[n].ctx_len, out, out_offs);
2831 } else {
2832 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2833 ta_crypt_cmd_ae_decrypt_final(c, &session, op,
2834 ae_cases[n].ctx + ae_cases[n].in_incr,
2835 ae_cases[n].ctx_len -
2836 ae_cases[n].in_incr,
2837 out + out_offs,
2838 &out_size, ae_cases[n].tag,
2839 ae_cases[n].tag_len)))
2840 goto out;
2841
2842 out_offs += out_size;
2843
2844 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2845 ae_cases[n].ptx_len, out, out_offs);
2846 }
2847
2848 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2849 ta_crypt_cmd_free_operation(c, &session, op)))
2850 goto out;
2851
2852 Do_ADBG_EndSubCase(c, NULL);
2853 }
2854out:
2855 TEEC_CloseSession(&session);
2856}
2857
2858struct xtest_ac_case {
2859 uint32_t algo;
2860 TEE_OperationMode mode;
2861
2862 union {
2863 struct {
2864 const uint8_t *modulus;
2865 size_t modulus_len;
2866
2867 const uint8_t *pub_exp;
2868 size_t pub_exp_len;
2869
2870 const uint8_t *priv_exp;
2871 size_t priv_exp_len;
2872
2873 const uint8_t *prime1; /* q */
2874 size_t prime1_len;
2875 const uint8_t *prime2; /* p */
2876 size_t prime2_len;
2877 const uint8_t *exp1; /* dp */
2878 size_t exp1_len;
2879 const uint8_t *exp2; /* dq */
2880 size_t exp2_len;
2881 const uint8_t *coeff; /* iq */
2882 size_t coeff_len;
2883
2884 int salt_len;
2885 } rsa;
2886 struct {
2887 const uint8_t *prime;
2888 size_t prime_len;
2889 const uint8_t *sub_prime;
2890 size_t sub_prime_len;
2891 const uint8_t *base;
2892 size_t base_len;
2893 const uint8_t *pub_val;
2894 size_t pub_val_len;
2895 const uint8_t *priv_val;
2896 size_t priv_val_len;
2897 } dsa;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2898 struct {
2899 const uint8_t *private;
2900 size_t private_len;
2901 const uint8_t *public_x;
2902 size_t public_x_len;
2903 const uint8_t *public_y;
2904 size_t public_y_len;
2905 } ecdsa;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2906 } params;
2907
2908 const uint8_t *ptx;
2909 size_t ptx_len;
2910 const uint8_t *ctx;
2911 size_t ctx_len;
2912 size_t line;
2913};
2914
2915#define WITHOUT_SALT(x) -1
2916#define WITH_SALT(x) x
2917
2918#define XTEST_AC_CASE(algo, mode, vect, union_params) \
2919 { (algo), (mode), .params = union_params, \
2920 ARRAY(vect ## _ptx), \
2921 ARRAY(vect ## _out), \
2922 __LINE__ }
2923
2924#define XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt) \
2925 { .rsa = { \
2926 ARRAY(vect ## _modulus), \
2927 ARRAY(vect ## _pub_exp), \
2928 ARRAY(vect ## _priv_exp), \
2929 opt_crt_array(vect ## _prime1), \
2930 opt_crt_array(vect ## _prime2), \
2931 opt_crt_array(vect ## _exp1), \
2932 opt_crt_array(vect ## _exp2), \
2933 opt_crt_array(vect ## _coeff), \
2934 opt_salt(vect ## _salt_len) \
2935 } }
2936
2937#define XTEST_AC_RSA_CASE(algo, mode, vect, opt_crt_array, opt_salt) \
2938 XTEST_AC_CASE(algo, mode, vect, \
2939 XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt))
2940
2941#define XTEST_AC_DSA_UNION(vect) \
2942 { .dsa = { \
2943 ARRAY(vect ## _prime), \
2944 ARRAY(vect ## _sub_prime), \
2945 ARRAY(vect ## _base), \
2946 ARRAY(vect ## _pub_val), \
2947 ARRAY(vect ## _priv_val), \
2948 } }
2949
2950#define XTEST_AC_DSA_CASE(algo, mode, vect) \
2951 XTEST_AC_CASE(algo, mode, vect, XTEST_AC_DSA_UNION(vect))
2952
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2953#define XTEST_AC_ECDSA_UNION(vect) \
2954 { .ecdsa = { \
2955 ARRAY(vect ## _private), \
2956 ARRAY(vect ## _public_x), \
2957 ARRAY(vect ## _public_y), \
2958 } }
2959
2960#define XTEST_AC_ECDSA_CASE(algo, mode, vect) \
2961 XTEST_AC_CASE(algo, mode, vect, XTEST_AC_ECDSA_UNION(vect))
2962
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2963static const struct xtest_ac_case xtest_ac_cases[] = {
2964 /* RSA test without crt parameters */
2965 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2966 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
2967 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2968 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
2969 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2970 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
2971 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2972 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
2973 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2974 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
2975 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2976 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
2977 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2978 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
2979 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2980 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
2981 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2982 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
2983 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2984 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
2985 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2986 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
2987 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2988 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
2989
2990 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2991 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
2992 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2993 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
2994
2995 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2996 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
2997 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2998 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
2999 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_SIGN,
3000 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
3001 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_VERIFY,
3002 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
3003 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
3004 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
3005 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
3006 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
3007 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
3008 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
3009 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
3010 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
3011 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
3012 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
3013 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
3014 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
3015
3016 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_VERIFY,
3017 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
3018 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
3019 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
3020 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224, TEE_MODE_VERIFY,
3021 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
3022 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224, TEE_MODE_SIGN,
3023 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
3024 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256, TEE_MODE_VERIFY,
3025 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
3026 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256, TEE_MODE_SIGN,
3027 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
3028 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384, TEE_MODE_VERIFY,
3029 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
3030 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384, TEE_MODE_SIGN,
3031 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
3032 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512, TEE_MODE_VERIFY,
3033 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
3034 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512, TEE_MODE_SIGN,
3035 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
3036
3037 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
3038 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
3039 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
3040 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
3041 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
3042 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
3043 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
3044 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
3045 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
3046 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
3047 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
3048 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
3049
3050 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_DECRYPT,
3051 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
3052 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_ENCRYPT,
3053 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
3054 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_DECRYPT,
3055 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
3056 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_ENCRYPT,
3057 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
3058 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_DECRYPT,
3059 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
3060 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_ENCRYPT,
3061 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
3062
3063 /* RSA test with crt parameters */
3064 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
3065 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
3066 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
3067 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
3068 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
3069 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
3070 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
3071 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
3072 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3073 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
3074 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3075 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
3076 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3077 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
3078 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3079 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
3080 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3081 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
3082 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3083 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
3084 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3085 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
3086 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3087 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
3088 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3089 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
