TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / c7654961daf246fe04c923a7a3ff7a9a7d660443 / . / host / xtest / xtest_4000.c
blob: 11d3c2ce8f52ac00d8eb60415cc6a2aa2b204ae5 [file] [log] [blame]
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1/*
2 * Copyright (c) 2014, STMicroelectronics International N.V.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License Version 2 as
6 * published by the Free Software Foundation.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 */
13
14#include <stdio.h>
15#include <string.h>
16#include <inttypes.h>
17#include <malloc.h>
18
19#include "xtest_test.h"
20#include "xtest_helpers.h"
21
22#include <tee_api_types.h>
23#include <ta_crypt.h>
24#include <utee_defines.h>
25#include <util.h>
26
27#include <xtest_4000_data.h>
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame^]28#include <nist/186-2ecdsatestvectors.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]29
30#include <assert.h>
31
32static void xtest_tee_test_4001(ADBG_Case_t *Case_p);
33static void xtest_tee_test_4002(ADBG_Case_t *Case_p);
34static void xtest_tee_test_4003_no_xts(ADBG_Case_t *Case_p);
35static void xtest_tee_test_4003_xts(ADBG_Case_t *Case_p);
36static void xtest_tee_test_4004(ADBG_Case_t *Case_p);
37static void xtest_tee_test_4005(ADBG_Case_t *Case_p);
38static void xtest_tee_test_4006(ADBG_Case_t *Case_p);
39static void xtest_tee_test_4007(ADBG_Case_t *Case_p);
40static void xtest_tee_test_4008(ADBG_Case_t *Case_p);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]41static void xtest_tee_test_4009(ADBG_Case_t *Case_p);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]42
43ADBG_CASE_DEFINE(XTEST_TEE_4001, xtest_tee_test_4001,
44 /* Title */
45 "Test TEE Internal API hash operations",
46 /* Short description */
47 "Short description ...",
48 /* Requirement IDs */
49 "TEE-??",
50 /* How to implement */
51 "Description of how to implement ..."
52 );
53
54ADBG_CASE_DEFINE(XTEST_TEE_4002, xtest_tee_test_4002,
55 /* Title */
56 "Test TEE Internal API MAC operations",
57 /* Short description */
58 "Short description ...",
59 /* Requirement IDs */
60 "TEE-??",
61 /* How to implement */
62 "Description of how to implement ..."
63 );
64
65ADBG_CASE_DEFINE(XTEST_TEE_4003_NO_XTS, xtest_tee_test_4003_no_xts,
66 /* Title */
67 "Test TEE Internal API cipher operations without AES XTS",
68 /* Short description */
69 "Short description ...",
70 /* Requirement IDs */
71 "TEE-??",
72 /* How to implement */
73 "Description of how to implement ..."
74 );
75
76ADBG_CASE_DEFINE(XTEST_TEE_4003_XTS, xtest_tee_test_4003_xts,
77 /* Title */
78 "Test TEE Internal API cipher operations for AES XTS",
79 /* Short description */
80 "Short description ...",
81 /* Requirement IDs */
82 "TEE-??",
83 /* How to implement */
84 "Description of how to implement ..."
85 );
86
87ADBG_CASE_DEFINE(XTEST_TEE_4004, xtest_tee_test_4004,
88 /* Title */
89 "Test TEE Internal API get random",
90 /* Short description */
91 "Short description ...",
92 /* Requirement IDs */
93 "TEE-??",
94 /* How to implement */
95 "Description of how to implement ..."
96 );
97
98ADBG_CASE_DEFINE(XTEST_TEE_4005, xtest_tee_test_4005,
99 /* Title */
100 "Test TEE Internal API Authenticated Encryption operations",
101 /* Short description */
102 "Short description ...",
103 /* Requirement IDs */
104 "TEE-??",
105 /* How to implement */
106 "Description of how to implement ..."
107 );
108
109ADBG_CASE_DEFINE(XTEST_TEE_4006, xtest_tee_test_4006,
110 /* Title */
111 "Test TEE Internal API Asymmetric Cipher operations",
112 /* Short description */
113 "Short description ...",
114 /* Requirement IDs */
115 "TEE-??",
116 /* How to implement */
117 "Description of how to implement ..."
118 );
119
120ADBG_CASE_DEFINE(XTEST_TEE_4007, xtest_tee_test_4007,
121 /* Title */
122 "Test TEE Internal API Generate key",
123 /* Short description */
124 "Short description ...",
125 /* Requirement IDs */
126 "TEE-??",
127 /* How to implement */
128 "Description of how to implement ..."
129 );
130
131ADBG_CASE_DEFINE(XTEST_TEE_4008, xtest_tee_test_4008,
132 /* Title */
133 "Test TEE Internal API Derive key",
134 /* Short description */
135 "Short description ...",
136 /* Requirement IDs */
137 "TEE-??",
138 /* How to implement */
139 "Description of how to implement ..."
140 );
141
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]142ADBG_CASE_DEFINE(XTEST_TEE_4009, xtest_tee_test_4009,
143 /* Title */
144 "Test TEE Internal API Derive key ECDH",
145 /* Short description */
146 "Short description ...",
147 /* Requirement IDs */
148 "TEE-??",
149 /* How to implement */
150 "Description of how to implement ..."
151 );
152
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]153static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
154 TEEC_Session *s,
155 void *buf, size_t blen);
156
157static TEEC_Result ta_crypt_cmd_reset_operation(ADBG_Case_t *c, TEEC_Session *s,
158 TEE_OperationHandle oph)
159{
160 TEEC_Result res;
161 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
162 uint32_t ret_orig;
163
164 assert((uintptr_t)oph <= UINT32_MAX);
165 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
166 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
167 TEEC_NONE);
168 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RESET_OPERATION, &op,
169 &ret_orig);
170 if (res != TEEC_SUCCESS) {
171 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
172 ret_orig);
173 }
174 return res;
175}
176
177static TEEC_Result ta_crypt_cmd_copy_operation(ADBG_Case_t *c,
178 TEEC_Session *s,
179 TEE_OperationHandle dst_oph,
180 TEE_OperationHandle src_oph)
181{
182 TEEC_Result res;
183 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
184 uint32_t ret_orig;
185
186 assert((uintptr_t)dst_oph <= UINT32_MAX);
187 op.params[0].value.a = (uint32_t)(uintptr_t)dst_oph;
188
189 assert((uintptr_t)src_oph <= UINT32_MAX);
190 op.params[0].value.b = (uint32_t)(uintptr_t)src_oph;
191 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
192 TEEC_NONE);
193
194 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_COPY_OPERATION, &op,
195 &ret_orig);
196
197 if (res != TEEC_SUCCESS) {
198 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
199 ret_orig);
200 }
201 return res;
202}
203
204static TEEC_Result ta_crypt_cmd_digest_update(ADBG_Case_t *c, TEEC_Session *s,
205 TEE_OperationHandle oph,
206 const void *chunk,
207 size_t chunk_size)
208{
209 TEEC_Result res;
210 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
211 uint32_t ret_orig;
212
213 assert((uintptr_t)oph <= UINT32_MAX);
214 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
215 op.params[1].tmpref.buffer = (void *)chunk;
216 op.params[1].tmpref.size = chunk_size;
217
218 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
219 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
220 TEEC_NONE);
221
222 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_UPDATE, &op, &ret_orig);
223
224 if (res != TEEC_SUCCESS) {
225 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
226 ret_orig);
227 }
228
229 return res;
230}
231
232static TEEC_Result ta_crypt_cmd_digest_do_final(ADBG_Case_t *c, TEEC_Session *s,
233 TEE_OperationHandle oph,
234 const void *chunk,
235 size_t chunk_len, void *hash,
236 size_t *hash_len)
237{
238 TEEC_Result res;
239 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
240 uint32_t ret_orig;
241
242 assert((uintptr_t)oph <= UINT32_MAX);
243 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
244
245 op.params[1].tmpref.buffer = (void *)chunk;
246 op.params[1].tmpref.size = chunk_len;
247
248 op.params[2].tmpref.buffer = (void *)hash;
249 op.params[2].tmpref.size = *hash_len;
250
251 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
252 TEEC_MEMREF_TEMP_INPUT,
253 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
254
255 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_DO_FINAL, &op,
256 &ret_orig);
257
258 if (res != TEEC_SUCCESS) {
259 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
260 ret_orig);
261 }
262
263 if (res == TEEC_SUCCESS)
264 *hash_len = op.params[2].tmpref.size;
265
266 return res;
267}
268
269static TEE_Result ta_crypt_cmd_set_operation_key2(ADBG_Case_t *c,
270 TEEC_Session *s,
271 TEE_OperationHandle oph,
272 TEE_ObjectHandle key1,
273 TEE_ObjectHandle key2)
274{
275 TEEC_Result res;
276 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
277 uint32_t ret_orig;
278
279 assert((uintptr_t)oph <= UINT32_MAX);
280 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
281
282 assert((uintptr_t)key1 <= UINT32_MAX);
283 op.params[0].value.b = (uint32_t)(uintptr_t)key1;
284
285 assert((uintptr_t)key2 <= UINT32_MAX);
286 op.params[1].value.a = (uint32_t)(uintptr_t)key2;
287 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_INPUT,
288 TEEC_NONE, TEEC_NONE);
289
290 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_SET_OPERATION_KEY2, &op,
291 &ret_orig);
292
293 if (res != TEEC_SUCCESS) {
294 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
295 ret_orig);
296 }
297
298 return res;
299}
300
301static TEEC_Result ta_crypt_cmd_mac_init(ADBG_Case_t *c, TEEC_Session *s,
302 TEE_OperationHandle oph,
303 const void *iv, size_t iv_len)
304{
305 TEEC_Result res;
306 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
307 uint32_t ret_orig;
308
309 assert((uintptr_t)oph <= UINT32_MAX);
310 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
311
312 if (iv != NULL) {
313 op.params[1].tmpref.buffer = (void *)iv;
314 op.params[1].tmpref.size = iv_len;
315 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
316 TEEC_MEMREF_TEMP_INPUT,
317 TEEC_NONE, TEEC_NONE);
318 } else {
319 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
320 TEEC_NONE, TEEC_NONE);
321 }
322
323 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_INIT, &op, &ret_orig);
324
325 if (res != TEEC_SUCCESS) {
326 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
327 ret_orig);
328 }
329
330 return res;
331}
332
333static TEEC_Result ta_crypt_cmd_mac_update(ADBG_Case_t *c, TEEC_Session *s,
334 TEE_OperationHandle oph,
335 const void *chunk, size_t chunk_size)
336{
337 TEEC_Result res;
338 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
339 uint32_t ret_orig;
340
341 assert((uintptr_t)oph <= UINT32_MAX);
342 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
343
344 op.params[1].tmpref.buffer = (void *)chunk;
345 op.params[1].tmpref.size = chunk_size;
346
347 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
348 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
349 TEEC_NONE);
350
351 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_UPDATE, &op, &ret_orig);
352
353 if (res != TEEC_SUCCESS) {
354 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
355 ret_orig);
356 }
357
358 return res;
359}
360
361static TEEC_Result ta_crypt_cmd_mac_final_compute(ADBG_Case_t *c,
362 TEEC_Session *s,
363 TEE_OperationHandle oph,
364 const void *chunk,
365 size_t chunk_len,
366 void *hash,
367 size_t *hash_len)
368{
369 TEEC_Result res;
370 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
371 uint32_t ret_orig;
372
373 assert((uintptr_t)oph <= UINT32_MAX);
374 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
375
376 op.params[1].tmpref.buffer = (void *)chunk;
377 op.params[1].tmpref.size = chunk_len;
378
379 op.params[2].tmpref.buffer = (void *)hash;
380 op.params[2].tmpref.size = *hash_len;
381
382 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
383 TEEC_MEMREF_TEMP_INPUT,
384 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
385
386 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPUTE, &op,
387 &ret_orig);
388
389 if (res != TEEC_SUCCESS) {
390 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
391 ret_orig);
392 }
393
394 if (res == TEEC_SUCCESS)
395 *hash_len = op.params[2].tmpref.size;
396
397 return res;
398}
399
400static TEEC_Result ta_crypt_cmd_cipher_init(ADBG_Case_t *c, TEEC_Session *s,
401 TEE_OperationHandle oph,
402 const void *iv, size_t iv_len)
403{
404 TEEC_Result res;
405 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
406 uint32_t ret_orig;
407
408 assert((uintptr_t)oph <= UINT32_MAX);
409 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
410
411 if (iv != NULL) {
412 op.params[1].tmpref.buffer = (void *)iv;
413 op.params[1].tmpref.size = iv_len;
414
415 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
416 TEEC_MEMREF_TEMP_INPUT,
417 TEEC_NONE, TEEC_NONE);
418 } else {
419 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
420 TEEC_NONE, TEEC_NONE);
421 }
422
423 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_INIT, &op, &ret_orig);
424
425 if (res != TEEC_SUCCESS) {
426 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
427 ret_orig);
428 }
429
430 return res;
431}
432
433static TEEC_Result ta_crypt_cmd_cipher_update(ADBG_Case_t *c, TEEC_Session *s,
434 TEE_OperationHandle oph,
435 const void *src, size_t src_len,
436 void *dst, size_t *dst_len)
437{
438 TEEC_Result res;
439 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
440 uint32_t ret_orig;
441
442 assert((uintptr_t)oph <= UINT32_MAX);
443 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
444
445 op.params[1].tmpref.buffer = (void *)src;
446 op.params[1].tmpref.size = src_len;
447
448 op.params[2].tmpref.buffer = dst;
449 op.params[2].tmpref.size = *dst_len;
450
451 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
452 TEEC_MEMREF_TEMP_INPUT,
453 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
454
455 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_UPDATE, &op, &ret_orig);
456
457 if (res != TEEC_SUCCESS) {
458 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
459 ret_orig);
460 }
461
462 if (res == TEEC_SUCCESS)
463 *dst_len = op.params[2].tmpref.size;
464
465 return res;
466}
467
468static TEEC_Result ta_crypt_cmd_cipher_do_final(ADBG_Case_t *c,
469 TEEC_Session *s,
470 TEE_OperationHandle oph,
471 const void *src,
472 size_t src_len,
473 void *dst,
474 size_t *dst_len)
475{
476 TEEC_Result res;
477 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
478 uint32_t ret_orig;
479
480 assert((uintptr_t)oph <= UINT32_MAX);
481 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
482
483 op.params[1].tmpref.buffer = (void *)src;
484 op.params[1].tmpref.size = src_len;
485
486 op.params[2].tmpref.buffer = (void *)dst;
487 op.params[2].tmpref.size = *dst_len;
488
489 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
490 TEEC_MEMREF_TEMP_INPUT,
491 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
492
493 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_DO_FINAL, &op,
494 &ret_orig);
495
496 if (res != TEEC_SUCCESS) {
497 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
498 ret_orig);
499 }
500
501 if (res == TEEC_SUCCESS)
502 *dst_len = op.params[2].tmpref.size;
503
504 return res;
505}
506
507static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
508 TEEC_Session *s,
509 void *buf,
510 size_t blen)
511{
512 TEEC_Result res;
513 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
514 uint32_t ret_orig;
515
516 op.params[0].tmpref.buffer = buf;
517 op.params[0].tmpref.size = blen;
518
519 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE,
520 TEEC_NONE, TEEC_NONE);
521
522 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RANDOM_NUMBER_GENEREATE, &op,
523 &ret_orig);
524
525 if (res != TEEC_SUCCESS) {
526 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
527 ret_orig);
528 }
529
530 (void)ADBG_EXPECT_COMPARE_UNSIGNED(c, blen, ==,
531 op.params[0].tmpref.size);
532 return res;
533}
534
535static TEEC_Result ta_crypt_cmd_ae_init(ADBG_Case_t *c, TEEC_Session *s,
536 TEE_OperationHandle oph,
537 const void *nonce, size_t nonce_len,
538 size_t tag_len, size_t aad_len,
539 size_t payload_len)
540{
541 TEEC_Result res;
542 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
543 uint32_t ret_orig;
544
545 assert((uintptr_t)oph <= UINT32_MAX);
546 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
547 op.params[0].value.b = tag_len;
548
549 op.params[1].tmpref.buffer = (void *)nonce;
550 op.params[1].tmpref.size = nonce_len;
551
552 op.params[2].value.a = aad_len;
553 op.params[2].value.b = payload_len;
554
555 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
556 TEEC_MEMREF_TEMP_INPUT,
Jens Wiklander74a42302015-07-07 01:08:41 +0200[diff] [blame]557 TEEC_VALUE_INPUT, TEEC_NONE);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]558
559 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_INIT, &op, &ret_orig);
560
561 if (res != TEEC_SUCCESS) {
562 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
563 ret_orig);
564 }
565 return res;
566}
567
568static TEEC_Result ta_crypt_cmd_ae_update_aad(ADBG_Case_t *c, TEEC_Session *s,
569 TEE_OperationHandle oph,
570 const void *aad, size_t aad_len)
571{
572 TEEC_Result res;
573 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
574 uint32_t ret_orig;
575
576 assert((uintptr_t)oph <= UINT32_MAX);
577 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
578
579 op.params[1].tmpref.buffer = (void *)aad;
580 op.params[1].tmpref.size = aad_len;
581
582 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
583 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
584 TEEC_NONE);
585
586 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE_AAD, &op, &ret_orig);
587
588 if (res != TEEC_SUCCESS) {
589 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
590 ret_orig);
591 }
592
593 return res;
594}
595
596static TEEC_Result ta_crypt_cmd_ae_update(ADBG_Case_t *c,
597 TEEC_Session *s,
598 TEE_OperationHandle oph,
599 const void *src,
600 size_t src_len,
601 void *dst,
602 size_t *dst_len)
603{
604 TEEC_Result res;
605 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
606 uint32_t ret_orig;
607
608 assert((uintptr_t)oph <= UINT32_MAX);
609 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
610
611 op.params[1].tmpref.buffer = (void *)src;
612 op.params[1].tmpref.size = src_len;
613
614 op.params[2].tmpref.buffer = (void *)dst;
615 op.params[2].tmpref.size = *dst_len;
616
617 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
618 TEEC_MEMREF_TEMP_INPUT,
619 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
620
621 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE, &op, &ret_orig);
622
623 if (res != TEEC_SUCCESS) {
624 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
625 ret_orig);
626 }
627
628 if (res == TEEC_SUCCESS)
629 *dst_len = op.params[2].tmpref.size;
630
631 return res;
632}
633
634static TEEC_Result ta_crypt_cmd_ae_encrypt_final(ADBG_Case_t *c,
635 TEEC_Session *s,
636 TEE_OperationHandle oph,
637 const void *src,
638 size_t src_len, void *dst,
639 size_t *dst_len, void *tag,
640 size_t *tag_len)
641{
642 TEEC_Result res;
643 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
644 uint32_t ret_orig;
645
646 assert((uintptr_t)oph <= UINT32_MAX);
647 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
648
649 op.params[1].tmpref.buffer = (void *)src;
650 op.params[1].tmpref.size = src_len;
651
652 op.params[2].tmpref.buffer = (void *)dst;
653 op.params[2].tmpref.size = *dst_len;
654
655 op.params[3].tmpref.buffer = (void *)tag;
656 op.params[3].tmpref.size = *tag_len;
657
658 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
659 TEEC_MEMREF_TEMP_INPUT,
660 TEEC_MEMREF_TEMP_OUTPUT,
661 TEEC_MEMREF_TEMP_OUTPUT);
662
663 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_ENCRYPT_FINAL, &op,
664 &ret_orig);
665
666 if (res != TEEC_SUCCESS) {
667 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
668 ret_orig);
669 }
670
671 if (res == TEEC_SUCCESS) {
672 *dst_len = op.params[2].tmpref.size;
673 *tag_len = op.params[3].tmpref.size;
674 }
675
676 return res;
677}
678
679static TEEC_Result ta_crypt_cmd_ae_decrypt_final(ADBG_Case_t *c,
680 TEEC_Session *s,
681 TEE_OperationHandle oph,
682 const void *src, size_t src_len,
683 void *dst, size_t *dst_len,
684 const void *tag, size_t tag_len)
685{
686 TEEC_Result res;
687 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
688 uint32_t ret_orig;
689
690 assert((uintptr_t)oph <= UINT32_MAX);
691 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
692
693 op.params[1].tmpref.buffer = (void *)src;
694 op.params[1].tmpref.size = src_len;
695
696 op.params[2].tmpref.buffer = dst;
697 op.params[2].tmpref.size = *dst_len;
698
699 op.params[3].tmpref.buffer = (void *)tag;
700 op.params[3].tmpref.size = tag_len;
701
702 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
703 TEEC_MEMREF_TEMP_INPUT,
704 TEEC_MEMREF_TEMP_OUTPUT,
705 TEEC_MEMREF_TEMP_INPUT);
706
707 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_DECRYPT_FINAL, &op,
708 &ret_orig);
709
710 if (res != TEEC_SUCCESS) {
711 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
712 ret_orig);
713 }
714
715 if (res == TEEC_SUCCESS)
716 *dst_len = op.params[2].tmpref.size;
717
718 return res;
719}
720
721static TEEC_Result ta_crypt_cmd_asymmetric_operate(ADBG_Case_t *c,
722 TEEC_Session *s,
723 TEE_OperationHandle oph,
724 uint32_t cmd,
725 const TEE_Attribute *params,
726 uint32_t paramCount,
727 const void *src,
728 size_t src_len,
729 void *dst,
730 size_t *dst_len)
731{
732 TEEC_Result res;
733 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
734 uint32_t ret_orig;
735 uint8_t *buf;
736 size_t blen;
737
738 res = pack_attrs(params, paramCount, &buf, &blen);
739 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
740 return res;
741
742 assert((uintptr_t)oph <= UINT32_MAX);
743 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
744
745 op.params[1].tmpref.buffer = buf;
746 op.params[1].tmpref.size = blen;
747
748 op.params[2].tmpref.buffer = (void *)src;
