TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / f0cf5188a6eac4bb87b834034b6e2ee5f134ce83 / . / host / xtest / regression_4000.c
blob: 1681f67875b3ccce07ba757f377892ca1a582f86 [file] [log] [blame]
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1/*
2 * Copyright (c) 2014, STMicroelectronics International N.V.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License Version 2 as
6 * published by the Free Software Foundation.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 */
13
14#include <stdio.h>
15#include <string.h>
16#include <inttypes.h>
17#include <malloc.h>
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]18#include <time.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]19
20#include "xtest_test.h"
21#include "xtest_helpers.h"
22
23#include <tee_api_types.h>
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]24#include <tee_api_defines_extensions.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]25#include <ta_crypt.h>
26#include <utee_defines.h>
27#include <util.h>
28
Jerome Forissier213ca8a2017-03-31 11:27:56 +0200[diff] [blame]29#include <regression_4000_data.h>
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]30#include <nist/186-2ecdsatestvectors.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]31
32#include <assert.h>
33
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]34static TEEC_Result ta_crypt_cmd_reset_operation(ADBG_Case_t *c, TEEC_Session *s,
35 TEE_OperationHandle oph)
36{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]37 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]38 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]39 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]40
41 assert((uintptr_t)oph <= UINT32_MAX);
42 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
43 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
44 TEEC_NONE);
45 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RESET_OPERATION, &op,
46 &ret_orig);
47 if (res != TEEC_SUCCESS) {
48 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
49 ret_orig);
50 }
51 return res;
52}
53
54static TEEC_Result ta_crypt_cmd_copy_operation(ADBG_Case_t *c,
55 TEEC_Session *s,
56 TEE_OperationHandle dst_oph,
57 TEE_OperationHandle src_oph)
58{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]59 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]60 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]61 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]62
63 assert((uintptr_t)dst_oph <= UINT32_MAX);
64 op.params[0].value.a = (uint32_t)(uintptr_t)dst_oph;
65
66 assert((uintptr_t)src_oph <= UINT32_MAX);
67 op.params[0].value.b = (uint32_t)(uintptr_t)src_oph;
68 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
69 TEEC_NONE);
70
71 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_COPY_OPERATION, &op,
72 &ret_orig);
73
74 if (res != TEEC_SUCCESS) {
75 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
76 ret_orig);
77 }
78 return res;
79}
80
81static TEEC_Result ta_crypt_cmd_digest_update(ADBG_Case_t *c, TEEC_Session *s,
82 TEE_OperationHandle oph,
83 const void *chunk,
84 size_t chunk_size)
85{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]86 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]87 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]88 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]89
90 assert((uintptr_t)oph <= UINT32_MAX);
91 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
92 op.params[1].tmpref.buffer = (void *)chunk;
93 op.params[1].tmpref.size = chunk_size;
94
95 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
96 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
97 TEEC_NONE);
98
99 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_UPDATE, &op, &ret_orig);
100
101 if (res != TEEC_SUCCESS) {
102 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
103 ret_orig);
104 }
105
106 return res;
107}
108
109static TEEC_Result ta_crypt_cmd_digest_do_final(ADBG_Case_t *c, TEEC_Session *s,
110 TEE_OperationHandle oph,
111 const void *chunk,
112 size_t chunk_len, void *hash,
113 size_t *hash_len)
114{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]115 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]116 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]117 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]118
119 assert((uintptr_t)oph <= UINT32_MAX);
120 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
121
122 op.params[1].tmpref.buffer = (void *)chunk;
123 op.params[1].tmpref.size = chunk_len;
124
125 op.params[2].tmpref.buffer = (void *)hash;
126 op.params[2].tmpref.size = *hash_len;
127
128 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
129 TEEC_MEMREF_TEMP_INPUT,
130 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
131
132 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_DO_FINAL, &op,
133 &ret_orig);
134
135 if (res != TEEC_SUCCESS) {
136 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
137 ret_orig);
138 }
139
140 if (res == TEEC_SUCCESS)
141 *hash_len = op.params[2].tmpref.size;
142
143 return res;
144}
145
146static TEE_Result ta_crypt_cmd_set_operation_key2(ADBG_Case_t *c,
147 TEEC_Session *s,
148 TEE_OperationHandle oph,
149 TEE_ObjectHandle key1,
150 TEE_ObjectHandle key2)
151{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]152 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]153 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]154 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]155
156 assert((uintptr_t)oph <= UINT32_MAX);
157 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
158
159 assert((uintptr_t)key1 <= UINT32_MAX);
160 op.params[0].value.b = (uint32_t)(uintptr_t)key1;
161
162 assert((uintptr_t)key2 <= UINT32_MAX);
163 op.params[1].value.a = (uint32_t)(uintptr_t)key2;
164 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_INPUT,
165 TEEC_NONE, TEEC_NONE);
166
167 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_SET_OPERATION_KEY2, &op,
168 &ret_orig);
169
170 if (res != TEEC_SUCCESS) {
171 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
172 ret_orig);
173 }
174
175 return res;
176}
177
178static TEEC_Result ta_crypt_cmd_mac_init(ADBG_Case_t *c, TEEC_Session *s,
179 TEE_OperationHandle oph,
180 const void *iv, size_t iv_len)
181{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]182 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]183 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]184 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]185
186 assert((uintptr_t)oph <= UINT32_MAX);
187 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
188
189 if (iv != NULL) {
190 op.params[1].tmpref.buffer = (void *)iv;
191 op.params[1].tmpref.size = iv_len;
192 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
193 TEEC_MEMREF_TEMP_INPUT,
194 TEEC_NONE, TEEC_NONE);
195 } else {
196 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
197 TEEC_NONE, TEEC_NONE);
198 }
199
200 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_INIT, &op, &ret_orig);
201
202 if (res != TEEC_SUCCESS) {
203 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
204 ret_orig);
205 }
206
207 return res;
208}
209
210static TEEC_Result ta_crypt_cmd_mac_update(ADBG_Case_t *c, TEEC_Session *s,
211 TEE_OperationHandle oph,
212 const void *chunk, size_t chunk_size)
213{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]214 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]215 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]216 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]217
218 assert((uintptr_t)oph <= UINT32_MAX);
219 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
220
221 op.params[1].tmpref.buffer = (void *)chunk;
222 op.params[1].tmpref.size = chunk_size;
223
224 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
225 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
226 TEEC_NONE);
227
228 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_UPDATE, &op, &ret_orig);
229
230 if (res != TEEC_SUCCESS) {
231 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
232 ret_orig);
233 }
234
235 return res;
236}
237
238static TEEC_Result ta_crypt_cmd_mac_final_compute(ADBG_Case_t *c,
239 TEEC_Session *s,
240 TEE_OperationHandle oph,
241 const void *chunk,
242 size_t chunk_len,
243 void *hash,
244 size_t *hash_len)
245{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]246 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]247 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]248 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]249
250 assert((uintptr_t)oph <= UINT32_MAX);
251 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
252
253 op.params[1].tmpref.buffer = (void *)chunk;
254 op.params[1].tmpref.size = chunk_len;
255
256 op.params[2].tmpref.buffer = (void *)hash;
257 op.params[2].tmpref.size = *hash_len;
258
259 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
260 TEEC_MEMREF_TEMP_INPUT,
261 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
262
263 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPUTE, &op,
264 &ret_orig);
265
266 if (res != TEEC_SUCCESS) {
267 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
268 ret_orig);
269 }
270
271 if (res == TEEC_SUCCESS)
272 *hash_len = op.params[2].tmpref.size;
273
274 return res;
275}
276
277static TEEC_Result ta_crypt_cmd_cipher_init(ADBG_Case_t *c, TEEC_Session *s,
278 TEE_OperationHandle oph,
279 const void *iv, size_t iv_len)
280{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]281 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]282 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]283 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]284
285 assert((uintptr_t)oph <= UINT32_MAX);
286 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
287
288 if (iv != NULL) {
289 op.params[1].tmpref.buffer = (void *)iv;
290 op.params[1].tmpref.size = iv_len;
291
292 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
293 TEEC_MEMREF_TEMP_INPUT,
294 TEEC_NONE, TEEC_NONE);
295 } else {
296 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
297 TEEC_NONE, TEEC_NONE);
298 }
299
300 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_INIT, &op, &ret_orig);
301
302 if (res != TEEC_SUCCESS) {
303 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
304 ret_orig);
305 }
306
307 return res;
308}
309
310static TEEC_Result ta_crypt_cmd_cipher_update(ADBG_Case_t *c, TEEC_Session *s,
311 TEE_OperationHandle oph,
312 const void *src, size_t src_len,
313 void *dst, size_t *dst_len)
314{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]315 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]316 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]317 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]318
319 assert((uintptr_t)oph <= UINT32_MAX);
320 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
321
322 op.params[1].tmpref.buffer = (void *)src;
323 op.params[1].tmpref.size = src_len;
324
325 op.params[2].tmpref.buffer = dst;
326 op.params[2].tmpref.size = *dst_len;
327
328 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
329 TEEC_MEMREF_TEMP_INPUT,
330 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
331
332 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_UPDATE, &op, &ret_orig);
333
334 if (res != TEEC_SUCCESS) {
335 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
336 ret_orig);
337 }
338
339 if (res == TEEC_SUCCESS)
340 *dst_len = op.params[2].tmpref.size;
341
342 return res;
343}
344
345static TEEC_Result ta_crypt_cmd_cipher_do_final(ADBG_Case_t *c,
346 TEEC_Session *s,
347 TEE_OperationHandle oph,
348 const void *src,
349 size_t src_len,
350 void *dst,
351 size_t *dst_len)
352{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]353 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]354 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]355 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]356
357 assert((uintptr_t)oph <= UINT32_MAX);
358 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
359
360 op.params[1].tmpref.buffer = (void *)src;
361 op.params[1].tmpref.size = src_len;
362
363 op.params[2].tmpref.buffer = (void *)dst;
364 op.params[2].tmpref.size = *dst_len;
365
366 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
367 TEEC_MEMREF_TEMP_INPUT,
368 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
369
370 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_DO_FINAL, &op,
371 &ret_orig);
372
373 if (res != TEEC_SUCCESS) {
374 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
375 ret_orig);
376 }
377
378 if (res == TEEC_SUCCESS)
379 *dst_len = op.params[2].tmpref.size;
380
381 return res;
382}
383
384static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
385 TEEC_Session *s,
386 void *buf,
387 size_t blen)
388{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]389 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]390 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]391 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]392
393 op.params[0].tmpref.buffer = buf;
394 op.params[0].tmpref.size = blen;
395
396 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE,
397 TEEC_NONE, TEEC_NONE);
398
399 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RANDOM_NUMBER_GENEREATE, &op,
400 &ret_orig);
401
402 if (res != TEEC_SUCCESS) {
403 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
404 ret_orig);
405 }
406
407 (void)ADBG_EXPECT_COMPARE_UNSIGNED(c, blen, ==,
408 op.params[0].tmpref.size);
409 return res;
410}
411
412static TEEC_Result ta_crypt_cmd_ae_init(ADBG_Case_t *c, TEEC_Session *s,
413 TEE_OperationHandle oph,
414 const void *nonce, size_t nonce_len,
415 size_t tag_len, size_t aad_len,
416 size_t payload_len)
417{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]418 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]419 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]420 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]421
422 assert((uintptr_t)oph <= UINT32_MAX);
423 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
424 op.params[0].value.b = tag_len;
425
426 op.params[1].tmpref.buffer = (void *)nonce;
427 op.params[1].tmpref.size = nonce_len;
428
429 op.params[2].value.a = aad_len;
430 op.params[2].value.b = payload_len;
431
432 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
433 TEEC_MEMREF_TEMP_INPUT,
Jens Wiklander74a42302015-07-07 01:08:41 +0200[diff] [blame]434 TEEC_VALUE_INPUT, TEEC_NONE);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]435
436 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_INIT, &op, &ret_orig);
437
438 if (res != TEEC_SUCCESS) {
439 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
440 ret_orig);
441 }
442 return res;
443}
444
445static TEEC_Result ta_crypt_cmd_ae_update_aad(ADBG_Case_t *c, TEEC_Session *s,
446 TEE_OperationHandle oph,
447 const void *aad, size_t aad_len)
448{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]449 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]450 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]451 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]452
453 assert((uintptr_t)oph <= UINT32_MAX);
454 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
455
456 op.params[1].tmpref.buffer = (void *)aad;
457 op.params[1].tmpref.size = aad_len;
458
459 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
460 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
461 TEEC_NONE);
462
463 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE_AAD, &op, &ret_orig);
464
465 if (res != TEEC_SUCCESS) {
466 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
467 ret_orig);
468 }
469
470 return res;
471}
472
473static TEEC_Result ta_crypt_cmd_ae_update(ADBG_Case_t *c,
474 TEEC_Session *s,
475 TEE_OperationHandle oph,
476 const void *src,
477 size_t src_len,
478 void *dst,
479 size_t *dst_len)
480{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]481 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]482 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]483 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]484
485 assert((uintptr_t)oph <= UINT32_MAX);
486 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
487
488 op.params[1].tmpref.buffer = (void *)src;
489 op.params[1].tmpref.size = src_len;
490
491 op.params[2].tmpref.buffer = (void *)dst;
492 op.params[2].tmpref.size = *dst_len;
493
494 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
495 TEEC_MEMREF_TEMP_INPUT,
496 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
497
498 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE, &op, &ret_orig);
499
500 if (res != TEEC_SUCCESS) {
501 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
502 ret_orig);
503 }
504
505 if (res == TEEC_SUCCESS)
506 *dst_len = op.params[2].tmpref.size;
507
508 return res;
509}
510
511static TEEC_Result ta_crypt_cmd_ae_encrypt_final(ADBG_Case_t *c,
512 TEEC_Session *s,
513 TEE_OperationHandle oph,
514 const void *src,
515 size_t src_len, void *dst,
516 size_t *dst_len, void *tag,
517 size_t *tag_len)
518{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]519 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]520 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]521 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]522
523 assert((uintptr_t)oph <= UINT32_MAX);
524 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
525
526 op.params[1].tmpref.buffer = (void *)src;
527 op.params[1].tmpref.size = src_len;
528
529 op.params[2].tmpref.buffer = (void *)dst;
530 op.params[2].tmpref.size = *dst_len;
531
532 op.params[3].tmpref.buffer = (void *)tag;
533 op.params[3].tmpref.size = *tag_len;
534
535 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
536 TEEC_MEMREF_TEMP_INPUT,
537 TEEC_MEMREF_TEMP_OUTPUT,
538 TEEC_MEMREF_TEMP_OUTPUT);
539
540 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_ENCRYPT_FINAL, &op,
541 &ret_orig);
542
543 if (res != TEEC_SUCCESS) {
544 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
545 ret_orig);
546 }
547
548 if (res == TEEC_SUCCESS) {
549 *dst_len = op.params[2].tmpref.size;
550 *tag_len = op.params[3].tmpref.size;
551 }
552
553 return res;
554}
555
556static TEEC_Result ta_crypt_cmd_ae_decrypt_final(ADBG_Case_t *c,
557 TEEC_Session *s,
558 TEE_OperationHandle oph,
559 const void *src, size_t src_len,
560 void *dst, size_t *dst_len,
561 const void *tag, size_t tag_len)
562{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]563 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]564 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]565 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]566
567 assert((uintptr_t)oph <= UINT32_MAX);
568 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
569
570 op.params[1].tmpref.buffer = (void *)src;
571 op.params[1].tmpref.size = src_len;
572
573 op.params[2].tmpref.buffer = dst;