3090 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3091 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
3092 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3093 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
3094 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3095 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
3096 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
3097 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
3098 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
3099 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
3100 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
3101 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
3102 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
3103 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
3104 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
3105 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
3106 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
3107 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
3108
3109 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_VERIFY,
3110 ac_rsassa_vect12, ARRAY, WITH_SALT),
3111 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
3112 ac_rsassa_vect12, ARRAY, WITH_SALT),
3113 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224, TEE_MODE_VERIFY,
3114 ac_rsassa_vect17, ARRAY, WITH_SALT),
3115 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224, TEE_MODE_SIGN,
3116 ac_rsassa_vect17, ARRAY, WITH_SALT),
3117 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256, TEE_MODE_VERIFY,
3118 ac_rsassa_vect13, ARRAY, WITH_SALT),
3119 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256, TEE_MODE_SIGN,
3120 ac_rsassa_vect13, ARRAY, WITH_SALT),
3121 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384, TEE_MODE_VERIFY,
3122 ac_rsassa_vect14, ARRAY, WITH_SALT),
3123 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384, TEE_MODE_SIGN,
3124 ac_rsassa_vect14, ARRAY, WITH_SALT),
3125 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512, TEE_MODE_VERIFY,
3126 ac_rsassa_vect15, ARRAY, WITH_SALT),
3127 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512, TEE_MODE_SIGN,
3128 ac_rsassa_vect15, ARRAY, WITH_SALT),
3129
3130 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
3131 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
3132 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
3133 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
3134 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
3135 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
3136 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
3137 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
3138 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
3139 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
3140 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
3141 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
3142
3143 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_DECRYPT,
3144 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
3145 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_ENCRYPT,
3146 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
3147 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_DECRYPT,
3148 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
3149 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_ENCRYPT,
3150 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
3151 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_DECRYPT,
3152 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
3153 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_ENCRYPT,
3154 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
3155
3156 /* DSA tests */
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3157 /* [mod = L=1024, N=160, SHA-1] */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3158 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect1),
3159 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect1),
3160 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect2),
3161 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect2),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3162 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect3),
3163 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect3),
3164 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect4),
3165 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect4),
3166 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect5),
3167 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect5),
3168 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect6),
3169 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect6),
3170 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect7),
3171 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect7),
3172 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect8),
3173 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect8),
3174 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect9),
3175 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect9),
3176 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect10),
3177 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect10),
3178 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect11),
3179 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect11),
3180 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect12),
3181 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect12),
3182 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect13),
3183 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect13),
3184 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect14),
3185 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect14),
3186 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect15),
3187 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect15),
3188 /* [mod = L=1024, N=160, SHA-224] - GP NOT SUPPORTED */
3189 /* [mod = L=1024, N=160, SHA-256] - GP NOT SUPPORTED */
3190 /* [mod = L=1024, N=160, SHA-384] - GP NOT SUPPORTED */
3191 /* [mod = L=1024, N=160, SHA-512] - GP NOT SUPPORTED */
3192 /* [mod = L=2048, N=224, SHA-1] - GP NOT SUPPORTED */
3193 /* [mod = L=2048, N=224, SHA-224] */
3194 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect91),
3195 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect91),
3196 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect92),
3197 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect92),
3198 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect93),
3199 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect93),
3200 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect94),
3201 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect94),
3202 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect95),
3203 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect95),
3204 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect96),
3205 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect96),
3206 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect97),
3207 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect97),
3208 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect98),
3209 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect98),
3210 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect99),
3211 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect99),
3212 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect100),
3213 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect100),
3214 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect101),
3215 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect101),
3216 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect102),
3217 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect102),
3218 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect103),
3219 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect103),
3220 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect104),
3221 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect104),
3222 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect105),
3223 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect105),
3224 /* [mod = L=2048, N=224, SHA-256] */
3225 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect106),
3226 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect106),
3227 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect107),
3228 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect107),
3229 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect108),
3230 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect108),
3231 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect109),
3232 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect109),
3233 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect110),
3234 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect110),
3235 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect111),
3236 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect111),
3237 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect112),
3238 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect112),
3239 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect113),
3240 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect113),
3241 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect114),
3242 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect114),
3243 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect115),
3244 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect115),
3245 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect116),
3246 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect116),
3247 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect117),
3248 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect117),
3249 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect118),
3250 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect118),
3251 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect119),
3252 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect119),
3253 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect120),
3254 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect120),
3255 /* [mod = L=2048, N=224, SHA-384] - GP NOT SUPPORTED */
3256 /* [mod = L=2048, N=224, SHA-512] - GP NOT SUPPORTED */
3257 /* [mod = L=2048, N=256, SHA-1] - GP NOT SUPPORTED */
3258 /* [mod = L=2048, N=256, SHA-224] */
3259 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect166),
3260 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect166),
3261 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect167),
3262 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect167),
3263 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect168),
3264 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect168),