749 op.params[2].tmpref.size = src_len;
750
751 op.params[3].tmpref.buffer = dst;
752 op.params[3].tmpref.size = *dst_len;
753
754 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
755 TEEC_MEMREF_TEMP_INPUT,
756 TEEC_MEMREF_TEMP_INPUT,
757 TEEC_MEMREF_TEMP_OUTPUT);
758
759 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
760
761 if (res != TEEC_SUCCESS) {
762 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
763 ret_orig);
764 }
765
766 if (res == TEEC_SUCCESS)
767 *dst_len = op.params[3].tmpref.size;
768
769 free(buf);
770 return res;
771}
772
773static TEEC_Result ta_crypt_cmd_asymmetric_encrypt(ADBG_Case_t *c,
774 TEEC_Session *s,
775 TEE_OperationHandle oph,
776 const TEE_Attribute *params,
777 uint32_t paramCount,
778 const void *src,
779 size_t src_len,
780 void *dst,
781 size_t *dst_len)
782{
783 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
784 TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT,
785 params, paramCount,
786 src, src_len, dst, dst_len);
787}
788
789static TEEC_Result ta_crypt_cmd_asymmetric_decrypt(ADBG_Case_t *c,
790 TEEC_Session *s,
791 TEE_OperationHandle oph,
792 const TEE_Attribute *params,
793 uint32_t paramCount,
794 const void *src,
795 size_t src_len,
796 void *dst,
797 size_t *dst_len)
798{
799 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
800 TA_CRYPT_CMD_ASYMMETRIC_DECRYPT,
801 params, paramCount,
802 src, src_len, dst, dst_len);
803}
804
805static TEEC_Result ta_crypt_cmd_asymmetric_sign(ADBG_Case_t *c,
806 TEEC_Session *s,
807 TEE_OperationHandle oph,
808 const TEE_Attribute *params,
809 uint32_t paramCount,
810 const void *digest,
811 size_t digest_len,
812 void *signature,
813 size_t *signature_len)
814{
815 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
816 TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST, params, paramCount,
817 digest, digest_len, signature, signature_len);
818}
819
820static TEEC_Result ta_crypt_cmd_asymmetric_verify(ADBG_Case_t *c,
821 TEEC_Session *s,
822 TEE_OperationHandle oph,
823 const TEE_Attribute *params,
824 uint32_t paramCount,
825 const void *digest,
826 size_t digest_len,
827 const void *signature,
828 size_t signature_len)
829{
830 TEEC_Result res;
831 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
832 uint32_t ret_orig;
833 uint8_t *buf;
834 size_t blen;
835
836 res = pack_attrs(params, paramCount, &buf, &blen);
837 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
838 return res;
839
840 assert((uintptr_t)oph <= UINT32_MAX);
841 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
842
843 op.params[1].tmpref.buffer = buf;
844 op.params[1].tmpref.size = blen;
845
846 op.params[2].tmpref.buffer = (void *)digest;
847 op.params[2].tmpref.size = digest_len;
848
849 op.params[3].tmpref.buffer = (void *)signature;
850 op.params[3].tmpref.size = signature_len;
851
852 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
853 TEEC_MEMREF_TEMP_INPUT,
854 TEEC_MEMREF_TEMP_INPUT,
855 TEEC_MEMREF_TEMP_INPUT);
856
857 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST,
858 &op, &ret_orig);
859
860 if (res != TEEC_SUCCESS) {
861 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
862 ret_orig);
863 }
864
865 free(buf);
866 return res;
867}
868
869static TEEC_Result ta_crypt_cmd_get_object_value_attribute(ADBG_Case_t *c,
870 TEEC_Session *s,
871 TEE_ObjectHandle o,
872 uint32_t attr_id,
873 uint32_t *valuea,
874 uint32_t *valueb)
875{
876 TEEC_Result res;
877 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
878 uint32_t ret_orig;
879
880 assert((uintptr_t)o <= UINT32_MAX);
881 op.params[0].value.a = (uint32_t)(uintptr_t)o;
882 op.params[0].value.b = attr_id;
883 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_OUTPUT,
884 TEEC_NONE, TEEC_NONE);
885
886 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE,
887 &op, &ret_orig);
888
889 if (res != TEEC_SUCCESS) {
890 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
891 ret_orig);
892 }
893
894 if (res == TEEC_SUCCESS) {
895 *valuea = op.params[1].value.a;
896 *valueb = op.params[1].value.b;
897 }
898
899 return res;
900}
901
902static TEEC_Result ta_crypt_cmd_generate_key(ADBG_Case_t *c,
903 TEEC_Session *s,
904 TEE_ObjectHandle o,
905 uint32_t key_size,
906 const TEE_Attribute *params,
907 uint32_t paramCount)
908{
909 TEEC_Result res;
910 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
911 uint32_t ret_orig;
912 uint8_t *buf;
913 size_t blen;
914
915 res = pack_attrs(params, paramCount, &buf, &blen);
916 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
917 return res;
918
919 assert((uintptr_t)o <= UINT32_MAX);
920 op.params[0].value.a = (uint32_t)(uintptr_t)o;
921 op.params[0].value.b = key_size;
922
923 op.params[1].tmpref.buffer = buf;
924 op.params[1].tmpref.size = blen;
925
926 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
927 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
928 TEEC_NONE);
929
930 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GENERATE_KEY, &op, &ret_orig);
931
932 if (res != TEEC_SUCCESS) {
933 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
934 ret_orig);
935 }
936
937 free(buf);
938 return res;
939}
940
941static const uint8_t hash_data_md5_in1[] = {
942 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
943};
944
945static const uint8_t hash_data_md5_out1[] = {
946 0x61, 0x12, 0x71, 0x83, 0x70, 0x8d, 0x3a, 0xc7,
947 0xf1, 0x9b, 0x66, 0x06, 0xfc, 0xae, 0x7d, 0xf6
948};
949
950static const uint8_t hash_data_sha1_in1[] = {
951 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
952};
953
954static const uint8_t hash_data_sha1_out1[] = {
955 0x4b, 0x98, 0x92, 0xb6, 0x52, 0x72, 0x14, 0xaf,
956 0xc6, 0x55, 0xb8, 0xaa, 0x52, 0xf4, 0xd2, 0x03,
957 0xc1, 0x5e, 0x7c, 0x9c
958};
959
960static const uint8_t hash_data_sha224_in1[] = {
961 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
962};
963
964static const uint8_t hash_data_sha224_out1[] = {
965 0x08, 0x21, 0x69, 0xf9, 0x77, 0x1b, 0x80, 0x15,
966 0xf3, 0x97, 0xae, 0xde, 0x5b, 0xba, 0xa2, 0x72,
967 0x2d, 0x8f, 0x5c, 0x19, 0xfe, 0xd2, 0xe2, 0x68,
968 0x92, 0x49, 0xd8, 0x44
969};
970
971static const uint8_t hash_data_sha256_in1[] = { 'a', 'b', 'c' };
972
973static const uint8_t hash_data_sha256_out1[] = {
974 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
975 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
976 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
977 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
978};
979
980static const uint8_t hash_data_sha256_in2[] = { 'e', 'f', 'g' };
981
982static const uint8_t hash_data_sha256_out2[] = {
983 0xd4, 0xff, 0xe8, 0xe9, 0xee, 0x0b, 0x48, 0xeb,
984 0xa7, 0x16, 0x70, 0x61, 0x23, 0xa7, 0x18, 0x7f,
985 0x32, 0xea, 0xe3, 0xbd, 0xcb, 0x0e, 0x77, 0x63,
986 0xe4, 0x1e, 0x53, 0x32, 0x67, 0xbd, 0x8a, 0x53
987};
988
989
990static const uint8_t hash_data_sha384_in1[] = {
991 'a', 'b', 'c', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
992};
993
994static const uint8_t hash_data_sha384_out1[] = {
995 0x4c, 0xab, 0x80, 0x9d, 0x96, 0x84, 0x01, 0x47,
996 0x67, 0x0a, 0xc1, 0x7a, 0xb6, 0xb9, 0xf7, 0x6e,
997 0x35, 0xa6, 0xb0, 0x8c, 0xf5, 0x2a, 0x3d, 0x64,
998 0x9a, 0x8c, 0x7e, 0x0c, 0x55, 0x45, 0xd3, 0x7d,
999 0x1f, 0x7f, 0x28, 0x34, 0x96, 0x14, 0x44, 0x2a,
1000 0xf5, 0x98, 0xa2, 0x95, 0x24, 0x76, 0x53, 0x97
1001};
1002
1003static const uint8_t hash_data_sha512_in1[] = {
1004 'a', 'b', 'c', 'd', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
1005};
1006
1007static const uint8_t hash_data_sha512_out1[] = {
1008 0x20, 0xd8, 0x64, 0x4f, 0x54, 0xa2, 0x5f, 0x6f,
1009 0x0a, 0xf9, 0xd5, 0x27, 0x7d, 0x17, 0xa8, 0x99,
1010 0x4c, 0x64, 0x3f, 0xd0, 0xf3, 0x83, 0x36, 0xee,
1011 0x93, 0x12, 0x55, 0xcd, 0x2e, 0x12, 0x34, 0xa0,
1012 0xc2, 0xaa, 0xf9, 0xbb, 0x15, 0xc5, 0xe9, 0xfa,
1013 0xf7, 0xa7, 0xda, 0xb8, 0x2f, 0x72, 0xa0, 0x47,
1014 0xe3, 0x02, 0x04, 0xe8, 0xa0, 0x35, 0x0c, 0x96,
1015 0x26, 0xd1, 0xcb, 0x8b, 0x47, 0x45, 0x25, 0xd0
1016};
1017
1018struct xtest_hash_case {
1019 uint32_t algo;
1020 size_t in_incr;
1021 const uint8_t *in;
1022 size_t in_len;
1023 const uint8_t *out;
1024 size_t out_len;
1025};
1026
1027#define XTEST_HASH_CASE(algo, in_incr, in, out) \
1028 { (algo), (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
1029
1030static const struct xtest_hash_case hash_cases[] = {
1031 XTEST_HASH_CASE(TEE_ALG_MD5, 6, hash_data_md5_in1,
1032 hash_data_md5_out1),
1033 XTEST_HASH_CASE(TEE_ALG_SHA1, 3, hash_data_sha1_in1,
1034 hash_data_sha1_out1),
1035 XTEST_HASH_CASE(TEE_ALG_SHA224, 7, hash_data_sha224_in1,
1036 hash_data_sha224_out1),
1037 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in1,
1038 hash_data_sha256_out1),
1039 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in2,
1040 hash_data_sha256_out2),
1041 XTEST_HASH_CASE(TEE_ALG_SHA384, 1, hash_data_sha384_in1,
1042 hash_data_sha384_out1),
1043 XTEST_HASH_CASE(TEE_ALG_SHA512, 1, hash_data_sha512_in1,
1044 hash_data_sha512_out1),
1045};
1046
1047static void xtest_tee_test_4001(ADBG_Case_t *c)
1048{
1049 TEEC_Session session = { 0 };
1050 uint32_t ret_orig;
1051 size_t n;
1052
1053 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1054 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1055 &ret_orig)))
1056 return;
1057
1058
1059 for (n = 0; n < ARRAY_SIZE(hash_cases); n++) {
1060 TEE_OperationHandle op1;
1061 TEE_OperationHandle op2;
1062 uint8_t out[64];
1063 size_t out_size;
1064
1065 Do_ADBG_BeginSubCase(c, "Hash case %d algo 0x%x",
1066 (int)n, (unsigned int)hash_cases[n].algo);
1067
1068 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1069 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1070 hash_cases[n].algo,
1071 TEE_MODE_DIGEST, 0)))
1072 goto out;
1073
1074 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1075 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1076 hash_cases[n].algo,
1077 TEE_MODE_DIGEST, 0)))
1078 goto out;
1079
1080 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1081 ta_crypt_cmd_digest_update(c, &session, op1,
1082 hash_cases[n].in,
1083 hash_cases[n].in_incr)))
1084 goto out;
1085
1086 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1087 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1088 goto out;
1089
1090 out_size = sizeof(out);
1091 memset(out, 0, sizeof(out));
1092 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1093 ta_crypt_cmd_digest_do_final(c, &session, op2,
1094 hash_cases[n].in + hash_cases[n].in_incr,
1095 hash_cases[n].in_len - hash_cases[n].in_incr,
1096 out, &out_size)))
1097 goto out;
1098
1099 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1100 hash_cases[n].out_len, out, out_size);
1101
1102 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1103 ta_crypt_cmd_reset_operation(c, &session, op1)))
1104 goto out;
1105
1106 out_size = sizeof(out);
1107 memset(out, 0, sizeof(out));
1108 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1109 ta_crypt_cmd_digest_do_final(c, &session, op1,
1110 hash_cases[n].in,
1111 hash_cases[n].in_len, out,
1112 &out_size)))
1113 goto out;
1114
1115 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1116 hash_cases[n].out_len, out, out_size);
1117
Jerome Forissier1e05e262015-07-29 16:09:07 +0200[diff] [blame]1118 /*
1119 * Invoke TEE_DigestDoFinal() a second time to check that state
1120 * was properly reset
1121 */
1122 out_size = sizeof(out);
1123 memset(out, 0, sizeof(out));
1124 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1125 ta_crypt_cmd_digest_do_final(c, &session, op1,
1126 hash_cases[n].in,
1127 hash_cases[n].in_len, out,
1128 &out_size)))
1129 goto out;
1130
1131 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1132 hash_cases[n].out_len, out, out_size);
1133
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1134 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1135 ta_crypt_cmd_free_operation(c, &session, op1)))
1136 goto out;
1137
1138 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1139 ta_crypt_cmd_free_operation(c, &session, op2)))
1140 goto out;
1141
1142 Do_ADBG_EndSubCase(c, NULL);
1143 }
1144
1145out:
1146 TEEC_CloseSession(&session);
1147}
1148
1149static const uint8_t mac_data_md5_key1[10] = {
1150 0x6B, 0x65, 0x79, /* key */
1151};
1152
1153static const uint8_t mac_data_md5_in1[] = {
1154 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1155 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1156 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1157 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1158 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1159 0x64, 0x6F, 0x67, /* dog */
1160};
1161
1162static const uint8_t mac_data_md5_out1[] = {
1163 0x80, 0x07, 0x07, 0x13, 0x46, 0x3e, 0x77, 0x49,
1164 0xb9, 0x0c, 0x2d, 0xc2, 0x49, 0x11, 0xe2, 0x75
1165};
1166
1167
1168/* generated with scripts/digest_hmac.pl */
1169static const uint8_t mac_data_sha1_key1[10] = {
1170 0x6B, 0x65, 0x79, /* key */
1171};
1172
1173static const uint8_t mac_data_sha1_in1[] = {
1174 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1175 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1176 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1177 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1178 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1179 0x64, 0x6F, 0x67, /* dog */
1180};
1181
1182static const uint8_t mac_data_sha1_out1[] = {
1183 0xDE, 0x7C, 0x9B, 0x85, 0xB8, 0xB7, 0x8A, 0xA6, /* .|...... */
1184 0xBC, 0x8A, 0x7A, 0x36, 0xF7, 0x0A, 0x90, 0x70, /* ..z6...p */
1185 0x1C, 0x9D, 0xB4, 0xD9, /* .... */
1186};
1187
1188static const uint8_t mac_data_sha224_key1[24] = {
1189 0x6B, 0x65, 0x79, /* key */
1190};
1191
1192static const uint8_t mac_data_sha224_in1[] = {
1193 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1194 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1195 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1196 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1197 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1198 0x64, 0x6F, 0x67, /* dog */
1199};
1200
1201static const uint8_t mac_data_sha224_out1[] = {
1202 0x88, 0xFF, 0x8B, 0x54, 0x67, 0x5D, 0x39, 0xB8, /* ...Tg]9. */
1203 0xF7, 0x23, 0x22, 0xE6, 0x5F, 0xF9, 0x45, 0xC5, /* .#"._.E. */
1204 0x2D, 0x96, 0x37, 0x99, 0x88, 0xAD, 0xA2, 0x56, /* -.7....V */
1205 0x39, 0x74, 0x7E, 0x69, /* 9t~i */
1206};
1207
1208
1209static const uint8_t mac_data_sha256_key1[24] = {
1210 'Q', 'W', 'E', 'R', 'T', 'Y'
1211};
1212
1213static const uint8_t mac_data_sha256_in1[] = { 'a', 'b', 'c' };
1214
1215static const uint8_t mac_data_sha256_out1[] = {
1216 0xee, 0x2e, 0x5d, 0x9b, 0x51, 0xe2, 0x9c, 0x1d,
1217 0x49, 0xe9, 0xae, 0x6f, 0x0a, 0xcc, 0x15, 0x18,
1218 0xde, 0x1e, 0xa3, 0x88, 0x8e, 0xee, 0x48, 0xbb,
1219 0x82, 0x77, 0xe9, 0x09, 0x74, 0x4b, 0xa2, 0xf2
1220};
1221
1222/* generated with scripts/digest_hmac.pl */
1223static const uint8_t mac_data_sha256_key2[24] = {
1224 0x6B, 0x65, 0x79, /* key */
1225};
1226
1227static const uint8_t mac_data_sha256_in2[] = {
1228 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1229 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1230 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1231 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1232 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1233 0x64, 0x6F, 0x67, /* dog */
1234};
1235
1236static const uint8_t mac_data_sha256_out2[] = {
1237 0xF7, 0xBC, 0x83, 0xF4, 0x30, 0x53, 0x84, 0x24, /* ....0S.$ */
1238 0xB1, 0x32, 0x98, 0xE6, 0xAA, 0x6F, 0xB1, 0x43, /* .2...o.C */
1239 0xEF, 0x4D, 0x59, 0xA1, 0x49, 0x46, 0x17, 0x59, /* .MY.IF.Y */
1240 0x97, 0x47, 0x9D, 0xBC, 0x2D, 0x1A, 0x3C, 0xD8, /* .G..-.<. */
1241};
1242
1243static const uint8_t mac_data_sha384_key1[32] = {
1244 0x6B, 0x65, 0x79, /* key */
1245};
1246
1247static const uint8_t mac_data_sha384_in1[] = {
1248 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1249 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1250 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1251 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1252 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1253 0x64, 0x6F, 0x67, /* dog */
1254};
1255
1256static const uint8_t mac_data_sha384_out1[] = {
1257 0xD7, 0xF4, 0x72, 0x7E, 0x2C, 0x0B, 0x39, 0xAE, /* ..r~, .9. */
1258 0x0F, 0x1E, 0x40, 0xCC, 0x96, 0xF6, 0x02, 0x42, /* ..@....B */
1259 0xD5, 0xB7, 0x80, 0x18, 0x41, 0xCE, 0xA6, 0xFC, /* ....A... */
1260 0x59, 0x2C, 0x5D, 0x3E, 0x1A, 0xE5, 0x07, 0x00, /* Y, ]>.... */
1261 0x58, 0x2A, 0x96, 0xCF, 0x35, 0xE1, 0xE5, 0x54, /* X...5..T */
1262 0x99, 0x5F, 0xE4, 0xE0, 0x33, 0x81, 0xC2, 0x37, /* ._..3..7 */
1263};
1264
1265static const uint8_t mac_data_sha512_key1[32] = {
1266 0x6B, 0x65, 0x79, /* key */
1267};
1268
1269static const uint8_t mac_data_sha512_in1[] = {
1270 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1271 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1272 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1273 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1274 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1275 0x64, 0x6F, 0x67, /* dog */
1276};
1277
1278static const uint8_t mac_data_sha512_out1[] = {
1279 0xB4, 0x2A, 0xF0, 0x90, 0x57, 0xBA, 0xC1, 0xE2, /* ....W... */
1280 0xD4, 0x17, 0x08, 0xE4, 0x8A, 0x90, 0x2E, 0x09, /* ........ */
1281 0xB5, 0xFF, 0x7F, 0x12, 0xAB, 0x42, 0x8A, 0x4F, /* .....B.O */
1282 0xE8, 0x66, 0x53, 0xC7, 0x3D, 0xD2, 0x48, 0xFB, /* .fS.=.H. */
1283 0x82, 0xF9, 0x48, 0xA5, 0x49, 0xF7, 0xB7, 0x91, /* ..H.I... */
1284 0xA5, 0xB4, 0x19, 0x15, 0xEE, 0x4D, 0x1E, 0xC3, /* .....M.. */
1285 0x93, 0x53, 0x57, 0xE4, 0xE2, 0x31, 0x72, 0x50, /* .SW..1rP */
1286 0xD0, 0x37, 0x2A, 0xFA, 0x2E, 0xBE, 0xEB, 0x3A, /* .7.....: */
1287};
1288
1289
1290/* AES-CBC-MAC */
1291static const uint8_t mac_cbc_vect1_key[] = {
1292 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1293 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1294};
1295
1296static const uint8_t mac_cbc_vect1_data[] = {
1297 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1298 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1299 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1300 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1301 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1302 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1303 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1304 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1305 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1306 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1307 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1308 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1309 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1310 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1311 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1312 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1313 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1314 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1315 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1316 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1317};
1318
1319static const uint8_t mac_cbc_vect1_out[] = {
1320 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1321 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1322};
1323
1324/* DES-CBC-MAC */
1325static const uint8_t mac_cbc_vect2_key[] = {
1326 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1327};
1328
1329#define mac_cbc_vect2_data mac_cbc_vect1_data
1330static const uint8_t mac_cbc_vect2_out[] = {
1331 0xE9, 0x41, 0x46, 0x30, 0x69, 0x32, 0xBD, 0xD6, /* .AF0i2.. */
1332};
1333
1334/* DES3-CBC-MAC */
1335static const uint8_t mac_cbc_vect3_key[] = {
1336 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1337 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1338 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1339};
1340
1341#define mac_cbc_vect3_data mac_cbc_vect2_data
1342static const uint8_t mac_cbc_vect3_out[] = {
1343 0x1C, 0x17, 0xB7, 0xB5, 0x9F, 0x54, 0x9C, 0x63, /* .....T.c */
1344};
1345
1346/* AES-CBC-MAC PKCS#5 pad*/
1347static const uint8_t mac_cbc_vect4_key[] = {
1348 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1349 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1350 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1351 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1352};
1353
1354#define mac_cbc_vect4_data mac_cbc_vect1_data
1355static const uint8_t mac_cbc_vect4_out[] = {
1356 0x0B, 0x46, 0xC7, 0xA2, 0xE1, 0x5A, 0xE2, 0x23, /* .F...Z.# */
1357 0x83, 0x34, 0x1C, 0x86, 0x53, 0xF8, 0x51, 0x24, /* .4..S.Q$ */
1358};
1359
1360/* DES-CBC-MAC PKCS#5 pad*/
1361static const uint8_t mac_cbc_vect5_key[] = {
1362 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1363};
1364
1365#define mac_cbc_vect5_data mac_cbc_vect1_data
1366static const uint8_t mac_cbc_vect5_out[] = {
1367 0x30, 0x81, 0x4F, 0x42, 0x03, 0x7E, 0xD8, 0xA9, /* 0.OB.~.. */
1368};
1369
1370/* DES3-CBC-MAC PKCS#5 pad*/
1371static const uint8_t mac_cbc_vect6_key[] = {
1372 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1373 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1374 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1375};
1376
1377#define mac_cbc_vect6_data mac_cbc_vect1_data
1378static const uint8_t mac_cbc_vect6_out[] = {
1379 0x6E, 0x37, 0x6E, 0x14, 0x5E, 0x21, 0xDD, 0xF8, /* n7n.^!.. */
1380};
1381
1382/* AES-CBC-MAC PKCS#5 pad*/
1383#define mac_cbc_vect7_key mac_cbc_vect4_key
1384static const uint8_t mac_cbc_vect7_data[] = {