574 op.params[2].tmpref.size = *dst_len;
575
576 op.params[3].tmpref.buffer = (void *)tag;
577 op.params[3].tmpref.size = tag_len;
578
579 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
580 TEEC_MEMREF_TEMP_INPUT,
581 TEEC_MEMREF_TEMP_OUTPUT,
582 TEEC_MEMREF_TEMP_INPUT);
583
584 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_DECRYPT_FINAL, &op,
585 &ret_orig);
586
587 if (res != TEEC_SUCCESS) {
588 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
589 ret_orig);
590 }
591
592 if (res == TEEC_SUCCESS)
593 *dst_len = op.params[2].tmpref.size;
594
595 return res;
596}
597
598static TEEC_Result ta_crypt_cmd_asymmetric_operate(ADBG_Case_t *c,
599 TEEC_Session *s,
600 TEE_OperationHandle oph,
601 uint32_t cmd,
602 const TEE_Attribute *params,
603 uint32_t paramCount,
604 const void *src,
605 size_t src_len,
606 void *dst,
607 size_t *dst_len)
608{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]609 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]610 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]611 uint32_t ret_orig = 0;
612 uint8_t *buf = NULL;
613 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]614
615 res = pack_attrs(params, paramCount, &buf, &blen);
616 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
617 return res;
618
619 assert((uintptr_t)oph <= UINT32_MAX);
620 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
621
622 op.params[1].tmpref.buffer = buf;
623 op.params[1].tmpref.size = blen;
624
625 op.params[2].tmpref.buffer = (void *)src;
626 op.params[2].tmpref.size = src_len;
627
628 op.params[3].tmpref.buffer = dst;
629 op.params[3].tmpref.size = *dst_len;
630
631 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
632 TEEC_MEMREF_TEMP_INPUT,
633 TEEC_MEMREF_TEMP_INPUT,
634 TEEC_MEMREF_TEMP_OUTPUT);
635
636 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
637
638 if (res != TEEC_SUCCESS) {
639 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
640 ret_orig);
641 }
642
643 if (res == TEEC_SUCCESS)
644 *dst_len = op.params[3].tmpref.size;
645
646 free(buf);
647 return res;
648}
649
650static TEEC_Result ta_crypt_cmd_asymmetric_encrypt(ADBG_Case_t *c,
651 TEEC_Session *s,
652 TEE_OperationHandle oph,
653 const TEE_Attribute *params,
654 uint32_t paramCount,
655 const void *src,
656 size_t src_len,
657 void *dst,
658 size_t *dst_len)
659{
660 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
661 TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT,
662 params, paramCount,
663 src, src_len, dst, dst_len);
664}
665
666static TEEC_Result ta_crypt_cmd_asymmetric_decrypt(ADBG_Case_t *c,
667 TEEC_Session *s,
668 TEE_OperationHandle oph,
669 const TEE_Attribute *params,
670 uint32_t paramCount,
671 const void *src,
672 size_t src_len,
673 void *dst,
674 size_t *dst_len)
675{
676 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
677 TA_CRYPT_CMD_ASYMMETRIC_DECRYPT,
678 params, paramCount,
679 src, src_len, dst, dst_len);
680}
681
682static TEEC_Result ta_crypt_cmd_asymmetric_sign(ADBG_Case_t *c,
683 TEEC_Session *s,
684 TEE_OperationHandle oph,
685 const TEE_Attribute *params,
686 uint32_t paramCount,
687 const void *digest,
688 size_t digest_len,
689 void *signature,
690 size_t *signature_len)
691{
692 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
693 TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST, params, paramCount,
694 digest, digest_len, signature, signature_len);
695}
696
697static TEEC_Result ta_crypt_cmd_asymmetric_verify(ADBG_Case_t *c,
698 TEEC_Session *s,
699 TEE_OperationHandle oph,
700 const TEE_Attribute *params,
701 uint32_t paramCount,
702 const void *digest,
703 size_t digest_len,
704 const void *signature,
705 size_t signature_len)
706{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]707 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]708 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]709 uint32_t ret_orig = 0;
710 uint8_t *buf = NULL;
711 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]712
713 res = pack_attrs(params, paramCount, &buf, &blen);
714 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
715 return res;
716
717 assert((uintptr_t)oph <= UINT32_MAX);
718 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
719
720 op.params[1].tmpref.buffer = buf;
721 op.params[1].tmpref.size = blen;
722
723 op.params[2].tmpref.buffer = (void *)digest;
724 op.params[2].tmpref.size = digest_len;
725
726 op.params[3].tmpref.buffer = (void *)signature;
727 op.params[3].tmpref.size = signature_len;
728
729 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
730 TEEC_MEMREF_TEMP_INPUT,
731 TEEC_MEMREF_TEMP_INPUT,
732 TEEC_MEMREF_TEMP_INPUT);
733
734 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST,
735 &op, &ret_orig);
736
737 if (res != TEEC_SUCCESS) {
738 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
739 ret_orig);
740 }
741
742 free(buf);
743 return res;
744}
745
746static TEEC_Result ta_crypt_cmd_get_object_value_attribute(ADBG_Case_t *c,
747 TEEC_Session *s,
748 TEE_ObjectHandle o,
749 uint32_t attr_id,
750 uint32_t *valuea,
751 uint32_t *valueb)
752{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]753 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]754 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]755 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]756
757 assert((uintptr_t)o <= UINT32_MAX);
758 op.params[0].value.a = (uint32_t)(uintptr_t)o;
759 op.params[0].value.b = attr_id;
760 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_OUTPUT,
761 TEEC_NONE, TEEC_NONE);
762
763 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE,
764 &op, &ret_orig);
765
766 if (res != TEEC_SUCCESS) {
767 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
768 ret_orig);
769 }
770
771 if (res == TEEC_SUCCESS) {
772 *valuea = op.params[1].value.a;
773 *valueb = op.params[1].value.b;
774 }
775
776 return res;
777}
778
779static TEEC_Result ta_crypt_cmd_generate_key(ADBG_Case_t *c,
780 TEEC_Session *s,
781 TEE_ObjectHandle o,
782 uint32_t key_size,
783 const TEE_Attribute *params,
784 uint32_t paramCount)
785{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]786 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]787 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]788 uint32_t ret_orig = 0;
789 uint8_t *buf = NULL;
790 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]791
792 res = pack_attrs(params, paramCount, &buf, &blen);
793 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
794 return res;
795
796 assert((uintptr_t)o <= UINT32_MAX);
797 op.params[0].value.a = (uint32_t)(uintptr_t)o;
798 op.params[0].value.b = key_size;
799
800 op.params[1].tmpref.buffer = buf;
801 op.params[1].tmpref.size = blen;
802
803 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
804 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
805 TEEC_NONE);
806
807 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GENERATE_KEY, &op, &ret_orig);
808
809 if (res != TEEC_SUCCESS) {
810 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
811 ret_orig);
812 }
813
814 free(buf);
815 return res;
816}
817
818static const uint8_t hash_data_md5_in1[] = {
819 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
820};
821
822static const uint8_t hash_data_md5_out1[] = {
823 0x61, 0x12, 0x71, 0x83, 0x70, 0x8d, 0x3a, 0xc7,
824 0xf1, 0x9b, 0x66, 0x06, 0xfc, 0xae, 0x7d, 0xf6
825};
826
827static const uint8_t hash_data_sha1_in1[] = {
828 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
829};
830
831static const uint8_t hash_data_sha1_out1[] = {
832 0x4b, 0x98, 0x92, 0xb6, 0x52, 0x72, 0x14, 0xaf,
833 0xc6, 0x55, 0xb8, 0xaa, 0x52, 0xf4, 0xd2, 0x03,
834 0xc1, 0x5e, 0x7c, 0x9c
835};
836
837static const uint8_t hash_data_sha224_in1[] = {
838 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
839};
840
841static const uint8_t hash_data_sha224_out1[] = {
842 0x08, 0x21, 0x69, 0xf9, 0x77, 0x1b, 0x80, 0x15,
843 0xf3, 0x97, 0xae, 0xde, 0x5b, 0xba, 0xa2, 0x72,
844 0x2d, 0x8f, 0x5c, 0x19, 0xfe, 0xd2, 0xe2, 0x68,
845 0x92, 0x49, 0xd8, 0x44
846};
847
848static const uint8_t hash_data_sha256_in1[] = { 'a', 'b', 'c' };
849
850static const uint8_t hash_data_sha256_out1[] = {
851 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
852 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
853 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
854 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
855};
856
857static const uint8_t hash_data_sha256_in2[] = { 'e', 'f', 'g' };
858
859static const uint8_t hash_data_sha256_out2[] = {
860 0xd4, 0xff, 0xe8, 0xe9, 0xee, 0x0b, 0x48, 0xeb,
861 0xa7, 0x16, 0x70, 0x61, 0x23, 0xa7, 0x18, 0x7f,
862 0x32, 0xea, 0xe3, 0xbd, 0xcb, 0x0e, 0x77, 0x63,
863 0xe4, 0x1e, 0x53, 0x32, 0x67, 0xbd, 0x8a, 0x53
864};
865
866
867static const uint8_t hash_data_sha384_in1[] = {
868 'a', 'b', 'c', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
869};
870
871static const uint8_t hash_data_sha384_out1[] = {
872 0x4c, 0xab, 0x80, 0x9d, 0x96, 0x84, 0x01, 0x47,
873 0x67, 0x0a, 0xc1, 0x7a, 0xb6, 0xb9, 0xf7, 0x6e,
874 0x35, 0xa6, 0xb0, 0x8c, 0xf5, 0x2a, 0x3d, 0x64,
875 0x9a, 0x8c, 0x7e, 0x0c, 0x55, 0x45, 0xd3, 0x7d,
876 0x1f, 0x7f, 0x28, 0x34, 0x96, 0x14, 0x44, 0x2a,
877 0xf5, 0x98, 0xa2, 0x95, 0x24, 0x76, 0x53, 0x97
878};
879
880static const uint8_t hash_data_sha512_in1[] = {
881 'a', 'b', 'c', 'd', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
882};
883
884static const uint8_t hash_data_sha512_out1[] = {
885 0x20, 0xd8, 0x64, 0x4f, 0x54, 0xa2, 0x5f, 0x6f,
886 0x0a, 0xf9, 0xd5, 0x27, 0x7d, 0x17, 0xa8, 0x99,
887 0x4c, 0x64, 0x3f, 0xd0, 0xf3, 0x83, 0x36, 0xee,
888 0x93, 0x12, 0x55, 0xcd, 0x2e, 0x12, 0x34, 0xa0,
889 0xc2, 0xaa, 0xf9, 0xbb, 0x15, 0xc5, 0xe9, 0xfa,
890 0xf7, 0xa7, 0xda, 0xb8, 0x2f, 0x72, 0xa0, 0x47,
891 0xe3, 0x02, 0x04, 0xe8, 0xa0, 0x35, 0x0c, 0x96,
892 0x26, 0xd1, 0xcb, 0x8b, 0x47, 0x45, 0x25, 0xd0
893};
894
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]895/*
896 * SM3
897 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]898 * Appendix A.1
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]899 */
900static const uint8_t hash_data_sm3_a1_in[3] = "abc";
901
902static const uint8_t hash_data_sm3_a1_out[] = {
903 0x66, 0xc7, 0xf0, 0xf4, 0x62, 0xee, 0xed, 0xd9,
904 0xd1, 0xf2, 0xd4, 0x6b, 0xdc, 0x10, 0xe4, 0xe2,
905 0x41, 0x67, 0xc4, 0x87, 0x5c, 0xf2, 0xf7, 0xa2,
906 0x29, 0x7d, 0xa0, 0x2b, 0x8f, 0x4b, 0xa8, 0xe0
907};
908
909/*
910 * SM3
911 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]912 * Appendix A.2
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]913 */
914static const uint8_t hash_data_sm3_a2_in[] = {
915 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
916 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
917 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
918 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
919 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
920 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
921 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
922 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64
923};
924
925static const uint8_t hash_data_sm3_a2_out[] = {
926 0xde, 0xbe, 0x9f, 0xf9, 0x22, 0x75, 0xb8, 0xa1,
927 0x38, 0x60, 0x48, 0x89, 0xc1, 0x8e, 0x5a, 0x4d,
928 0x6f, 0xdb, 0x70, 0xe5, 0x38, 0x7e, 0x57, 0x65,
929 0x29, 0x3d, 0xcb, 0xa3, 0x9c, 0x0c, 0x57, 0x32
930};
931
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]932struct xtest_hash_case {
933 uint32_t algo;
934 size_t in_incr;
935 const uint8_t *in;
936 size_t in_len;
937 const uint8_t *out;
938 size_t out_len;
939};
940
941#define XTEST_HASH_CASE(algo, in_incr, in, out) \
942 { (algo), (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
943
944static const struct xtest_hash_case hash_cases[] = {
945 XTEST_HASH_CASE(TEE_ALG_MD5, 6, hash_data_md5_in1,
946 hash_data_md5_out1),
947 XTEST_HASH_CASE(TEE_ALG_SHA1, 3, hash_data_sha1_in1,
948 hash_data_sha1_out1),
949 XTEST_HASH_CASE(TEE_ALG_SHA224, 7, hash_data_sha224_in1,
950 hash_data_sha224_out1),
951 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in1,
952 hash_data_sha256_out1),
953 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in2,
954 hash_data_sha256_out2),
955 XTEST_HASH_CASE(TEE_ALG_SHA384, 1, hash_data_sha384_in1,
956 hash_data_sha384_out1),
957 XTEST_HASH_CASE(TEE_ALG_SHA512, 1, hash_data_sha512_in1,
958 hash_data_sha512_out1),
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]959 XTEST_HASH_CASE(TEE_ALG_SM3, 2, hash_data_sm3_a1_in,
960 hash_data_sm3_a1_out),
961 XTEST_HASH_CASE(TEE_ALG_SM3, 19, hash_data_sm3_a2_in,
962 hash_data_sm3_a2_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]963};
964
965static void xtest_tee_test_4001(ADBG_Case_t *c)
966{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]967 TEEC_Session session = { };
968 uint32_t ret_orig = 0;
969 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]970
971 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
972 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
973 &ret_orig)))
974 return;
975
976
977 for (n = 0; n < ARRAY_SIZE(hash_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]978 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
979 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
980 uint8_t out[64] = { };
981 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]982
Jerome Forissier87b00c02020-01-22 16:33:12 +0100[diff] [blame]983 if (hash_cases[n].algo == TEE_ALG_SM3 &&
984 !ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_SM3,
985 TEE_CRYPTO_ELEMENT_NONE)) {
986 Do_ADBG_Log("SM3 not supported: skip subcase");
987 continue;
988 }
989
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]990 Do_ADBG_BeginSubCase(c, "Hash case %d algo 0x%x",
991 (int)n, (unsigned int)hash_cases[n].algo);
992
993 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
994 ta_crypt_cmd_allocate_operation(c, &session, &op1,
995 hash_cases[n].algo,
996 TEE_MODE_DIGEST, 0)))
997 goto out;
998
999 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1000 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1001 hash_cases[n].algo,
1002 TEE_MODE_DIGEST, 0)))
1003 goto out;
1004
1005 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1006 ta_crypt_cmd_digest_update(c, &session, op1,
1007 hash_cases[n].in,
1008 hash_cases[n].in_incr)))
1009 goto out;
1010
1011 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1012 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1013 goto out;
1014
1015 out_size = sizeof(out);
1016 memset(out, 0, sizeof(out));
1017 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1018 ta_crypt_cmd_digest_do_final(c, &session, op2,
1019 hash_cases[n].in + hash_cases[n].in_incr,
1020 hash_cases[n].in_len - hash_cases[n].in_incr,
1021 out, &out_size)))
1022 goto out;
1023
1024 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1025 hash_cases[n].out_len, out, out_size);
1026
1027 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1028 ta_crypt_cmd_reset_operation(c, &session, op1)))
1029 goto out;
1030
1031 out_size = sizeof(out);
1032 memset(out, 0, sizeof(out));
1033 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1034 ta_crypt_cmd_digest_do_final(c, &session, op1,
1035 hash_cases[n].in,
1036 hash_cases[n].in_len, out,
1037 &out_size)))
1038 goto out;
1039
1040 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1041 hash_cases[n].out_len, out, out_size);
1042
Jerome Forissier1e05e262015-07-29 16:09:07 +0200[diff] [blame]1043 /*
1044 * Invoke TEE_DigestDoFinal() a second time to check that state
1045 * was properly reset
1046 */
1047 out_size = sizeof(out);
1048 memset(out, 0, sizeof(out));
1049 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1050 ta_crypt_cmd_digest_do_final(c, &session, op1,
1051 hash_cases[n].in,
1052 hash_cases[n].in_len, out,
1053 &out_size)))
1054 goto out;
1055
1056 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1057 hash_cases[n].out_len, out, out_size);
1058
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1059 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1060 ta_crypt_cmd_free_operation(c, &session, op1)))
1061 goto out;
1062
1063 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1064 ta_crypt_cmd_free_operation(c, &session, op2)))
1065 goto out;
1066
1067 Do_ADBG_EndSubCase(c, NULL);
1068 }
1069
1070out:
1071 TEEC_CloseSession(&session);
1072}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1073ADBG_CASE_DEFINE(regression, 4001, xtest_tee_test_4001,
1074 "Test TEE Internal API hash operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1075
1076static const uint8_t mac_data_md5_key1[10] = {
1077 0x6B, 0x65, 0x79, /* key */
1078};
1079
1080static const uint8_t mac_data_md5_in1[] = {
1081 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1082 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1083 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1084 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1085 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1086 0x64, 0x6F, 0x67, /* dog */
1087};
1088
1089static const uint8_t mac_data_md5_out1[] = {
1090 0x80, 0x07, 0x07, 0x13, 0x46, 0x3e, 0x77, 0x49,
1091 0xb9, 0x0c, 0x2d, 0xc2, 0x49, 0x11, 0xe2, 0x75
1092};
1093
1094
1095/* generated with scripts/digest_hmac.pl */
1096static const uint8_t mac_data_sha1_key1[10] = {
1097 0x6B, 0x65, 0x79, /* key */
1098};
1099
1100static const uint8_t mac_data_sha1_in1[] = {
1101 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1102 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1103 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1104 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1105 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1106 0x64, 0x6F, 0x67, /* dog */
1107};
1108
1109static const uint8_t mac_data_sha1_out1[] = {
1110 0xDE, 0x7C, 0x9B, 0x85, 0xB8, 0xB7, 0x8A, 0xA6, /* .|...... */
1111 0xBC, 0x8A, 0x7A, 0x36, 0xF7, 0x0A, 0x90, 0x70, /* ..z6...p */
1112 0x1C, 0x9D, 0xB4, 0xD9, /* .... */
1113};
1114
1115static const uint8_t mac_data_sha224_key1[24] = {
1116 0x6B, 0x65, 0x79, /* key */
1117};
1118
1119static const uint8_t mac_data_sha224_in1[] = {
1120 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1121 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1122 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1123 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1124 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1125 0x64, 0x6F, 0x67, /* dog */
1126};
1127
1128static const uint8_t mac_data_sha224_out1[] = {
1129 0x88, 0xFF, 0x8B, 0x54, 0x67, 0x5D, 0x39, 0xB8, /* ...Tg]9. */
1130 0xF7, 0x23, 0x22, 0xE6, 0x5F, 0xF9, 0x45, 0xC5, /* .#"._.E. */
1131 0x2D, 0x96, 0x37, 0x99, 0x88, 0xAD, 0xA2, 0x56, /* -.7....V */
1132 0x39, 0x74, 0x7E, 0x69, /* 9t~i */
1133};
1134
1135
1136static const uint8_t mac_data_sha256_key1[24] = {
1137 'Q', 'W', 'E', 'R', 'T', 'Y'
1138};
1139