3265 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect169),
3266 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect169),
3267 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect170),
3268 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect170),
3269 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect171),
3270 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect171),
3271 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect172),
3272 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect172),
3273 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect173),
3274 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect173),
3275 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect174),
3276 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect174),
3277 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect175),
3278 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect175),
3279 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect176),
3280 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect176),
3281 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect177),
3282 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect177),
3283 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect178),
3284 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect178),
3285 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect179),
3286 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect179),
3287 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect180),
3288 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect180),
3289 /* [mod = L=2048, N=256, SHA-256] */
3290 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect181),
3291 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect181),
3292 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect182),
3293 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect182),
3294 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect183),
3295 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect183),
3296 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect184),
3297 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect184),
3298 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect185),
3299 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect185),
3300 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect186),
3301 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect186),
3302 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect187),
3303 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect187),
3304 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect188),
3305 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect188),
3306 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect189),
3307 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect189),
3308 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect190),
3309 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect190),
3310 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect191),
3311 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect191),
3312 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect192),
3313 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect192),
3314 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect193),
3315 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect193),
3316 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect194),
3317 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect194),
3318 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect195),
3319 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect195),
3320 /* [mod = L=2048, N=256, SHA-384] - GP NOT SUPPORTED */
3321 /* [mod = L=2048, N=256, SHA-512] - GP NOT SUPPORTED */
3322 /* [mod = L=3072, N=256, SHA-1] - GP NOT SUPPORTED */
3323 /* [mod = L=3072, N=256, SHA-224] - GP NOT SUPPORTED */
3324 /* [mod = L=3072, N=256, SHA-256] */
3325 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect256),
3326 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect256),
3327 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect257),
3328 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect257),
3329 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect258),
3330 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect258),
3331 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect259),
3332 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect259),
3333 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect260),
3334 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect260),
3335 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect261),
3336 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect261),
3337 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect262),
3338 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect262),
3339 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect263),
3340 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect263),
3341 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect264),
3342 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect264),
3343 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect265),
3344 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect265),
3345 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect266),
3346 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect266),
3347 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect267),
3348 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect267),
3349 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect268),
3350 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect268),
3351 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect269),
3352 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect269),
3353 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect270),
3354 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect270),
3355 /* [mod = L=3072, N=256, SHA-384] - GP NOT SUPPORTED */
3356 /* [mod = L=3072, N=256, SHA-512] - GP NOT SUPPORTED */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3357
3358 /* ECDSA tests */
3359 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3360 ac_ecdsa_vect192),
3361 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3362 ac_ecdsa_vect192),
3363 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3364 ac_ecdsa_vect224),
3365 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3366 ac_ecdsa_vect224),
3367 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3368 ac_ecdsa_vect256),
3369 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3370 ac_ecdsa_vect256),
3371 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3372 ac_ecdsa_vect384),
3373 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3374 ac_ecdsa_vect384),
3375 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3376 ac_ecdsa_vect521),
3377 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3378 ac_ecdsa_vect521),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3379};
3380
3381static bool create_key(ADBG_Case_t *c, TEEC_Session *s,
3382 uint32_t max_key_size, uint32_t key_type,
3383 TEE_Attribute *attrs, size_t num_attrs,
3384 TEE_ObjectHandle *handle)
3385{
3386 size_t n;
3387
3388 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3389 ta_crypt_cmd_allocate_transient_object(c, s, key_type,
3390 max_key_size, handle)))
3391 return false;
3392
3393 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3394 ta_crypt_cmd_populate_transient_object(c, s, *handle, attrs,
3395 num_attrs)))
3396 return false;
3397
3398 for (n = 0; n < num_attrs; n++) {
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3399 uint8_t out[384];
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3400 size_t out_size;
3401
3402 out_size = sizeof(out);
3403 memset(out, 0, sizeof(out));
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3404
3405 if (attrs[n].attributeID == TEE_ATTR_ECC_CURVE)
3406 continue;
3407
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3408 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3409 ta_crypt_cmd_get_object_buffer_attribute(c, s, *handle,
3410 attrs[n].attributeID, out, &out_size)))
3411 return false;
3412
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3413 if (out_size < attrs[n].content.ref.length) {
3414 memmove(out + (attrs[n].content.ref.length - out_size),
3415 out,
3416 attrs[n].content.ref.length);
3417 memset(out, 0, attrs[n].content.ref.length - out_size);
3418 out_size = attrs[n].content.ref.length;
3419 }
3420
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3421 if (!ADBG_EXPECT_BUFFER(c, attrs[n].content.ref.buffer,
3422 attrs[n].content.ref.length, out, out_size))
3423 return false;
3424 }
3425
3426 return true;
3427}
3428
3429static void xtest_tee_test_4006(ADBG_Case_t *c)
3430{
3431 TEEC_Session session = { 0 };
3432 TEE_OperationHandle op = TEE_HANDLE_NULL;
3433 TEE_ObjectHandle priv_key_handle = TEE_HANDLE_NULL;
3434 TEE_ObjectHandle pub_key_handle = TEE_HANDLE_NULL;
3435 TEE_Attribute key_attrs[8];
3436 TEE_Attribute algo_params[1];
3437 size_t num_algo_params;
3438 uint8_t out[512];
3439 size_t out_size;
3440 uint8_t out_enc[512];
3441 size_t out_enc_size;
3442 uint8_t ptx_hash[TEE_MAX_HASH_SIZE];
3443 size_t ptx_hash_size;
3444 size_t max_key_size;
3445 size_t num_key_attrs;
3446 uint32_t ret_orig;
3447 size_t n;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3448 uint32_t curve;
3449 uint32_t hash_algo;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3450
3451 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3452 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
3453 &ret_orig)))
3454 return;
3455
3456 for (n = 0; n < ARRAY_SIZE(xtest_ac_cases); n++) {
3457 const struct xtest_ac_case *tv = xtest_ac_cases + n;
3458
3459 Do_ADBG_BeginSubCase(c, "Asym Crypto case %d algo 0x%x line %d",
3460 (int)n, (unsigned int)tv->algo,
3461 (int)tv->line);
3462
3463 /*
3464 * When signing or verifying we're working with the hash of
3465 * the payload.
3466 */
3467 if (tv->mode == TEE_MODE_VERIFY || tv->mode == TEE_MODE_SIGN) {
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3468 if (TEE_ALG_GET_MAIN_ALG(tv->algo) == TEE_MAIN_ALGO_ECDSA)
3469 hash_algo = TEE_ALG_SHA1;
3470 else
3471 hash_algo = TEE_ALG_HASH_ALGO(
3472 TEE_ALG_GET_DIGEST_HASH(tv->algo));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3473
3474 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3475 ta_crypt_cmd_allocate_operation(c, &session,
3476 &op, hash_algo, TEE_MODE_DIGEST, 0)))
3477 goto out;
3478
3479 ptx_hash_size = sizeof(ptx_hash);
3480 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3481 ta_crypt_cmd_digest_do_final(c, & session, op,
3482 tv->ptx, tv->ptx_len, ptx_hash,
3483 &ptx_hash_size)))
3484 goto out;
3485
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3486 /*
3487 * When we use DSA algorithms, the size of the hash we
3488 * consider equals the min between the size of the