1385 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1386 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1387 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1388 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1389 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1390 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1391 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1392 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1393 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1394 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1395 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1396 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1397 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1398 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1399 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1400 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1401 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1402 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1403 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1404 0x74, 0x69, 0x6F, 0x6E, 0x2E, /* tion. */
1405};
1406
1407static const uint8_t mac_cbc_vect7_out[] = {
1408 0xFD, 0x89, 0x35, 0xB3, 0x93, 0x7F, 0xBB, 0xA2, /* ..5..... */
1409 0xFB, 0x65, 0x60, 0xC4, 0x0A, 0x62, 0xA0, 0xF9, /* .e`..b.. */
1410};
1411
1412/* DES-CBC-MAC PKCS#5 pad*/
1413#define mac_cbc_vect8_key mac_cbc_vect5_key
1414#define mac_cbc_vect8_data mac_cbc_vect7_data
1415static const uint8_t mac_cbc_vect8_out[] = {
1416 0x02, 0x2A, 0xA8, 0x2E, 0x47, 0xC6, 0xBB, 0x7C, /* ....G..| */
1417};
1418
1419/* DES3-CBC-MAC PKCS#5 pad*/
1420#define mac_cbc_vect9_key mac_cbc_vect6_key
1421#define mac_cbc_vect9_data mac_cbc_vect7_data
1422static const uint8_t mac_cbc_vect9_out[] = {
1423 0xD4, 0xF7, 0x3E, 0x27, 0x78, 0x0E, 0x1C, 0x79, /* ..>'x..y */
1424};
1425
1426/*
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1427 * DES3-CBC-MAC, with key size of 112bit
1428 * out obtained with:
1429 * echo -n "Cipher block chaining (CBC) is a common chaining mode in which the previous block's ciphertext is xored with the current block's plaintext before encryption...."|openssl enc -iv 0 -des3 -K 303132333435363738394142434445463031323334353637 |xxd
1430 */
1431/* DES3-CBC-MAC PKCS#5 pad*/
1432static const uint8_t mac_cbc_vect10_key[] = {
1433 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1434 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1435};
1436#define mac_cbc_vect10_data mac_cbc_vect1_data
1437static const uint8_t mac_cbc_vect10_out[] = {
1438 0x30, 0x92, 0x60, 0x99, 0x66, 0xac, 0x8c, 0xa6,
1439};
1440
1441
1442/*
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1443 * AES-CMAC
1444 * Test vectors from
1445 * http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
1446 */
1447
1448/* AES-128 */
1449static const uint8_t mac_cmac_vect1_key[] = {
1450 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
1451 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
1452};
1453
1454static const uint8_t mac_cmac_vect1_out[] = {
1455 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
1456 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46
1457};
1458
1459#define mac_cmac_vect2_key mac_cmac_vect1_key
1460static const uint8_t mac_cmac_vect2_data[] = {
1461 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1462 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1463};
1464
1465static const uint8_t mac_cmac_vect2_out[] = {
1466 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
1467 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
1468};
1469
1470#define mac_cmac_vect3_key mac_cmac_vect1_key
1471static const uint8_t mac_cmac_vect3_data[] = {
1472 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1473 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1474 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1475 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1476 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1477};
1478
1479static const uint8_t mac_cmac_vect3_out[] = {
1480 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30,
1481 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27
1482};
1483
1484#define mac_cmac_vect4_key mac_cmac_vect1_key
1485static const uint8_t mac_cmac_vect4_data[] = {
1486 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1487 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1488 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1489 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1490 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1491 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1492 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1493 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1494};
1495
1496static const uint8_t mac_cmac_vect4_out[] = {
1497 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
1498 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe
1499};
1500
1501/* AES-192 */
1502static const uint8_t mac_cmac_vect5_key[] = {
1503 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
1504 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
1505 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
1506};
1507
1508static const uint8_t mac_cmac_vect5_out[] = {
1509 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5,
1510 0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67
1511};
1512
1513
1514#define mac_cmac_vect6_key mac_cmac_vect5_key
1515static const uint8_t mac_cmac_vect6_data[] = {
1516 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1517 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1518};
1519
1520static const uint8_t mac_cmac_vect6_out[] = {
1521 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90,
1522 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84
1523};
1524
1525#define mac_cmac_vect7_key mac_cmac_vect5_key
1526static const uint8_t mac_cmac_vect7_data[] = {
1527 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1528 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1529 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1530 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1531 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1532};
1533
1534static const uint8_t mac_cmac_vect7_out[] = {
1535 0x8a, 0x1d, 0xe5, 0xbe, 0x2e, 0xb3, 0x1a, 0xad,
1536 0x08, 0x9a, 0x82, 0xe6, 0xee, 0x90, 0x8b, 0x0e
1537};
1538
1539#define mac_cmac_vect8_key mac_cmac_vect5_key
1540static const uint8_t mac_cmac_vect8_data[] = {
1541 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1542 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1543 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1544 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1545 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1546 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1547 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1548 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1549};
1550
1551static const uint8_t mac_cmac_vect8_out[] = {
1552 0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79,
1553 0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11
1554};
1555
1556/* AES-256 */
1557static const uint8_t mac_cmac_vect9_key[] = {
1558 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
1559 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
1560 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
1561 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
1562};
1563
1564static const uint8_t mac_cmac_vect9_out[] = {
1565 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e,
1566 0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83
1567};
1568
1569#define mac_cmac_vect10_key mac_cmac_vect9_key
1570static const uint8_t mac_cmac_vect10_data[] = {
1571 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1572 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1573};
1574
1575static const uint8_t mac_cmac_vect10_out[] = {
1576 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82,
1577 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c
1578};
1579
1580#define mac_cmac_vect11_key mac_cmac_vect9_key
1581static const uint8_t mac_cmac_vect11_data[] = {
1582 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1583 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1584 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1585 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1586 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1587};
1588
1589static const uint8_t mac_cmac_vect11_out[] = {
1590 0xaa, 0xf3, 0xd8, 0xf1, 0xde, 0x56, 0x40, 0xc2,
1591 0x32, 0xf5, 0xb1, 0x69, 0xb9, 0xc9, 0x11, 0xe6
1592};
1593
1594#define mac_cmac_vect12_key mac_cmac_vect9_key
1595static const uint8_t mac_cmac_vect12_data[] = {
1596 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1597 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1598 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1599 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1600 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1601 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1602 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1603 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1604};
1605
1606static const uint8_t mac_cmac_vect12_out[] = {
1607 0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5,
1608 0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10
1609};
1610
1611struct xtest_mac_case {
1612 uint32_t algo;
1613 uint32_t key_type;
1614 const uint8_t *key;
1615 size_t key_len;
1616 size_t in_incr;
1617 const uint8_t *in;
1618 size_t in_len;
1619 const uint8_t *out;
1620 size_t out_len;
1621};
1622
1623#define XTEST_MAC_CASE(algo, key_type, key, in_incr, in, out) \
1624 { (algo), (key_type), (key), ARRAY_SIZE(key), \
1625 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
1626
1627#define XTEST_MAC_CBC_CASE(algo, key_type, vect, in_incr) \
1628 XTEST_MAC_CASE((algo), (key_type), \
1629 mac_cbc_ ## vect ## _key, (in_incr), \
1630 mac_cbc_ ## vect ## _data, mac_cbc_ ## vect ## _out)
1631
1632#define XTEST_MAC_CMAC_CASE(vect, in_incr) \
1633 XTEST_MAC_CASE(TEE_ALG_AES_CMAC, TEE_TYPE_AES, \
1634 mac_cmac_ ## vect ## _key, (in_incr), \
1635 mac_cmac_ ## vect ## _data, mac_cmac_ ## vect ## _out)
1636
1637static const struct xtest_mac_case mac_cases[] = {
1638 XTEST_MAC_CASE(TEE_ALG_HMAC_MD5, TEE_TYPE_HMAC_MD5,
1639 mac_data_md5_key1,
1640 4, mac_data_md5_in1, mac_data_md5_out1),
1641 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA1, TEE_TYPE_HMAC_SHA1,
1642 mac_data_sha1_key1,
1643 5, mac_data_sha1_in1, mac_data_sha1_out1),
1644 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA224, TEE_TYPE_HMAC_SHA224,
1645 mac_data_sha224_key1,
1646 8, mac_data_sha224_in1, mac_data_sha224_out1),
1647 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1648 mac_data_sha256_key1,
1649 1, mac_data_sha256_in1, mac_data_sha256_out1),
1650 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1651 mac_data_sha256_key2,
1652 7, mac_data_sha256_in2, mac_data_sha256_out2),
1653 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA384, TEE_TYPE_HMAC_SHA384,
1654 mac_data_sha384_key1,
1655 11, mac_data_sha384_in1, mac_data_sha384_out1),
1656 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA512, TEE_TYPE_HMAC_SHA512,
1657 mac_data_sha512_key1,
1658 13, mac_data_sha512_in1, mac_data_sha512_out1),
1659
1660 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_NOPAD, TEE_TYPE_AES, vect1, 14),
1661 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_NOPAD, TEE_TYPE_DES, vect2, 16),
1662 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_NOPAD, TEE_TYPE_DES3, vect3,
1663 17),
1664 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect4, 11),
1665 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect5, 9),
1666 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect6, 4),
1667 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect7, 3),
1668 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect8, 23),
1669 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect9,
1670 34),
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1671 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect10, 4),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1672
1673 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect1_key,
1674 ARRAY_SIZE(mac_cmac_vect1_key), 0, NULL, 0, mac_cmac_vect1_out,
1675 ARRAY_SIZE(mac_cmac_vect1_out) },
1676 XTEST_MAC_CMAC_CASE(vect2, 9),
1677 XTEST_MAC_CMAC_CASE(vect3, 9),
1678 XTEST_MAC_CMAC_CASE(vect4, 9),
1679 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect5_key,
1680 ARRAY_SIZE(mac_cmac_vect5_key), 0, NULL, 0, mac_cmac_vect5_out,
1681 ARRAY_SIZE(mac_cmac_vect5_out) },
1682 XTEST_MAC_CMAC_CASE(vect6, 9),
1683 XTEST_MAC_CMAC_CASE(vect7, 9),
1684 XTEST_MAC_CMAC_CASE(vect8, 9),
1685 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect9_key,
1686 ARRAY_SIZE(mac_cmac_vect9_key), 0, NULL, 0, mac_cmac_vect9_out,
1687 ARRAY_SIZE(mac_cmac_vect9_out) },
1688 XTEST_MAC_CMAC_CASE(vect10, 9),
1689 XTEST_MAC_CMAC_CASE(vect11, 9),
1690 XTEST_MAC_CMAC_CASE(vect12, 9),
1691};
1692
1693static void xtest_tee_test_4002(ADBG_Case_t *c)
1694{
1695 TEEC_Session session = { 0 };
1696 TEE_OperationHandle op1;
1697 TEE_OperationHandle op2;
1698 TEE_ObjectHandle key_handle;
1699 uint8_t out[64];
1700 size_t out_size;
1701 uint32_t ret_orig;
1702 size_t n;
1703
1704 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1705 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1706 &ret_orig)))
1707 return;
1708
1709 for (n = 0; n < ARRAY_SIZE(mac_cases); n++) {
1710 TEE_Attribute key_attr;
1711 size_t key_size;
1712
1713 Do_ADBG_BeginSubCase(c, "MAC case %d algo 0x%x",
1714 (int)n, (unsigned int)mac_cases[n].algo);
1715
1716 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
1717 key_attr.content.ref.buffer = (void *)mac_cases[n].key;
1718 key_attr.content.ref.length = mac_cases[n].key_len;
1719
1720 key_size = key_attr.content.ref.length * 8;
1721 if (mac_cases[n].key_type == TEE_TYPE_DES ||
1722 mac_cases[n].key_type == TEE_TYPE_DES3)
1723 /* Exclude parity in bit size of key */
1724 key_size -= key_size / 8;
1725
1726 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1727 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1728 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1729 goto out;
1730
1731 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1732 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1733 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1734 goto out;
1735
1736 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1737 ta_crypt_cmd_allocate_transient_object(c, &session,
1738 mac_cases[n].key_type, key_size, &key_handle)))
1739 goto out;
1740
1741 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1742 ta_crypt_cmd_populate_transient_object(c, &session,
1743 key_handle, &key_attr, 1)))
1744 goto out;
1745
1746 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1747 ta_crypt_cmd_set_operation_key(c, &session, op1,
1748 key_handle)))
1749 goto out;
1750
1751 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1752 ta_crypt_cmd_free_transient_object(c, &session,
1753 key_handle)))
1754 goto out;
1755
1756 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1757 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1758 goto out;
1759
1760 if (mac_cases[n].in != NULL) {
1761 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1762 ta_crypt_cmd_mac_update(c, &session, op1,
1763 mac_cases[n].in, mac_cases[n].in_incr)))
1764 goto out;
1765 }
1766
1767 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1768 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1769 goto out;
1770
1771 out_size = sizeof(out);
1772 memset(out, 0, sizeof(out));
1773 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1774 ta_crypt_cmd_mac_final_compute(c, &session, op2,
1775 mac_cases[n].in + mac_cases[n].in_incr,
1776 mac_cases [n].in_len - mac_cases[n].in_incr,
1777 out, &out_size)))
1778 goto out;
1779
1780 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1781 mac_cases[n].out_len, out, out_size);
1782
1783 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1784 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1785 goto out;
1786
1787 out_size = sizeof(out);
1788 memset(out, 0, sizeof(out));
1789 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1790 ta_crypt_cmd_mac_final_compute(c, &session, op1,
1791 mac_cases[n].in, mac_cases[n].in_len, out,
1792 &out_size)))
1793 goto out;
1794
1795 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1796 mac_cases[n].out_len, out, out_size);
1797
1798 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1799 ta_crypt_cmd_free_operation(c, &session, op1)))
1800 goto out;
1801
1802 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1803 ta_crypt_cmd_free_operation(c, &session, op2)))
1804 goto out;
1805
1806 Do_ADBG_EndSubCase(c, NULL);
1807 }
1808out:
1809 TEEC_CloseSession(&session);
1810}
1811
1812/* generated with scripts/crypt_aes_cbc_nopad.pl */
1813static const uint8_t ciph_data_aes_key1[] = {
1814 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1815 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1816};
1817
1818static const uint8_t ciph_data_des_key1[] = {
1819 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 /* 01234567 */
1820};
1821
1822static const uint8_t ciph_data_des_key2[] = {
1823 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1824};
1825
1826
1827static const uint8_t ciph_data_des3_key1[] = {
1828 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1829 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1830 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1831};
1832
1833static const uint8_t ciph_data_des3_key2[] = {
1834 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1835 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1836 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1837};
1838
1839static const uint8_t ciph_data_des2_key1[] = {
1840 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1841 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1842};
1843
1844static const uint8_t ciph_data_in1[] = {
1845 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1846 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1847 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1848 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1849 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1850 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1851};
1852
1853static const uint8_t ciph_data_in3[] = {
1854 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1855 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1856 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1857 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1858 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1859 0x43, 0x44, 0x45, 0x46, 0x30, /* CDEF0 */
1860};
1861
1862static const uint8_t ciph_data_128_iv1[] = {
1863 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1864 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, /* 9ABCDEF0 */
1865};
1866
1867static const uint8_t ciph_data_64_iv1[] = {
1868 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1869};
1870
1871static const uint8_t ciph_data_in2[] = {
1872 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
1873};
1874
1875static const uint8_t ciph_data_aes_ecb_nopad_out1[] = {
1876 0xA5, 0xBE, 0x14, 0xD5, 0x01, 0x05, 0x24, 0x48, /* ......$H */
1877 0x58, 0x1A, 0x6B, 0x82, 0xD4, 0x41, 0xD2, 0xB3, /* X.k..A.. */
1878 0xBB, 0xF9, 0xAE, 0x37, 0x94, 0xAC, 0x18, 0x50, /* ...7...P */
1879 0x87, 0x09, 0xCC, 0x3F, 0x43, 0xD2, 0xC2, 0xB7, /* ...?C... */
1880 0xD7, 0x6F, 0x84, 0x07, 0xB4, 0x78, 0xCE, 0x34, /* .o...x.4 */
1881 0x48, 0xC9, 0x16, 0x86, 0x42, 0xB8, 0xFF, 0xCF, /* H...B... */
1882};
1883
1884static const uint8_t ciph_data_aes_cbc_nopad_out1[] = {
1885 0x8D, 0x9F, 0x88, 0xD8, 0xAF, 0x9F, 0xC1, 0x3B, /* .......; */
1886 0x02, 0x15, 0x43, 0x6A, 0x8C, 0x1E, 0x34, 0x5C, /* ..Cj..4\ */
1887 0x83, 0xF4, 0x85, 0x3E, 0x43, 0x0F, 0xE5, 0x5F, /* ...>C.._ */
1888 0x81, 0x4C, 0xC0, 0x28, 0x3F, 0xD9, 0x98, 0x53, /* .L.(?..S */
1889 0xB1, 0x44, 0x51, 0x38, 0x21, 0xAB, 0x10, 0xCE, /* .DQ8!... */
1890 0xC2, 0xEC, 0x65, 0x54, 0xDD, 0x5C, 0xEA, 0xDC, /* ..eT.\.. */
1891};
1892
1893static const uint8_t ciph_data_aes_ctr_out1[] = {
1894 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1895 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1896 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1897 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1898 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1899 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1900};
1901
1902static const uint8_t ciph_data_aes_ctr_out2[] = {
1903 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1904 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1905 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1906 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1907 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1908 0x72, 0x0E, 0x3C, 0xD1, 0xA1, /* r.<.. */
1909};
1910
1911static const uint8_t ciph_data_aes_cbc_vect1_key[] = {
1912 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1913 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1914};
1915
1916static const uint8_t ciph_data_aes_cbc_vect1_iv[] = {
1917 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1918 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1919};
1920
1921static const uint8_t ciph_data_aes_cbc_vect1_ptx[] = {