1140static const uint8_t mac_data_sha256_in1[] = { 'a', 'b', 'c' };
1141
1142static const uint8_t mac_data_sha256_out1[] = {
1143 0xee, 0x2e, 0x5d, 0x9b, 0x51, 0xe2, 0x9c, 0x1d,
1144 0x49, 0xe9, 0xae, 0x6f, 0x0a, 0xcc, 0x15, 0x18,
1145 0xde, 0x1e, 0xa3, 0x88, 0x8e, 0xee, 0x48, 0xbb,
1146 0x82, 0x77, 0xe9, 0x09, 0x74, 0x4b, 0xa2, 0xf2
1147};
1148
1149/* generated with scripts/digest_hmac.pl */
1150static const uint8_t mac_data_sha256_key2[24] = {
1151 0x6B, 0x65, 0x79, /* key */
1152};
1153
1154static const uint8_t mac_data_sha256_in2[] = {
1155 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1156 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1157 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1158 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1159 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1160 0x64, 0x6F, 0x67, /* dog */
1161};
1162
1163static const uint8_t mac_data_sha256_out2[] = {
1164 0xF7, 0xBC, 0x83, 0xF4, 0x30, 0x53, 0x84, 0x24, /* ....0S.$ */
1165 0xB1, 0x32, 0x98, 0xE6, 0xAA, 0x6F, 0xB1, 0x43, /* .2...o.C */
1166 0xEF, 0x4D, 0x59, 0xA1, 0x49, 0x46, 0x17, 0x59, /* .MY.IF.Y */
1167 0x97, 0x47, 0x9D, 0xBC, 0x2D, 0x1A, 0x3C, 0xD8, /* .G..-.<. */
1168};
1169
1170static const uint8_t mac_data_sha384_key1[32] = {
1171 0x6B, 0x65, 0x79, /* key */
1172};
1173
1174static const uint8_t mac_data_sha384_in1[] = {
1175 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1176 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1177 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1178 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1179 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1180 0x64, 0x6F, 0x67, /* dog */
1181};
1182
1183static const uint8_t mac_data_sha384_out1[] = {
1184 0xD7, 0xF4, 0x72, 0x7E, 0x2C, 0x0B, 0x39, 0xAE, /* ..r~, .9. */
1185 0x0F, 0x1E, 0x40, 0xCC, 0x96, 0xF6, 0x02, 0x42, /* ..@....B */
1186 0xD5, 0xB7, 0x80, 0x18, 0x41, 0xCE, 0xA6, 0xFC, /* ....A... */
1187 0x59, 0x2C, 0x5D, 0x3E, 0x1A, 0xE5, 0x07, 0x00, /* Y, ]>.... */
1188 0x58, 0x2A, 0x96, 0xCF, 0x35, 0xE1, 0xE5, 0x54, /* X...5..T */
1189 0x99, 0x5F, 0xE4, 0xE0, 0x33, 0x81, 0xC2, 0x37, /* ._..3..7 */
1190};
1191
1192static const uint8_t mac_data_sha512_key1[32] = {
1193 0x6B, 0x65, 0x79, /* key */
1194};
1195
1196static const uint8_t mac_data_sha512_in1[] = {
1197 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1198 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1199 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1200 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1201 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1202 0x64, 0x6F, 0x67, /* dog */
1203};
1204
1205static const uint8_t mac_data_sha512_out1[] = {
1206 0xB4, 0x2A, 0xF0, 0x90, 0x57, 0xBA, 0xC1, 0xE2, /* ....W... */
1207 0xD4, 0x17, 0x08, 0xE4, 0x8A, 0x90, 0x2E, 0x09, /* ........ */
1208 0xB5, 0xFF, 0x7F, 0x12, 0xAB, 0x42, 0x8A, 0x4F, /* .....B.O */
1209 0xE8, 0x66, 0x53, 0xC7, 0x3D, 0xD2, 0x48, 0xFB, /* .fS.=.H. */
1210 0x82, 0xF9, 0x48, 0xA5, 0x49, 0xF7, 0xB7, 0x91, /* ..H.I... */
1211 0xA5, 0xB4, 0x19, 0x15, 0xEE, 0x4D, 0x1E, 0xC3, /* .....M.. */
1212 0x93, 0x53, 0x57, 0xE4, 0xE2, 0x31, 0x72, 0x50, /* .SW..1rP */
1213 0xD0, 0x37, 0x2A, 0xFA, 0x2E, 0xBE, 0xEB, 0x3A, /* .7.....: */
1214};
1215
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1216/*
1217 * SM3 HMAC
1218 * GM/T 0042-2015
1219 * Section D.3 Test vector 1
1220 */
1221static const uint8_t mac_data_sm3_d31_in[112] =
1222 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomn"
1223 "opnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmn"
1224 "lmnomnopnopq";
1225
1226static const uint8_t mac_data_sm3_d31_key[] = {
1227 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1228 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1229 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
1230 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
1231};
1232
1233static const uint8_t mac_data_sm3_d31_out[] = {
1234 0xca, 0x05, 0xe1, 0x44, 0xed, 0x05, 0xd1, 0x85,
1235 0x78, 0x40, 0xd1, 0xf3, 0x18, 0xa4, 0xa8, 0x66,
1236 0x9e, 0x55, 0x9f, 0xc8, 0x39, 0x1f, 0x41, 0x44,
1237 0x85, 0xbf, 0xdf, 0x7b, 0xb4, 0x08, 0x96, 0x3a,
1238};
1239
1240/*
1241 * SM3 HMAC
1242 * GM/T 0042-2015
1243 * Section D.3 Test vector 2
1244 */
1245static const uint8_t mac_data_sm3_d32_in[] = {
1246 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1247 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1248 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1249 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1250 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1251 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1252 0xcd, 0xcd
1253};
1254
1255static const uint8_t mac_data_sm3_d32_key[] = {
1256 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1257 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1258 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
1259 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
1260 0x21, 0x22, 0x23, 0x24, 0x25,
1261};
1262
1263static const uint8_t mac_data_sm3_d32_out[] = {
1264 0x22, 0x0b, 0xf5, 0x79, 0xde, 0xd5, 0x55, 0x39,
1265 0x3f, 0x01, 0x59, 0xf6, 0x6c, 0x99, 0x87, 0x78,
1266 0x22, 0xa3, 0xec, 0xf6, 0x10, 0xd1, 0x55, 0x21,
1267 0x54, 0xb4, 0x1d, 0x44, 0xb9, 0x4d, 0xb3, 0xae,
1268};
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1269
1270/* AES-CBC-MAC */
1271static const uint8_t mac_cbc_vect1_key[] = {
1272 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1273 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1274};
1275
1276static const uint8_t mac_cbc_vect1_data[] = {
1277 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1278 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1279 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1280 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1281 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1282 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1283 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1284 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1285 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1286 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1287 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1288 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1289 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1290 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1291 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1292 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1293 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1294 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1295 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1296 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1297};
1298
1299static const uint8_t mac_cbc_vect1_out[] = {
1300 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1301 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1302};
1303
1304/* DES-CBC-MAC */
1305static const uint8_t mac_cbc_vect2_key[] = {
1306 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1307};
1308
1309#define mac_cbc_vect2_data mac_cbc_vect1_data
1310static const uint8_t mac_cbc_vect2_out[] = {
1311 0xE9, 0x41, 0x46, 0x30, 0x69, 0x32, 0xBD, 0xD6, /* .AF0i2.. */
1312};
1313
1314/* DES3-CBC-MAC */
1315static const uint8_t mac_cbc_vect3_key[] = {
1316 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1317 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1318 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1319};
1320
1321#define mac_cbc_vect3_data mac_cbc_vect2_data
1322static const uint8_t mac_cbc_vect3_out[] = {
1323 0x1C, 0x17, 0xB7, 0xB5, 0x9F, 0x54, 0x9C, 0x63, /* .....T.c */
1324};
1325
1326/* AES-CBC-MAC PKCS#5 pad*/
1327static const uint8_t mac_cbc_vect4_key[] = {
1328 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1329 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1330 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1331 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1332};
1333
1334#define mac_cbc_vect4_data mac_cbc_vect1_data
1335static const uint8_t mac_cbc_vect4_out[] = {
1336 0x0B, 0x46, 0xC7, 0xA2, 0xE1, 0x5A, 0xE2, 0x23, /* .F...Z.# */
1337 0x83, 0x34, 0x1C, 0x86, 0x53, 0xF8, 0x51, 0x24, /* .4..S.Q$ */
1338};
1339
1340/* DES-CBC-MAC PKCS#5 pad*/
1341static const uint8_t mac_cbc_vect5_key[] = {
1342 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1343};
1344
1345#define mac_cbc_vect5_data mac_cbc_vect1_data
1346static const uint8_t mac_cbc_vect5_out[] = {
1347 0x30, 0x81, 0x4F, 0x42, 0x03, 0x7E, 0xD8, 0xA9, /* 0.OB.~.. */
1348};
1349
1350/* DES3-CBC-MAC PKCS#5 pad*/
1351static const uint8_t mac_cbc_vect6_key[] = {
1352 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1353 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1354 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1355};
1356
1357#define mac_cbc_vect6_data mac_cbc_vect1_data
1358static const uint8_t mac_cbc_vect6_out[] = {
1359 0x6E, 0x37, 0x6E, 0x14, 0x5E, 0x21, 0xDD, 0xF8, /* n7n.^!.. */
1360};
1361
1362/* AES-CBC-MAC PKCS#5 pad*/
1363#define mac_cbc_vect7_key mac_cbc_vect4_key
1364static const uint8_t mac_cbc_vect7_data[] = {
1365 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1366 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1367 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1368 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1369 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1370 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1371 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1372 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1373 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1374 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1375 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1376 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1377 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1378 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1379 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1380 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1381 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1382 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1383 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1384 0x74, 0x69, 0x6F, 0x6E, 0x2E, /* tion. */
1385};
1386
1387static const uint8_t mac_cbc_vect7_out[] = {
1388 0xFD, 0x89, 0x35, 0xB3, 0x93, 0x7F, 0xBB, 0xA2, /* ..5..... */
1389 0xFB, 0x65, 0x60, 0xC4, 0x0A, 0x62, 0xA0, 0xF9, /* .e`..b.. */
1390};
1391
1392/* DES-CBC-MAC PKCS#5 pad*/
1393#define mac_cbc_vect8_key mac_cbc_vect5_key
1394#define mac_cbc_vect8_data mac_cbc_vect7_data
1395static const uint8_t mac_cbc_vect8_out[] = {
1396 0x02, 0x2A, 0xA8, 0x2E, 0x47, 0xC6, 0xBB, 0x7C, /* ....G..| */
1397};
1398
1399/* DES3-CBC-MAC PKCS#5 pad*/
1400#define mac_cbc_vect9_key mac_cbc_vect6_key
1401#define mac_cbc_vect9_data mac_cbc_vect7_data
1402static const uint8_t mac_cbc_vect9_out[] = {
1403 0xD4, 0xF7, 0x3E, 0x27, 0x78, 0x0E, 0x1C, 0x79, /* ..>'x..y */
1404};
1405
1406/*
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1407 * DES3-CBC-MAC, with key size of 112bit
1408 * out obtained with:
1409 * echo -n "Cipher block chaining (CBC) is a common chaining mode in which the previous block's ciphertext is xored with the current block's plaintext before encryption...."|openssl enc -iv 0 -des3 -K 303132333435363738394142434445463031323334353637 |xxd
1410 */
1411/* DES3-CBC-MAC PKCS#5 pad*/
1412static const uint8_t mac_cbc_vect10_key[] = {
1413 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1414 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1415};
1416#define mac_cbc_vect10_data mac_cbc_vect1_data
1417static const uint8_t mac_cbc_vect10_out[] = {
1418 0x30, 0x92, 0x60, 0x99, 0x66, 0xac, 0x8c, 0xa6,
1419};
1420
1421
1422/*
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1423 * AES-CMAC
1424 * Test vectors from
1425 * http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
1426 */
1427
1428/* AES-128 */
1429static const uint8_t mac_cmac_vect1_key[] = {
1430 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
1431 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
1432};
1433
1434static const uint8_t mac_cmac_vect1_out[] = {
1435 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
1436 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46
1437};
1438
1439#define mac_cmac_vect2_key mac_cmac_vect1_key
1440static const uint8_t mac_cmac_vect2_data[] = {
1441 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1442 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1443};
1444
1445static const uint8_t mac_cmac_vect2_out[] = {
1446 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
1447 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
1448};
1449
1450#define mac_cmac_vect3_key mac_cmac_vect1_key
1451static const uint8_t mac_cmac_vect3_data[] = {
1452 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1453 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1454 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1455 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1456 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1457};
1458
1459static const uint8_t mac_cmac_vect3_out[] = {
1460 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30,
1461 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27
1462};
1463
1464#define mac_cmac_vect4_key mac_cmac_vect1_key
1465static const uint8_t mac_cmac_vect4_data[] = {
1466 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1467 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1468 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1469 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1470 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1471 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1472 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1473 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1474};
1475
1476static const uint8_t mac_cmac_vect4_out[] = {
1477 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
1478 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe
1479};
1480
1481/* AES-192 */
1482static const uint8_t mac_cmac_vect5_key[] = {
1483 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
1484 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
1485 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
1486};
1487
1488static const uint8_t mac_cmac_vect5_out[] = {
1489 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5,
1490 0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67
1491};
1492
1493
1494#define mac_cmac_vect6_key mac_cmac_vect5_key
1495static const uint8_t mac_cmac_vect6_data[] = {
1496 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1497 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1498};
1499
1500static const uint8_t mac_cmac_vect6_out[] = {
1501 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90,
1502 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84
1503};
1504
1505#define mac_cmac_vect7_key mac_cmac_vect5_key
1506static const uint8_t mac_cmac_vect7_data[] = {
1507 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1508 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1509 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1510 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1511 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1512};
1513
1514static const uint8_t mac_cmac_vect7_out[] = {
1515 0x8a, 0x1d, 0xe5, 0xbe, 0x2e, 0xb3, 0x1a, 0xad,
1516 0x08, 0x9a, 0x82, 0xe6, 0xee, 0x90, 0x8b, 0x0e
1517};
1518
1519#define mac_cmac_vect8_key mac_cmac_vect5_key
1520static const uint8_t mac_cmac_vect8_data[] = {
1521 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1522 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1523 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1524 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1525 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1526 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1527 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1528 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1529};
1530
1531static const uint8_t mac_cmac_vect8_out[] = {
1532 0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79,
1533 0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11
1534};
1535
1536/* AES-256 */
1537static const uint8_t mac_cmac_vect9_key[] = {
1538 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
1539 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
1540 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
1541 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
1542};
1543
1544static const uint8_t mac_cmac_vect9_out[] = {
1545 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e,
1546 0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83
1547};
1548
1549#define mac_cmac_vect10_key mac_cmac_vect9_key
1550static const uint8_t mac_cmac_vect10_data[] = {
1551 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1552 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1553};
1554
1555static const uint8_t mac_cmac_vect10_out[] = {
1556 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82,
1557 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c
1558};
1559
1560#define mac_cmac_vect11_key mac_cmac_vect9_key
1561static const uint8_t mac_cmac_vect11_data[] = {
1562 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1563 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1564 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1565 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1566 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1567};
1568
1569static const uint8_t mac_cmac_vect11_out[] = {
1570 0xaa, 0xf3, 0xd8, 0xf1, 0xde, 0x56, 0x40, 0xc2,
1571 0x32, 0xf5, 0xb1, 0x69, 0xb9, 0xc9, 0x11, 0xe6
1572};
1573
1574#define mac_cmac_vect12_key mac_cmac_vect9_key
1575static const uint8_t mac_cmac_vect12_data[] = {
1576 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1577 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1578 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1579 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1580 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1581 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1582 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1583 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1584};
1585
1586static const uint8_t mac_cmac_vect12_out[] = {
1587 0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5,
1588 0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10
1589};
1590
1591struct xtest_mac_case {
1592 uint32_t algo;
1593 uint32_t key_type;
1594 const uint8_t *key;
1595 size_t key_len;
1596 size_t in_incr;
1597 const uint8_t *in;
1598 size_t in_len;
1599 const uint8_t *out;
1600 size_t out_len;