3489 * "subprime" in the key and the size of the hash
3490 */
3491 if (TEE_ALG_GET_MAIN_ALG(tv->algo) ==
3492 TEE_MAIN_ALGO_DSA) {
3493 if (tv->params.dsa.sub_prime_len <=
3494 ptx_hash_size)
3495 ptx_hash_size =
3496 tv->params.dsa.sub_prime_len;
3497 }
3498
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3499 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3500 ta_crypt_cmd_free_operation(c, &session, op)))
3501 goto out;
3502 }
3503
3504 num_algo_params = 0;
3505 num_key_attrs = 0;
3506 switch (TEE_ALG_GET_MAIN_ALG(tv->algo)) {
3507 case TEE_MAIN_ALGO_RSA:
3508 if (tv->params.rsa.salt_len > 0) {
3509 algo_params[0].attributeID =
3510 TEE_ATTR_RSA_PSS_SALT_LENGTH;
3511 algo_params[0].content.value.a =
3512 tv->params.rsa.salt_len;
3513 algo_params[0].content.value.b = 0;
3514 num_algo_params = 1;
3515 }
3516
3517 max_key_size = tv->params.rsa.modulus_len * 8;
3518
3519 xtest_add_attr(&num_key_attrs, key_attrs,
3520 TEE_ATTR_RSA_MODULUS,
3521 tv->params.rsa.modulus,
3522 tv->params.rsa.modulus_len);
3523 xtest_add_attr(&num_key_attrs, key_attrs,
3524 TEE_ATTR_RSA_PUBLIC_EXPONENT,
3525 tv->params.rsa.pub_exp,
3526 tv->params.rsa.pub_exp_len);
3527
3528 if (!ADBG_EXPECT_TRUE(c,
3529 create_key(c, &session,
3530 max_key_size,
3531 TEE_TYPE_RSA_PUBLIC_KEY,
3532 key_attrs,
3533 num_key_attrs,
3534 &pub_key_handle)))
3535 goto out;
3536
3537 xtest_add_attr(&num_key_attrs, key_attrs,
3538 TEE_ATTR_RSA_PRIVATE_EXPONENT,
3539 tv->params.rsa.priv_exp,
3540 tv->params.rsa.priv_exp_len);
3541
3542 if (tv->params.rsa.prime1_len != 0) {
3543 xtest_add_attr(&num_key_attrs, key_attrs,
3544 TEE_ATTR_RSA_PRIME1,
3545 tv->params.rsa.prime1,
3546 tv->params.rsa.prime1_len);
3547 }
3548
3549 if (tv->params.rsa.prime2_len != 0) {
3550 xtest_add_attr(&num_key_attrs, key_attrs,
3551 TEE_ATTR_RSA_PRIME2,
3552 tv->params.rsa.prime2,
3553 tv->params.rsa.prime2_len);
3554 }
3555
3556 if (tv->params.rsa.exp1_len != 0) {
3557 xtest_add_attr(&num_key_attrs, key_attrs,
3558 TEE_ATTR_RSA_EXPONENT1,
3559 tv->params.rsa.exp1,
3560 tv->params.rsa.exp1_len);
3561 }
3562
3563 if (tv->params.rsa.exp2_len != 0) {
3564 xtest_add_attr(&num_key_attrs, key_attrs,
3565 TEE_ATTR_RSA_EXPONENT2,
3566 tv->params.rsa.exp2,
3567 tv->params.rsa.exp2_len);
3568 }
3569
3570 if (tv->params.rsa.coeff_len != 0) {
3571 xtest_add_attr(&num_key_attrs, key_attrs,
3572 TEE_ATTR_RSA_COEFFICIENT,
3573 tv->params.rsa.coeff,
3574 tv->params.rsa.coeff_len);
3575 }
3576
3577 if (!ADBG_EXPECT_TRUE(c,
3578 create_key(c, &session,
3579 max_key_size,
3580 TEE_TYPE_RSA_KEYPAIR,
3581 key_attrs,
3582 num_key_attrs,
3583 &priv_key_handle)))
3584 goto out;
3585 break;
3586
3587 case TEE_MAIN_ALGO_DSA:
3588 max_key_size = tv->params.dsa.prime_len * 8;
3589
3590 xtest_add_attr(&num_key_attrs, key_attrs,
3591 TEE_ATTR_DSA_PRIME,
3592 tv->params.dsa.prime,
3593 tv->params.dsa.prime_len);
3594 xtest_add_attr(&num_key_attrs, key_attrs,
3595 TEE_ATTR_DSA_SUBPRIME,
3596 tv->params.dsa.sub_prime,
3597 tv->params.dsa.sub_prime_len);
3598 xtest_add_attr(&num_key_attrs, key_attrs,
3599 TEE_ATTR_DSA_BASE,
3600 tv->params.dsa.base,
3601 tv->params.dsa.base_len);
3602 xtest_add_attr(&num_key_attrs, key_attrs,
3603 TEE_ATTR_DSA_PUBLIC_VALUE,
3604 tv->params.dsa.pub_val,
3605 tv->params.dsa.pub_val_len);
3606
3607 if (!ADBG_EXPECT_TRUE(c,
3608 create_key(c, &session, max_key_size,
3609 TEE_TYPE_DSA_PUBLIC_KEY, key_attrs,
3610 num_key_attrs, &pub_key_handle)))
3611 goto out;
3612
3613 xtest_add_attr(&num_key_attrs, key_attrs,
3614 TEE_ATTR_DSA_PRIVATE_VALUE,
3615 tv->params.dsa.priv_val,
3616 tv->params.dsa.priv_val_len);
3617
3618 if (!ADBG_EXPECT_TRUE(c,
3619 create_key(c, &session, max_key_size,
3620 TEE_TYPE_DSA_KEYPAIR, key_attrs,
3621 num_key_attrs, &priv_key_handle)))
3622 goto out;
3623 break;
3624
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3625 case TEE_MAIN_ALGO_ECDSA:
3626 switch (tv->algo) {
3627 case TEE_ALG_ECDSA_P192:
3628 curve = TEE_ECC_CURVE_NIST_P192;
3629 break;
3630 case TEE_ALG_ECDSA_P224:
3631 curve = TEE_ECC_CURVE_NIST_P224;
3632 break;
3633 case TEE_ALG_ECDSA_P256:
3634 curve = TEE_ECC_CURVE_NIST_P256;
3635 break;
3636 case TEE_ALG_ECDSA_P384:
3637 curve = TEE_ECC_CURVE_NIST_P384;
3638 break;
3639 case TEE_ALG_ECDSA_P521:
3640 curve = TEE_ECC_CURVE_NIST_P521;
3641 break;
3642 default:
3643 curve = 0xFF;
3644 break;
3645 }
3646
3647 if (tv->algo == TEE_ALG_ECDSA_P521)
3648 max_key_size = 521;
3649 else
3650 max_key_size = tv->params.ecdsa.private_len * 8;
3651
3652 xtest_add_attr_value(&num_key_attrs, key_attrs,
3653 TEE_ATTR_ECC_CURVE, curve, 0);
3654 xtest_add_attr(&num_key_attrs, key_attrs,
3655 TEE_ATTR_ECC_PUBLIC_VALUE_X,
3656 tv->params.ecdsa.public_x,
3657 tv->params.ecdsa.public_x_len);
3658 xtest_add_attr(&num_key_attrs, key_attrs,
3659 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
3660 tv->params.ecdsa.public_y,
3661 tv->params.ecdsa.public_y_len);
3662
3663 if (!ADBG_EXPECT_TRUE(c,
3664 create_key(c, &session, max_key_size,
3665 TEE_TYPE_ECDSA_PUBLIC_KEY, key_attrs,
3666 num_key_attrs, &pub_key_handle)))
3667 goto out;
3668
3669 xtest_add_attr(&num_key_attrs, key_attrs,
3670 TEE_ATTR_ECC_PRIVATE_VALUE,
3671 tv->params.ecdsa.private,
3672 tv->params.ecdsa.private_len);
3673
3674 if (!ADBG_EXPECT_TRUE(c,
3675 create_key(c, &session, max_key_size,
3676 TEE_TYPE_ECDSA_KEYPAIR, key_attrs,
3677 num_key_attrs, &priv_key_handle)))
3678 goto out;
3679 break;
3680
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3681 default:
3682 ADBG_EXPECT_TRUE(c, false);
3683 goto out;
3684 }
3685
3686 out_size = sizeof(out);
3687 memset(out, 0, sizeof(out));
3688 switch (tv->mode) {
3689 case TEE_MODE_ENCRYPT:
3690 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3691 ta_crypt_cmd_allocate_operation(c, &session,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3692 &op, tv->algo, TEE_MODE_ENCRYPT,
3693 max_key_size)))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3694 goto out;
3695
3696 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3697 ta_crypt_cmd_set_operation_key(c, &session, op,
3698 pub_key_handle)))
3699 goto out;
3700
3701 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3702 ta_crypt_cmd_free_transient_object(c, &session,
3703 pub_key_handle)))
3704 goto out;
3705 pub_key_handle = TEE_HANDLE_NULL;
3706
3707 out_enc_size = sizeof(out_enc);
3708 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3709 ta_crypt_cmd_asymmetric_encrypt(c, &session, op,
3710 NULL, 0, tv->ptx, tv->ptx_len, out_enc,
3711 &out_enc_size)))
3712 goto out;
3713
3714 /*
3715 * A PS which is random is added when formatting the
3716 * message internally of the algorithm so we can't
3717 * verify against precomputed values, instead we use the
3718 * decrypt operation to see that output is correct.
3719 */
3720
3721 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3722 ta_crypt_cmd_free_operation(c, &session, op)))
3723 goto out;
3724
3725 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3726 ta_crypt_cmd_allocate_operation(c, &session,
3727 &op, tv->algo, TEE_MODE_DECRYPT,
3728 max_key_size)))
3729 goto out;
3730
3731 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3732 ta_crypt_cmd_set_operation_key(c, &session, op,
3733 priv_key_handle)))
3734 goto out;
3735
3736 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3737 ta_crypt_cmd_free_transient_object(c, &session,
3738 priv_key_handle)))
3739 goto out;
3740
3741 priv_key_handle = TEE_HANDLE_NULL;
3742
3743 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3744 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
3745 NULL, 0, out_enc, out_enc_size, out,
3746 &out_size)))
3747 goto out;
3748
3749 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
3750 out_size);
3751 break;
3752
3753 case TEE_MODE_DECRYPT:
3754 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3755 ta_crypt_cmd_allocate_operation(c, &session,
3756 &op, tv->algo, TEE_MODE_DECRYPT,
3757 max_key_size)))
3758 goto out;
3759
3760 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3761 ta_crypt_cmd_set_operation_key(c, &session, op,
3762 priv_key_handle)))
3763 goto out;
3764
3765 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3766 ta_crypt_cmd_free_transient_object(c, &session,
3767 priv_key_handle)))
3768 goto out;
3769
3770 priv_key_handle = TEE_HANDLE_NULL;
3771
3772 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3773 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
3774 NULL, 0, tv->ctx, tv->ctx_len, out,
3775 &out_size)))
3776 goto out;
3777
3778 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
3779 out_size);
3780 break;
3781
3782 case TEE_MODE_VERIFY:
3783 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3784 ta_crypt_cmd_allocate_operation(c, &session,
3785 &op, tv->algo, TEE_MODE_VERIFY,
3786 max_key_size)))
3787 goto out;
3788
3789 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3790 ta_crypt_cmd_set_operation_key(c, &session, op,
3791 pub_key_handle)))
3792 goto out;
3793
3794 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3795 ta_crypt_cmd_free_transient_object(c, &session,
3796 pub_key_handle)))
3797 goto out;
3798
3799 pub_key_handle = TEE_HANDLE_NULL;
3800
3801 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3802 ta_crypt_cmd_asymmetric_verify(c, &session, op,
3803 algo_params, num_algo_params, ptx_hash,
3804 ptx_hash_size, tv->ctx, tv->ctx_len)))
3805 goto out;
3806 break;
3807
3808 case TEE_MODE_SIGN:
3809 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3810 ta_crypt_cmd_allocate_operation(c, &session,
3811 &op, tv->algo, TEE_MODE_SIGN,
3812 max_key_size)))
3813 goto out;
3814
3815 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3816 ta_crypt_cmd_set_operation_key(c, &session, op,
3817 priv_key_handle)))
3818 goto out;
3819
3820 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3821 ta_crypt_cmd_free_transient_object(c, &session,
3822 priv_key_handle)))
3823 goto out;
3824
3825 priv_key_handle = TEE_HANDLE_NULL;
3826
3827 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3828 ta_crypt_cmd_asymmetric_sign(c, &session, op,
3829 algo_params, num_algo_params, ptx_hash,
3830 ptx_hash_size, out, &out_size)))
3831 goto out;
3832
3833 if (TEE_ALG_GET_CHAIN_MODE(tv->algo) ==
3834 TEE_CHAIN_MODE_PKCS1_PSS_MGF1 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3835 tv->algo == TEE_ALG_DSA_SHA1 ||
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3836 tv->algo == TEE_ALG_DSA_SHA224 ||
3837 tv->algo == TEE_ALG_DSA_SHA256 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3838 TEE_ALG_GET_MAIN_ALG(tv->algo) ==
3839 TEE_MAIN_ALGO_ECDSA) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3840 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3841 ta_crypt_cmd_free_operation(c, &session,
3842 op)))
3843 goto out;
3844 /*
3845 * The salt or K is random so we can't verify
3846 * signing against precomputed values, instead
3847 * we use the verify operation to see that
3848 * output is correct.