1922 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1923 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1924 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1925 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1926 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1927 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1928 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1929 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1930 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1931 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1932 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1933 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1934 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1935 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1936 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1937 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1938 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1939 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1940 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1941 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1942};
1943
1944static const uint8_t ciph_data_aes_cbc_vect1_ctx[] = {
1945 0xDD, 0x16, 0xC3, 0x47, 0x69, 0xEC, 0xF5, 0x86, /* ...Gi... */
1946 0x20, 0xB4, 0xF7, 0xE3, 0xB9, 0x36, 0xE8, 0xAC, /* ....6.. */
1947 0xC9, 0xA2, 0x11, 0x71, 0x3B, 0x10, 0x9D, 0x45, /* ...q;..E */
1948 0xCA, 0xE2, 0x49, 0xA6, 0x4E, 0x56, 0x07, 0xC5, /* ..I.NV.. */
1949 0xCE, 0xA3, 0x14, 0xB5, 0x30, 0x1B, 0x63, 0xBB, /* ....0.c. */
1950 0x2D, 0x6F, 0xE9, 0xCA, 0x0B, 0x00, 0x31, 0x3F, /* -o....1? */
1951 0xA4, 0x9A, 0x39, 0xE1, 0xC8, 0xD2, 0x24, 0x95, /* ..9...$. */
1952 0x14, 0xE9, 0xD2, 0x43, 0xE8, 0xA8, 0x1E, 0x0A, /* ...C.... */
1953 0xFE, 0x9D, 0x4F, 0xF5, 0xBB, 0x16, 0xB9, 0x54, /* ..O....T */
1954 0x78, 0x07, 0x94, 0x05, 0x8E, 0x47, 0xC3, 0xCB, /* x....G.. */
1955 0x7C, 0xEC, 0xF4, 0xF8, 0xF2, 0xA4, 0x59, 0x6E, /* |.....Yn */
1956 0xED, 0xAD, 0x7F, 0x62, 0xAF, 0x89, 0xA8, 0x5B, /* ...b...[ */
1957 0x75, 0xD4, 0x73, 0xE3, 0xBA, 0x9F, 0x9A, 0xD2, /* u.s..... */
1958 0x0F, 0xFD, 0x3C, 0xE6, 0xC6, 0xA4, 0xD6, 0x6C, /* ..<....l */
1959 0x6A, 0x09, 0xE2, 0x16, 0xB0, 0x8C, 0x69, 0x3C, /* j.....i< */
1960 0xC8, 0x1C, 0xE4, 0x3E, 0x86, 0x4D, 0xB0, 0x2B, /* ...>.M.+ */
1961 0x29, 0xA0, 0x5A, 0xA3, 0x67, 0xBA, 0xDC, 0x11, /* ).Z.g... */
1962 0x08, 0x5E, 0x69, 0xB4, 0x6F, 0xA5, 0xE2, 0xB8, /* .^i.o... */
1963 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1964 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1965};
1966
1967/* AES-CTS test vectors from http://tools.ietf.org/html/rfc3962
1968 * and http://tools.ietf.org/html/draft-raeburn-krb-rijndael-krb-02 */
1969static const uint8_t ciph_data_aes_cts_vect1_key[] = {
1970 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
1971 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
1972};
1973
1974static const uint8_t ciph_data_aes_cts_vect1_iv[16] = {
1975 0x00
1976};
1977
1978static const uint8_t ciph_data_aes_cts_vect1_ptx[] = {
1979 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1980 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1981 0x20
1982};
1983
1984static const uint8_t ciph_data_aes_cts_vect1_ctx[] = {
1985 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
1986 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
1987 0x97
1988};
1989
1990#define ciph_data_aes_cts_vect2_key ciph_data_aes_cts_vect1_key
1991#define ciph_data_aes_cts_vect2_iv ciph_data_aes_cts_vect1_iv
1992static const uint8_t ciph_data_aes_cts_vect2_ptx[] = {
1993 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1994 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1995 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1996 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20
1997};
1998
1999static const uint8_t ciph_data_aes_cts_vect2_ctx[] = {
2000 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
2001 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
2002 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2003 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
2004};
2005
2006#define ciph_data_aes_cts_vect3_key ciph_data_aes_cts_vect1_key
2007#define ciph_data_aes_cts_vect3_iv ciph_data_aes_cts_vect1_iv
2008static const uint8_t ciph_data_aes_cts_vect3_ptx[] = {
2009 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2010 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2011 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2012 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2013};
2014
2015static const uint8_t ciph_data_aes_cts_vect3_ctx[] = {
2016 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2017 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2018 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2019 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2020};
2021
2022#define ciph_data_aes_cts_vect4_key ciph_data_aes_cts_vect1_key
2023#define ciph_data_aes_cts_vect4_iv ciph_data_aes_cts_vect1_iv
2024static const uint8_t ciph_data_aes_cts_vect4_ptx[] = {
2025 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2026 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2027 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2028 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2029 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2030 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c,
2031};
2032
2033static const uint8_t ciph_data_aes_cts_vect4_ctx[] = {
2034 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2035 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2036 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
2037 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
2038 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2039 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5,
2040};
2041
2042#define ciph_data_aes_cts_vect5_key ciph_data_aes_cts_vect1_key
2043#define ciph_data_aes_cts_vect5_iv ciph_data_aes_cts_vect1_iv
2044static const uint8_t ciph_data_aes_cts_vect5_ptx[] = {
2045 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2046 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2047 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2048 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2049 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2050 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
2051};
2052
2053static const uint8_t ciph_data_aes_cts_vect5_ctx[] = {
2054 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2055 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2056 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
2057 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
2058 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2059 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2060};
2061
2062#define ciph_data_aes_cts_vect6_key ciph_data_aes_cts_vect1_key
2063#define ciph_data_aes_cts_vect6_iv ciph_data_aes_cts_vect1_iv
2064static const uint8_t ciph_data_aes_cts_vect6_ptx[] = {
2065 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2066 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2067 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2068 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2069 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2070 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
2071 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74,
2072 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e,
2073};
2074
2075static const uint8_t ciph_data_aes_cts_vect6_ctx[] = {
2076 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2077 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2078 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2079 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2080 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
2081 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
2082 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
2083 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
2084};
2085
2086static const uint8_t ciph_data_des_ecb_nopad_out1[] = {
2087 0x46, 0x2B, 0x91, 0xA8, 0x55, 0xE6, 0x7E, 0x75, /* F+..U.~u */
2088 0x5E, 0x53, 0xF4, 0x8F, 0x29, 0x41, 0x4E, 0xEF, /* ^S..)AN. */
2089 0x32, 0x1B, 0x58, 0x42, 0x9B, 0xB4, 0x3A, 0x1F, /* 2.XB..:. */
2090 0x9A, 0xEA, 0xA4, 0xB4, 0xCD, 0xE9, 0x87, 0x7C, /* .......| */
2091 0xC0, 0x05, 0x34, 0xED, 0x86, 0x3C, 0x2A, 0x81, /* ..4..<.. */
2092 0x5E, 0x93, 0x0E, 0x86, 0xA9, 0xBB, 0x80, 0xFF, /* ^....... */
2093};
2094
2095static const uint8_t ciph_data_des_ecb_nopad_out2[] = {
2096 0x85, 0xE8, 0x13, 0x54, 0x0F, 0x0A, 0xB4, 0x05
2097};
2098
2099static const uint8_t ciph_data_des_cbc_nopad_out1[] = {
2100 0xAD, 0xD6, 0xD6, 0x3E, 0x88, 0xD0, 0xDD, 0xD4, /* ...>.... */
2101 0x9A, 0x93, 0x95, 0xA0, 0x86, 0x22, 0x5B, 0x9E, /* ....."[. */
2102 0x84, 0x0C, 0x6F, 0x12, 0x04, 0x11, 0x6F, 0xD4, /* ..o...o. */
2103 0x12, 0x29, 0xC6, 0x78, 0x0C, 0xFB, 0x58, 0x5B, /* .).x..X[ */
2104 0x66, 0x82, 0x0E, 0x52, 0xDC, 0x25, 0x16, 0x51, /* f..R.%.Q */
2105 0x69, 0xDF, 0xFE, 0x4E, 0x11, 0x1D, 0x9D, 0x08, /* i..N.... */
2106};
2107
2108static const uint8_t ciph_data_des3_ecb_nopad_out1[] = {
2109 0xA7, 0x46, 0xEC, 0xA8, 0x6A, 0x7F, 0x4A, 0xF1, /* .F..j.J. */
2110 0x44, 0x60, 0x37, 0x3B, 0x7F, 0x76, 0xE5, 0xFF, /* D`7;.v.. */
2111 0xC1, 0xE7, 0xA5, 0x04, 0x9C, 0x29, 0x5C, 0xA5, /* .....)\. */
2112 0xDD, 0xC8, 0xEE, 0x36, 0x1F, 0x48, 0xE0, 0xA9, /* ...6.H.. */
2113 0x82, 0x2D, 0x53, 0x84, 0x49, 0x69, 0x78, 0xFA, /* .-S.Iix. */
2114 0x23, 0x69, 0x1D, 0xF7, 0x08, 0x38, 0x44, 0x05, /* #i...8D. */
2115};
2116
2117static const uint8_t ciph_data_des3_cbc_nopad_out1[] = {
2118 0x18, 0x09, 0xEB, 0x98, 0xE4, 0x58, 0x72, 0x11, /* .....Xr. */
2119 0x30, 0x58, 0xAB, 0x38, 0xB0, 0xC9, 0x2B, 0xED, /* 0X.8..+. */
2120 0xDA, 0xC5, 0xE8, 0xA9, 0xF6, 0x8A, 0xA7, 0x80, /* ........ */
2121 0xBE, 0x54, 0x1F, 0x63, 0xF6, 0xEE, 0xA2, 0x4C, /* .T.c...L */
2122 0x7C, 0xEB, 0x84, 0x7D, 0xDA, 0xCA, 0x1E, 0xB2, /* |..}.... */
2123 0xED, 0x5E, 0x96, 0xB8, 0x01, 0x4B, 0x77, 0x02, /* .^...Kw. */
2124};
2125
2126static const uint8_t ciph_data_des2_ecb_nopad_out1[] = {
2127 0xAB, 0x12, 0xB6, 0xE2, 0x4A, 0x3A, 0x26, 0x14, /* ....J:&. */
2128 0xF0, 0x7D, 0x23, 0xD0, 0x55, 0xDF, 0x5C, 0x16, /* .}#.U.\. */
2129 0x43, 0x59, 0x1E, 0x44, 0x01, 0x76, 0xD7, 0x50, /* CY.D.v.P */
2130 0x44, 0xC0, 0x15, 0xDF, 0x2E, 0x7F, 0x8B, 0xC5, /* D....... */
2131 0xFF, 0x8B, 0x87, 0xFE, 0x33, 0xD7, 0xCB, 0x2C, /* ....3.., */
2132 0xDA, 0x79, 0x6F, 0xA4, 0x05, 0x2B, 0x30, 0xCE, /* .yo..+0. */
2133};
2134
2135static const uint8_t ciph_data_des2_cbc_nopad_out1[] = {
2136 0x47, 0x2F, 0xB1, 0x83, 0xC4, 0xBB, 0x93, 0x16, /* G/...... */
2137 0x73, 0xF9, 0xAD, 0x6F, 0x00, 0xF9, 0xCB, 0x4A, /* s..o...J */
2138 0x0F, 0x4F, 0x75, 0x75, 0xFB, 0x39, 0x0B, 0xFC, /* .Ouu.9.. */
2139 0x9F, 0x48, 0x52, 0xAD, 0xA2, 0x75, 0x2C, 0xF1, /* .HR..u, . */
2140 0x7D, 0xC3, 0x8F, 0x16, 0xCF, 0xC9, 0x76, 0x29, /* }.....v) */
2141 0x1A, 0xBF, 0xB3, 0xD9, 0x10, 0x7E, 0xAA, 0x49, /* .....~.I */
2142};
2143
2144struct xtest_ciph_case {
2145 uint32_t algo;
2146 uint32_t mode;
2147 uint32_t key_type;
2148 const uint8_t *key1;
2149 size_t key1_len;
2150 const uint8_t *key2;
2151 size_t key2_len;
2152 const uint8_t *iv;
2153 size_t iv_len;
2154 size_t in_incr;
2155 const uint8_t *in;
2156 size_t in_len;
2157 const uint8_t *out;
2158 size_t out_len;
2159 size_t line;
2160};
2161
2162#define XTEST_CIPH_CASE_NO_IV(algo, key_type, key, in_incr, ptx, ctx) \
2163 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2164 NULL, 0, NULL, 0, \
2165 (in_incr), (ptx), ARRAY_SIZE(ptx), (ctx), ARRAY_SIZE(ctx), \
2166 __LINE__ }, \
2167 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2168 NULL, 0, NULL, 0, \
2169 (in_incr), (ctx), ARRAY_SIZE(ctx), (ptx), ARRAY_SIZE(ptx), __LINE__ }
2170
2171#define XTEST_CIPH_CASE(algo, key_type, key, iv, in_incr, ptx, ctx) \
2172 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2173 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ptx), ARRAY_SIZE(ptx), \
2174 (ctx), ARRAY_SIZE(ctx), __LINE__ }, \
2175 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2176 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ctx), ARRAY_SIZE(ctx), \
2177 (ptx), ARRAY_SIZE(ptx), __LINE__ }
2178
2179#define XTEST_CIPH_CASE_AES_XTS(vect, in_incr) \
2180 { TEE_ALG_AES_XTS, TEE_MODE_ENCRYPT, TEE_TYPE_AES, \
2181 ciph_data_aes_xts_ ## vect ## _key1, \
2182 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2183 ciph_data_aes_xts_ ## vect ## _key2, \
2184 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2185 ciph_data_aes_xts_ ## vect ## _iv, \
2186 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2187 (in_incr), \
2188 ciph_data_aes_xts_ ## vect ## _ptx, \
2189 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), \
2190 ciph_data_aes_xts_ ## vect ## _ctx, \
2191 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), __LINE__ }, \
2192 { TEE_ALG_AES_XTS, TEE_MODE_DECRYPT, TEE_TYPE_AES, \
2193 ciph_data_aes_xts_ ## vect ## _key1, \
2194 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2195 ciph_data_aes_xts_ ## vect ## _key2, \
2196 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2197 ciph_data_aes_xts_ ## vect ## _iv, \
2198 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2199 (in_incr), \
2200 ciph_data_aes_xts_ ## vect ## _ctx, \
2201 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), \
2202 ciph_data_aes_xts_ ## vect ## _ptx, \
2203 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), __LINE__ }
2204
2205#define XTEST_CIPH_CASE_AES_CBC(vect, in_incr) \
2206 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES, \
2207 ciph_data_aes_cbc_ ## vect ## _key, \
2208 ciph_data_aes_cbc_ ## vect ## _iv, \
2209 (in_incr), ciph_data_aes_cbc_ ## vect ## _ptx, \
2210 ciph_data_aes_cbc_ ## vect ## _ctx)
2211
2212#define XTEST_CIPH_CASE_AES_CTS(vect, in_incr) \
2213 XTEST_CIPH_CASE(TEE_ALG_AES_CTS, TEE_TYPE_AES, \
2214 ciph_data_aes_cts_ ## vect ## _key, \
2215 ciph_data_aes_cts_ ## vect ## _iv, \
2216 (in_incr), ciph_data_aes_cts_ ## vect ## _ptx, \
2217 ciph_data_aes_cts_ ## vect ## _ctx)
2218
2219static const struct xtest_ciph_case ciph_cases[] = {
2220 /* AES */
2221 XTEST_CIPH_CASE_NO_IV(TEE_ALG_AES_ECB_NOPAD, TEE_TYPE_AES,
2222 ciph_data_aes_key1, 11, ciph_data_in1,
2223 ciph_data_aes_ecb_nopad_out1),
2224 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES,
2225 ciph_data_aes_key1, ciph_data_128_iv1, 11,
2226 ciph_data_in1,
2227 ciph_data_aes_cbc_nopad_out1),
2228 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2229 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2230 ciph_data_in1,
2231 ciph_data_aes_ctr_out1),
2232 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2233 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2234 ciph_data_in3,
2235 ciph_data_aes_ctr_out2),
2236
2237 XTEST_CIPH_CASE_AES_CBC(vect1, 11),
2238
2239 /* AES-CTS */
2240 XTEST_CIPH_CASE_AES_CTS(vect1, 13),
2241 XTEST_CIPH_CASE_AES_CTS(vect2, 14),
2242 XTEST_CIPH_CASE_AES_CTS(vect3, 11),
2243 XTEST_CIPH_CASE_AES_CTS(vect4, 9),
2244 XTEST_CIPH_CASE_AES_CTS(vect5, 7),
2245 XTEST_CIPH_CASE_AES_CTS(vect6, 17),
2246 XTEST_CIPH_CASE_AES_CTS(vect6, 0x20),
2247
2248 /* DES */
2249 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2250 ciph_data_des_key1, 14, ciph_data_in1,
2251 ciph_data_des_ecb_nopad_out1),
2252 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2253 ciph_data_des_key2, 3, ciph_data_in2,
2254 ciph_data_des_ecb_nopad_out2),
2255 XTEST_CIPH_CASE(TEE_ALG_DES_CBC_NOPAD, TEE_TYPE_DES,
2256 ciph_data_des_key1, ciph_data_64_iv1, 15, ciph_data_in1,
2257 ciph_data_des_cbc_nopad_out1),
2258
2259 /* DES3 */
2260 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2261 ciph_data_des3_key1, 11, ciph_data_in1,
2262 ciph_data_des3_ecb_nopad_out1),
2263 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2264 ciph_data_des3_key2, 3, ciph_data_in2,
2265 ciph_data_des_ecb_nopad_out2),
2266 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2267 ciph_data_des3_key1, ciph_data_64_iv1, 11,
2268 ciph_data_in1,
2269 ciph_data_des3_cbc_nopad_out1),
2270
2271 /* DES2 */
2272 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2273 ciph_data_des2_key1, 11, ciph_data_in1,
2274 ciph_data_des2_ecb_nopad_out1),
2275 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2276 ciph_data_des2_key1, ciph_data_64_iv1, 11,
2277 ciph_data_in1,
2278 ciph_data_des2_cbc_nopad_out1),
2279};
2280
2281static const struct xtest_ciph_case ciph_cases_xts[] = {
2282 /* AES-XTS */
2283 XTEST_CIPH_CASE_AES_XTS(vect1, 3),
2284 XTEST_CIPH_CASE_AES_XTS(vect2, 6),
2285 XTEST_CIPH_CASE_AES_XTS(vect3, 7),
2286 XTEST_CIPH_CASE_AES_XTS(vect4, 8),
2287 XTEST_CIPH_CASE_AES_XTS(vect5, 9),
2288 XTEST_CIPH_CASE_AES_XTS(vect6, 13),
2289 XTEST_CIPH_CASE_AES_XTS(vect7, 1),
2290 XTEST_CIPH_CASE_AES_XTS(vect8, 3),
2291 XTEST_CIPH_CASE_AES_XTS(vect9, 2),
2292 XTEST_CIPH_CASE_AES_XTS(vect10, 5),
2293 XTEST_CIPH_CASE_AES_XTS(vect11, 6),
2294 XTEST_CIPH_CASE_AES_XTS(vect12, 7),
2295 XTEST_CIPH_CASE_AES_XTS(vect13, 3),
2296 XTEST_CIPH_CASE_AES_XTS(vect14, 2),
2297 XTEST_CIPH_CASE_AES_XTS(vect15, 0),
2298 XTEST_CIPH_CASE_AES_XTS(vect16, 9),
2299 XTEST_CIPH_CASE_AES_XTS(vect17, 6),
2300 XTEST_CIPH_CASE_AES_XTS(vect18, 8),
2301 XTEST_CIPH_CASE_AES_XTS(vect19, 23),
2302};
2303
2304static void xtest_tee_test_4003_no_xts(ADBG_Case_t *c)
2305{
2306 TEEC_Session session = { 0 };
2307 TEE_OperationHandle op;
2308 TEE_ObjectHandle key1_handle = TEE_HANDLE_NULL;
2309 TEE_ObjectHandle key2_handle = TEE_HANDLE_NULL;
2310 uint8_t out[2048];
2311 size_t out_size;
2312 size_t out_offs;
2313 uint32_t ret_orig;
2314 size_t n;
2315
2316 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2317 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2318 &ret_orig)))
2319 return;
2320
2321 for (n = 0; n < ARRAY_SIZE(ciph_cases); n++) {
2322 TEE_Attribute key_attr;
2323 size_t key_size;
2324 size_t op_key_size;
2325
2326
2327 Do_ADBG_BeginSubCase(c, "Cipher case %d algo 0x%x line %d",
2328 (int)n, (unsigned int)ciph_cases[n].algo,
2329 (int)ciph_cases[n].line);
2330
2331 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2332 key_attr.content.ref.buffer = (void *)ciph_cases[n].key1;
2333 key_attr.content.ref.length = ciph_cases[n].key1_len;
2334
2335 key_size = key_attr.content.ref.length * 8;
2336 if (ciph_cases[n].key_type == TEE_TYPE_DES ||
2337 ciph_cases[n].key_type == TEE_TYPE_DES3)
2338 /* Exclude parity in bit size of key */
2339 key_size -= key_size / 8;
2340
2341 op_key_size = key_size;
2342 if (ciph_cases[n].key2 != NULL)
2343 op_key_size *= 2;
2344
2345 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2346 ta_crypt_cmd_allocate_operation(c, &session, &op,
2347 ciph_cases[n].algo, ciph_cases[n].mode,
2348 op_key_size)))
2349 goto out;
2350
2351 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2352 ta_crypt_cmd_allocate_transient_object(c, &session,
2353 ciph_cases[n].key_type, key_size,
2354 &key1_handle)))
2355 goto out;
2356
2357 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2358 ta_crypt_cmd_populate_transient_object(c, &session,
2359 key1_handle, &key_attr, 1)))
2360 goto out;
2361
2362 if (ciph_cases[n].key2 != NULL) {
2363 key_attr.content.ref.buffer =
2364 (void *)ciph_cases[n].key2;
2365 key_attr.content.ref.length = ciph_cases[n].key2_len;
2366
2367 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2368 ta_crypt_cmd_allocate_transient_object(c,
2369 &session, ciph_cases[n].key_type,
2370 key_attr.content.ref.length * 8,
2371 &key2_handle)))
2372 goto out;
2373
2374 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2375 ta_crypt_cmd_populate_transient_object(c,
2376 &session, key2_handle, &key_attr, 1)))
2377 goto out;
2378
2379 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2380 ta_crypt_cmd_set_operation_key2(c, &session, op,
2381 key1_handle, key2_handle)))
2382 goto out;
2383 } else {
2384 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2385 ta_crypt_cmd_set_operation_key(c, &session, op,
2386 key1_handle)))
2387 goto out;
2388 }
2389
2390 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2391 ta_crypt_cmd_free_transient_object(c, &session,
2392 key1_handle)))
2393 goto out;
2394 key1_handle = TEE_HANDLE_NULL;
2395
2396 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2397 ta_crypt_cmd_free_transient_object(c, &session,
2398 key2_handle)))
2399 goto out;
2400 key2_handle = TEE_HANDLE_NULL;
2401
2402 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2403 ta_crypt_cmd_cipher_init(c, &session, op,
2404 ciph_cases[n].iv, ciph_cases[n].iv_len)))
2405 goto out;
2406
2407 out_offs = 0;
2408 out_size = sizeof(out);
2409 memset(out, 0, sizeof(out));
2410 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2411 ta_crypt_cmd_cipher_update(c, &session, op,
2412 ciph_cases[n].in, ciph_cases[n].in_incr, out,
2413 &out_size)))
2414 goto out;
2415
2416 out_offs += out_size;
2417 out_size = sizeof(out) - out_offs;
2418
2419 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2420 ta_crypt_cmd_cipher_do_final(c, &session, op,
2421 ciph_cases[n].in + ciph_cases[n].in_incr,
2422 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2423 out + out_offs,
2424 &out_size)))
2425 goto out;
2426
2427 out_offs += out_size;
2428
2429 (void)ADBG_EXPECT_BUFFER(c, ciph_cases[n].out,
2430 ciph_cases[n].out_len, out, out_offs);
2431
2432 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2433 ta_crypt_cmd_free_operation(c, &session, op)))
2434 goto out;
2435
2436 Do_ADBG_EndSubCase(c, NULL);
2437 }
2438out:
2439 TEEC_CloseSession(&session);
2440}
2441
2442/*
2443 * This is a split of the original xtest 4003 as eary version of the ST TEE.