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1601 bool multiple_incr;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1602};
1603
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1604#define XTEST_MAC_CASE_1(algo, key_type, key, in_incr, in, out) \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1605 { (algo), (key_type), (key), ARRAY_SIZE(key), \
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1606 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), false }
1607
1608#define XTEST_MAC_CASE_MULT(algo, key_type, key, in_incr, in, out) \
1609 { (algo), (key_type), (key), ARRAY_SIZE(key), \
1610 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), true }
1611
1612#define XTEST_MAC_CASE(algo, key_type, key, in_incr, in, out) \
1613 XTEST_MAC_CASE_1((algo), (key_type), (key), (in_incr), (in), (out)), \
1614 XTEST_MAC_CASE_MULT((algo), (key_type), (key), (in_incr), (in), (out))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1615
1616#define XTEST_MAC_CBC_CASE(algo, key_type, vect, in_incr) \
1617 XTEST_MAC_CASE((algo), (key_type), \
1618 mac_cbc_ ## vect ## _key, (in_incr), \
1619 mac_cbc_ ## vect ## _data, mac_cbc_ ## vect ## _out)
1620
1621#define XTEST_MAC_CMAC_CASE(vect, in_incr) \
1622 XTEST_MAC_CASE(TEE_ALG_AES_CMAC, TEE_TYPE_AES, \
1623 mac_cmac_ ## vect ## _key, (in_incr), \
1624 mac_cmac_ ## vect ## _data, mac_cmac_ ## vect ## _out)
1625
1626static const struct xtest_mac_case mac_cases[] = {
1627 XTEST_MAC_CASE(TEE_ALG_HMAC_MD5, TEE_TYPE_HMAC_MD5,
1628 mac_data_md5_key1,
1629 4, mac_data_md5_in1, mac_data_md5_out1),
1630 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA1, TEE_TYPE_HMAC_SHA1,
1631 mac_data_sha1_key1,
1632 5, mac_data_sha1_in1, mac_data_sha1_out1),
1633 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA224, TEE_TYPE_HMAC_SHA224,
1634 mac_data_sha224_key1,
1635 8, mac_data_sha224_in1, mac_data_sha224_out1),
1636 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1637 mac_data_sha256_key1,
1638 1, mac_data_sha256_in1, mac_data_sha256_out1),
1639 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1640 mac_data_sha256_key2,
1641 7, mac_data_sha256_in2, mac_data_sha256_out2),
1642 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA384, TEE_TYPE_HMAC_SHA384,
1643 mac_data_sha384_key1,
1644 11, mac_data_sha384_in1, mac_data_sha384_out1),
1645 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA512, TEE_TYPE_HMAC_SHA512,
1646 mac_data_sha512_key1,
1647 13, mac_data_sha512_in1, mac_data_sha512_out1),
1648
1649 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_NOPAD, TEE_TYPE_AES, vect1, 14),
1650 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_NOPAD, TEE_TYPE_DES, vect2, 16),
1651 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_NOPAD, TEE_TYPE_DES3, vect3,
1652 17),
1653 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect4, 11),
1654 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect5, 9),
1655 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect6, 4),
1656 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect7, 3),
1657 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect8, 23),
1658 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect9,
1659 34),
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1660 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect10, 4),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1661
1662 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect1_key,
1663 ARRAY_SIZE(mac_cmac_vect1_key), 0, NULL, 0, mac_cmac_vect1_out,
1664 ARRAY_SIZE(mac_cmac_vect1_out) },
1665 XTEST_MAC_CMAC_CASE(vect2, 9),
1666 XTEST_MAC_CMAC_CASE(vect3, 9),
1667 XTEST_MAC_CMAC_CASE(vect4, 9),
1668 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect5_key,
1669 ARRAY_SIZE(mac_cmac_vect5_key), 0, NULL, 0, mac_cmac_vect5_out,
1670 ARRAY_SIZE(mac_cmac_vect5_out) },
1671 XTEST_MAC_CMAC_CASE(vect6, 9),
1672 XTEST_MAC_CMAC_CASE(vect7, 9),
1673 XTEST_MAC_CMAC_CASE(vect8, 9),
1674 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect9_key,
1675 ARRAY_SIZE(mac_cmac_vect9_key), 0, NULL, 0, mac_cmac_vect9_out,
1676 ARRAY_SIZE(mac_cmac_vect9_out) },
1677 XTEST_MAC_CMAC_CASE(vect10, 9),
1678 XTEST_MAC_CMAC_CASE(vect11, 9),
1679 XTEST_MAC_CMAC_CASE(vect12, 9),
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1680
1681 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1682 mac_data_sm3_d31_key,
1683 13, mac_data_sm3_d31_in, mac_data_sm3_d31_out),
1684 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1685 mac_data_sm3_d32_key,
1686 13, mac_data_sm3_d32_in, mac_data_sm3_d32_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1687};
1688
1689static void xtest_tee_test_4002(ADBG_Case_t *c)
1690{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1691 TEEC_Session session = { };
1692 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
1693 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
1694 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
1695 uint8_t out[64] = { };
1696 size_t out_size = 0;
1697 uint32_t ret_orig = 0;
1698 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1699
1700 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1701 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1702 &ret_orig)))
1703 return;
1704
1705 for (n = 0; n < ARRAY_SIZE(mac_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1706 TEE_Attribute key_attr = { };
1707 size_t key_size = 0;
1708 size_t offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1709
1710 Do_ADBG_BeginSubCase(c, "MAC case %d algo 0x%x",
1711 (int)n, (unsigned int)mac_cases[n].algo);
1712
1713 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
1714 key_attr.content.ref.buffer = (void *)mac_cases[n].key;
1715 key_attr.content.ref.length = mac_cases[n].key_len;
1716
1717 key_size = key_attr.content.ref.length * 8;
1718 if (mac_cases[n].key_type == TEE_TYPE_DES ||
1719 mac_cases[n].key_type == TEE_TYPE_DES3)
1720 /* Exclude parity in bit size of key */
1721 key_size -= key_size / 8;
1722
1723 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1724 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1725 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1726 goto out;
1727
1728 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1729 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1730 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1731 goto out;
1732
1733 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1734 ta_crypt_cmd_allocate_transient_object(c, &session,
1735 mac_cases[n].key_type, key_size, &key_handle)))
1736 goto out;
1737
1738 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1739 ta_crypt_cmd_populate_transient_object(c, &session,
1740 key_handle, &key_attr, 1)))
1741 goto out;
1742
1743 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1744 ta_crypt_cmd_set_operation_key(c, &session, op1,
1745 key_handle)))
1746 goto out;
1747
1748 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1749 ta_crypt_cmd_free_transient_object(c, &session,
1750 key_handle)))
1751 goto out;
1752
1753 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1754 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1755 goto out;
1756
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1757 offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1758 if (mac_cases[n].in != NULL) {
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1759 while (offs + mac_cases[n].in_incr <
1760 mac_cases[n].in_len) {
1761 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1762 ta_crypt_cmd_mac_update(c, &session,
1763 op1, mac_cases[n].in + offs,
1764 mac_cases[n].in_incr)))
1765 goto out;
1766 offs += mac_cases[n].in_incr;
1767 if (!mac_cases[n].multiple_incr)
1768 break;
1769 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1770 }
1771
1772 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1773 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1774 goto out;
1775
1776 out_size = sizeof(out);
1777 memset(out, 0, sizeof(out));
1778 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1779 ta_crypt_cmd_mac_final_compute(c, &session, op2,
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1780 mac_cases[n].in + offs,
1781 mac_cases [n].in_len - offs,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1782 out, &out_size)))
1783 goto out;
1784
1785 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1786 mac_cases[n].out_len, out, out_size);
1787
1788 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1789 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1790 goto out;
1791
1792 out_size = sizeof(out);
1793 memset(out, 0, sizeof(out));
1794 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1795 ta_crypt_cmd_mac_final_compute(c, &session, op1,
1796 mac_cases[n].in, mac_cases[n].in_len, out,
1797 &out_size)))
1798 goto out;
1799
1800 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1801 mac_cases[n].out_len, out, out_size);
1802
1803 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1804 ta_crypt_cmd_free_operation(c, &session, op1)))
1805 goto out;
1806
1807 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1808 ta_crypt_cmd_free_operation(c, &session, op2)))
1809 goto out;
1810
1811 Do_ADBG_EndSubCase(c, NULL);
1812 }
1813out:
1814 TEEC_CloseSession(&session);
1815}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1816ADBG_CASE_DEFINE(regression, 4002, xtest_tee_test_4002,
1817 "Test TEE Internal API MAC operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1818
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1819static const uint8_t ciph_data_aes_key1[] = {
1820 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1821 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1822};
1823
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1824static const uint8_t ciph_data_aes_key2[] = {
1825 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1826 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1827};
1828
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1829static const uint8_t ciph_data_des_key1[] = {
1830 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 /* 01234567 */
1831};
1832
1833static const uint8_t ciph_data_des_key2[] = {
1834 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1835};
1836
1837
1838static const uint8_t ciph_data_des3_key1[] = {
1839 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1840 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1841 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1842};
1843
1844static const uint8_t ciph_data_des3_key2[] = {
1845 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1846 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1847 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1848};
1849
1850static const uint8_t ciph_data_des2_key1[] = {
1851 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1852 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1853};
1854
1855static const uint8_t ciph_data_in1[] = {
1856 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1857 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1858 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1859 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1860 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1861 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1862};
1863
1864static const uint8_t ciph_data_in3[] = {
1865 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1866 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1867 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1868 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1869 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1870 0x43, 0x44, 0x45, 0x46, 0x30, /* CDEF0 */
1871};
1872
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1873static const uint8_t ciph_data_in4[] = {
1874 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1875 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1876 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1877 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1878 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1879 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1880 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1881 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1882};
1883
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1884static const uint8_t ciph_data_in5[] = {
1885 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1886 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1887 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1888 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1889 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1890 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1891 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1892 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1893 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1894 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1895 0x01, 0x01, 0x01
1896};
1897
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1898static const uint8_t ciph_data_128_iv1[] = {
1899 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1900 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, /* 9ABCDEF0 */
1901};
1902
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1903static const uint8_t ciph_data_128_iv2[] = {
1904 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1905 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1906};
1907
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1908static const uint8_t ciph_data_64_iv1[] = {
1909 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1910};
1911
1912static const uint8_t ciph_data_in2[] = {
1913 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
1914};
1915
1916static const uint8_t ciph_data_aes_ecb_nopad_out1[] = {
1917 0xA5, 0xBE, 0x14, 0xD5, 0x01, 0x05, 0x24, 0x48, /* ......$H */
1918 0x58, 0x1A, 0x6B, 0x82, 0xD4, 0x41, 0xD2, 0xB3, /* X.k..A.. */
1919 0xBB, 0xF9, 0xAE, 0x37, 0x94, 0xAC, 0x18, 0x50, /* ...7...P */
1920 0x87, 0x09, 0xCC, 0x3F, 0x43, 0xD2, 0xC2, 0xB7, /* ...?C... */
1921 0xD7, 0x6F, 0x84, 0x07, 0xB4, 0x78, 0xCE, 0x34, /* .o...x.4 */
1922 0x48, 0xC9, 0x16, 0x86, 0x42, 0xB8, 0xFF, 0xCF, /* H...B... */
1923};
1924
1925static const uint8_t ciph_data_aes_cbc_nopad_out1[] = {
1926 0x8D, 0x9F, 0x88, 0xD8, 0xAF, 0x9F, 0xC1, 0x3B, /* .......; */
1927 0x02, 0x15, 0x43, 0x6A, 0x8C, 0x1E, 0x34, 0x5C, /* ..Cj..4\ */
1928 0x83, 0xF4, 0x85, 0x3E, 0x43, 0x0F, 0xE5, 0x5F, /* ...>C.._ */
1929 0x81, 0x4C, 0xC0, 0x28, 0x3F, 0xD9, 0x98, 0x53, /* .L.(?..S */
1930 0xB1, 0x44, 0x51, 0x38, 0x21, 0xAB, 0x10, 0xCE, /* .DQ8!... */
1931 0xC2, 0xEC, 0x65, 0x54, 0xDD, 0x5C, 0xEA, 0xDC, /* ..eT.\.. */
1932};
1933
1934static const uint8_t ciph_data_aes_ctr_out1[] = {
1935 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1936 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1937 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1938 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1939 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1940 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1941};
1942
1943static const uint8_t ciph_data_aes_ctr_out2[] = {
1944 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1945 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1946 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1947 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1948 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1949 0x72, 0x0E, 0x3C, 0xD1, 0xA1, /* r.<.. */
1950};
1951
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1952static const uint8_t ciph_data_aes_ctr_out4[] = {
1953 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1954 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1955 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1956 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1957 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1958 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1959 0x9F, 0xD7, 0x0C, 0x92, 0xD4, 0xA5, 0x9D, 0x06, /* ........ */
1960 0x01, 0x80, 0x38, 0xCD, 0xC2, 0x71, 0x5D, 0x4A, /* ..8..q]J */
1961};
1962
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1963static const uint8_t ciph_data_aes_ctr_out5[] = {
1964 0xbb, 0xfe, 0x07, 0x04, 0x1c, 0x8e, 0x09, 0x61,
1965 0xfb, 0xb1, 0x7c, 0xa5, 0x4d, 0x2b, 0x30, 0xf6,
1966 0x26, 0x9e, 0xff, 0x61, 0x18, 0x47, 0xc6, 0x06,
1967 0x81, 0x02, 0x84, 0xcd, 0x9c, 0x4b, 0x6d, 0x21,
1968 0xe2, 0x64, 0xa6, 0x50, 0x7f, 0x28, 0x81, 0x6f,
1969 0x29, 0xda, 0xd5, 0x56, 0x3f, 0x46, 0xac, 0xca,
1970 0x37, 0xe7, 0x77, 0x36, 0xbc, 0x76, 0x39, 0x57,
1971 0xaa, 0x67, 0x1b, 0x2a, 0xe6, 0x36, 0x57, 0x6d,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1972 0x2a, 0xb8, 0x77, 0x41, 0xc2, 0x4e, 0x4f, 0x27,
1973 0x4c, 0x34, 0x7a, 0x01, 0x6a, 0xda, 0x75, 0x75,
1974 0x3e, 0x68, 0xb2
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1975};
1976
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1977static const uint8_t ciph_data_aes_cbc_vect1_key[] = {
1978 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1979 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1980};
1981
1982static const uint8_t ciph_data_aes_cbc_vect1_iv[] = {
1983 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1984 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1985};
1986
1987static const uint8_t ciph_data_aes_cbc_vect1_ptx[] = {
1988 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1989 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1990 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1991 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1992 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1993 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1994 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1995 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1996 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1997 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1998 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1999 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
2000 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
2001 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
2002 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
2003 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
2004 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
2005 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
2006 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
2007 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
2008};
2009
2010static const uint8_t ciph_data_aes_cbc_vect1_ctx[] = {
2011 0xDD, 0x16, 0xC3, 0x47, 0x69, 0xEC, 0xF5, 0x86, /* ...Gi... */
2012 0x20, 0xB4, 0xF7, 0xE3, 0xB9, 0x36, 0xE8, 0xAC, /* ....6.. */
2013 0xC9, 0xA2, 0x11, 0x71, 0x3B, 0x10, 0x9D, 0x45, /* ...q;..E */