3849 */
3850 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3851 ta_crypt_cmd_allocate_operation(c,
3852 &session, &op, tv->algo,
3853 TEE_MODE_VERIFY, max_key_size)))
3854 goto out;
3855
3856 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3857 ta_crypt_cmd_set_operation_key(c,
3858 &session, op, pub_key_handle)))
3859 goto out;
3860
3861 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3862 ta_crypt_cmd_free_transient_object(c,
3863 &session, pub_key_handle)))
3864 goto out;
3865
3866 pub_key_handle = TEE_HANDLE_NULL;
3867
3868 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3869 ta_crypt_cmd_asymmetric_verify(c,
3870 &session, op, algo_params,
3871 num_algo_params, ptx_hash,
3872 ptx_hash_size, out, out_size)))
3873 goto out;
3874 } else {
3875 (void)ADBG_EXPECT_BUFFER(c, tv->ctx,
3876 tv->ctx_len, out,
3877 out_size);
3878 }
3879 break;
3880
3881 default:
3882 break;
3883 }
3884
3885 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3886 ta_crypt_cmd_free_operation(c, &session, op)))
3887 goto out;
3888
3889 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3890 ta_crypt_cmd_free_transient_object(c, &session,
3891 pub_key_handle)))
3892 goto out;
3893 pub_key_handle = TEE_HANDLE_NULL;
3894
3895 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3896 ta_crypt_cmd_free_transient_object(c, &session,
3897 priv_key_handle)))
3898 goto out;
3899
3900 priv_key_handle = TEE_HANDLE_NULL;
3901
3902 Do_ADBG_EndSubCase(c, NULL);
3903 }
3904out:
3905 TEEC_CloseSession(&session);
3906}
3907
3908#define KEY_ATTR(x, y) { #x, (x), y }
3909
3910struct key_attrs {
3911 const char *name;
3912 uint32_t attr;
3913 bool keysize_check;
3914};
3915
3916static bool test_keygen_attributes(ADBG_Case_t *c, TEEC_Session *s,
3917 TEE_ObjectHandle key, uint32_t key_size,
3918 struct key_attrs *attrs, size_t num_attrs)
3919{
3920 uint8_t out[2048];
3921 size_t out_size;
3922 size_t n;
3923 size_t m;
3924
3925 for (m = 0; m < num_attrs; m++) {
3926 if ((attrs[m].attr & TEE_ATTR_BIT_VALUE) == 0) {
3927 out_size = sizeof(out);
3928 memset(out, 0, sizeof(out));
3929 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3930 ta_crypt_cmd_get_object_buffer_attribute(c, s,
3931 key, attrs[m].attr, out, &out_size)))
3932 return false;
3933
3934 if (attrs[m].keysize_check)
3935 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
3936 key_size / 8);
3937
3938 if (out_size > 0) {
3939 /* Check that buffer isn't all zeroes */
3940 for (n = 0; n < out_size; n++)
3941 if (out[n] != 0)
3942 break;
3943 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <,
3944 out_size))
3945 return false;
3946 }
3947 } else {
3948 uint32_t a;
3949 uint32_t b;
3950
3951 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3952 ta_crypt_cmd_get_object_value_attribute(c, s, key,
3953 attrs[m].attr, &a, &b)))
3954 return false;
3955 }
3956 }
3957 return true;
3958}
3959
3960static bool test_secret_value(ADBG_Case_t *c, TEEC_Session *s,
3961 TEE_ObjectHandle key, uint32_t key_size)
3962{
3963 const struct key_attrs attrs[] = {
3964 KEY_ATTR(TEE_ATTR_SECRET_VALUE, true),
3965 };
3966
3967 return test_keygen_attributes(c, s, key, key_size,
3968 (struct key_attrs *)&attrs,
3969 ARRAY_SIZE(attrs));
3970}
3971
3972
3973static bool test_rsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
3974 TEE_ObjectHandle key, uint32_t key_size)
3975{
3976 const struct key_attrs attrs[] = {
3977 KEY_ATTR(TEE_ATTR_RSA_MODULUS, true),
3978 KEY_ATTR(TEE_ATTR_RSA_PUBLIC_EXPONENT, false),
3979 KEY_ATTR(TEE_ATTR_RSA_PRIVATE_EXPONENT, false),
3980 KEY_ATTR(TEE_ATTR_RSA_PRIME1, false),
3981 KEY_ATTR(TEE_ATTR_RSA_PRIME2, false),
3982 KEY_ATTR(TEE_ATTR_RSA_EXPONENT1, false),
3983 KEY_ATTR(TEE_ATTR_RSA_EXPONENT2, false),
3984 KEY_ATTR(TEE_ATTR_RSA_COEFFICIENT, false),
3985 };
3986
3987 return test_keygen_attributes(c, s, key, key_size,
3988 (struct key_attrs *)&attrs,
3989 ARRAY_SIZE(attrs));
3990}
3991
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]3992static bool test_ecc_key_pair(ADBG_Case_t *c, TEEC_Session *s,
3993 TEE_ObjectHandle key, uint32_t key_size)
3994{
3995 const struct key_attrs attrs[] = {
3996 KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE, false),
3997 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X , false),
3998 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y , false),
3999 /* KEY_ATTR(TEE_ATTR_ECC_CURVE, false), - do not test */
4000 };
4001
4002 return test_keygen_attributes(c, s, key, key_size,
4003 (struct key_attrs *)&attrs,
4004 ARRAY_SIZE(attrs));
4005}
4006
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4007static bool test_dh_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4008 uint32_t check_keysize,
4009 TEE_ObjectHandle key, uint32_t key_size)
4010{
4011 const struct key_attrs attrs[] = {
4012 KEY_ATTR(TEE_ATTR_DH_PRIME, false),
4013 KEY_ATTR(TEE_ATTR_DH_BASE, false),
4014 KEY_ATTR(TEE_ATTR_DH_PUBLIC_VALUE, false),
4015 KEY_ATTR(TEE_ATTR_DH_PRIVATE_VALUE, check_keysize),
4016 KEY_ATTR(TEE_ATTR_DH_X_BITS, false),
4017 };
4018
4019 return test_keygen_attributes(c, s, key, key_size,
4020 (struct key_attrs *)&attrs,
4021 ARRAY_SIZE(attrs));
4022}
4023