2444 *
2445 * Core did not support xts.
2446 */
2447static void xtest_tee_test_4003_xts(ADBG_Case_t *c)
2448{
2449 TEEC_Session session = { 0 };
2450 TEE_OperationHandle op;
2451 TEE_ObjectHandle key1_handle = TEE_HANDLE_NULL;
2452 TEE_ObjectHandle key2_handle = TEE_HANDLE_NULL;
2453 uint8_t out[2048];
2454 size_t out_size;
2455 size_t out_offs;
2456 uint32_t ret_orig;
2457 size_t n;
2458
2459 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2460 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2461 &ret_orig)))
2462 return;
2463
2464 for (n = 0; n < ARRAY_SIZE(ciph_cases_xts); n++) {
2465 TEE_Attribute key_attr;
2466 size_t key_size;
2467 size_t op_key_size;
2468
2469 Do_ADBG_BeginSubCase(c, "Cipher case %d algo 0x%x line %d",
2470 (int)n,
2471 (unsigned int)ciph_cases_xts[n].algo,
2472 (int)ciph_cases_xts[n].line);
2473
2474 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2475 key_attr.content.ref.buffer = (void *)ciph_cases_xts[n].key1;
2476 key_attr.content.ref.length = ciph_cases_xts[n].key1_len;
2477
2478 key_size = key_attr.content.ref.length * 8;
2479 if (ciph_cases_xts[n].key_type == TEE_TYPE_DES ||
2480 ciph_cases_xts[n].key_type == TEE_TYPE_DES3)
2481 /* Exclude parity in bit size of key */
2482 key_size -= key_size / 8;
2483
2484 op_key_size = key_size;
2485 if (ciph_cases_xts[n].key2 != NULL)
2486 op_key_size *= 2;
2487
2488 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2489 ta_crypt_cmd_allocate_operation(c, &session, &op,
2490 ciph_cases_xts[n].algo, ciph_cases_xts[n].mode,
2491 op_key_size)))
2492 goto out;
2493
2494 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2495 ta_crypt_cmd_allocate_transient_object(c, &session,
2496 ciph_cases_xts[n].key_type, key_size,
2497 &key1_handle)))
2498 goto out;
2499
2500 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2501 ta_crypt_cmd_populate_transient_object(c, &session,
2502 key1_handle, &key_attr, 1)))
2503 goto out;
2504
2505 if (ciph_cases_xts[n].key2 != NULL) {
2506 key_attr.content.ref.buffer =
2507 (void *)ciph_cases_xts[n].key2;
2508
2509 key_attr.content.ref.length =
2510 ciph_cases_xts[n].key2_len;
2511
2512 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2513 ta_crypt_cmd_allocate_transient_object(c,
2514 &session, ciph_cases_xts[n].key_type,
2515 key_attr.content.ref.length * 8,
2516 &key2_handle)))
2517 goto out;
2518
2519 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2520 ta_crypt_cmd_populate_transient_object(c,
2521 &session, key2_handle, &key_attr, 1)))
2522 goto out;
2523
2524 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2525 ta_crypt_cmd_set_operation_key2(c, &session, op,
2526 key1_handle, key2_handle)))
2527 goto out;
2528 } else {
2529 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2530 ta_crypt_cmd_set_operation_key(c, &session, op,
2531 key1_handle)))
2532 goto out;
2533 }
2534
2535 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2536 ta_crypt_cmd_free_transient_object(c, &session,
2537 key1_handle)))
2538 goto out;
2539
2540 key1_handle = TEE_HANDLE_NULL;
2541
2542 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2543 ta_crypt_cmd_free_transient_object(c, &session,
2544 key2_handle)))
2545 goto out;
2546
2547 key2_handle = TEE_HANDLE_NULL;
2548
2549 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_cipher_init(c,
2550 &
2551 session,
2552 op,
2553 ciph_cases_xts
2554 [n].iv, ciph_cases_xts[n].iv_len)))
2555 goto out;
2556
2557 out_offs = 0;
2558 out_size = sizeof(out);
2559 memset(out, 0, sizeof(out));
2560 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2561 ta_crypt_cmd_cipher_update(c, &session, op,
2562 ciph_cases_xts[n].in, ciph_cases_xts[n].in_incr,
2563 out, &out_size)))
2564 goto out;
2565
2566 out_offs += out_size;
2567 out_size = sizeof(out) - out_offs;
2568
2569 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2570 ta_crypt_cmd_cipher_do_final(c, &session, op,
2571 ciph_cases_xts[n].in +
2572 ciph_cases_xts[n].in_incr,
2573 ciph_cases_xts[n].in_len -
2574 ciph_cases_xts[n].in_incr,
2575 out + out_offs,
2576 &out_size)))
2577 goto out;
2578 out_offs += out_size;
2579
2580 (void)ADBG_EXPECT_BUFFER(c, ciph_cases_xts[n].out,
2581 ciph_cases_xts[n].out_len, out,
2582 out_offs);
2583
2584 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2585 ta_crypt_cmd_free_operation(c, &session, op)))
2586 goto out;
2587
2588 Do_ADBG_EndSubCase(c, NULL);
2589 }
2590out:
2591 TEEC_CloseSession(&session);
2592}
2593
2594static void xtest_tee_test_4004(ADBG_Case_t *c)
2595{
2596 TEEC_Session session = { 0 };
2597 uint32_t ret_orig;
2598 uint8_t buf1[45] = { 0 };
2599 uint8_t buf2[45] = { 0 };
2600 static const uint8_t zeros[45] = { 0 };
2601
2602 Do_ADBG_BeginSubCase(c, "TEE get random");
2603 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2604 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2605 &ret_orig)))
2606 return;
2607
2608 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2609 ta_crypt_cmd_random_number_generate(c, &session, buf1,
2610 sizeof(buf1))))
2611 goto out;
2612
2613 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2614 0, !=, memcmp(buf1, zeros, sizeof(buf1)));
2615
2616 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2617 ta_crypt_cmd_random_number_generate(c, &session, buf2,
2618 sizeof(buf2))))
2619 goto out;
2620
2621 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2622 0, !=, memcmp(buf2, zeros, sizeof(buf2)));
2623
2624 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2625 0, !=, memcmp(buf2, buf1, sizeof(buf1)));
2626out:
2627 TEEC_CloseSession(&session);
2628 Do_ADBG_EndSubCase(c, "TEE get random");
2629}
2630
2631
2632struct xtest_ae_case {
2633 uint32_t algo;
2634 uint32_t mode;
2635 uint32_t key_type;
2636 const uint8_t *key;
2637 size_t key_len;
2638 const uint8_t *nonce;
2639 size_t nonce_len;
2640 size_t aad_incr;
2641 const uint8_t *aad;
2642 size_t aad_len;
2643 size_t in_incr;
2644 const uint8_t *ptx;
2645 size_t ptx_len;
2646 const uint8_t *ctx;
2647 size_t ctx_len;
2648 const uint8_t *tag;
2649 size_t tag_len;
2650 size_t line;
2651};
2652
2653
2654#define ARRAY(a) a, ARRAY_SIZE(a)
2655#define NULL_ARRAY(a) NULL, 0
2656
2657#define XTEST_AE_CASE(algo, vect, aad_incr, in_incr, \
2658 aad_array, ptx_array, ctx_array) \
2659 { (algo), TEE_MODE_ENCRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2660 ARRAY(vect ## _nonce), (aad_incr), \
2661 aad_array(vect ## _aad), (in_incr), \
2662 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2663 ARRAY(vect ## _tag), \
2664 __LINE__ }, \
2665 { (algo), TEE_MODE_DECRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2666 ARRAY(vect ## _nonce), (aad_incr), \
2667 aad_array(vect ## _aad), (in_incr), \
2668 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2669 ARRAY(vect ## _tag), \
2670 __LINE__ }
2671
2672#define XTEST_AE_CASE_AES_CCM(vect, aad_incr, in_incr) \
2673 XTEST_AE_CASE(TEE_ALG_AES_CCM, ae_data_aes_ccm_ ## vect, aad_incr, \
2674 in_incr, ARRAY, ARRAY, ARRAY)
2675
2676#define XTEST_AE_CASE_AES_GCM(vect, aad_incr, in_incr, \
2677 aad_array, ptx_array, ctx_array) \
2678 XTEST_AE_CASE(TEE_ALG_AES_GCM, ae_data_aes_gcm_ ## vect, aad_incr, \
2679 in_incr, aad_array, ptx_array, ctx_array)
2680
2681
2682
2683static const struct xtest_ae_case ae_cases[] = {
2684 XTEST_AE_CASE_AES_CCM(vect1, 3, 2),
2685 XTEST_AE_CASE_AES_CCM(vect2, 7, 13),
2686 XTEST_AE_CASE_AES_CCM(vect3, 5, 21),
2687
2688 XTEST_AE_CASE_AES_GCM(vect1, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2689 XTEST_AE_CASE_AES_GCM(vect2, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2690 XTEST_AE_CASE_AES_GCM(vect3, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2691 XTEST_AE_CASE_AES_GCM(vect3, 0, 0x20, NULL_ARRAY, ARRAY, ARRAY),
2692 XTEST_AE_CASE_AES_GCM(vect4, 5, 9, ARRAY, ARRAY, ARRAY),
2693 XTEST_AE_CASE_AES_GCM(vect5, 5, 9, ARRAY, ARRAY, ARRAY),
2694 XTEST_AE_CASE_AES_GCM(vect6, 5, 9, ARRAY, ARRAY, ARRAY),
2695 XTEST_AE_CASE_AES_GCM(vect7, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2696 XTEST_AE_CASE_AES_GCM(vect8, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2697 XTEST_AE_CASE_AES_GCM(vect9, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2698 XTEST_AE_CASE_AES_GCM(vect10, 5, 9, ARRAY, ARRAY, ARRAY),
2699 XTEST_AE_CASE_AES_GCM(vect11, 5, 9, ARRAY, ARRAY, ARRAY),
2700 XTEST_AE_CASE_AES_GCM(vect12, 5, 9, ARRAY, ARRAY, ARRAY),
2701 XTEST_AE_CASE_AES_GCM(vect13, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2702 XTEST_AE_CASE_AES_GCM(vect14, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2703 XTEST_AE_CASE_AES_GCM(vect15, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2704 XTEST_AE_CASE_AES_GCM(vect16, 5, 9, ARRAY, ARRAY, ARRAY),
2705 XTEST_AE_CASE_AES_GCM(vect17, 5, 9, ARRAY, ARRAY, ARRAY),
2706 XTEST_AE_CASE_AES_GCM(vect18, 5, 9, ARRAY, ARRAY, ARRAY),
2707};
2708
2709static void xtest_tee_test_4005(ADBG_Case_t *c)
2710{
2711 TEEC_Session session = { 0 };
2712 TEE_OperationHandle op;
2713 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
2714 TEE_Attribute key_attr;
2715 uint8_t out[512];
2716 size_t out_size;
2717 size_t out_offs;
2718 uint32_t ret_orig;
2719 size_t n;
2720
2721 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2722 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2723 &ret_orig)))
2724 return;
2725
2726 for (n = 0; n < ARRAY_SIZE(ae_cases); n++) {
2727 Do_ADBG_BeginSubCase(c, "AE case %d algo 0x%x line %d",
2728 (int)n, (unsigned int)ae_cases[n].algo,
2729 (int)ae_cases[n].line);
2730
2731 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2732 key_attr.content.ref.buffer = (void *)ae_cases[n].key;
2733 key_attr.content.ref.length = ae_cases[n].key_len;
2734
2735 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2736 ta_crypt_cmd_allocate_operation(c, &session, &op,
2737 ae_cases[n].algo, ae_cases[n].mode,
2738 key_attr.content.ref.length * 8)))
2739 goto out;
2740
2741 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2742 ta_crypt_cmd_allocate_transient_object(c, &session,
2743 ae_cases[n].key_type,
2744 key_attr.content.ref.length * 8,
2745 &key_handle)))
2746 goto out;
2747
2748 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2749 ta_crypt_cmd_populate_transient_object(c, &session,
2750 key_handle, &key_attr, 1)))
2751 goto out;
2752
2753 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2754 ta_crypt_cmd_set_operation_key(c, &session, op,
2755 key_handle)))
2756 goto out;
2757
2758 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2759 ta_crypt_cmd_free_transient_object(c, &session,
2760 key_handle)))
2761 goto out;
2762 key_handle = TEE_HANDLE_NULL;
2763
2764 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2765 ta_crypt_cmd_ae_init(c, &session, op, ae_cases[n].nonce,
2766 ae_cases[n].nonce_len, ae_cases[n].tag_len,
2767 ae_cases[n].aad_len, ae_cases[n].ptx_len)))
2768 goto out;
2769
2770 if (ae_cases[n].aad != NULL) {
2771 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2772 ta_crypt_cmd_ae_update_aad(c, &session, op,
2773 ae_cases[n].aad, ae_cases[n].aad_incr)))
2774 goto out;
2775
2776 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2777 ta_crypt_cmd_ae_update_aad(c, &session, op,
2778 ae_cases[n].aad + ae_cases[n].aad_incr,
2779 ae_cases [n].aad_len -
2780 ae_cases[n].aad_incr)))
2781 goto out;
2782 }
2783
2784 out_offs = 0;
2785 out_size = sizeof(out);
2786 memset(out, 0, sizeof(out));
2787 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2788 if (ae_cases[n].ptx != NULL) {
2789 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2790 ta_crypt_cmd_ae_update(c, &session, op,
2791 ae_cases[n].ptx,
2792 ae_cases[n].in_incr, out,
2793 &out_size)))
2794 goto out;
2795 out_offs += out_size;
2796 }
2797 } else {
2798 if (ae_cases[n].ctx != NULL) {
2799 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2800 ta_crypt_cmd_ae_update(c, &session, op,
2801 ae_cases[n].ctx,
2802 ae_cases[n].in_incr, out,
2803 &out_size)))
2804 goto out;
2805 out_offs += out_size;
2806 }
2807 }
2808
2809 out_size = sizeof(out) - out_offs;
2810 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2811 uint8_t out_tag[64];
2812 size_t out_tag_len = MIN(sizeof(out_tag),
2813 ae_cases[n].tag_len);
2814
2815 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2816 ta_crypt_cmd_ae_encrypt_final(c, &session, op,
2817 ae_cases[n].ptx + ae_cases[n].in_incr,
2818 ae_cases[n].ptx_len -
2819 ae_cases[n].in_incr,
2820 out + out_offs,
2821 &out_size, out_tag, &out_tag_len)))
2822 goto out;
2823
2824 (void)ADBG_EXPECT_BUFFER(c,
2825 ae_cases[n].tag, ae_cases[n].tag_len, out_tag,
2826 out_tag_len);
2827
2828 out_offs += out_size;
2829
2830 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2831 ae_cases[n].ctx_len, out, out_offs);
2832 } else {
2833 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2834 ta_crypt_cmd_ae_decrypt_final(c, &session, op,
2835 ae_cases[n].ctx + ae_cases[n].in_incr,
2836 ae_cases[n].ctx_len -
2837 ae_cases[n].in_incr,
2838 out + out_offs,
2839 &out_size, ae_cases[n].tag,
2840 ae_cases[n].tag_len)))
2841 goto out;
2842
2843 out_offs += out_size;
2844
2845 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2846 ae_cases[n].ptx_len, out, out_offs);
2847 }
2848
2849 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2850 ta_crypt_cmd_free_operation(c, &session, op)))
2851 goto out;
2852
2853 Do_ADBG_EndSubCase(c, NULL);
2854 }
2855out:
2856 TEEC_CloseSession(&session);
2857}
2858
2859struct xtest_ac_case {
2860 uint32_t algo;
2861 TEE_OperationMode mode;
2862
2863 union {
2864 struct {
2865 const uint8_t *modulus;
2866 size_t modulus_len;
2867
2868 const uint8_t *pub_exp;
2869 size_t pub_exp_len;
2870
2871 const uint8_t *priv_exp;
2872 size_t priv_exp_len;
2873
2874 const uint8_t *prime1; /* q */
2875 size_t prime1_len;
2876 const uint8_t *prime2; /* p */
2877 size_t prime2_len;
2878 const uint8_t *exp1; /* dp */
2879 size_t exp1_len;
2880 const uint8_t *exp2; /* dq */
2881 size_t exp2_len;
2882 const uint8_t *coeff; /* iq */
2883 size_t coeff_len;
2884
2885 int salt_len;
2886 } rsa;
2887 struct {
2888 const uint8_t *prime;
2889 size_t prime_len;
2890 const uint8_t *sub_prime;
2891 size_t sub_prime_len;
2892 const uint8_t *base;
2893 size_t base_len;
2894 const uint8_t *pub_val;
2895 size_t pub_val_len;
2896 const uint8_t *priv_val;
2897 size_t priv_val_len;
2898 } dsa;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2899 struct {
2900 const uint8_t *private;
2901 size_t private_len;
2902 const uint8_t *public_x;
2903 size_t public_x_len;
2904 const uint8_t *public_y;
2905 size_t public_y_len;
2906 } ecdsa;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2907 } params;
2908
2909 const uint8_t *ptx;
2910 size_t ptx_len;
2911 const uint8_t *ctx;
2912 size_t ctx_len;
2913 size_t line;
2914};
2915
2916#define WITHOUT_SALT(x) -1
2917#define WITH_SALT(x) x
2918
2919#define XTEST_AC_CASE(algo, mode, vect, union_params) \
2920 { (algo), (mode), .params = union_params, \
2921 ARRAY(vect ## _ptx), \
2922 ARRAY(vect ## _out), \
2923 __LINE__ }
2924
2925#define XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt) \
2926 { .rsa = { \
2927 ARRAY(vect ## _modulus), \
2928 ARRAY(vect ## _pub_exp), \
2929 ARRAY(vect ## _priv_exp), \
2930 opt_crt_array(vect ## _prime1), \
2931 opt_crt_array(vect ## _prime2), \
2932 opt_crt_array(vect ## _exp1), \
2933 opt_crt_array(vect ## _exp2), \
2934 opt_crt_array(vect ## _coeff), \
2935 opt_salt(vect ## _salt_len) \
2936 } }
2937
2938#define XTEST_AC_RSA_CASE(algo, mode, vect, opt_crt_array, opt_salt) \
2939 XTEST_AC_CASE(algo, mode, vect, \
2940 XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt))
2941
2942#define XTEST_AC_DSA_UNION(vect) \
2943 { .dsa = { \
2944 ARRAY(vect ## _prime), \
2945 ARRAY(vect ## _sub_prime), \
2946 ARRAY(vect ## _base), \
2947 ARRAY(vect ## _pub_val), \
2948 ARRAY(vect ## _priv_val), \
2949 } }
2950
2951#define XTEST_AC_DSA_CASE(algo, mode, vect) \
2952 XTEST_AC_CASE(algo, mode, vect, XTEST_AC_DSA_UNION(vect))
2953
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2954#define XTEST_AC_ECDSA_UNION(vect) \
2955 { .ecdsa = { \
2956 ARRAY(vect ## _private), \
2957 ARRAY(vect ## _public_x), \
2958 ARRAY(vect ## _public_y), \
2959 } }
2960
2961#define XTEST_AC_ECDSA_CASE(algo, mode, vect) \
2962 XTEST_AC_CASE(algo, mode, vect, XTEST_AC_ECDSA_UNION(vect))
2963
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2964static const struct xtest_ac_case xtest_ac_cases[] = {
2965 /* RSA test without crt parameters */
2966 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2967 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
2968 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2969 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
2970 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2971 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
2972 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2973 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
2974 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2975 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
2976 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2977 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
2978 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2979 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
2980 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2981 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
2982 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2983 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
2984 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2985 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
2986 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2987 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
2988 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2989 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
2990
2991 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2992 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
2993 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2994 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
2995
2996 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2997 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
2998 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2999 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
3000 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_SIGN,
3001 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
3002 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_VERIFY,
3003 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
3004 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
3005 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
3006 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
3007 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
3008 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
3009 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
3010 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
3011 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
3012 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
3013 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
3014 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
3015 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
3016
3017 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_VERIFY,
3018 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
3019 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
3020 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
3021 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224, TEE_MODE_VERIFY,
3022 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
3023 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224, TEE_MODE_SIGN,
3024 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
3025 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256, TEE_MODE_VERIFY,
3026 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
3027 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256, TEE_MODE_SIGN,
3028 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
3029 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384, TEE_MODE_VERIFY,
3030 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
3031 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384, TEE_MODE_SIGN,
3032 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
3033 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512, TEE_MODE_VERIFY,
3034 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
3035 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512, TEE_MODE_SIGN,
3036 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
3037
3038 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
3039 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
3040 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
3041 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
3042 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
3043 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
3044 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
3045 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
3046 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
3047 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
3048 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
3049 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
3050
3051 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_DECRYPT,
3052 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
3053 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_ENCRYPT,
3054 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
3055 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_DECRYPT,
3056 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
3057 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_ENCRYPT,
3058 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
3059 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_DECRYPT,
3060 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
3061 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_ENCRYPT,
3062 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
3063
3064 /* RSA test with crt parameters */
3065 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
3066 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
3067 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
3068 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
3069 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
3070 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
3071 XTEST_AC_RSA_CASE(TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
3072 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
3073 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3074 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
3075 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3076 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
3077 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3078 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
3079 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3080 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
3081 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3082 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
3083 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3084 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
3085 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3086 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
3087 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3088 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
3089 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3090 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
3091 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3092 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
3093 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3094 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
3095 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3096 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
3097 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
3098 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
3099 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
3100 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
3101 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
3102 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
3103 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
3104 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
3105 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
3106 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
3107 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
3108 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
3109
3110 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_VERIFY,
3111 ac_rsassa_vect12, ARRAY, WITH_SALT),
3112 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
3113 ac_rsassa_vect12, ARRAY, WITH_SALT),
3114 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224, TEE_MODE_VERIFY,
3115 ac_rsassa_vect17, ARRAY, WITH_SALT),
3116 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224, TEE_MODE_SIGN,
3117 ac_rsassa_vect17, ARRAY, WITH_SALT),
3118 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256, TEE_MODE_VERIFY,
3119 ac_rsassa_vect13, ARRAY, WITH_SALT),
3120 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256, TEE_MODE_SIGN,
3121 ac_rsassa_vect13, ARRAY, WITH_SALT),
3122 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384, TEE_MODE_VERIFY,
3123 ac_rsassa_vect14, ARRAY, WITH_SALT),
3124 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384, TEE_MODE_SIGN,
3125 ac_rsassa_vect14, ARRAY, WITH_SALT),
3126 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512, TEE_MODE_VERIFY,
3127 ac_rsassa_vect15, ARRAY, WITH_SALT),
3128 XTEST_AC_RSA_CASE(TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512, TEE_MODE_SIGN,
3129 ac_rsassa_vect15, ARRAY, WITH_SALT),
3130
3131 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
3132 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
3133 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
3134 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
3135 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
3136 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
3137 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
3138 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
3139 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
3140 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
3141 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
3142 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
3143
3144 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_DECRYPT,
3145 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
3146 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_ENCRYPT,
3147 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
3148 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_DECRYPT,
3149 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
3150 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_ENCRYPT,
3151 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
3152 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_DECRYPT,
3153 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
3154 XTEST_AC_RSA_CASE(TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1, TEE_MODE_ENCRYPT,
3155 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
3156
3157 /* DSA tests */
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3158 /* [mod = L=1024, N=160, SHA-1] */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3159 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect1),
3160 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect1),
3161 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect2),
3162 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect2),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3163 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect3),
3164 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect3),
3165 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect4),
3166 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect4),
3167 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect5),
3168 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect5),
3169 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect6),
3170 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect6),
3171 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect7),
3172 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect7),
3173 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect8),
3174 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect8),
3175 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect9),
3176 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect9),
3177 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect10),
3178 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect10),
3179 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect11),
3180 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect11),
3181 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect12),
3182 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect12),
3183 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect13),
3184 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect13),
3185 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect14),
3186 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect14),
3187 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect15),
3188 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect15),
3189 /* [mod = L=1024, N=160, SHA-224] - GP NOT SUPPORTED */