2014 0xCA, 0xE2, 0x49, 0xA6, 0x4E, 0x56, 0x07, 0xC5, /* ..I.NV.. */
2015 0xCE, 0xA3, 0x14, 0xB5, 0x30, 0x1B, 0x63, 0xBB, /* ....0.c. */
2016 0x2D, 0x6F, 0xE9, 0xCA, 0x0B, 0x00, 0x31, 0x3F, /* -o....1? */
2017 0xA4, 0x9A, 0x39, 0xE1, 0xC8, 0xD2, 0x24, 0x95, /* ..9...$. */
2018 0x14, 0xE9, 0xD2, 0x43, 0xE8, 0xA8, 0x1E, 0x0A, /* ...C.... */
2019 0xFE, 0x9D, 0x4F, 0xF5, 0xBB, 0x16, 0xB9, 0x54, /* ..O....T */
2020 0x78, 0x07, 0x94, 0x05, 0x8E, 0x47, 0xC3, 0xCB, /* x....G.. */
2021 0x7C, 0xEC, 0xF4, 0xF8, 0xF2, 0xA4, 0x59, 0x6E, /* |.....Yn */
2022 0xED, 0xAD, 0x7F, 0x62, 0xAF, 0x89, 0xA8, 0x5B, /* ...b...[ */
2023 0x75, 0xD4, 0x73, 0xE3, 0xBA, 0x9F, 0x9A, 0xD2, /* u.s..... */
2024 0x0F, 0xFD, 0x3C, 0xE6, 0xC6, 0xA4, 0xD6, 0x6C, /* ..<....l */
2025 0x6A, 0x09, 0xE2, 0x16, 0xB0, 0x8C, 0x69, 0x3C, /* j.....i< */
2026 0xC8, 0x1C, 0xE4, 0x3E, 0x86, 0x4D, 0xB0, 0x2B, /* ...>.M.+ */
2027 0x29, 0xA0, 0x5A, 0xA3, 0x67, 0xBA, 0xDC, 0x11, /* ).Z.g... */
2028 0x08, 0x5E, 0x69, 0xB4, 0x6F, 0xA5, 0xE2, 0xB8, /* .^i.o... */
2029 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
2030 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
2031};
2032
2033/* AES-CTS test vectors from http://tools.ietf.org/html/rfc3962
2034 * and http://tools.ietf.org/html/draft-raeburn-krb-rijndael-krb-02 */
2035static const uint8_t ciph_data_aes_cts_vect1_key[] = {
2036 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
2037 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
2038};
2039
2040static const uint8_t ciph_data_aes_cts_vect1_iv[16] = {
2041 0x00
2042};
2043
2044static const uint8_t ciph_data_aes_cts_vect1_ptx[] = {
2045 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2046 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2047 0x20
2048};
2049
2050static const uint8_t ciph_data_aes_cts_vect1_ctx[] = {
2051 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
2052 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
2053 0x97
2054};
2055
2056#define ciph_data_aes_cts_vect2_key ciph_data_aes_cts_vect1_key
2057#define ciph_data_aes_cts_vect2_iv ciph_data_aes_cts_vect1_iv
2058static const uint8_t ciph_data_aes_cts_vect2_ptx[] = {
2059 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2060 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2061 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2062 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20
2063};
2064
2065static const uint8_t ciph_data_aes_cts_vect2_ctx[] = {
2066 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
2067 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
2068 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2069 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
2070};
2071
2072#define ciph_data_aes_cts_vect3_key ciph_data_aes_cts_vect1_key
2073#define ciph_data_aes_cts_vect3_iv ciph_data_aes_cts_vect1_iv
2074static const uint8_t ciph_data_aes_cts_vect3_ptx[] = {
2075 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2076 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2077 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2078 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2079};
2080
2081static const uint8_t ciph_data_aes_cts_vect3_ctx[] = {
2082 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2083 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2084 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2085 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2086};
2087
2088#define ciph_data_aes_cts_vect4_key ciph_data_aes_cts_vect1_key
2089#define ciph_data_aes_cts_vect4_iv ciph_data_aes_cts_vect1_iv
2090static const uint8_t ciph_data_aes_cts_vect4_ptx[] = {
2091 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2092 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2093 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2094 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2095 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2096 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c,
2097};
2098
2099static const uint8_t ciph_data_aes_cts_vect4_ctx[] = {
2100 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2101 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2102 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
2103 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
2104 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2105 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5,
2106};
2107
2108#define ciph_data_aes_cts_vect5_key ciph_data_aes_cts_vect1_key
2109#define ciph_data_aes_cts_vect5_iv ciph_data_aes_cts_vect1_iv
2110static const uint8_t ciph_data_aes_cts_vect5_ptx[] = {
2111 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2112 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2113 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2114 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2115 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2116 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
2117};
2118
2119static const uint8_t ciph_data_aes_cts_vect5_ctx[] = {
2120 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2121 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2122 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
2123 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
2124 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2125 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2126};
2127
2128#define ciph_data_aes_cts_vect6_key ciph_data_aes_cts_vect1_key
2129#define ciph_data_aes_cts_vect6_iv ciph_data_aes_cts_vect1_iv
2130static const uint8_t ciph_data_aes_cts_vect6_ptx[] = {
2131 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2132 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2133 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2134 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2135 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2136 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
2137 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74,
2138 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e,
2139};
2140
2141static const uint8_t ciph_data_aes_cts_vect6_ctx[] = {
2142 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2143 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2144 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2145 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2146 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
2147 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
2148 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
2149 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
2150};
2151
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2152/*
2153 * Test case for https://github.com/OP-TEE/optee_os/issues/1203
2154 * 80 bytes of data, processed in two steps (32 + 48).
2155 */
2156
2157#define ciph_data_aes_cts_issue1203_key ciph_data_aes_cts_vect1_key
2158
2159static const uint8_t ciph_data_aes_cts_issue1203_iv[] = {
2160 0x5b, 0x11, 0x7b, 0xf9, 0x83, 0x6a, 0x01, 0x27,
2161 0x1d, 0x2a, 0xae, 0x0a, 0xd3, 0x27, 0x35, 0x81,
2162};
2163
2164static const uint8_t ciph_data_aes_cts_issue1203_ptx[] = {
2165 0x33, 0x2a, 0xf4, 0x8c, 0x18, 0xa1, 0x30, 0x7c,
2166 0xa7, 0x52, 0x76, 0xca, 0xa6, 0x68, 0xad, 0xf6,
2167 0x1e, 0xba, 0xc9, 0x66, 0x66, 0x52, 0x1a, 0xe7,
2168 0x3e, 0xbc, 0xba, 0x60, 0x95, 0x71, 0x04, 0x5e,
2169 0xb4, 0xb7, 0x10, 0xd7, 0x93, 0x6d, 0x5f, 0x9a,
2170 0xb8, 0xbb, 0x6b, 0xb0, 0x6d, 0x47, 0x93, 0x41,
2171 0x29, 0x21, 0xf2, 0x84, 0xf5, 0xb2, 0xf2, 0x6d,
2172 0xbe, 0xe5, 0x8a, 0x2b, 0x58, 0x8d, 0x1b, 0x5e,
2173 0x41, 0x04, 0xba, 0x9e, 0x92, 0xe9, 0x52, 0xb6,
2174 0x8b, 0x1e, 0x36, 0x72, 0x91, 0xe4, 0x56, 0x66,
2175};
2176
2177/*
2178 * Ciphertext was generated by an online tool for AES CBC.
2179 * Since the input size is a multiple of the block size, and the ciphertext
2180 * format is CS3, the output is the same as plain AES CBC with the last
2181 * two blocks swapped.
2182 */
2183static const uint8_t ciph_data_aes_cts_issue1203_ctx[] = {
2184 0x6c, 0xfe, 0xef, 0x6a, 0x1c, 0x8f, 0xd3, 0xc3,
2185 0x66, 0xc4, 0xd9, 0x0e, 0xbe, 0x24, 0x17, 0x3f,
2186 0xcd, 0x19, 0xc9, 0xd2, 0x10, 0x3f, 0xcf, 0xdc,
2187 0xe9, 0x05, 0xab, 0xd5, 0x1a, 0x31, 0x41, 0x77,
2188 0x3b, 0xd7, 0x6a, 0x26, 0xae, 0x0d, 0xc9, 0x47,
2189 0x77, 0xd4, 0xa7, 0xd5, 0x73, 0x88, 0x9e, 0xde,
2190 0x72, 0x66, 0xe0, 0xe2, 0x3d, 0x62, 0x91, 0x22,
2191 0xae, 0x11, 0x01, 0x97, 0x22, 0x6a, 0x45, 0xa9,
2192 0xba, 0x56, 0xd2, 0xbc, 0x55, 0x2d, 0x99, 0x4d,
2193 0x3d, 0x22, 0x27, 0x9a, 0xac, 0x66, 0x2f, 0xf5,
2194};
2195
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2196static const uint8_t ciph_data_des_ecb_nopad_out1[] = {
2197 0x46, 0x2B, 0x91, 0xA8, 0x55, 0xE6, 0x7E, 0x75, /* F+..U.~u */
2198 0x5E, 0x53, 0xF4, 0x8F, 0x29, 0x41, 0x4E, 0xEF, /* ^S..)AN. */
2199 0x32, 0x1B, 0x58, 0x42, 0x9B, 0xB4, 0x3A, 0x1F, /* 2.XB..:. */
2200 0x9A, 0xEA, 0xA4, 0xB4, 0xCD, 0xE9, 0x87, 0x7C, /* .......| */
2201 0xC0, 0x05, 0x34, 0xED, 0x86, 0x3C, 0x2A, 0x81, /* ..4..<.. */
2202 0x5E, 0x93, 0x0E, 0x86, 0xA9, 0xBB, 0x80, 0xFF, /* ^....... */
2203};
2204
2205static const uint8_t ciph_data_des_ecb_nopad_out2[] = {
2206 0x85, 0xE8, 0x13, 0x54, 0x0F, 0x0A, 0xB4, 0x05
2207};
2208
2209static const uint8_t ciph_data_des_cbc_nopad_out1[] = {
2210 0xAD, 0xD6, 0xD6, 0x3E, 0x88, 0xD0, 0xDD, 0xD4, /* ...>.... */
2211 0x9A, 0x93, 0x95, 0xA0, 0x86, 0x22, 0x5B, 0x9E, /* ....."[. */
2212 0x84, 0x0C, 0x6F, 0x12, 0x04, 0x11, 0x6F, 0xD4, /* ..o...o. */
2213 0x12, 0x29, 0xC6, 0x78, 0x0C, 0xFB, 0x58, 0x5B, /* .).x..X[ */
2214 0x66, 0x82, 0x0E, 0x52, 0xDC, 0x25, 0x16, 0x51, /* f..R.%.Q */
2215 0x69, 0xDF, 0xFE, 0x4E, 0x11, 0x1D, 0x9D, 0x08, /* i..N.... */
2216};
2217
2218static const uint8_t ciph_data_des3_ecb_nopad_out1[] = {
2219 0xA7, 0x46, 0xEC, 0xA8, 0x6A, 0x7F, 0x4A, 0xF1, /* .F..j.J. */
2220 0x44, 0x60, 0x37, 0x3B, 0x7F, 0x76, 0xE5, 0xFF, /* D`7;.v.. */
2221 0xC1, 0xE7, 0xA5, 0x04, 0x9C, 0x29, 0x5C, 0xA5, /* .....)\. */
2222 0xDD, 0xC8, 0xEE, 0x36, 0x1F, 0x48, 0xE0, 0xA9, /* ...6.H.. */
2223 0x82, 0x2D, 0x53, 0x84, 0x49, 0x69, 0x78, 0xFA, /* .-S.Iix. */
2224 0x23, 0x69, 0x1D, 0xF7, 0x08, 0x38, 0x44, 0x05, /* #i...8D. */
2225};
2226
2227static const uint8_t ciph_data_des3_cbc_nopad_out1[] = {
2228 0x18, 0x09, 0xEB, 0x98, 0xE4, 0x58, 0x72, 0x11, /* .....Xr. */
2229 0x30, 0x58, 0xAB, 0x38, 0xB0, 0xC9, 0x2B, 0xED, /* 0X.8..+. */
2230 0xDA, 0xC5, 0xE8, 0xA9, 0xF6, 0x8A, 0xA7, 0x80, /* ........ */
2231 0xBE, 0x54, 0x1F, 0x63, 0xF6, 0xEE, 0xA2, 0x4C, /* .T.c...L */
2232 0x7C, 0xEB, 0x84, 0x7D, 0xDA, 0xCA, 0x1E, 0xB2, /* |..}.... */
2233 0xED, 0x5E, 0x96, 0xB8, 0x01, 0x4B, 0x77, 0x02, /* .^...Kw. */
2234};
2235
2236static const uint8_t ciph_data_des2_ecb_nopad_out1[] = {
2237 0xAB, 0x12, 0xB6, 0xE2, 0x4A, 0x3A, 0x26, 0x14, /* ....J:&. */
2238 0xF0, 0x7D, 0x23, 0xD0, 0x55, 0xDF, 0x5C, 0x16, /* .}#.U.\. */
2239 0x43, 0x59, 0x1E, 0x44, 0x01, 0x76, 0xD7, 0x50, /* CY.D.v.P */
2240 0x44, 0xC0, 0x15, 0xDF, 0x2E, 0x7F, 0x8B, 0xC5, /* D....... */
2241 0xFF, 0x8B, 0x87, 0xFE, 0x33, 0xD7, 0xCB, 0x2C, /* ....3.., */
2242 0xDA, 0x79, 0x6F, 0xA4, 0x05, 0x2B, 0x30, 0xCE, /* .yo..+0. */
2243};
2244
2245static const uint8_t ciph_data_des2_cbc_nopad_out1[] = {
2246 0x47, 0x2F, 0xB1, 0x83, 0xC4, 0xBB, 0x93, 0x16, /* G/...... */
2247 0x73, 0xF9, 0xAD, 0x6F, 0x00, 0xF9, 0xCB, 0x4A, /* s..o...J */
2248 0x0F, 0x4F, 0x75, 0x75, 0xFB, 0x39, 0x0B, 0xFC, /* .Ouu.9.. */
2249 0x9F, 0x48, 0x52, 0xAD, 0xA2, 0x75, 0x2C, 0xF1, /* .HR..u, . */
2250 0x7D, 0xC3, 0x8F, 0x16, 0xCF, 0xC9, 0x76, 0x29, /* }.....v) */
2251 0x1A, 0xBF, 0xB3, 0xD9, 0x10, 0x7E, 0xAA, 0x49, /* .....~.I */
2252};
2253
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]2254/* SM4 ECB */
2255
2256static const uint8_t ciph_data_sm4_key1[] = {
2257 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2258 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2259};
2260
2261static const uint8_t ciph_data_sm4_in1[] = {
2262 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2263 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2264};
2265
2266static const uint8_t ciph_data_sm4_ecb_nopad_out1[] = {
2267 0x68, 0x1e, 0xdf, 0x34, 0xd2, 0x06, 0x96, 0x5e,
2268 0x86, 0xb3, 0xe9, 0x4f, 0x53, 0x6e, 0x42, 0x46,
2269};
2270
2271/*
2272 * SM4 CBC
2273 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.1
2274 */
2275static const uint8_t ciph_data_sm4_cbc_a221_key[] = {
2276 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2277 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2278};
2279
2280static const uint8_t ciph_data_sm4_cbc_a221_iv[] = {
2281 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
2282 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
2283};
2284
2285static const uint8_t ciph_data_sm4_cbc_a221_in[] = {
2286 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
2287 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
2288 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
2289 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
2290};
2291
2292static const uint8_t ciph_data_sm4_cbc_a221_out[] = {
2293 0x78, 0xeb, 0xb1, 0x1c, 0xc4, 0x0b, 0x0a, 0x48,
2294 0x31, 0x2a, 0xae, 0xb2, 0x04, 0x02, 0x44, 0xcb,
2295 0x4c, 0xb7, 0x01, 0x69, 0x51, 0x90, 0x92, 0x26,
2296 0x97, 0x9b, 0x0d, 0x15, 0xdc, 0x6a, 0x8f, 0x6d,
2297};
2298
2299/*
2300 * SM4 CBC
2301 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.2
2302 */
2303static const uint8_t ciph_data_sm4_cbc_a222_key[] = {
2304 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2305 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2306};
2307
2308static const uint8_t ciph_data_sm4_cbc_a222_iv[] = {
2309 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
2310 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
2311};
2312
2313static const uint8_t ciph_data_sm4_cbc_a222_in[] = {
2314 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
2315 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
2316 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
2317 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
2318};
2319
2320static const uint8_t ciph_data_sm4_cbc_a222_out[] = {
2321 0x0d, 0x3a, 0x6d, 0xdc, 0x2d, 0x21, 0xc6, 0x98,
2322 0x85, 0x72, 0x15, 0x58, 0x7b, 0x7b, 0xb5, 0x9a,
2323 0x91, 0xf2, 0xc1, 0x47, 0x91, 0x1a, 0x41, 0x44,
2324 0x66, 0x5e, 0x1f, 0xa1, 0xd4, 0x0b, 0xae, 0x38,
2325};
2326
2327/*
2328 * SM4 CTR
2329 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.1
2330 */
2331static const uint8_t ciph_data_sm4_ctr_a251_key[] = {
2332 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2333 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2334};
2335
2336static const uint8_t ciph_data_sm4_ctr_a251_iv[] = {
2337 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
2338 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
2339};
2340
2341static const uint8_t ciph_data_sm4_ctr_a251_in[] = {
2342 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2343 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2344 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
2345 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
2346 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
2347 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
2348 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2349 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2350};
2351
2352static const uint8_t ciph_data_sm4_ctr_a251_out[] = {
2353 0xac, 0x32, 0x36, 0xcb, 0x97, 0x0c, 0xc2, 0x07,
2354 0x91, 0x36, 0x4c, 0x39, 0x5a, 0x13, 0x42, 0xd1,
2355 0xa3, 0xcb, 0xc1, 0x87, 0x8c, 0x6f, 0x30, 0xcd,
2356 0x07, 0x4c, 0xce, 0x38, 0x5c, 0xdd, 0x70, 0xc7,
2357 0xf2, 0x34, 0xbc, 0x0e, 0x24, 0xc1, 0x19, 0x80,
2358 0xfd, 0x12, 0x86, 0x31, 0x0c, 0xe3, 0x7b, 0x92,
2359 0x6e, 0x02, 0xfc, 0xd0, 0xfa, 0xa0, 0xba, 0xf3,
2360 0x8b, 0x29, 0x33, 0x85, 0x1d, 0x82, 0x45, 0x14,
2361};
2362
2363/*
2364 * SM4 CTR
2365 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.2
2366 */
2367static const uint8_t ciph_data_sm4_ctr_a252_key[] = {
2368 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2369 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2370};
2371
2372static const uint8_t ciph_data_sm4_ctr_a252_iv[] = {
2373 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
2374 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
2375};
2376
2377static const uint8_t ciph_data_sm4_ctr_a252_in[] = {
2378 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2379 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2380 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
2381 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
2382 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
2383 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
2384 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2385 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2386};
2387
2388static const uint8_t ciph_data_sm4_ctr_a252_out[] = {
2389 0x5d, 0xcc, 0xcd, 0x25, 0xb9, 0x5a, 0xb0, 0x74,
2390 0x17, 0xa0, 0x85, 0x12, 0xee, 0x16, 0x0e, 0x2f,
2391 0x8f, 0x66, 0x15, 0x21, 0xcb, 0xba, 0xb4, 0x4c,
2392 0xc8, 0x71, 0x38, 0x44, 0x5b, 0xc2, 0x9e, 0x5c,
2393 0x0a, 0xe0, 0x29, 0x72, 0x05, 0xd6, 0x27, 0x04,
2394 0x17, 0x3b, 0x21, 0x23, 0x9b, 0x88, 0x7f, 0x6c,
2395 0x8c, 0xb5, 0xb8, 0x00, 0x91, 0x7a, 0x24, 0x88,
2396 0x28, 0x4b, 0xde, 0x9e, 0x16, 0xea, 0x29, 0x06,
2397};
2398
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2399struct xtest_ciph_case {
2400 uint32_t algo;
2401 uint32_t mode;
2402 uint32_t key_type;
2403 const uint8_t *key1;
2404 size_t key1_len;
2405 const uint8_t *key2;
2406 size_t key2_len;
2407 const uint8_t *iv;
2408 size_t iv_len;
2409 size_t in_incr;
2410 const uint8_t *in;
2411 size_t in_len;
2412 const uint8_t *out;
2413 size_t out_len;
2414 size_t line;
2415};
2416
2417#define XTEST_CIPH_CASE_NO_IV(algo, key_type, key, in_incr, ptx, ctx) \
2418 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2419 NULL, 0, NULL, 0, \
2420 (in_incr), (ptx), ARRAY_SIZE(ptx), (ctx), ARRAY_SIZE(ctx), \
2421 __LINE__ }, \
2422 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2423 NULL, 0, NULL, 0, \
2424 (in_incr), (ctx), ARRAY_SIZE(ctx), (ptx), ARRAY_SIZE(ptx), __LINE__ }
2425
2426#define XTEST_CIPH_CASE(algo, key_type, key, iv, in_incr, ptx, ctx) \
2427 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2428 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ptx), ARRAY_SIZE(ptx), \
2429 (ctx), ARRAY_SIZE(ctx), __LINE__ }, \
2430 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2431 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ctx), ARRAY_SIZE(ctx), \
2432 (ptx), ARRAY_SIZE(ptx), __LINE__ }
2433
2434#define XTEST_CIPH_CASE_AES_XTS(vect, in_incr) \
2435 { TEE_ALG_AES_XTS, TEE_MODE_ENCRYPT, TEE_TYPE_AES, \
2436 ciph_data_aes_xts_ ## vect ## _key1, \
2437 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2438 ciph_data_aes_xts_ ## vect ## _key2, \