4024static bool test_dsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4025 TEE_ObjectHandle key, uint32_t key_size)
4026{
4027 const struct key_attrs attrs[] = {
4028 KEY_ATTR(TEE_ATTR_DSA_PRIME, true),
4029 KEY_ATTR(TEE_ATTR_DSA_SUBPRIME, false),
4030 KEY_ATTR(TEE_ATTR_DSA_BASE, false),
4031 KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE, false),
4032 KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE, false),
4033 };
4034
4035 return test_keygen_attributes(c, s, key, key_size,
4036 (struct key_attrs *)&attrs,
4037 ARRAY_SIZE(attrs));
4038}
4039
4040static bool generate_and_test_key(ADBG_Case_t *c, TEEC_Session *s,
4041 uint32_t key_type, uint32_t check_keysize,
4042 uint32_t key_size,
4043 TEE_Attribute *params, size_t param_count)
4044{
4045 TEE_ObjectHandle key;
4046 bool ret_val = true;
4047
4048 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4049 ta_crypt_cmd_allocate_transient_object(c, s, key_type, key_size,
4050 &key)))
4051 return false;
4052
4053 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4054 ta_crypt_cmd_generate_key(c, s, key, key_size, params,
4055 param_count)))
4056 return false;
4057
4058 switch (key_type) {
4059 case TEE_TYPE_DES:
4060 case TEE_TYPE_DES3:
4061 ret_val = ADBG_EXPECT_TRUE(c,
4062 test_secret_value(c, s, key,
4063 key_size + key_size / 7));
4064 break;
4065 case TEE_TYPE_AES:
4066 case TEE_TYPE_HMAC_MD5:
4067 case TEE_TYPE_HMAC_SHA1:
4068 case TEE_TYPE_HMAC_SHA224:
4069 case TEE_TYPE_HMAC_SHA256:
4070 case TEE_TYPE_HMAC_SHA384:
4071 case TEE_TYPE_HMAC_SHA512:
4072 case TEE_TYPE_GENERIC_SECRET:
4073 ret_val = ADBG_EXPECT_TRUE(c,
4074 test_secret_value(c, s, key, key_size));
4075 break;
4076
4077 case TEE_TYPE_RSA_KEYPAIR:
4078 ret_val = ADBG_EXPECT_TRUE(c,
4079 test_rsa_key_pair(c, s, key, key_size));
4080 break;
4081
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4082 case TEE_TYPE_ECDSA_KEYPAIR:
4083 case TEE_TYPE_ECDH_KEYPAIR:
4084 ret_val = ADBG_EXPECT_TRUE(c,
4085 test_ecc_key_pair(c, s, key, key_size));
4086 break;
4087
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4088 case TEE_TYPE_DH_KEYPAIR:
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4089 ret_val = ADBG_EXPECT_TRUE(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4090 test_dh_key_pair(c, s, check_keysize, key,
4091 key_size));
4092 break;
4093
4094 case TEE_TYPE_DSA_KEYPAIR:
4095 ret_val = ADBG_EXPECT_TRUE(c,
4096 test_dsa_key_pair(c, s, key, key_size));
4097 break;
4098
4099 default:
4100 ret_val = false;
4101 break;
4102 }
4103
4104 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4105 ta_crypt_cmd_free_transient_object(c, s, key)))
4106 return false;
4107
4108 return ret_val;
4109}
4110
4111static void xtest_test_keygen_noparams(ADBG_Case_t *c, TEEC_Session *session)
4112{
4113 size_t n;
4114 uint32_t key_size;
4115 static const struct {
4116 const char *name;
4117 uint32_t key_type;
4118 uint32_t quanta;
4119 uint32_t min_size;
4120 uint32_t max_size;
4121 } key_types[] = {
4122 { "AES", TEE_TYPE_AES, 64, 128,
4123 256 /* valid sizes 128, 192, 256 */ },
4124 { "DES", TEE_TYPE_DES, 56, 56, 56 /* valid size 56 */ },
4125 { "DES3", TEE_TYPE_DES3, 56, 112,
4126 168 /* valid sizes 112, 168 */ },
4127 { "HMAC-MD5", TEE_TYPE_HMAC_MD5, 8, 64, 512 },
4128 { "HMAC-SHA1", TEE_TYPE_HMAC_SHA1, 8, 80, 512 },
4129 { "HMAC-SHA224", TEE_TYPE_HMAC_SHA224, 8, 112, 512 },
4130 { "HMAC-SHA256", TEE_TYPE_HMAC_SHA256, 8, 192, 1024 },
4131 { "HMAC-SHA384", TEE_TYPE_HMAC_SHA384, 8, 256, 1024 },
4132 { "HMAC-SHA512", TEE_TYPE_HMAC_SHA512, 8, 256, 1024 },
4133 { "Generic secret", TEE_TYPE_GENERIC_SECRET, 8, 128, 4096 },
4134 { "RSA-2048", TEE_TYPE_RSA_KEYPAIR, 1, 2048, 2048 },
4135
4136 /* New tests added to check non-regression of issue #5398 */
4137 { "RSA-256", TEE_TYPE_RSA_KEYPAIR, 1, 256, 256 },
4138 { "RSA-384", TEE_TYPE_RSA_KEYPAIR, 1, 384, 384 },
4139 { "RSA-512", TEE_TYPE_RSA_KEYPAIR, 1, 512, 512 },
4140 { "RSA-640", TEE_TYPE_RSA_KEYPAIR, 1, 640, 640 },
4141 { "RSA-768", TEE_TYPE_RSA_KEYPAIR, 1, 768, 768 },
4142 { "RSA-896", TEE_TYPE_RSA_KEYPAIR, 1, 896, 896 },
4143 { "RSA-1024", TEE_TYPE_RSA_KEYPAIR, 1, 1024, 1024 },
4144 };
4145
4146 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
4147 uint32_t min_size = key_types[n].min_size;
4148 uint32_t max_size = key_types[n].max_size;
4149 uint32_t quanta = key_types[n].quanta;
4150
4151 Do_ADBG_BeginSubCase(c, "Generate %s key", key_types[n].name);
4152
4153 for (key_size = min_size; key_size <= max_size;
4154 key_size += quanta) {
4155 if (!ADBG_EXPECT_TRUE(c,
4156 generate_and_test_key(c, session, key_types
4157 [n].key_type, 1, key_size, NULL, 0)))
4158 break;
4159 }
4160
4161 Do_ADBG_EndSubCase(c, "Generate %s key", key_types[n].name);
4162 }
4163}
4164
4165static void xtest_test_keygen_dh(ADBG_Case_t *c, TEEC_Session *session)
4166{
4167 size_t n;
4168 size_t param_count;
4169 /*
4170 * Note that the key size parameter is not used when creating the keys
4171 * but specifying these sizes make it possible to test the expected size
4172 * of the private value. This also means that the keysize must match the
4173 * size of p or what is specified in private_bits or the equvivalent
4174 * size of the subprime parameter.