3190 /* [mod = L=1024, N=160, SHA-256] - GP NOT SUPPORTED */
3191 /* [mod = L=1024, N=160, SHA-384] - GP NOT SUPPORTED */
3192 /* [mod = L=1024, N=160, SHA-512] - GP NOT SUPPORTED */
3193 /* [mod = L=2048, N=224, SHA-1] - GP NOT SUPPORTED */
3194 /* [mod = L=2048, N=224, SHA-224] */
3195 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect91),
3196 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect91),
3197 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect92),
3198 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect92),
3199 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect93),
3200 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect93),
3201 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect94),
3202 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect94),
3203 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect95),
3204 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect95),
3205 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect96),
3206 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect96),
3207 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect97),
3208 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect97),
3209 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect98),
3210 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect98),
3211 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect99),
3212 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect99),
3213 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect100),
3214 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect100),
3215 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect101),
3216 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect101),
3217 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect102),
3218 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect102),
3219 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect103),
3220 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect103),
3221 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect104),
3222 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect104),
3223 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect105),
3224 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect105),
3225 /* [mod = L=2048, N=224, SHA-256] */
3226 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect106),
3227 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect106),
3228 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect107),
3229 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect107),
3230 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect108),
3231 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect108),
3232 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect109),
3233 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect109),
3234 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect110),
3235 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect110),
3236 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect111),
3237 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect111),
3238 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect112),
3239 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect112),
3240 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect113),
3241 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect113),
3242 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect114),
3243 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect114),
3244 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect115),
3245 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect115),
3246 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect116),
3247 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect116),
3248 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect117),
3249 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect117),
3250 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect118),
3251 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect118),
3252 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect119),
3253 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect119),
3254 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect120),
3255 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect120),
3256 /* [mod = L=2048, N=224, SHA-384] - GP NOT SUPPORTED */
3257 /* [mod = L=2048, N=224, SHA-512] - GP NOT SUPPORTED */
3258 /* [mod = L=2048, N=256, SHA-1] - GP NOT SUPPORTED */
3259 /* [mod = L=2048, N=256, SHA-224] */
3260 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect166),
3261 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect166),
3262 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect167),
3263 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect167),
3264 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect168),
3265 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect168),
3266 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect169),
3267 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect169),
3268 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect170),
3269 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect170),
3270 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect171),
3271 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect171),
3272 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect172),
3273 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect172),
3274 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect173),
3275 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect173),
3276 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect174),
3277 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect174),
3278 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect175),
3279 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect175),
3280 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect176),
3281 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect176),
3282 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect177),
3283 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect177),
3284 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect178),
3285 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect178),
3286 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect179),
3287 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect179),
3288 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect180),
3289 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect180),
3290 /* [mod = L=2048, N=256, SHA-256] */
3291 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect181),
3292 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect181),
3293 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect182),
3294 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect182),
3295 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect183),
3296 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect183),
3297 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect184),
3298 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect184),
3299 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect185),
3300 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect185),
3301 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect186),
3302 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect186),
3303 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect187),
3304 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect187),
3305 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect188),
3306 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect188),
3307 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect189),
3308 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect189),
3309 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect190),
3310 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect190),
3311 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect191),
3312 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect191),
3313 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect192),
3314 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect192),
3315 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect193),
3316 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect193),
3317 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect194),
3318 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect194),
3319 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect195),
3320 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect195),
3321 /* [mod = L=2048, N=256, SHA-384] - GP NOT SUPPORTED */
3322 /* [mod = L=2048, N=256, SHA-512] - GP NOT SUPPORTED */
3323 /* [mod = L=3072, N=256, SHA-1] - GP NOT SUPPORTED */
3324 /* [mod = L=3072, N=256, SHA-224] - GP NOT SUPPORTED */
3325 /* [mod = L=3072, N=256, SHA-256] */
3326 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect256),
3327 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect256),
3328 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect257),
3329 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect257),
3330 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect258),
3331 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect258),
3332 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect259),
3333 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect259),
3334 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect260),
3335 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect260),
3336 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect261),
3337 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect261),
3338 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect262),
3339 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect262),
3340 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect263),
3341 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect263),
3342 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect264),
3343 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect264),
3344 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect265),
3345 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect265),
3346 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect266),
3347 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect266),
3348 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect267),
3349 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect267),
3350 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect268),
3351 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect268),
3352 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect269),
3353 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect269),
3354 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect270),
3355 XTEST_AC_DSA_CASE(TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect270),
3356 /* [mod = L=3072, N=256, SHA-384] - GP NOT SUPPORTED */
3357 /* [mod = L=3072, N=256, SHA-512] - GP NOT SUPPORTED */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3358
3359 /* ECDSA tests */
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame^]3360 /* [P-192] */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3361 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame^]3362 nist_186_2_ecdsa_testvector_1),
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3363 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame^]3364 nist_186_2_ecdsa_testvector_1),
3365 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3366 nist_186_2_ecdsa_testvector_2),
3367 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3368 nist_186_2_ecdsa_testvector_2),
3369 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3370 nist_186_2_ecdsa_testvector_3),
3371 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3372 nist_186_2_ecdsa_testvector_3),
3373 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3374 nist_186_2_ecdsa_testvector_4),
3375 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3376 nist_186_2_ecdsa_testvector_4),
3377 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3378 nist_186_2_ecdsa_testvector_5),
3379 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3380 nist_186_2_ecdsa_testvector_5),
3381 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3382 nist_186_2_ecdsa_testvector_6),
3383 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3384 nist_186_2_ecdsa_testvector_6),
3385 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3386 nist_186_2_ecdsa_testvector_7),
3387 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3388 nist_186_2_ecdsa_testvector_7),
3389 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3390 nist_186_2_ecdsa_testvector_8),
3391 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3392 nist_186_2_ecdsa_testvector_8),
3393 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3394 nist_186_2_ecdsa_testvector_9),
3395 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3396 nist_186_2_ecdsa_testvector_9),
3397 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3398 nist_186_2_ecdsa_testvector_10),
3399 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3400 nist_186_2_ecdsa_testvector_10),
3401 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3402 nist_186_2_ecdsa_testvector_11),
3403 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3404 nist_186_2_ecdsa_testvector_11),
3405 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3406 nist_186_2_ecdsa_testvector_12),
3407 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3408 nist_186_2_ecdsa_testvector_12),
3409 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3410 nist_186_2_ecdsa_testvector_13),
3411 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3412 nist_186_2_ecdsa_testvector_13),
3413 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3414 nist_186_2_ecdsa_testvector_14),
3415 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3416 nist_186_2_ecdsa_testvector_14),
3417 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3418 nist_186_2_ecdsa_testvector_15),
3419 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3420 nist_186_2_ecdsa_testvector_15),
3421 /* [P-224] */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3422 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame^]3423 nist_186_2_ecdsa_testvector_16),
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3424 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame^]3425 nist_186_2_ecdsa_testvector_16),
3426 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3427 nist_186_2_ecdsa_testvector_17),
3428 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3429 nist_186_2_ecdsa_testvector_17),
3430 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3431 nist_186_2_ecdsa_testvector_18),
3432 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3433 nist_186_2_ecdsa_testvector_18),
3434 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3435 nist_186_2_ecdsa_testvector_19),
3436 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3437 nist_186_2_ecdsa_testvector_19),
3438 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3439 nist_186_2_ecdsa_testvector_20),
3440 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3441 nist_186_2_ecdsa_testvector_20),
3442 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3443 nist_186_2_ecdsa_testvector_21),
3444 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3445 nist_186_2_ecdsa_testvector_21),
3446 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3447 nist_186_2_ecdsa_testvector_22),
3448 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3449 nist_186_2_ecdsa_testvector_22),
3450 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3451 nist_186_2_ecdsa_testvector_23),
3452 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3453 nist_186_2_ecdsa_testvector_23),
3454 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3455 nist_186_2_ecdsa_testvector_24),
3456 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3457 nist_186_2_ecdsa_testvector_24),
3458 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3459 nist_186_2_ecdsa_testvector_25),
3460 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3461 nist_186_2_ecdsa_testvector_25),
3462 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3463 nist_186_2_ecdsa_testvector_26),
3464 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3465 nist_186_2_ecdsa_testvector_26),
3466 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3467 nist_186_2_ecdsa_testvector_27),
3468 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3469 nist_186_2_ecdsa_testvector_27),
3470 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3471 nist_186_2_ecdsa_testvector_28),
3472 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3473 nist_186_2_ecdsa_testvector_28),
3474 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3475 nist_186_2_ecdsa_testvector_29),
3476 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3477 nist_186_2_ecdsa_testvector_29),
3478 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3479 nist_186_2_ecdsa_testvector_30),
3480 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3481 nist_186_2_ecdsa_testvector_30),
3482 /* [P-256] */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3483 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame^]3484 nist_186_2_ecdsa_testvector_31),
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3485 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame^]3486 nist_186_2_ecdsa_testvector_31),
3487 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3488 nist_186_2_ecdsa_testvector_32),
3489 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3490 nist_186_2_ecdsa_testvector_32),
3491 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3492 nist_186_2_ecdsa_testvector_33),
3493 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3494 nist_186_2_ecdsa_testvector_33),
3495 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3496 nist_186_2_ecdsa_testvector_34),
3497 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3498 nist_186_2_ecdsa_testvector_34),
3499 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3500 nist_186_2_ecdsa_testvector_35),
3501 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3502 nist_186_2_ecdsa_testvector_35),
3503 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3504 nist_186_2_ecdsa_testvector_36),
3505 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3506 nist_186_2_ecdsa_testvector_36),
3507 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3508 nist_186_2_ecdsa_testvector_37),
3509 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3510 nist_186_2_ecdsa_testvector_37),
3511 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3512 nist_186_2_ecdsa_testvector_38),
3513 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3514 nist_186_2_ecdsa_testvector_38),
3515 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3516 nist_186_2_ecdsa_testvector_39),
3517 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3518 nist_186_2_ecdsa_testvector_39),
3519 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3520 nist_186_2_ecdsa_testvector_40),
3521 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3522 nist_186_2_ecdsa_testvector_40),
3523 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3524 nist_186_2_ecdsa_testvector_41),
3525 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3526 nist_186_2_ecdsa_testvector_41),
3527 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3528 nist_186_2_ecdsa_testvector_42),
3529 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3530 nist_186_2_ecdsa_testvector_42),
3531 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3532 nist_186_2_ecdsa_testvector_43),
3533 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3534 nist_186_2_ecdsa_testvector_43),
3535 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3536 nist_186_2_ecdsa_testvector_44),
3537 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3538 nist_186_2_ecdsa_testvector_44),
3539 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3540 nist_186_2_ecdsa_testvector_45),
3541 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3542 nist_186_2_ecdsa_testvector_45),
3543 /* [P-384] */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3544 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame^]3545 nist_186_2_ecdsa_testvector_46),
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3546 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame^]3547 nist_186_2_ecdsa_testvector_46),
3548 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3549 nist_186_2_ecdsa_testvector_47),
3550 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3551 nist_186_2_ecdsa_testvector_47),
3552 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3553 nist_186_2_ecdsa_testvector_48),
3554 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3555 nist_186_2_ecdsa_testvector_48),
3556 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3557 nist_186_2_ecdsa_testvector_49),
3558 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3559 nist_186_2_ecdsa_testvector_49),
3560 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3561 nist_186_2_ecdsa_testvector_50),
3562 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3563 nist_186_2_ecdsa_testvector_50),
3564 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3565 nist_186_2_ecdsa_testvector_51),
3566 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3567 nist_186_2_ecdsa_testvector_51),
3568 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3569 nist_186_2_ecdsa_testvector_52),
3570 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3571 nist_186_2_ecdsa_testvector_52),
3572 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3573 nist_186_2_ecdsa_testvector_53),
3574 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3575 nist_186_2_ecdsa_testvector_53),
3576 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3577 nist_186_2_ecdsa_testvector_54),
3578 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3579 nist_186_2_ecdsa_testvector_54),
3580 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3581 nist_186_2_ecdsa_testvector_55),
3582 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3583 nist_186_2_ecdsa_testvector_55),
3584 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3585 nist_186_2_ecdsa_testvector_56),
3586 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3587 nist_186_2_ecdsa_testvector_56),
3588 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3589 nist_186_2_ecdsa_testvector_57),
3590 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3591 nist_186_2_ecdsa_testvector_57),
3592 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3593 nist_186_2_ecdsa_testvector_58),
3594 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3595 nist_186_2_ecdsa_testvector_58),
3596 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3597 nist_186_2_ecdsa_testvector_59),
3598 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3599 nist_186_2_ecdsa_testvector_59),
3600 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3601 nist_186_2_ecdsa_testvector_60),
3602 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3603 nist_186_2_ecdsa_testvector_60),
3604 /* [P-521] */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3605 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame^]3606 nist_186_2_ecdsa_testvector_61),
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3607 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame^]3608 nist_186_2_ecdsa_testvector_61),
3609 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3610 nist_186_2_ecdsa_testvector_62),
3611 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3612 nist_186_2_ecdsa_testvector_62),
3613 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3614 nist_186_2_ecdsa_testvector_63),
3615 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3616 nist_186_2_ecdsa_testvector_63),
3617 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3618 nist_186_2_ecdsa_testvector_64),
3619 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3620 nist_186_2_ecdsa_testvector_64),
3621 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3622 nist_186_2_ecdsa_testvector_65),
3623 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3624 nist_186_2_ecdsa_testvector_65),
3625 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3626 nist_186_2_ecdsa_testvector_66),
3627 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3628 nist_186_2_ecdsa_testvector_66),
3629 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3630 nist_186_2_ecdsa_testvector_67),
3631 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3632 nist_186_2_ecdsa_testvector_67),
3633 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3634 nist_186_2_ecdsa_testvector_68),
3635 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3636 nist_186_2_ecdsa_testvector_68),
3637 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3638 nist_186_2_ecdsa_testvector_69),
3639 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3640 nist_186_2_ecdsa_testvector_69),
3641 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3642 nist_186_2_ecdsa_testvector_70),
3643 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3644 nist_186_2_ecdsa_testvector_70),
3645 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3646 nist_186_2_ecdsa_testvector_71),
3647 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3648 nist_186_2_ecdsa_testvector_71),
3649 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3650 nist_186_2_ecdsa_testvector_72),
3651 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3652 nist_186_2_ecdsa_testvector_72),
3653 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3654 nist_186_2_ecdsa_testvector_73),
3655 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3656 nist_186_2_ecdsa_testvector_73),
3657 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3658 nist_186_2_ecdsa_testvector_74),
3659 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3660 nist_186_2_ecdsa_testvector_74),
3661 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3662 nist_186_2_ecdsa_testvector_75),
3663 XTEST_AC_ECDSA_CASE(TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3664 nist_186_2_ecdsa_testvector_75),
3665 /* [K-163] - GP NOT SUPPORTED */
3666 /* [K-233] - GP NOT SUPPORTED */
3667 /* [K-283] - GP NOT SUPPORTED */
3668 /* [K-409] - GP NOT SUPPORTED */
3669 /* [K-571] - GP NOT SUPPORTED */
3670 /* [B-163] - GP NOT SUPPORTED */
3671 /* [B-233] - GP NOT SUPPORTED */
3672 /* [B-283] - GP NOT SUPPORTED */
3673 /* [B-409] - GP NOT SUPPORTED */
3674 /* [B-571] - GP NOT SUPPORTED */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3675};
3676
3677static bool create_key(ADBG_Case_t *c, TEEC_Session *s,
3678 uint32_t max_key_size, uint32_t key_type,
3679 TEE_Attribute *attrs, size_t num_attrs,
3680 TEE_ObjectHandle *handle)
3681{
3682 size_t n;
3683
3684 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3685 ta_crypt_cmd_allocate_transient_object(c, s, key_type,
3686 max_key_size, handle)))
3687 return false;
3688
3689 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3690 ta_crypt_cmd_populate_transient_object(c, s, *handle, attrs,
3691 num_attrs)))
3692 return false;
3693
3694 for (n = 0; n < num_attrs; n++) {
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3695 uint8_t out[384];
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3696 size_t out_size;
3697
3698 out_size = sizeof(out);
3699 memset(out, 0, sizeof(out));
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3700
3701 if (attrs[n].attributeID == TEE_ATTR_ECC_CURVE)
3702 continue;
3703
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3704 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3705 ta_crypt_cmd_get_object_buffer_attribute(c, s, *handle,
3706 attrs[n].attributeID, out, &out_size)))
3707 return false;
3708
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3709 if (out_size < attrs[n].content.ref.length) {
3710 memmove(out + (attrs[n].content.ref.length - out_size),
3711 out,
3712 attrs[n].content.ref.length);
3713 memset(out, 0, attrs[n].content.ref.length - out_size);
3714 out_size = attrs[n].content.ref.length;
3715 }
3716
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3717 if (!ADBG_EXPECT_BUFFER(c, attrs[n].content.ref.buffer,
3718 attrs[n].content.ref.length, out, out_size))
3719 return false;
3720 }
3721
3722 return true;
3723}
3724
3725static void xtest_tee_test_4006(ADBG_Case_t *c)
3726{
3727 TEEC_Session session = { 0 };
3728 TEE_OperationHandle op = TEE_HANDLE_NULL;
3729 TEE_ObjectHandle priv_key_handle = TEE_HANDLE_NULL;
3730 TEE_ObjectHandle pub_key_handle = TEE_HANDLE_NULL;
3731 TEE_Attribute key_attrs[8];
3732 TEE_Attribute algo_params[1];
3733 size_t num_algo_params;
3734 uint8_t out[512];
3735 size_t out_size;
3736 uint8_t out_enc[512];
3737 size_t out_enc_size;
3738 uint8_t ptx_hash[TEE_MAX_HASH_SIZE];
3739 size_t ptx_hash_size;
3740 size_t max_key_size;
3741 size_t num_key_attrs;
3742 uint32_t ret_orig;
3743 size_t n;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3744 uint32_t curve;
3745 uint32_t hash_algo;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3746
3747 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3748 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
3749 &ret_orig)))
3750 return;
3751
3752 for (n = 0; n < ARRAY_SIZE(xtest_ac_cases); n++) {
3753 const struct xtest_ac_case *tv = xtest_ac_cases + n;
3754
3755 Do_ADBG_BeginSubCase(c, "Asym Crypto case %d algo 0x%x line %d",
3756 (int)n, (unsigned int)tv->algo,
3757 (int)tv->line);
3758
3759 /*
3760 * When signing or verifying we're working with the hash of
3761 * the payload.