2439 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2440 ciph_data_aes_xts_ ## vect ## _iv, \
2441 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2442 (in_incr), \
2443 ciph_data_aes_xts_ ## vect ## _ptx, \
2444 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), \
2445 ciph_data_aes_xts_ ## vect ## _ctx, \
2446 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), __LINE__ }, \
2447 { TEE_ALG_AES_XTS, TEE_MODE_DECRYPT, TEE_TYPE_AES, \
2448 ciph_data_aes_xts_ ## vect ## _key1, \
2449 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2450 ciph_data_aes_xts_ ## vect ## _key2, \
2451 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2452 ciph_data_aes_xts_ ## vect ## _iv, \
2453 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2454 (in_incr), \
2455 ciph_data_aes_xts_ ## vect ## _ctx, \
2456 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), \
2457 ciph_data_aes_xts_ ## vect ## _ptx, \
2458 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), __LINE__ }
2459
2460#define XTEST_CIPH_CASE_AES_CBC(vect, in_incr) \
2461 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES, \
2462 ciph_data_aes_cbc_ ## vect ## _key, \
2463 ciph_data_aes_cbc_ ## vect ## _iv, \
2464 (in_incr), ciph_data_aes_cbc_ ## vect ## _ptx, \
2465 ciph_data_aes_cbc_ ## vect ## _ctx)
2466
2467#define XTEST_CIPH_CASE_AES_CTS(vect, in_incr) \
2468 XTEST_CIPH_CASE(TEE_ALG_AES_CTS, TEE_TYPE_AES, \
2469 ciph_data_aes_cts_ ## vect ## _key, \
2470 ciph_data_aes_cts_ ## vect ## _iv, \
2471 (in_incr), ciph_data_aes_cts_ ## vect ## _ptx, \
2472 ciph_data_aes_cts_ ## vect ## _ctx)
2473
2474static const struct xtest_ciph_case ciph_cases[] = {
2475 /* AES */
2476 XTEST_CIPH_CASE_NO_IV(TEE_ALG_AES_ECB_NOPAD, TEE_TYPE_AES,
2477 ciph_data_aes_key1, 11, ciph_data_in1,
2478 ciph_data_aes_ecb_nopad_out1),
2479 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES,
2480 ciph_data_aes_key1, ciph_data_128_iv1, 11,
2481 ciph_data_in1,
2482 ciph_data_aes_cbc_nopad_out1),
2483 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2484 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2485 ciph_data_in1,
2486 ciph_data_aes_ctr_out1),
2487 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2488 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2489 ciph_data_in3,
2490 ciph_data_aes_ctr_out2),
Jens Wiklander692efd12018-01-19 09:52:00 +0100[diff] [blame]2491 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2492 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2493 ciph_data_in3,
2494 ciph_data_aes_ctr_out2),
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]2495 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2496 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2497 ciph_data_in4,
2498 ciph_data_aes_ctr_out4),
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]2499 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2500 ciph_data_aes_key2, ciph_data_128_iv2, 11,
2501 ciph_data_in5,
2502 ciph_data_aes_ctr_out5),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2503
2504 XTEST_CIPH_CASE_AES_CBC(vect1, 11),
Jerome Forissierfc1bbc32018-06-12 10:13:04 +0200[diff] [blame]2505 XTEST_CIPH_CASE_AES_CBC(vect1, 64),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2506
2507 /* AES-CTS */
2508 XTEST_CIPH_CASE_AES_CTS(vect1, 13),
2509 XTEST_CIPH_CASE_AES_CTS(vect2, 14),
2510 XTEST_CIPH_CASE_AES_CTS(vect3, 11),
2511 XTEST_CIPH_CASE_AES_CTS(vect4, 9),
2512 XTEST_CIPH_CASE_AES_CTS(vect5, 7),
2513 XTEST_CIPH_CASE_AES_CTS(vect6, 17),
2514 XTEST_CIPH_CASE_AES_CTS(vect6, 0x20),
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2515 XTEST_CIPH_CASE_AES_CTS(issue1203, 32),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2516
2517 /* DES */
2518 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2519 ciph_data_des_key1, 14, ciph_data_in1,
2520 ciph_data_des_ecb_nopad_out1),
2521 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2522 ciph_data_des_key2, 3, ciph_data_in2,
2523 ciph_data_des_ecb_nopad_out2),
2524 XTEST_CIPH_CASE(TEE_ALG_DES_CBC_NOPAD, TEE_TYPE_DES,
2525 ciph_data_des_key1, ciph_data_64_iv1, 15, ciph_data_in1,
2526 ciph_data_des_cbc_nopad_out1),
2527
2528 /* DES3 */
2529 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2530 ciph_data_des3_key1, 11, ciph_data_in1,
2531 ciph_data_des3_ecb_nopad_out1),
2532 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2533 ciph_data_des3_key2, 3, ciph_data_in2,
2534 ciph_data_des_ecb_nopad_out2),
2535 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2536 ciph_data_des3_key1, ciph_data_64_iv1, 11,
2537 ciph_data_in1,
2538 ciph_data_des3_cbc_nopad_out1),
2539
2540 /* DES2 */
2541 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2542 ciph_data_des2_key1, 11, ciph_data_in1,
2543 ciph_data_des2_ecb_nopad_out1),
2544 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2545 ciph_data_des2_key1, ciph_data_64_iv1, 11,
2546 ciph_data_in1,
2547 ciph_data_des2_cbc_nopad_out1),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2548
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2549 /* AES-XTS */
2550 XTEST_CIPH_CASE_AES_XTS(vect1, 3),
2551 XTEST_CIPH_CASE_AES_XTS(vect2, 6),
2552 XTEST_CIPH_CASE_AES_XTS(vect3, 7),
2553 XTEST_CIPH_CASE_AES_XTS(vect4, 8),
2554 XTEST_CIPH_CASE_AES_XTS(vect5, 9),
2555 XTEST_CIPH_CASE_AES_XTS(vect6, 13),
2556 XTEST_CIPH_CASE_AES_XTS(vect7, 1),
2557 XTEST_CIPH_CASE_AES_XTS(vect8, 3),
2558 XTEST_CIPH_CASE_AES_XTS(vect9, 2),
2559 XTEST_CIPH_CASE_AES_XTS(vect10, 5),
2560 XTEST_CIPH_CASE_AES_XTS(vect11, 6),
2561 XTEST_CIPH_CASE_AES_XTS(vect12, 7),
2562 XTEST_CIPH_CASE_AES_XTS(vect13, 3),
2563 XTEST_CIPH_CASE_AES_XTS(vect14, 2),
2564 XTEST_CIPH_CASE_AES_XTS(vect15, 0),
2565 XTEST_CIPH_CASE_AES_XTS(vect16, 9),
2566 XTEST_CIPH_CASE_AES_XTS(vect17, 6),
2567 XTEST_CIPH_CASE_AES_XTS(vect18, 8),
2568 XTEST_CIPH_CASE_AES_XTS(vect19, 23),
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]2569
2570 /* SM4 */
2571 XTEST_CIPH_CASE_NO_IV(TEE_ALG_SM4_ECB_NOPAD, TEE_TYPE_SM4,
2572 ciph_data_sm4_key1, 11, ciph_data_sm4_in1,
2573 ciph_data_sm4_ecb_nopad_out1),
2574 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2575 ciph_data_sm4_cbc_a221_key, ciph_data_sm4_cbc_a221_iv,
2576 11, ciph_data_sm4_cbc_a221_in,
2577 ciph_data_sm4_cbc_a221_out),
2578 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2579 ciph_data_sm4_cbc_a222_key, ciph_data_sm4_cbc_a222_iv,
2580 11, ciph_data_sm4_cbc_a222_in,
2581 ciph_data_sm4_cbc_a222_out),
2582 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2583 ciph_data_sm4_ctr_a251_key, ciph_data_sm4_ctr_a251_iv,
2584 11, ciph_data_sm4_ctr_a251_in,
2585 ciph_data_sm4_ctr_a251_out),
2586 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2587 ciph_data_sm4_ctr_a252_key, ciph_data_sm4_ctr_a252_iv,
2588 11, ciph_data_sm4_ctr_a252_in,
2589 ciph_data_sm4_ctr_a252_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2590};
2591
Jerome Forissier23256842018-02-16 09:25:35 +0100[diff] [blame]2592static void xtest_tee_test_4003(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2593{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2594 TEEC_Session session = { };
2595 TEE_OperationHandle op = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2596 TEE_ObjectHandle key1_handle = TEE_HANDLE_NULL;
2597 TEE_ObjectHandle key2_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2598 uint8_t out[2048] = { };
2599 size_t out_size = 0;
2600 size_t out_offs = 0;
2601 uint32_t ret_orig = 0;
2602 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2603
2604 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2605 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2606 &ret_orig)))
2607 return;
2608
2609 for (n = 0; n < ARRAY_SIZE(ciph_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2610 TEE_Attribute key_attr = { };
2611 size_t key_size = 0;
2612 size_t op_key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2613
Jerome Forissier817d99f2020-01-22 16:33:12 +0100[diff] [blame]2614 switch (ciph_cases[n].algo) {
2615 case TEE_ALG_SM4_CTR:
2616 case TEE_ALG_SM4_CBC_NOPAD:
2617 case TEE_ALG_SM4_ECB_NOPAD:
2618 if (!ta_crypt_cmd_is_algo_supported(c, &session,
2619 ciph_cases[n].algo, TEE_CRYPTO_ELEMENT_NONE)) {
2620 Do_ADBG_Log("SM4 not supported: skip subcase");
2621 continue;
2622 }
2623 break;
2624 default:
2625 break;
2626 }
2627
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2628 Do_ADBG_BeginSubCase(c, "Cipher case %d algo 0x%x line %d",
2629 (int)n, (unsigned int)ciph_cases[n].algo,
2630 (int)ciph_cases[n].line);
2631
2632 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2633 key_attr.content.ref.buffer = (void *)ciph_cases[n].key1;
2634 key_attr.content.ref.length = ciph_cases[n].key1_len;
2635
2636 key_size = key_attr.content.ref.length * 8;
2637 if (ciph_cases[n].key_type == TEE_TYPE_DES ||
2638 ciph_cases[n].key_type == TEE_TYPE_DES3)
2639 /* Exclude parity in bit size of key */
2640 key_size -= key_size / 8;
2641
2642 op_key_size = key_size;
2643 if (ciph_cases[n].key2 != NULL)
2644 op_key_size *= 2;
2645
2646 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2647 ta_crypt_cmd_allocate_operation(c, &session, &op,
2648 ciph_cases[n].algo, ciph_cases[n].mode,
2649 op_key_size)))
2650 goto out;
2651
2652 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2653 ta_crypt_cmd_allocate_transient_object(c, &session,
2654 ciph_cases[n].key_type, key_size,
2655 &key1_handle)))
2656 goto out;
2657
2658 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2659 ta_crypt_cmd_populate_transient_object(c, &session,
2660 key1_handle, &key_attr, 1)))
2661 goto out;
2662
2663 if (ciph_cases[n].key2 != NULL) {
2664 key_attr.content.ref.buffer =
2665 (void *)ciph_cases[n].key2;
2666 key_attr.content.ref.length = ciph_cases[n].key2_len;
2667
2668 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2669 ta_crypt_cmd_allocate_transient_object(c,
2670 &session, ciph_cases[n].key_type,
2671 key_attr.content.ref.length * 8,
2672 &key2_handle)))
2673 goto out;
2674
2675 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2676 ta_crypt_cmd_populate_transient_object(c,
2677 &session, key2_handle, &key_attr, 1)))
2678 goto out;
2679
2680 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2681 ta_crypt_cmd_set_operation_key2(c, &session, op,
2682 key1_handle, key2_handle)))
2683 goto out;
2684 } else {
2685 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2686 ta_crypt_cmd_set_operation_key(c, &session, op,
2687 key1_handle)))
2688 goto out;
2689 }
2690
2691 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2692 ta_crypt_cmd_free_transient_object(c, &session,
2693 key1_handle)))
2694 goto out;
2695 key1_handle = TEE_HANDLE_NULL;
2696
2697 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2698 ta_crypt_cmd_free_transient_object(c, &session,
2699 key2_handle)))
2700 goto out;
2701 key2_handle = TEE_HANDLE_NULL;
2702
2703 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2704 ta_crypt_cmd_cipher_init(c, &session, op,
2705 ciph_cases[n].iv, ciph_cases[n].iv_len)))
2706 goto out;
2707
2708 out_offs = 0;
2709 out_size = sizeof(out);
2710 memset(out, 0, sizeof(out));
2711 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2712 ta_crypt_cmd_cipher_update(c, &session, op,
2713 ciph_cases[n].in, ciph_cases[n].in_incr, out,
2714 &out_size)))
2715 goto out;
2716
Jerome Forissierd2d94b42017-06-02 16:39:34 +0200[diff] [blame]2717 if (ciph_cases[n].algo == TEE_ALG_AES_CTR)
2718 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
2719 ciph_cases[n].in_incr);
2720
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2721 out_offs += out_size;
2722 out_size = sizeof(out) - out_offs;
2723
2724 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2725 ta_crypt_cmd_cipher_do_final(c, &session, op,
2726 ciph_cases[n].in + ciph_cases[n].in_incr,
2727 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2728 out + out_offs,
2729 &out_size)))
2730 goto out;
2731
2732 out_offs += out_size;
2733
2734 (void)ADBG_EXPECT_BUFFER(c, ciph_cases[n].out,
2735 ciph_cases[n].out_len, out, out_offs);
2736
2737 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2738 ta_crypt_cmd_free_operation(c, &session, op)))
2739 goto out;
2740
2741 Do_ADBG_EndSubCase(c, NULL);
2742 }
2743out:
2744 TEEC_CloseSession(&session);
2745}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2746ADBG_CASE_DEFINE(regression, 4003, xtest_tee_test_4003,
2747 "Test TEE Internal API cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2748
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2749static void xtest_tee_test_4004(ADBG_Case_t *c)
2750{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2751 TEEC_Session session = { };
2752 uint32_t ret_orig = 0;
2753 uint8_t buf1[45] = { };
2754 uint8_t buf2[45] = { };
2755 static const uint8_t zeros[45];
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2756
2757 Do_ADBG_BeginSubCase(c, "TEE get random");
2758 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2759 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2760 &ret_orig)))
2761 return;
2762
2763 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2764 ta_crypt_cmd_random_number_generate(c, &session, buf1,
2765 sizeof(buf1))))
2766 goto out;
2767
2768 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2769 0, !=, memcmp(buf1, zeros, sizeof(buf1)));
2770
2771 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2772 ta_crypt_cmd_random_number_generate(c, &session, buf2,
2773 sizeof(buf2))))
2774 goto out;
2775
2776 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2777 0, !=, memcmp(buf2, zeros, sizeof(buf2)));
2778
2779 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2780 0, !=, memcmp(buf2, buf1, sizeof(buf1)));
2781out:
2782 TEEC_CloseSession(&session);
2783 Do_ADBG_EndSubCase(c, "TEE get random");
2784}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2785ADBG_CASE_DEFINE(regression, 4004, xtest_tee_test_4004,
2786 "Test TEE Internal API get random");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2787
2788struct xtest_ae_case {
2789 uint32_t algo;
2790 uint32_t mode;
2791 uint32_t key_type;
2792 const uint8_t *key;
2793 size_t key_len;
2794 const uint8_t *nonce;
2795 size_t nonce_len;
2796 size_t aad_incr;
2797 const uint8_t *aad;
2798 size_t aad_len;
2799 size_t in_incr;
2800 const uint8_t *ptx;
2801 size_t ptx_len;
2802 const uint8_t *ctx;
2803 size_t ctx_len;
2804 const uint8_t *tag;
2805 size_t tag_len;
2806 size_t line;
2807};
2808
2809
2810#define ARRAY(a) a, ARRAY_SIZE(a)
2811#define NULL_ARRAY(a) NULL, 0
2812
2813#define XTEST_AE_CASE(algo, vect, aad_incr, in_incr, \
2814 aad_array, ptx_array, ctx_array) \
2815 { (algo), TEE_MODE_ENCRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2816 ARRAY(vect ## _nonce), (aad_incr), \
2817 aad_array(vect ## _aad), (in_incr), \
2818 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2819 ARRAY(vect ## _tag), \
2820 __LINE__ }, \
2821 { (algo), TEE_MODE_DECRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2822 ARRAY(vect ## _nonce), (aad_incr), \
2823 aad_array(vect ## _aad), (in_incr), \
2824 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2825 ARRAY(vect ## _tag), \
2826 __LINE__ }
2827
2828#define XTEST_AE_CASE_AES_CCM(vect, aad_incr, in_incr) \
2829 XTEST_AE_CASE(TEE_ALG_AES_CCM, ae_data_aes_ccm_ ## vect, aad_incr, \
2830 in_incr, ARRAY, ARRAY, ARRAY)
2831
2832#define XTEST_AE_CASE_AES_GCM(vect, aad_incr, in_incr, \
2833 aad_array, ptx_array, ctx_array) \
2834 XTEST_AE_CASE(TEE_ALG_AES_GCM, ae_data_aes_gcm_ ## vect, aad_incr, \
2835 in_incr, aad_array, ptx_array, ctx_array)
2836
2837
2838
2839static const struct xtest_ae_case ae_cases[] = {
2840 XTEST_AE_CASE_AES_CCM(vect1, 3, 2),
2841 XTEST_AE_CASE_AES_CCM(vect2, 7, 13),
2842 XTEST_AE_CASE_AES_CCM(vect3, 5, 21),
2843
2844 XTEST_AE_CASE_AES_GCM(vect1, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2845 XTEST_AE_CASE_AES_GCM(vect2, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2846 XTEST_AE_CASE_AES_GCM(vect3, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
Jens Wiklander9fc63f52017-11-10 11:13:26 +0100[diff] [blame]2847 XTEST_AE_CASE_AES_GCM(vect3, 0, 0x1F, NULL_ARRAY, ARRAY, ARRAY),
2848 XTEST_AE_CASE_AES_GCM(vect4, 5, 0x20, ARRAY, ARRAY, ARRAY),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2849 XTEST_AE_CASE_AES_GCM(vect5, 5, 9, ARRAY, ARRAY, ARRAY),
2850 XTEST_AE_CASE_AES_GCM(vect6, 5, 9, ARRAY, ARRAY, ARRAY),
2851 XTEST_AE_CASE_AES_GCM(vect7, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2852 XTEST_AE_CASE_AES_GCM(vect8, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2853 XTEST_AE_CASE_AES_GCM(vect9, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2854 XTEST_AE_CASE_AES_GCM(vect10, 5, 9, ARRAY, ARRAY, ARRAY),
2855 XTEST_AE_CASE_AES_GCM(vect11, 5, 9, ARRAY, ARRAY, ARRAY),
2856 XTEST_AE_CASE_AES_GCM(vect12, 5, 9, ARRAY, ARRAY, ARRAY),
2857 XTEST_AE_CASE_AES_GCM(vect13, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2858 XTEST_AE_CASE_AES_GCM(vect14, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2859 XTEST_AE_CASE_AES_GCM(vect15, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2860 XTEST_AE_CASE_AES_GCM(vect16, 5, 9, ARRAY, ARRAY, ARRAY),
2861 XTEST_AE_CASE_AES_GCM(vect17, 5, 9, ARRAY, ARRAY, ARRAY),
2862 XTEST_AE_CASE_AES_GCM(vect18, 5, 9, ARRAY, ARRAY, ARRAY),
Jens Wiklanderf6efe242017-11-06 13:16:43 +0100[diff] [blame]2863#ifdef CFG_GCM_NIST_VECTORS
2864#include "gcmDecrypt128.h"
2865#include "gcmDecrypt192.h"
2866#include "gcmDecrypt256.h"
2867#include "gcmEncryptExtIV128.h"
2868#include "gcmEncryptExtIV192.h"
2869#include "gcmEncryptExtIV256.h"
2870#endif
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2871};
2872
2873static void xtest_tee_test_4005(ADBG_Case_t *c)
2874{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2875 TEEC_Session session = { };
2876 TEE_OperationHandle op = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2877 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2878 TEE_Attribute key_attr = { };
2879 uint8_t out[512] = { };
2880 size_t out_size = 0;
2881 size_t out_offs = 0;
2882 uint32_t ret_orig = 0;
2883 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2884
2885 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2886 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2887 &ret_orig)))
2888 return;
2889
2890 for (n = 0; n < ARRAY_SIZE(ae_cases); n++) {
2891 Do_ADBG_BeginSubCase(c, "AE case %d algo 0x%x line %d",
2892 (int)n, (unsigned int)ae_cases[n].algo,
2893 (int)ae_cases[n].line);
2894
2895 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2896 key_attr.content.ref.buffer = (void *)ae_cases[n].key;
2897 key_attr.content.ref.length = ae_cases[n].key_len;
2898
2899 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2900 ta_crypt_cmd_allocate_operation(c, &session, &op,
2901 ae_cases[n].algo, ae_cases[n].mode,
2902 key_attr.content.ref.length * 8)))
2903 goto out;
2904