4175 */
4176 TEE_Attribute params[4];
4177
4178#define XTEST_DH_GK_DATA(vect) \
4179 ARRAY(vect ## _p), \
4180 ARRAY(vect ## _g), \
4181 &vect ## _private_bits, \
4182 0, 0
4183#define XTEST_DH_GK_DATA_SUBPRIME(vect) \
4184 ARRAY(vect ## _p), \
4185 ARRAY(vect ## _g), \
4186 &vect ## _private_bits, \
4187 ARRAY(vect ## _subprime)
4188 static const struct {
4189 uint32_t key_size;
4190 const uint8_t *p;
4191 size_t p_len;
4192 const uint8_t *g;
4193 size_t g_len;
4194 const uint32_t *private_bits;
4195 const uint8_t *subprime;
4196 size_t subprime_len;
4197 } key_types[] = {
4198 { 256, XTEST_DH_GK_DATA(keygen_dh256) },
4199 { 256, XTEST_DH_GK_DATA(keygen_dh320) },
4200 { 384, XTEST_DH_GK_DATA(keygen_dh384) },
4201 { 256, XTEST_DH_GK_DATA(keygen_dh448) },
4202 { 512, XTEST_DH_GK_DATA(keygen_dh512) },
4203 { 288, XTEST_DH_GK_DATA(keygen_dh576) },
4204 { 640, XTEST_DH_GK_DATA(keygen_dh640) },
4205 { 352, XTEST_DH_GK_DATA(keygen_dh704) },
4206 { 768, XTEST_DH_GK_DATA(keygen_dh768) },
4207 { 416, XTEST_DH_GK_DATA(keygen_dh832) },
4208 { 896, XTEST_DH_GK_DATA(keygen_dh896) },
4209 { 480, XTEST_DH_GK_DATA(keygen_dh960) },
4210 { 1024, XTEST_DH_GK_DATA(keygen_dh1024) },
4211 { 544, XTEST_DH_GK_DATA(keygen_dh1088) },
4212 { 1152, XTEST_DH_GK_DATA(keygen_dh1152) },
4213 { 608, XTEST_DH_GK_DATA(keygen_dh1216) },
4214 { 1280, XTEST_DH_GK_DATA(keygen_dh1280) },
4215 { 672, XTEST_DH_GK_DATA(keygen_dh1344) },
4216 { 1408, XTEST_DH_GK_DATA(keygen_dh1408) },
4217 { 736, XTEST_DH_GK_DATA(keygen_dh1472) },
4218 { 1536, XTEST_DH_GK_DATA(keygen_dh1536) },
4219 { 800, XTEST_DH_GK_DATA(keygen_dh1600) },
4220 { 1664, XTEST_DH_GK_DATA(keygen_dh1664) },
4221 { 864, XTEST_DH_GK_DATA(keygen_dh1728) },
4222 { 1792, XTEST_DH_GK_DATA(keygen_dh1792) },
4223 { 928, XTEST_DH_GK_DATA(keygen_dh1856) },
4224 { 1920, XTEST_DH_GK_DATA(keygen_dh1920) },
4225 { 992, XTEST_DH_GK_DATA(keygen_dh1984) },
4226 { 2048, XTEST_DH_GK_DATA(keygen_dh2048) },
4227 { 256, XTEST_DH_GK_DATA_SUBPRIME(keygen_dh2048_subprime) }
4228 };
4229
4230
4231 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
4232 Do_ADBG_BeginSubCase(c,
4233 "Generate DH key %d bits - Private bits = %d",
4234 key_types[n].key_size,
4235 *key_types[n].private_bits);
4236 param_count = 0;
4237
4238 xtest_add_attr(&param_count, params,
4239 TEE_ATTR_DH_PRIME,
4240 key_types[n].p, key_types[n].p_len);
4241
4242 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4243 key_types[n].g, key_types[n].g_len);
4244
4245 if (key_types[n].private_bits != 0) {
4246 params[param_count].attributeID = TEE_ATTR_DH_X_BITS;
4247
4248 params[param_count].content.value.a =
4249 *key_types[n].private_bits;
4250
4251 params[param_count].content.value.b = 0;
4252 param_count++;
4253 }
4254
4255 if (key_types[n].subprime != 0) {
4256 xtest_add_attr(&param_count, params,
4257 TEE_ATTR_DH_SUBPRIME,
4258 key_types[n].subprime,
4259 key_types[n].subprime_len);
4260 }
4261
4262 if (!ADBG_EXPECT_TRUE(c,
4263 generate_and_test_key(c, session, TEE_TYPE_DH_KEYPAIR,
4264 ((*key_types[n].private_bits) != 0),
4265 key_types[n]. key_size, params, param_count)))
4266 break;
4267
4268 Do_ADBG_EndSubCase(c,
4269 "Generate DH key %d bits - Private bits = %d",
4270 key_types[n].key_size,
4271 *key_types[n].private_bits);
4272 }
4273}
4274
4275static void xtest_test_keygen_dsa(ADBG_Case_t *c, TEEC_Session *session)
4276{
4277 size_t n;
4278 size_t param_count;
4279 TEE_Attribute params[4];
4280
4281#define XTEST_DSA_GK_DATA(vect) \
4282 ARRAY(vect ## _p), \
4283 ARRAY(vect ## _g), \
4284 ARRAY(vect ## _q)
4285 static const struct {
4286 uint32_t key_size;
4287 const uint8_t *prime;
4288 size_t prime_len;
4289 const uint8_t *base;
4290 size_t base_len;
4291 const uint8_t *sub_prime;
4292 size_t sub_prime_len;
4293 } key_types[] = {
4294 { 1024, XTEST_DSA_GK_DATA(keygen_dsa_test1) },
4295 { 512, XTEST_DSA_GK_DATA(keygen_dsa512) },
4296 { 576, XTEST_DSA_GK_DATA(keygen_dsa576) },
4297 { 640, XTEST_DSA_GK_DATA(keygen_dsa640) },
4298 { 704, XTEST_DSA_GK_DATA(keygen_dsa704) },
4299 { 768, XTEST_DSA_GK_DATA(keygen_dsa768) },
4300 { 832, XTEST_DSA_GK_DATA(keygen_dsa832) },
4301 { 896, XTEST_DSA_GK_DATA(keygen_dsa896) },
4302 { 960, XTEST_DSA_GK_DATA(keygen_dsa960) },
4303 { 1024, XTEST_DSA_GK_DATA(keygen_dsa1024) },
4304 };
4305
4306 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
4307 Do_ADBG_BeginSubCase(c, "Generate DSA key %d bits",
4308 key_types[n].key_size);
4309 param_count = 0;
4310
4311
4312 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_PRIME,
4313 key_types[n].prime, key_types[n].prime_len);
4314
4315 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_SUBPRIME,
4316 key_types[n].sub_prime,
4317 key_types[n].sub_prime_len);
4318
4319 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_BASE,
4320 key_types[n].base, key_types[n].base_len);
4321
4322 if (!ADBG_EXPECT_TRUE(c,
4323 generate_and_test_key(c, session, TEE_TYPE_DSA_KEYPAIR,
4324 1, key_types[n]. key_size, params,
4325 param_count)))
4326 break;
4327
4328 Do_ADBG_EndSubCase(c, "Generate DSA key %d bits",
4329 key_types[n].key_size);
4330 }
4331}
4332
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4333static void xtest_test_keygen_ecc(ADBG_Case_t *c, TEEC_Session *session)
4334{
4335 size_t n;
4336 size_t param_count;
4337 TEE_Attribute params[4];
4338
4339 static const struct {
4340 const char *name;
4341 uint32_t algo;
4342 uint32_t curve;
4343 uint32_t key_size;
4344 } key_types[] = {
4345 /* ECDSA */
4346 { "ECDSA-192", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P192, 192 },
4347 { "ECDSA-224", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P224, 224 },
4348 { "ECDSA-256", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P256, 256 },
4349 { "ECDSA-384", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P384, 384 },
4350 { "ECDSA-521", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P521, 521 },
4351
4352 /* ECDH */
4353 { "ECDH-192", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P192, 192 },
4354 { "ECDH-224", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P224, 224 },
4355 { "ECDH-256", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P256, 256 },
4356 { "ECDH-384", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P384, 384 },
4357 { "ECDH-521", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P521, 521 },
4358 };
4359
4360 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
4361 Do_ADBG_BeginSubCase(c, "Generate %s", key_types[n].name);
4362 param_count = 0;
4363
4364 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
4365 key_types[n].curve, 0);
4366
4367 if (!ADBG_EXPECT_TRUE(c,
4368 generate_and_test_key(c, session, key_types[n].algo,
4369 0, key_types[n].key_size, params,
4370 param_count)))
4371 break;
4372
4373 Do_ADBG_EndSubCase(c, "Generate %s", key_types[n].name);
4374 }
4375}
4376
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4377static void xtest_tee_test_4007(ADBG_Case_t *c)
4378{
4379 TEEC_Session session = { 0 };
4380 uint32_t ret_orig;
4381
4382 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4383 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4384 &ret_orig)))
4385 return;
4386
4387 xtest_test_keygen_noparams(c, &session);
4388
4389 xtest_test_keygen_dh(c, &session);
4390
4391 xtest_test_keygen_dsa(c, &session);
4392
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4393 xtest_test_keygen_ecc (c, &session);