3762 */
3763 if (tv->mode == TEE_MODE_VERIFY || tv->mode == TEE_MODE_SIGN) {
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3764 if (TEE_ALG_GET_MAIN_ALG(tv->algo) == TEE_MAIN_ALGO_ECDSA)
3765 hash_algo = TEE_ALG_SHA1;
3766 else
3767 hash_algo = TEE_ALG_HASH_ALGO(
3768 TEE_ALG_GET_DIGEST_HASH(tv->algo));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3769
3770 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3771 ta_crypt_cmd_allocate_operation(c, &session,
3772 &op, hash_algo, TEE_MODE_DIGEST, 0)))
3773 goto out;
3774
3775 ptx_hash_size = sizeof(ptx_hash);
3776 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3777 ta_crypt_cmd_digest_do_final(c, & session, op,
3778 tv->ptx, tv->ptx_len, ptx_hash,
3779 &ptx_hash_size)))
3780 goto out;
3781
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3782 /*
3783 * When we use DSA algorithms, the size of the hash we
3784 * consider equals the min between the size of the
3785 * "subprime" in the key and the size of the hash
3786 */
3787 if (TEE_ALG_GET_MAIN_ALG(tv->algo) ==
3788 TEE_MAIN_ALGO_DSA) {
3789 if (tv->params.dsa.sub_prime_len <=
3790 ptx_hash_size)
3791 ptx_hash_size =
3792 tv->params.dsa.sub_prime_len;
3793 }
3794
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3795 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3796 ta_crypt_cmd_free_operation(c, &session, op)))
3797 goto out;
3798 }
3799
3800 num_algo_params = 0;
3801 num_key_attrs = 0;
3802 switch (TEE_ALG_GET_MAIN_ALG(tv->algo)) {
3803 case TEE_MAIN_ALGO_RSA:
3804 if (tv->params.rsa.salt_len > 0) {
3805 algo_params[0].attributeID =
3806 TEE_ATTR_RSA_PSS_SALT_LENGTH;
3807 algo_params[0].content.value.a =
3808 tv->params.rsa.salt_len;
3809 algo_params[0].content.value.b = 0;
3810 num_algo_params = 1;
3811 }
3812
3813 max_key_size = tv->params.rsa.modulus_len * 8;
3814
3815 xtest_add_attr(&num_key_attrs, key_attrs,
3816 TEE_ATTR_RSA_MODULUS,
3817 tv->params.rsa.modulus,
3818 tv->params.rsa.modulus_len);
3819 xtest_add_attr(&num_key_attrs, key_attrs,
3820 TEE_ATTR_RSA_PUBLIC_EXPONENT,
3821 tv->params.rsa.pub_exp,
3822 tv->params.rsa.pub_exp_len);
3823
3824 if (!ADBG_EXPECT_TRUE(c,
3825 create_key(c, &session,
3826 max_key_size,
3827 TEE_TYPE_RSA_PUBLIC_KEY,
3828 key_attrs,
3829 num_key_attrs,
3830 &pub_key_handle)))
3831 goto out;
3832
3833 xtest_add_attr(&num_key_attrs, key_attrs,
3834 TEE_ATTR_RSA_PRIVATE_EXPONENT,
3835 tv->params.rsa.priv_exp,
3836 tv->params.rsa.priv_exp_len);
3837
3838 if (tv->params.rsa.prime1_len != 0) {
3839 xtest_add_attr(&num_key_attrs, key_attrs,
3840 TEE_ATTR_RSA_PRIME1,
3841 tv->params.rsa.prime1,
3842 tv->params.rsa.prime1_len);
3843 }
3844
3845 if (tv->params.rsa.prime2_len != 0) {
3846 xtest_add_attr(&num_key_attrs, key_attrs,
3847 TEE_ATTR_RSA_PRIME2,
3848 tv->params.rsa.prime2,
3849 tv->params.rsa.prime2_len);
3850 }
3851
3852 if (tv->params.rsa.exp1_len != 0) {
3853 xtest_add_attr(&num_key_attrs, key_attrs,
3854 TEE_ATTR_RSA_EXPONENT1,
3855 tv->params.rsa.exp1,
3856 tv->params.rsa.exp1_len);
3857 }
3858
3859 if (tv->params.rsa.exp2_len != 0) {
3860 xtest_add_attr(&num_key_attrs, key_attrs,
3861 TEE_ATTR_RSA_EXPONENT2,
3862 tv->params.rsa.exp2,
3863 tv->params.rsa.exp2_len);
3864 }
3865
3866 if (tv->params.rsa.coeff_len != 0) {
3867 xtest_add_attr(&num_key_attrs, key_attrs,
3868 TEE_ATTR_RSA_COEFFICIENT,
3869 tv->params.rsa.coeff,
3870 tv->params.rsa.coeff_len);
3871 }
3872
3873 if (!ADBG_EXPECT_TRUE(c,
3874 create_key(c, &session,
3875 max_key_size,
3876 TEE_TYPE_RSA_KEYPAIR,
3877 key_attrs,
3878 num_key_attrs,
3879 &priv_key_handle)))
3880 goto out;
3881 break;
3882
3883 case TEE_MAIN_ALGO_DSA:
3884 max_key_size = tv->params.dsa.prime_len * 8;
3885
3886 xtest_add_attr(&num_key_attrs, key_attrs,
3887 TEE_ATTR_DSA_PRIME,
3888 tv->params.dsa.prime,
3889 tv->params.dsa.prime_len);
3890 xtest_add_attr(&num_key_attrs, key_attrs,
3891 TEE_ATTR_DSA_SUBPRIME,
3892 tv->params.dsa.sub_prime,
3893 tv->params.dsa.sub_prime_len);
3894 xtest_add_attr(&num_key_attrs, key_attrs,
3895 TEE_ATTR_DSA_BASE,
3896 tv->params.dsa.base,
3897 tv->params.dsa.base_len);
3898 xtest_add_attr(&num_key_attrs, key_attrs,
3899 TEE_ATTR_DSA_PUBLIC_VALUE,
3900 tv->params.dsa.pub_val,
3901 tv->params.dsa.pub_val_len);
3902
3903 if (!ADBG_EXPECT_TRUE(c,
3904 create_key(c, &session, max_key_size,
3905 TEE_TYPE_DSA_PUBLIC_KEY, key_attrs,
3906 num_key_attrs, &pub_key_handle)))
3907 goto out;
3908
3909 xtest_add_attr(&num_key_attrs, key_attrs,
3910 TEE_ATTR_DSA_PRIVATE_VALUE,
3911 tv->params.dsa.priv_val,
3912 tv->params.dsa.priv_val_len);
3913
3914 if (!ADBG_EXPECT_TRUE(c,
3915 create_key(c, &session, max_key_size,
3916 TEE_TYPE_DSA_KEYPAIR, key_attrs,
3917 num_key_attrs, &priv_key_handle)))
3918 goto out;
3919 break;
3920
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3921 case TEE_MAIN_ALGO_ECDSA:
3922 switch (tv->algo) {
3923 case TEE_ALG_ECDSA_P192:
3924 curve = TEE_ECC_CURVE_NIST_P192;
3925 break;
3926 case TEE_ALG_ECDSA_P224:
3927 curve = TEE_ECC_CURVE_NIST_P224;
3928 break;
3929 case TEE_ALG_ECDSA_P256:
3930 curve = TEE_ECC_CURVE_NIST_P256;
3931 break;
3932 case TEE_ALG_ECDSA_P384:
3933 curve = TEE_ECC_CURVE_NIST_P384;
3934 break;
3935 case TEE_ALG_ECDSA_P521:
3936 curve = TEE_ECC_CURVE_NIST_P521;
3937 break;
3938 default:
3939 curve = 0xFF;
3940 break;
3941 }
3942
3943 if (tv->algo == TEE_ALG_ECDSA_P521)
3944 max_key_size = 521;
3945 else
3946 max_key_size = tv->params.ecdsa.private_len * 8;
3947
3948 xtest_add_attr_value(&num_key_attrs, key_attrs,
3949 TEE_ATTR_ECC_CURVE, curve, 0);
3950 xtest_add_attr(&num_key_attrs, key_attrs,
3951 TEE_ATTR_ECC_PUBLIC_VALUE_X,
3952 tv->params.ecdsa.public_x,
3953 tv->params.ecdsa.public_x_len);
3954 xtest_add_attr(&num_key_attrs, key_attrs,
3955 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
3956 tv->params.ecdsa.public_y,
3957 tv->params.ecdsa.public_y_len);
3958
3959 if (!ADBG_EXPECT_TRUE(c,
3960 create_key(c, &session, max_key_size,
3961 TEE_TYPE_ECDSA_PUBLIC_KEY, key_attrs,
3962 num_key_attrs, &pub_key_handle)))
3963 goto out;
3964
3965 xtest_add_attr(&num_key_attrs, key_attrs,
3966 TEE_ATTR_ECC_PRIVATE_VALUE,
3967 tv->params.ecdsa.private,
3968 tv->params.ecdsa.private_len);
3969
3970 if (!ADBG_EXPECT_TRUE(c,
3971 create_key(c, &session, max_key_size,
3972 TEE_TYPE_ECDSA_KEYPAIR, key_attrs,
3973 num_key_attrs, &priv_key_handle)))
3974 goto out;
3975 break;
3976
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3977 default:
3978 ADBG_EXPECT_TRUE(c, false);
3979 goto out;
3980 }
3981
3982 out_size = sizeof(out);
3983 memset(out, 0, sizeof(out));
3984 switch (tv->mode) {
3985 case TEE_MODE_ENCRYPT:
3986 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3987 ta_crypt_cmd_allocate_operation(c, &session,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3988 &op, tv->algo, TEE_MODE_ENCRYPT,
3989 max_key_size)))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3990 goto out;
3991
3992 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3993 ta_crypt_cmd_set_operation_key(c, &session, op,
3994 pub_key_handle)))
3995 goto out;
3996
3997 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3998 ta_crypt_cmd_free_transient_object(c, &session,
3999 pub_key_handle)))
4000 goto out;
4001 pub_key_handle = TEE_HANDLE_NULL;
4002
4003 out_enc_size = sizeof(out_enc);
4004 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4005 ta_crypt_cmd_asymmetric_encrypt(c, &session, op,
4006 NULL, 0, tv->ptx, tv->ptx_len, out_enc,
4007 &out_enc_size)))
4008 goto out;
4009
4010 /*
4011 * A PS which is random is added when formatting the
4012 * message internally of the algorithm so we can't
4013 * verify against precomputed values, instead we use the
4014 * decrypt operation to see that output is correct.
4015 */
4016
4017 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4018 ta_crypt_cmd_free_operation(c, &session, op)))
4019 goto out;
4020
4021 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4022 ta_crypt_cmd_allocate_operation(c, &session,
4023 &op, tv->algo, TEE_MODE_DECRYPT,
4024 max_key_size)))
4025 goto out;
4026
4027 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4028 ta_crypt_cmd_set_operation_key(c, &session, op,
4029 priv_key_handle)))
4030 goto out;
4031
4032 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4033 ta_crypt_cmd_free_transient_object(c, &session,
4034 priv_key_handle)))
4035 goto out;
4036
4037 priv_key_handle = TEE_HANDLE_NULL;
4038
4039 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4040 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
4041 NULL, 0, out_enc, out_enc_size, out,
4042 &out_size)))
4043 goto out;
4044
4045 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
4046 out_size);
4047 break;
4048
4049 case TEE_MODE_DECRYPT:
4050 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4051 ta_crypt_cmd_allocate_operation(c, &session,
4052 &op, tv->algo, TEE_MODE_DECRYPT,
4053 max_key_size)))
4054 goto out;
4055
4056 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4057 ta_crypt_cmd_set_operation_key(c, &session, op,
4058 priv_key_handle)))
4059 goto out;
4060
4061 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4062 ta_crypt_cmd_free_transient_object(c, &session,
4063 priv_key_handle)))
4064 goto out;
4065
4066 priv_key_handle = TEE_HANDLE_NULL;
4067
4068 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4069 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
4070 NULL, 0, tv->ctx, tv->ctx_len, out,
4071 &out_size)))
4072 goto out;
4073
4074 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
4075 out_size);
4076 break;
4077
4078 case TEE_MODE_VERIFY:
4079 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4080 ta_crypt_cmd_allocate_operation(c, &session,
4081 &op, tv->algo, TEE_MODE_VERIFY,
4082 max_key_size)))
4083 goto out;
4084
4085 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4086 ta_crypt_cmd_set_operation_key(c, &session, op,
4087 pub_key_handle)))
4088 goto out;
4089
4090 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4091 ta_crypt_cmd_free_transient_object(c, &session,
4092 pub_key_handle)))
4093 goto out;
4094
4095 pub_key_handle = TEE_HANDLE_NULL;
4096
4097 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4098 ta_crypt_cmd_asymmetric_verify(c, &session, op,
4099 algo_params, num_algo_params, ptx_hash,
4100 ptx_hash_size, tv->ctx, tv->ctx_len)))
4101 goto out;
4102 break;
4103
4104 case TEE_MODE_SIGN:
4105 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4106 ta_crypt_cmd_allocate_operation(c, &session,
4107 &op, tv->algo, TEE_MODE_SIGN,
4108 max_key_size)))
4109 goto out;
4110
4111 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4112 ta_crypt_cmd_set_operation_key(c, &session, op,
4113 priv_key_handle)))
4114 goto out;
4115
4116 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4117 ta_crypt_cmd_free_transient_object(c, &session,
4118 priv_key_handle)))
4119 goto out;
4120
4121 priv_key_handle = TEE_HANDLE_NULL;
4122
4123 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4124 ta_crypt_cmd_asymmetric_sign(c, &session, op,
4125 algo_params, num_algo_params, ptx_hash,
4126 ptx_hash_size, out, &out_size)))
4127 goto out;
4128
4129 if (TEE_ALG_GET_CHAIN_MODE(tv->algo) ==
4130 TEE_CHAIN_MODE_PKCS1_PSS_MGF1 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4131 tv->algo == TEE_ALG_DSA_SHA1 ||
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]4132 tv->algo == TEE_ALG_DSA_SHA224 ||
4133 tv->algo == TEE_ALG_DSA_SHA256 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4134 TEE_ALG_GET_MAIN_ALG(tv->algo) ==
4135 TEE_MAIN_ALGO_ECDSA) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4136 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4137 ta_crypt_cmd_free_operation(c, &session,
4138 op)))
4139 goto out;
4140 /*
4141 * The salt or K is random so we can't verify
4142 * signing against precomputed values, instead
4143 * we use the verify operation to see that
4144 * output is correct.
4145 */
4146 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4147 ta_crypt_cmd_allocate_operation(c,
4148 &session, &op, tv->algo,
4149 TEE_MODE_VERIFY, max_key_size)))
4150 goto out;
4151
4152 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4153 ta_crypt_cmd_set_operation_key(c,
4154 &session, op, pub_key_handle)))
4155 goto out;
4156
4157 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4158 ta_crypt_cmd_free_transient_object(c,
4159 &session, pub_key_handle)))
4160 goto out;
4161
4162 pub_key_handle = TEE_HANDLE_NULL;
4163
4164 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4165 ta_crypt_cmd_asymmetric_verify(c,
4166 &session, op, algo_params,
4167 num_algo_params, ptx_hash,
4168 ptx_hash_size, out, out_size)))
4169 goto out;
4170 } else {
4171 (void)ADBG_EXPECT_BUFFER(c, tv->ctx,
4172 tv->ctx_len, out,
4173 out_size);
4174 }
4175 break;
4176
4177 default:
4178 break;
4179 }
4180
4181 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4182 ta_crypt_cmd_free_operation(c, &session, op)))
4183 goto out;
4184
4185 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4186 ta_crypt_cmd_free_transient_object(c, &session,
4187 pub_key_handle)))
4188 goto out;
4189 pub_key_handle = TEE_HANDLE_NULL;
4190
4191 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4192 ta_crypt_cmd_free_transient_object(c, &session,
4193 priv_key_handle)))
4194 goto out;
4195
4196 priv_key_handle = TEE_HANDLE_NULL;
4197
4198 Do_ADBG_EndSubCase(c, NULL);
4199 }
4200out:
4201 TEEC_CloseSession(&session);
4202}
4203
4204#define KEY_ATTR(x, y) { #x, (x), y }
4205
4206struct key_attrs {
4207 const char *name;
4208 uint32_t attr;
4209 bool keysize_check;
4210};
4211
4212static bool test_keygen_attributes(ADBG_Case_t *c, TEEC_Session *s,
4213 TEE_ObjectHandle key, uint32_t key_size,
4214 struct key_attrs *attrs, size_t num_attrs)
4215{
4216 uint8_t out[2048];
4217 size_t out_size;
4218 size_t n;
4219 size_t m;
4220
4221 for (m = 0; m < num_attrs; m++) {
4222 if ((attrs[m].attr & TEE_ATTR_BIT_VALUE) == 0) {
4223 out_size = sizeof(out);
4224 memset(out, 0, sizeof(out));
4225 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4226 ta_crypt_cmd_get_object_buffer_attribute(c, s,
4227 key, attrs[m].attr, out, &out_size)))
4228 return false;
4229
4230 if (attrs[m].keysize_check)
4231 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
4232 key_size / 8);
4233
4234 if (out_size > 0) {
4235 /* Check that buffer isn't all zeroes */
4236 for (n = 0; n < out_size; n++)
4237 if (out[n] != 0)
4238 break;
4239 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <,
4240 out_size))
4241 return false;
4242 }
4243 } else {
4244 uint32_t a;
4245 uint32_t b;
4246
4247 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4248 ta_crypt_cmd_get_object_value_attribute(c, s, key,
4249 attrs[m].attr, &a, &b)))
4250 return false;
4251 }
4252 }
4253 return true;
4254}
4255
4256static bool test_secret_value(ADBG_Case_t *c, TEEC_Session *s,
4257 TEE_ObjectHandle key, uint32_t key_size)
4258{
4259 const struct key_attrs attrs[] = {
4260 KEY_ATTR(TEE_ATTR_SECRET_VALUE, true),
4261 };
4262
4263 return test_keygen_attributes(c, s, key, key_size,
4264 (struct key_attrs *)&attrs,
4265 ARRAY_SIZE(attrs));
4266}
4267
4268
4269static bool test_rsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4270 TEE_ObjectHandle key, uint32_t key_size)
4271{
4272 const struct key_attrs attrs[] = {
4273 KEY_ATTR(TEE_ATTR_RSA_MODULUS, true),
4274 KEY_ATTR(TEE_ATTR_RSA_PUBLIC_EXPONENT, false),
4275 KEY_ATTR(TEE_ATTR_RSA_PRIVATE_EXPONENT, false),
4276 KEY_ATTR(TEE_ATTR_RSA_PRIME1, false),
4277 KEY_ATTR(TEE_ATTR_RSA_PRIME2, false),
4278 KEY_ATTR(TEE_ATTR_RSA_EXPONENT1, false),
4279 KEY_ATTR(TEE_ATTR_RSA_EXPONENT2, false),
4280 KEY_ATTR(TEE_ATTR_RSA_COEFFICIENT, false),
4281 };
4282
4283 return test_keygen_attributes(c, s, key, key_size,
4284 (struct key_attrs *)&attrs,
4285 ARRAY_SIZE(attrs));
4286}
4287
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4288static bool test_ecc_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4289 TEE_ObjectHandle key, uint32_t key_size)
4290{
4291 const struct key_attrs attrs[] = {
4292 KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE, false),
4293 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X , false),
4294 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y , false),
4295 /* KEY_ATTR(TEE_ATTR_ECC_CURVE, false), - do not test */
4296 };
4297
4298 return test_keygen_attributes(c, s, key, key_size,
4299 (struct key_attrs *)&attrs,
4300 ARRAY_SIZE(attrs));
4301}
4302
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4303static bool test_dh_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4304 uint32_t check_keysize,
4305 TEE_ObjectHandle key, uint32_t key_size)
4306{
4307 const struct key_attrs attrs[] = {
4308 KEY_ATTR(TEE_ATTR_DH_PRIME, false),
4309 KEY_ATTR(TEE_ATTR_DH_BASE, false),
4310 KEY_ATTR(TEE_ATTR_DH_PUBLIC_VALUE, false),
4311 KEY_ATTR(TEE_ATTR_DH_PRIVATE_VALUE, check_keysize),
4312 KEY_ATTR(TEE_ATTR_DH_X_BITS, false),
4313 };
4314
4315 return test_keygen_attributes(c, s, key, key_size,
4316 (struct key_attrs *)&attrs,
4317 ARRAY_SIZE(attrs));
4318}
4319
4320static bool test_dsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4321 TEE_ObjectHandle key, uint32_t key_size)
4322{
4323 const struct key_attrs attrs[] = {
4324 KEY_ATTR(TEE_ATTR_DSA_PRIME, true),
4325 KEY_ATTR(TEE_ATTR_DSA_SUBPRIME, false),
4326 KEY_ATTR(TEE_ATTR_DSA_BASE, false),
4327 KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE, false),
4328 KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE, false),
4329 };
4330
4331 return test_keygen_attributes(c, s, key, key_size,
4332 (struct key_attrs *)&attrs,
4333 ARRAY_SIZE(attrs));
4334}
4335
4336static bool generate_and_test_key(ADBG_Case_t *c, TEEC_Session *s,
4337 uint32_t key_type, uint32_t check_keysize,
4338 uint32_t key_size,
4339 TEE_Attribute *params, size_t param_count)
4340{
4341 TEE_ObjectHandle key;
4342 bool ret_val = true;
4343
4344 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4345 ta_crypt_cmd_allocate_transient_object(c, s, key_type, key_size,
4346 &key)))
4347 return false;
4348
4349 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4350 ta_crypt_cmd_generate_key(c, s, key, key_size, params,
4351 param_count)))
4352 return false;
4353
4354 switch (key_type) {
4355 case TEE_TYPE_DES:
4356 case TEE_TYPE_DES3:
4357 ret_val = ADBG_EXPECT_TRUE(c,
4358 test_secret_value(c, s, key,
4359 key_size + key_size / 7));
4360 break;
4361 case TEE_TYPE_AES:
4362 case TEE_TYPE_HMAC_MD5:
4363 case TEE_TYPE_HMAC_SHA1:
4364 case TEE_TYPE_HMAC_SHA224:
4365 case TEE_TYPE_HMAC_SHA256:
4366 case TEE_TYPE_HMAC_SHA384:
4367 case TEE_TYPE_HMAC_SHA512:
4368 case TEE_TYPE_GENERIC_SECRET:
4369 ret_val = ADBG_EXPECT_TRUE(c,
4370 test_secret_value(c, s, key, key_size));
4371 break;
4372
4373 case TEE_TYPE_RSA_KEYPAIR:
4374 ret_val = ADBG_EXPECT_TRUE(c,
4375 test_rsa_key_pair(c, s, key, key_size));
4376 break;
4377
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4378 case TEE_TYPE_ECDSA_KEYPAIR:
4379 case TEE_TYPE_ECDH_KEYPAIR:
4380 ret_val = ADBG_EXPECT_TRUE(c,
4381 test_ecc_key_pair(c, s, key, key_size));
4382 break;
4383
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4384 case TEE_TYPE_DH_KEYPAIR:
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4385 ret_val = ADBG_EXPECT_TRUE(c,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4386 test_dh_key_pair(c, s, check_keysize, key,
4387 key_size));
4388 break;
4389
4390 case TEE_TYPE_DSA_KEYPAIR:
4391 ret_val = ADBG_EXPECT_TRUE(c,
4392 test_dsa_key_pair(c, s, key, key_size));
4393 break;
4394
4395 default:
4396 ret_val = false;
4397 break;
4398 }
4399
4400 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4401 ta_crypt_cmd_free_transient_object(c, s, key)))
4402 return false;
4403
4404 return ret_val;
4405}
4406
4407static void xtest_test_keygen_noparams(ADBG_Case_t *c, TEEC_Session *session)
4408{
4409 size_t n;
4410 uint32_t key_size;
4411 static const struct {
4412 const char *name;
4413 uint32_t key_type;
4414 uint32_t quanta;
4415 uint32_t min_size;
4416 uint32_t max_size;
4417 } key_types[] = {
4418 { "AES", TEE_TYPE_AES, 64, 128,
4419 256 /* valid sizes 128, 192, 256 */ },
4420 { "DES", TEE_TYPE_DES, 56, 56, 56 /* valid size 56 */ },
4421 { "DES3", TEE_TYPE_DES3, 56, 112,
4422 168 /* valid sizes 112, 168 */ },
4423 { "HMAC-MD5", TEE_TYPE_HMAC_MD5, 8, 64, 512 },
4424 { "HMAC-SHA1", TEE_TYPE_HMAC_SHA1, 8, 80, 512 },
4425 { "HMAC-SHA224", TEE_TYPE_HMAC_SHA224, 8, 112, 512 },
4426 { "HMAC-SHA256", TEE_TYPE_HMAC_SHA256, 8, 192, 1024 },
4427 { "HMAC-SHA384", TEE_TYPE_HMAC_SHA384, 8, 256, 1024 },
4428 { "HMAC-SHA512", TEE_TYPE_HMAC_SHA512, 8, 256, 1024 },
4429 { "Generic secret", TEE_TYPE_GENERIC_SECRET, 8, 128, 4096 },
4430 { "RSA-2048", TEE_TYPE_RSA_KEYPAIR, 1, 2048, 2048 },
4431
4432 /* New tests added to check non-regression of issue #5398 */
4433 { "RSA-256", TEE_TYPE_RSA_KEYPAIR, 1, 256, 256 },
4434 { "RSA-384", TEE_TYPE_RSA_KEYPAIR, 1, 384, 384 },
4435 { "RSA-512", TEE_TYPE_RSA_KEYPAIR, 1, 512, 512 },
4436 { "RSA-640", TEE_TYPE_RSA_KEYPAIR, 1, 640, 640 },
4437 { "RSA-768", TEE_TYPE_RSA_KEYPAIR, 1, 768, 768 },
4438 { "RSA-896", TEE_TYPE_RSA_KEYPAIR, 1, 896, 896 },
4439 { "RSA-1024", TEE_TYPE_RSA_KEYPAIR, 1, 1024, 1024 },
4440 };
4441
4442 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
4443 uint32_t min_size = key_types[n].min_size;
4444 uint32_t max_size = key_types[n].max_size;
4445 uint32_t quanta = key_types[n].quanta;
4446
4447 Do_ADBG_BeginSubCase(c, "Generate %s key", key_types[n].name);
4448
4449 for (key_size = min_size; key_size <= max_size;
4450 key_size += quanta) {
4451 if (!ADBG_EXPECT_TRUE(c,
4452 generate_and_test_key(c, session, key_types
4453 [n].key_type, 1, key_size, NULL, 0)))
4454 break;
4455 }
4456
4457 Do_ADBG_EndSubCase(c, "Generate %s key", key_types[n].name);
4458 }
4459}
4460
4461static void xtest_test_keygen_dh(ADBG_Case_t *c, TEEC_Session *session)
4462{
4463 size_t n;
4464 size_t param_count;
4465 /*
4466 * Note that the key size parameter is not used when creating the keys
4467 * but specifying these sizes make it possible to test the expected size
4468 * of the private value. This also means that the keysize must match the
4469 * size of p or what is specified in private_bits or the equvivalent
4470 * size of the subprime parameter.