2905 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2906 ta_crypt_cmd_allocate_transient_object(c, &session,
2907 ae_cases[n].key_type,
2908 key_attr.content.ref.length * 8,
2909 &key_handle)))
2910 goto out;
2911
2912 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2913 ta_crypt_cmd_populate_transient_object(c, &session,
2914 key_handle, &key_attr, 1)))
2915 goto out;
2916
2917 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2918 ta_crypt_cmd_set_operation_key(c, &session, op,
2919 key_handle)))
2920 goto out;
2921
2922 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2923 ta_crypt_cmd_free_transient_object(c, &session,
2924 key_handle)))
2925 goto out;
2926 key_handle = TEE_HANDLE_NULL;
2927
2928 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2929 ta_crypt_cmd_ae_init(c, &session, op, ae_cases[n].nonce,
2930 ae_cases[n].nonce_len, ae_cases[n].tag_len,
2931 ae_cases[n].aad_len, ae_cases[n].ptx_len)))
2932 goto out;
2933
2934 if (ae_cases[n].aad != NULL) {
2935 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2936 ta_crypt_cmd_ae_update_aad(c, &session, op,
2937 ae_cases[n].aad, ae_cases[n].aad_incr)))
2938 goto out;
2939
2940 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2941 ta_crypt_cmd_ae_update_aad(c, &session, op,
2942 ae_cases[n].aad + ae_cases[n].aad_incr,
2943 ae_cases [n].aad_len -
2944 ae_cases[n].aad_incr)))
2945 goto out;
2946 }
2947
2948 out_offs = 0;
2949 out_size = sizeof(out);
2950 memset(out, 0, sizeof(out));
2951 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2952 if (ae_cases[n].ptx != NULL) {
2953 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2954 ta_crypt_cmd_ae_update(c, &session, op,
2955 ae_cases[n].ptx,
2956 ae_cases[n].in_incr, out,
2957 &out_size)))
2958 goto out;
2959 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2960 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2961 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2962 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2963 }
2964 } else {
2965 if (ae_cases[n].ctx != NULL) {
2966 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2967 ta_crypt_cmd_ae_update(c, &session, op,
2968 ae_cases[n].ctx,
2969 ae_cases[n].in_incr, out,
2970 &out_size)))
2971 goto out;
2972 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2973 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2974 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2975 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2976 }
2977 }
2978
2979 out_size = sizeof(out) - out_offs;
2980 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2981 uint8_t out_tag[64];
2982 size_t out_tag_len = MIN(sizeof(out_tag),
2983 ae_cases[n].tag_len);
2984
2985 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2986 ta_crypt_cmd_ae_encrypt_final(c, &session, op,
2987 ae_cases[n].ptx + ae_cases[n].in_incr,
2988 ae_cases[n].ptx_len -
2989 ae_cases[n].in_incr,
2990 out + out_offs,
2991 &out_size, out_tag, &out_tag_len)))
2992 goto out;
2993
2994 (void)ADBG_EXPECT_BUFFER(c,
2995 ae_cases[n].tag, ae_cases[n].tag_len, out_tag,
2996 out_tag_len);
2997
2998 out_offs += out_size;
2999
3000 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
3001 ae_cases[n].ctx_len, out, out_offs);
3002 } else {
3003 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3004 ta_crypt_cmd_ae_decrypt_final(c, &session, op,
3005 ae_cases[n].ctx + ae_cases[n].in_incr,
3006 ae_cases[n].ctx_len -
3007 ae_cases[n].in_incr,
3008 out + out_offs,
3009 &out_size, ae_cases[n].tag,
3010 ae_cases[n].tag_len)))
3011 goto out;
3012
3013 out_offs += out_size;
3014
3015 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
3016 ae_cases[n].ptx_len, out, out_offs);
3017 }
3018
3019 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3020 ta_crypt_cmd_free_operation(c, &session, op)))
3021 goto out;
3022
3023 Do_ADBG_EndSubCase(c, NULL);
3024 }
3025out:
3026 TEEC_CloseSession(&session);
3027}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]3028ADBG_CASE_DEFINE(regression, 4005, xtest_tee_test_4005,
3029 "Test TEE Internal API Authenticated Encryption operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3030
3031struct xtest_ac_case {
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3032 unsigned int level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3033 uint32_t algo;
3034 TEE_OperationMode mode;
3035
3036 union {
3037 struct {
3038 const uint8_t *modulus;
3039 size_t modulus_len;
3040
3041 const uint8_t *pub_exp;
3042 size_t pub_exp_len;
3043
3044 const uint8_t *priv_exp;
3045 size_t priv_exp_len;
3046
3047 const uint8_t *prime1; /* q */
3048 size_t prime1_len;
3049 const uint8_t *prime2; /* p */
3050 size_t prime2_len;
3051 const uint8_t *exp1; /* dp */
3052 size_t exp1_len;
3053 const uint8_t *exp2; /* dq */
3054 size_t exp2_len;
3055 const uint8_t *coeff; /* iq */
3056 size_t coeff_len;
3057
3058 int salt_len;
3059 } rsa;
3060 struct {
3061 const uint8_t *prime;
3062 size_t prime_len;
3063 const uint8_t *sub_prime;
3064 size_t sub_prime_len;
3065 const uint8_t *base;
3066 size_t base_len;
3067 const uint8_t *pub_val;
3068 size_t pub_val_len;
3069 const uint8_t *priv_val;
3070 size_t priv_val_len;
3071 } dsa;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3072 struct {
3073 const uint8_t *private;
3074 size_t private_len;
3075 const uint8_t *public_x;
3076 size_t public_x_len;
3077 const uint8_t *public_y;
3078 size_t public_y_len;
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3079 } ecc;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3080 } params;
3081
3082 const uint8_t *ptx;
3083 size_t ptx_len;
3084 const uint8_t *ctx;
3085 size_t ctx_len;
3086 size_t line;
3087};
3088
3089#define WITHOUT_SALT(x) -1
3090#define WITH_SALT(x) x
3091
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3092#define XTEST_AC_CASE(level, algo, mode, vect, union_params) \
3093 { level, (algo), (mode), .params = union_params, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3094 ARRAY(vect ## _ptx), \
3095 ARRAY(vect ## _out), \
3096 __LINE__ }
3097
3098#define XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt) \
3099 { .rsa = { \
3100 ARRAY(vect ## _modulus), \
3101 ARRAY(vect ## _pub_exp), \
3102 ARRAY(vect ## _priv_exp), \
3103 opt_crt_array(vect ## _prime1), \
3104 opt_crt_array(vect ## _prime2), \
3105 opt_crt_array(vect ## _exp1), \
3106 opt_crt_array(vect ## _exp2), \
3107 opt_crt_array(vect ## _coeff), \
3108 opt_salt(vect ## _salt_len) \
3109 } }
3110
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3111#define XTEST_AC_RSA_CASE(level, algo, mode, vect, opt_crt_array, opt_salt) \
3112 XTEST_AC_CASE(level, algo, mode, vect, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3113 XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt))
3114
3115#define XTEST_AC_DSA_UNION(vect) \
3116 { .dsa = { \
3117 ARRAY(vect ## _prime), \
3118 ARRAY(vect ## _sub_prime), \
3119 ARRAY(vect ## _base), \
3120 ARRAY(vect ## _pub_val), \
3121 ARRAY(vect ## _priv_val), \
3122 } }
3123
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3124#define XTEST_AC_DSA_CASE(level, algo, mode, vect) \
3125 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_DSA_UNION(vect))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3126
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3127#define XTEST_AC_ECDSA_UNION(vect) \
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3128 { .ecc = { \
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3129 ARRAY(vect ## _private), \
3130 ARRAY(vect ## _public_x), \
3131 ARRAY(vect ## _public_y), \
3132 } }
3133
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3134#define XTEST_AC_ECC_CASE(level, algo, mode, vect) \
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3135 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_ECDSA_UNION(vect))
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3136
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3137static const struct xtest_ac_case xtest_ac_cases[] = {
3138 /* RSA test without crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3139 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3140 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3141 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3142 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3143 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3144 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3145 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3146 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissiere576f052018-03-23 21:24:21 +0800[diff] [blame]3147 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
3148 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
3149 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
3150 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissier0451e372018-03-27 00:10:23 +0800[diff] [blame]3151 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
3152 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
3153 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
3154 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3155 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3156 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3157 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3158 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3159 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3160 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3161 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3162 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3163 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3164 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3165 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3166 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3167 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3168 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3169 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3170 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3171 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3172 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3173 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3174 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3175 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3176 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
3177 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3178 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3179
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3180 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3181 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3182 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3183 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3184
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]3185#ifdef CFG_CRYPTO_RSASSA_NA1
3186 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_SIGN,
3187 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
3188 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_VERIFY,
3189 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
3190#endif
3191
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3192 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3193 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3194 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3195 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3196
3197 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3198 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3199 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3200 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3201
3202 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3203 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3204 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3205 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
3206
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3207 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
3208 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3209 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3210 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3211 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3212
3213 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3214 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3215 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3216 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3217 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3218 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3219
3220 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3221 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3222 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3223 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3224 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3225 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3226
3227 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3228 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3229 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3230 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3231 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3232 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3233
3234 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3235 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3236 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3237 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3238 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3239 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
3240
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3241 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3242 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3243 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3244 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3245 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3246 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3247 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3248 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3249 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3250 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3251 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3252 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
3253
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3254 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3255 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3256 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3257 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3258 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3259 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3260 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3261 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3262 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3263 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3264 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3265 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3266 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3267 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3268 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3269 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3270 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3271 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
3272
3273 /* RSA test with crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3274 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3275 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3276 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3277 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3278 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3279 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3280 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3281 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3282 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3283 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3284 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3285 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3286 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3287 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3288 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3289 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3290 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3291 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3292 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3293 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3294 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3295 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3296 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3297 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3298 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3299 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3300 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3301 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3302 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3303 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3304 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3305 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3306 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3307 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3308 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3309 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3310 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3311 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3312 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3313 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3314 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3315 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3316 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3317 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
3318
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3319 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