4394
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4395 TEEC_CloseSession(&session);
4396}
4397
4398static void xtest_tee_test_4008(ADBG_Case_t *c)
4399{
4400 TEEC_Session session = { 0 };
4401 uint32_t ret_orig;
4402 TEE_OperationHandle op;
4403 TEE_ObjectHandle key_handle;
4404 TEE_ObjectHandle sv_handle;
4405 TEE_Attribute params[4];
4406 size_t param_count = 0;
4407 uint8_t out[2048];
4408 size_t out_size;
4409
4410 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4411 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4412 &ret_orig)))
4413 return;
4414
4415 Do_ADBG_BeginSubCase(c, "Derive DH key success");
4416
4417 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4418 ta_crypt_cmd_allocate_operation(c, &session, &op,
4419 TEE_ALG_DH_DERIVE_SHARED_SECRET, TEE_MODE_DERIVE,
4420 derive_key_max_keysize)))
4421 goto out;
4422
4423 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4424 ta_crypt_cmd_allocate_transient_object(c, & session,
4425 TEE_TYPE_DH_KEYPAIR, derive_key_max_keysize,
4426 &key_handle)))
4427 goto out;
4428
4429 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIME,
4430 ARRAY(derive_key_dh_prime));
4431
4432 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4433 ARRAY(derive_key_dh_base));
4434
4435 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4436 ARRAY(derive_key_dh_public_value));
4437
4438 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIVATE_VALUE,
4439 ARRAY(derive_key_dh_private_value));
4440
4441 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4442 ta_crypt_cmd_populate_transient_object(c, &session, key_handle,
4443 params, param_count)))
4444 goto out;
4445
4446 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4447 ta_crypt_cmd_set_operation_key(c, &session, op, key_handle)))
4448 goto out;
4449
4450 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4451 ta_crypt_cmd_free_transient_object(c, & session, key_handle)))
4452 goto out;
4453
4454 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4455 ta_crypt_cmd_allocate_transient_object(c, &session,
4456 TEE_TYPE_GENERIC_SECRET, derive_key_max_keysize,
4457 &sv_handle)))
4458 goto out;
4459
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4460 /* reuse but reset params and param-count */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4461 param_count = 0;
4462
4463 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4464 ARRAY(derive_key_dh_public_value_2));
4465
4466 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4467 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
4468 param_count)))
4469 goto out;
4470
4471 out_size = sizeof(out);
4472 memset(out, 0, sizeof(out));
4473 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4474 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
4475 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4476 goto out;
4477
4478 if (!ADBG_EXPECT_BUFFER(c, derive_key_dh_shared_secret,
4479 sizeof(derive_key_dh_shared_secret), out,
4480 out_size))
4481 goto out;
4482
4483 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4484 ta_crypt_cmd_free_operation(c, &session, op)))
4485 goto out;
4486
4487 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4488 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
4489 goto out;
4490out:
4491 Do_ADBG_EndSubCase(c, "Derive DH key success");
4492 TEEC_CloseSession(&session);
4493}
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4494
4495static void xtest_tee_test_4009(ADBG_Case_t *c)
4496{
4497 TEEC_Session session = { 0 };
4498 uint32_t ret_orig;
4499 TEE_OperationHandle op;
4500 TEE_ObjectHandle key_handle;
4501 TEE_ObjectHandle sv_handle;
4502 TEE_Attribute params[4];
4503 size_t param_count = 0;
4504 uint8_t out[2048];
4505 size_t out_size;
4506 uint32_t size_bytes;
Peng Fane13ad9b2015-07-21 11:46:26 +0800[diff] [blame]4507 uint32_t i;
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4508 struct derive_key_ecdh_t *pt;
4509
4510 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4511 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4512 &ret_orig)))
4513 return;
4514
4515 for (i = 0; i < ARRAY_SIZE(derive_key_ecdh); i++) {
4516 pt = &derive_key_ecdh[i];
4517
4518 Do_ADBG_BeginSubCase(c, "Derive ECDH key - algo = 0x%x",
4519 pt->algo);
4520 size_bytes = (pt->keysize + 7) / 8;
4521 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4522 ta_crypt_cmd_allocate_operation(c, &session, &op,
4523 pt->algo,
4524 TEE_MODE_DERIVE, pt->keysize)))
4525 goto out;
4526
4527 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4528 ta_crypt_cmd_allocate_transient_object(c, & session,
4529 TEE_TYPE_ECDH_KEYPAIR, pt->keysize,
4530 &key_handle)))
4531 goto out;
4532
4533 param_count = 0;
4534 xtest_add_attr_value(&param_count, params,
4535 TEE_ATTR_ECC_CURVE, pt->curve, 0);
4536 xtest_add_attr(&param_count, params,
4537 TEE_ATTR_ECC_PRIVATE_VALUE,
4538 pt->private, size_bytes);
4539 /*
4540 * The public value is not used. This is why we provide
4541 * another buffer
4542 */
4543 xtest_add_attr(&param_count, params,
4544 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4545 pt->private, size_bytes);
4546 xtest_add_attr(&param_count, params,
4547 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4548 pt->private, size_bytes);
4549
4550 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4551 ta_crypt_cmd_populate_transient_object(c,
4552 &session,
4553 key_handle, params, param_count)))
4554 goto out;
4555
4556 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4557 ta_crypt_cmd_set_operation_key(c, &session, op,
4558 key_handle)))
4559 goto out;
4560
4561 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4562 ta_crypt_cmd_free_transient_object(c, & session,
4563 key_handle)))
4564 goto out;
4565
4566 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4567 ta_crypt_cmd_allocate_transient_object(c, &session,
4568 TEE_TYPE_GENERIC_SECRET, size_bytes * 8,
4569 &sv_handle)))
4570 goto out;
4571
4572 /* reuse but reset params and param-count */
4573 param_count = 0;
4574
4575 xtest_add_attr(&param_count, params,
4576 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4577 pt->public_x, size_bytes);
4578 xtest_add_attr(&param_count, params,
4579 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4580 pt->public_y, size_bytes);
4581
4582 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4583 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
4584 params, param_count)))
4585 goto out;
4586
4587 out_size = sizeof(out);
4588 memset(out, 0, sizeof(out));
4589 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4590 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
4591 sv_handle,
4592 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4593 goto out;
4594
4595 if (!ADBG_EXPECT_BUFFER(c, pt->out, size_bytes,
4596 out, out_size))
4597 goto out;
4598
4599 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4600 ta_crypt_cmd_free_operation(c, &session, op)))
4601 goto out;
4602
4603 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4604 ta_crypt_cmd_free_transient_object(c, &session,
4605 sv_handle)))
4606 goto out;
4607
4608 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x",
4609 pt->algo);
4610 }
4611
4612 goto noerror;
4613
4614out:
4615 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x", pt->algo);
4616
4617noerror:
4618 TEEC_CloseSession(&session);
4619}