4471 */
4472 TEE_Attribute params[4];
4473
4474#define XTEST_DH_GK_DATA(vect) \
4475 ARRAY(vect ## _p), \
4476 ARRAY(vect ## _g), \
4477 &vect ## _private_bits, \
4478 0, 0
4479#define XTEST_DH_GK_DATA_SUBPRIME(vect) \
4480 ARRAY(vect ## _p), \
4481 ARRAY(vect ## _g), \
4482 &vect ## _private_bits, \
4483 ARRAY(vect ## _subprime)
4484 static const struct {
4485 uint32_t key_size;
4486 const uint8_t *p;
4487 size_t p_len;
4488 const uint8_t *g;
4489 size_t g_len;
4490 const uint32_t *private_bits;
4491 const uint8_t *subprime;
4492 size_t subprime_len;
4493 } key_types[] = {
4494 { 256, XTEST_DH_GK_DATA(keygen_dh256) },
4495 { 256, XTEST_DH_GK_DATA(keygen_dh320) },
4496 { 384, XTEST_DH_GK_DATA(keygen_dh384) },
4497 { 256, XTEST_DH_GK_DATA(keygen_dh448) },
4498 { 512, XTEST_DH_GK_DATA(keygen_dh512) },
4499 { 288, XTEST_DH_GK_DATA(keygen_dh576) },
4500 { 640, XTEST_DH_GK_DATA(keygen_dh640) },
4501 { 352, XTEST_DH_GK_DATA(keygen_dh704) },
4502 { 768, XTEST_DH_GK_DATA(keygen_dh768) },
4503 { 416, XTEST_DH_GK_DATA(keygen_dh832) },
4504 { 896, XTEST_DH_GK_DATA(keygen_dh896) },
4505 { 480, XTEST_DH_GK_DATA(keygen_dh960) },
4506 { 1024, XTEST_DH_GK_DATA(keygen_dh1024) },
4507 { 544, XTEST_DH_GK_DATA(keygen_dh1088) },
4508 { 1152, XTEST_DH_GK_DATA(keygen_dh1152) },
4509 { 608, XTEST_DH_GK_DATA(keygen_dh1216) },
4510 { 1280, XTEST_DH_GK_DATA(keygen_dh1280) },
4511 { 672, XTEST_DH_GK_DATA(keygen_dh1344) },
4512 { 1408, XTEST_DH_GK_DATA(keygen_dh1408) },
4513 { 736, XTEST_DH_GK_DATA(keygen_dh1472) },
4514 { 1536, XTEST_DH_GK_DATA(keygen_dh1536) },
4515 { 800, XTEST_DH_GK_DATA(keygen_dh1600) },
4516 { 1664, XTEST_DH_GK_DATA(keygen_dh1664) },
4517 { 864, XTEST_DH_GK_DATA(keygen_dh1728) },
4518 { 1792, XTEST_DH_GK_DATA(keygen_dh1792) },
4519 { 928, XTEST_DH_GK_DATA(keygen_dh1856) },
4520 { 1920, XTEST_DH_GK_DATA(keygen_dh1920) },
4521 { 992, XTEST_DH_GK_DATA(keygen_dh1984) },
4522 { 2048, XTEST_DH_GK_DATA(keygen_dh2048) },
4523 { 256, XTEST_DH_GK_DATA_SUBPRIME(keygen_dh2048_subprime) }
4524 };
4525
4526
4527 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
4528 Do_ADBG_BeginSubCase(c,
4529 "Generate DH key %d bits - Private bits = %d",
4530 key_types[n].key_size,
4531 *key_types[n].private_bits);
4532 param_count = 0;
4533
4534 xtest_add_attr(&param_count, params,
4535 TEE_ATTR_DH_PRIME,
4536 key_types[n].p, key_types[n].p_len);
4537
4538 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4539 key_types[n].g, key_types[n].g_len);
4540
4541 if (key_types[n].private_bits != 0) {
4542 params[param_count].attributeID = TEE_ATTR_DH_X_BITS;
4543
4544 params[param_count].content.value.a =
4545 *key_types[n].private_bits;
4546
4547 params[param_count].content.value.b = 0;
4548 param_count++;
4549 }
4550
4551 if (key_types[n].subprime != 0) {
4552 xtest_add_attr(&param_count, params,
4553 TEE_ATTR_DH_SUBPRIME,
4554 key_types[n].subprime,
4555 key_types[n].subprime_len);
4556 }
4557
4558 if (!ADBG_EXPECT_TRUE(c,
4559 generate_and_test_key(c, session, TEE_TYPE_DH_KEYPAIR,
4560 ((*key_types[n].private_bits) != 0),
4561 key_types[n]. key_size, params, param_count)))
4562 break;
4563
4564 Do_ADBG_EndSubCase(c,
4565 "Generate DH key %d bits - Private bits = %d",
4566 key_types[n].key_size,
4567 *key_types[n].private_bits);
4568 }
4569}
4570
4571static void xtest_test_keygen_dsa(ADBG_Case_t *c, TEEC_Session *session)
4572{
4573 size_t n;
4574 size_t param_count;
4575 TEE_Attribute params[4];
4576
4577#define XTEST_DSA_GK_DATA(vect) \
4578 ARRAY(vect ## _p), \
4579 ARRAY(vect ## _g), \
4580 ARRAY(vect ## _q)
4581 static const struct {
4582 uint32_t key_size;
4583 const uint8_t *prime;
4584 size_t prime_len;
4585 const uint8_t *base;
4586 size_t base_len;
4587 const uint8_t *sub_prime;
4588 size_t sub_prime_len;
4589 } key_types[] = {
4590 { 1024, XTEST_DSA_GK_DATA(keygen_dsa_test1) },
4591 { 512, XTEST_DSA_GK_DATA(keygen_dsa512) },
4592 { 576, XTEST_DSA_GK_DATA(keygen_dsa576) },
4593 { 640, XTEST_DSA_GK_DATA(keygen_dsa640) },
4594 { 704, XTEST_DSA_GK_DATA(keygen_dsa704) },
4595 { 768, XTEST_DSA_GK_DATA(keygen_dsa768) },
4596 { 832, XTEST_DSA_GK_DATA(keygen_dsa832) },
4597 { 896, XTEST_DSA_GK_DATA(keygen_dsa896) },
4598 { 960, XTEST_DSA_GK_DATA(keygen_dsa960) },
4599 { 1024, XTEST_DSA_GK_DATA(keygen_dsa1024) },
4600 };
4601
4602 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
4603 Do_ADBG_BeginSubCase(c, "Generate DSA key %d bits",
4604 key_types[n].key_size);
4605 param_count = 0;
4606
4607
4608 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_PRIME,
4609 key_types[n].prime, key_types[n].prime_len);
4610
4611 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_SUBPRIME,
4612 key_types[n].sub_prime,
4613 key_types[n].sub_prime_len);
4614
4615 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_BASE,
4616 key_types[n].base, key_types[n].base_len);
4617
4618 if (!ADBG_EXPECT_TRUE(c,
4619 generate_and_test_key(c, session, TEE_TYPE_DSA_KEYPAIR,
4620 1, key_types[n]. key_size, params,
4621 param_count)))
4622 break;
4623
4624 Do_ADBG_EndSubCase(c, "Generate DSA key %d bits",
4625 key_types[n].key_size);
4626 }
4627}
4628
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4629static void xtest_test_keygen_ecc(ADBG_Case_t *c, TEEC_Session *session)
4630{
4631 size_t n;
4632 size_t param_count;
4633 TEE_Attribute params[4];
4634
4635 static const struct {
4636 const char *name;
4637 uint32_t algo;
4638 uint32_t curve;
4639 uint32_t key_size;
4640 } key_types[] = {
4641 /* ECDSA */
4642 { "ECDSA-192", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P192, 192 },
4643 { "ECDSA-224", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P224, 224 },
4644 { "ECDSA-256", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P256, 256 },
4645 { "ECDSA-384", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P384, 384 },
4646 { "ECDSA-521", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P521, 521 },
4647
4648 /* ECDH */
4649 { "ECDH-192", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P192, 192 },
4650 { "ECDH-224", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P224, 224 },
4651 { "ECDH-256", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P256, 256 },
4652 { "ECDH-384", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P384, 384 },
4653 { "ECDH-521", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P521, 521 },
4654 };
4655
4656 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
4657 Do_ADBG_BeginSubCase(c, "Generate %s", key_types[n].name);
4658 param_count = 0;
4659
4660 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
4661 key_types[n].curve, 0);
4662
4663 if (!ADBG_EXPECT_TRUE(c,
4664 generate_and_test_key(c, session, key_types[n].algo,
4665 0, key_types[n].key_size, params,
4666 param_count)))
4667 break;
4668
4669 Do_ADBG_EndSubCase(c, "Generate %s", key_types[n].name);
4670 }
4671}
4672
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4673static void xtest_tee_test_4007(ADBG_Case_t *c)
4674{
4675 TEEC_Session session = { 0 };
4676 uint32_t ret_orig;
4677
4678 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4679 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4680 &ret_orig)))
4681 return;
4682
4683 xtest_test_keygen_noparams(c, &session);
4684
4685 xtest_test_keygen_dh(c, &session);
4686
4687 xtest_test_keygen_dsa(c, &session);
4688
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4689 xtest_test_keygen_ecc (c, &session);
4690
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4691 TEEC_CloseSession(&session);
4692}
4693
4694static void xtest_tee_test_4008(ADBG_Case_t *c)
4695{
4696 TEEC_Session session = { 0 };
4697 uint32_t ret_orig;
4698 TEE_OperationHandle op;
4699 TEE_ObjectHandle key_handle;
4700 TEE_ObjectHandle sv_handle;
4701 TEE_Attribute params[4];
4702 size_t param_count = 0;
4703 uint8_t out[2048];
4704 size_t out_size;
4705
4706 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4707 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4708 &ret_orig)))
4709 return;
4710
4711 Do_ADBG_BeginSubCase(c, "Derive DH key success");
4712
4713 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4714 ta_crypt_cmd_allocate_operation(c, &session, &op,
4715 TEE_ALG_DH_DERIVE_SHARED_SECRET, TEE_MODE_DERIVE,
4716 derive_key_max_keysize)))
4717 goto out;
4718
4719 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4720 ta_crypt_cmd_allocate_transient_object(c, & session,
4721 TEE_TYPE_DH_KEYPAIR, derive_key_max_keysize,
4722 &key_handle)))
4723 goto out;
4724
4725 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIME,
4726 ARRAY(derive_key_dh_prime));
4727
4728 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4729 ARRAY(derive_key_dh_base));
4730
4731 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4732 ARRAY(derive_key_dh_public_value));
4733
4734 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIVATE_VALUE,
4735 ARRAY(derive_key_dh_private_value));
4736
4737 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4738 ta_crypt_cmd_populate_transient_object(c, &session, key_handle,
4739 params, param_count)))
4740 goto out;
4741
4742 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4743 ta_crypt_cmd_set_operation_key(c, &session, op, key_handle)))
4744 goto out;
4745
4746 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4747 ta_crypt_cmd_free_transient_object(c, & session, key_handle)))
4748 goto out;
4749
4750 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4751 ta_crypt_cmd_allocate_transient_object(c, &session,
4752 TEE_TYPE_GENERIC_SECRET, derive_key_max_keysize,
4753 &sv_handle)))
4754 goto out;
4755
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4756 /* reuse but reset params and param-count */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4757 param_count = 0;
4758
4759 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4760 ARRAY(derive_key_dh_public_value_2));
4761
4762 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4763 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
4764 param_count)))
4765 goto out;
4766
4767 out_size = sizeof(out);
4768 memset(out, 0, sizeof(out));
4769 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4770 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
4771 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4772 goto out;
4773
4774 if (!ADBG_EXPECT_BUFFER(c, derive_key_dh_shared_secret,
4775 sizeof(derive_key_dh_shared_secret), out,
4776 out_size))
4777 goto out;
4778
4779 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4780 ta_crypt_cmd_free_operation(c, &session, op)))
4781 goto out;
4782
4783 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4784 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
4785 goto out;
4786out:
4787 Do_ADBG_EndSubCase(c, "Derive DH key success");
4788 TEEC_CloseSession(&session);
4789}
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4790
4791static void xtest_tee_test_4009(ADBG_Case_t *c)
4792{
4793 TEEC_Session session = { 0 };
4794 uint32_t ret_orig;
4795 TEE_OperationHandle op;
4796 TEE_ObjectHandle key_handle;
4797 TEE_ObjectHandle sv_handle;
4798 TEE_Attribute params[4];
4799 size_t param_count = 0;
4800 uint8_t out[2048];
4801 size_t out_size;
4802 uint32_t size_bytes;
Peng Fane13ad9b2015-07-21 11:46:26 +0800[diff] [blame]4803 uint32_t i;
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4804 struct derive_key_ecdh_t *pt;
4805
4806 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4807 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4808 &ret_orig)))
4809 return;
4810
4811 for (i = 0; i < ARRAY_SIZE(derive_key_ecdh); i++) {
4812 pt = &derive_key_ecdh[i];
4813
4814 Do_ADBG_BeginSubCase(c, "Derive ECDH key - algo = 0x%x",
4815 pt->algo);
4816 size_bytes = (pt->keysize + 7) / 8;
4817 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4818 ta_crypt_cmd_allocate_operation(c, &session, &op,
4819 pt->algo,
4820 TEE_MODE_DERIVE, pt->keysize)))
4821 goto out;
4822
4823 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4824 ta_crypt_cmd_allocate_transient_object(c, & session,
4825 TEE_TYPE_ECDH_KEYPAIR, pt->keysize,
4826 &key_handle)))
4827 goto out;
4828
4829 param_count = 0;
4830 xtest_add_attr_value(&param_count, params,
4831 TEE_ATTR_ECC_CURVE, pt->curve, 0);
4832 xtest_add_attr(&param_count, params,
4833 TEE_ATTR_ECC_PRIVATE_VALUE,
4834 pt->private, size_bytes);
4835 /*
4836 * The public value is not used. This is why we provide
4837 * another buffer
4838 */
4839 xtest_add_attr(&param_count, params,
4840 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4841 pt->private, size_bytes);
4842 xtest_add_attr(&param_count, params,
4843 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4844 pt->private, size_bytes);
4845
4846 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4847 ta_crypt_cmd_populate_transient_object(c,
4848 &session,
4849 key_handle, params, param_count)))
4850 goto out;
4851
4852 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4853 ta_crypt_cmd_set_operation_key(c, &session, op,
4854 key_handle)))
4855 goto out;
4856
4857 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4858 ta_crypt_cmd_free_transient_object(c, & session,
4859 key_handle)))
4860 goto out;
4861
4862 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4863 ta_crypt_cmd_allocate_transient_object(c, &session,
4864 TEE_TYPE_GENERIC_SECRET, size_bytes * 8,
4865 &sv_handle)))
4866 goto out;
4867
4868 /* reuse but reset params and param-count */
4869 param_count = 0;
4870
4871 xtest_add_attr(&param_count, params,
4872 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4873 pt->public_x, size_bytes);
4874 xtest_add_attr(&param_count, params,
4875 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4876 pt->public_y, size_bytes);
4877
4878 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4879 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
4880 params, param_count)))
4881 goto out;
4882
4883 out_size = sizeof(out);
4884 memset(out, 0, sizeof(out));
4885 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4886 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
4887 sv_handle,
4888 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4889 goto out;
4890
4891 if (!ADBG_EXPECT_BUFFER(c, pt->out, size_bytes,
4892 out, out_size))
4893 goto out;
4894
4895 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4896 ta_crypt_cmd_free_operation(c, &session, op)))
4897 goto out;
4898
4899 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4900 ta_crypt_cmd_free_transient_object(c, &session,
4901 sv_handle)))
4902 goto out;
4903
4904 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x",
4905 pt->algo);
4906 }
4907
4908 goto noerror;
4909
4910out:
4911 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x", pt->algo);
4912
4913noerror:
4914 TEEC_CloseSession(&session);
4915}