3320 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3321 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3322 XTEST_AC_RSA_CASE(1,TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3323 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3324 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3325 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3326 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3327 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3328 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3329 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3330 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3331 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3332 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3333 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3334 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3335 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3336 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3337 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3338 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3339 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3340 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3341 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3342 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3343 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3344 ac_rsassa_vect15, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3345 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3346 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3347 ac_rsassa_vect15, ARRAY, WITH_SALT),
3348
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3349 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3350 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3351 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3352 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3353 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3354 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3355 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3356 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3357 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3358 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3359 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3360 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
3361
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3362 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3363 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3364 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3365 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3366 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3367 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3368 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3369 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3370 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3371 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3372 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3373 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3374 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3375 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3376 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3377 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3378 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3379 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
3380
3381 /* DSA tests */
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3382 /* [mod = L=1024, N=160, SHA-1] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3383 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect1),
3384 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3385 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect2),
3386 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect2),
3387 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect3),
3388 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect3),
3389 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect4),
3390 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect4),
3391 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect5),
3392 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect5),
3393 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect6),
3394 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect6),
3395 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect7),
3396 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect7),
3397 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect8),
3398 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect8),
3399 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect9),
3400 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect9),
3401 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect10),
3402 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect10),
3403 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect11),
3404 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect11),
3405 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect12),
3406 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect12),
3407 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect13),
3408 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect13),
3409 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect14),
3410 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect14),
3411 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect15),
3412 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect15),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3413 /* [mod = L=1024, N=160, SHA-224] - GP NOT SUPPORTED */
3414 /* [mod = L=1024, N=160, SHA-256] - GP NOT SUPPORTED */
3415 /* [mod = L=1024, N=160, SHA-384] - GP NOT SUPPORTED */
3416 /* [mod = L=1024, N=160, SHA-512] - GP NOT SUPPORTED */
3417 /* [mod = L=2048, N=224, SHA-1] - GP NOT SUPPORTED */
3418 /* [mod = L=2048, N=224, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3419 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect91),
3420 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect91),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3421 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect92),
3422 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect92),
3423 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect93),
3424 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect93),
3425 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect94),
3426 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect94),
3427 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect95),
3428 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect95),
3429 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect96),
3430 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect96),
3431 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect97),
3432 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect97),
3433 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect98),
3434 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect98),
3435 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect99),
3436 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect99),
3437 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect100),
3438 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect100),
3439 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect101),
3440 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect101),
3441 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect102),
3442 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect102),
3443 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect103),
3444 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect103),
3445 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect104),
3446 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect104),
3447 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect105),
3448 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect105),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3449 /* [mod = L=2048, N=224, SHA-256] */
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3450 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect106),
3451 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect106),
3452 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect107),
3453 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect107),
3454 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect108),
3455 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect108),
3456 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect109),
3457 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect109),
3458 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect110),
3459 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect110),
3460 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect111),
3461 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect111),
3462 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect112),
3463 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect112),
3464 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect113),
3465 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect113),
3466 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect114),
3467 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect114),
3468 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect115),
3469 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect115),
3470 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect116),
3471 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect116),
3472 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect117),
3473 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect117),
3474 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect118),
3475 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect118),
3476 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect119),
3477 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect119),
3478 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect120),
3479 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect120),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3480 /* [mod = L=2048, N=224, SHA-384] - GP NOT SUPPORTED */
3481 /* [mod = L=2048, N=224, SHA-512] - GP NOT SUPPORTED */
3482 /* [mod = L=2048, N=256, SHA-1] - GP NOT SUPPORTED */
3483 /* [mod = L=2048, N=256, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3484 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect166),
3485 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect166),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3486 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect167),
3487 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect167),
3488 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect168),
3489 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect168),
3490 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect169),
3491 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect169),
3492 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect170),
3493 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect170),
3494 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect171),
3495 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect171),
3496 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect172),
3497 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect172),
3498 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect173),
3499 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect173),
3500 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect174),
3501 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect174),
3502 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect175),
3503 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect175),
3504 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect176),
3505 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect176),
3506 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect177),
3507 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect177),
3508 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect178),
3509 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect178),
3510 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect179),
3511 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect179),
3512 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect180),
3513 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect180),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3514 /* [mod = L=2048, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3515 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect181),
3516 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect181),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3517 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect182),
3518 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect182),
3519 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect183),
3520 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect183),
3521 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect184),
3522 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect184),
3523 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect185),
3524 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect185),
3525 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect186),
3526 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect186),
3527 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect187),
3528 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect187),
3529 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect188),
3530 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect188),
3531 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect189),
3532 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect189),
3533 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect190),
3534 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect190),
3535 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect191),
3536 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect191),
3537 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect192),
3538 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect192),
3539 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect193),
3540 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect193),
3541 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect194),
3542 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect194),
3543 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect195),
3544 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect195),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3545 /* [mod = L=2048, N=256, SHA-384] - GP NOT SUPPORTED */
3546 /* [mod = L=2048, N=256, SHA-512] - GP NOT SUPPORTED */
3547 /* [mod = L=3072, N=256, SHA-1] - GP NOT SUPPORTED */
3548 /* [mod = L=3072, N=256, SHA-224] - GP NOT SUPPORTED */
3549 /* [mod = L=3072, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3550 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect256),
3551 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect256),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3552 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect257),
3553 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect257),
3554 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect258),
3555 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect258),
3556 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect259),
3557 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect259),
3558 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect260),
3559 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect260),
3560 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect261),
3561 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect261),
3562 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect262),
3563 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect262),
3564 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect263),
3565 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect263),
3566 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect264),
3567 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect264),
3568 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect265),
3569 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect265),
3570 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect266),
3571 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect266),
3572 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect267),
3573 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect267),
3574 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect268),
3575 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect268),
3576 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect269),
3577 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect269),
3578 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect270),
3579 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect270),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3580 /* [mod = L=3072, N=256, SHA-384] - GP NOT SUPPORTED */
3581 /* [mod = L=3072, N=256, SHA-512] - GP NOT SUPPORTED */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3582
3583 /* ECDSA tests */
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3584 /* [P-192] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3585 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3586 nist_186_2_ecdsa_testvector_1),
3587 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3588 nist_186_2_ecdsa_testvector_1),
3589 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3590 nist_186_2_ecdsa_testvector_2),
3591 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3592 nist_186_2_ecdsa_testvector_2),
3593 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3594 nist_186_2_ecdsa_testvector_3),
3595 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3596 nist_186_2_ecdsa_testvector_3),
3597 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3598 nist_186_2_ecdsa_testvector_4),
3599 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3600 nist_186_2_ecdsa_testvector_4),
3601 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3602 nist_186_2_ecdsa_testvector_5),
3603 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3604 nist_186_2_ecdsa_testvector_5),
3605 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3606 nist_186_2_ecdsa_testvector_6),
3607 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3608 nist_186_2_ecdsa_testvector_6),
3609 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3610 nist_186_2_ecdsa_testvector_7),
3611 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3612 nist_186_2_ecdsa_testvector_7),
3613 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3614 nist_186_2_ecdsa_testvector_8),
3615 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3616 nist_186_2_ecdsa_testvector_8),
3617 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3618 nist_186_2_ecdsa_testvector_9),
3619 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3620 nist_186_2_ecdsa_testvector_9),
3621 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3622 nist_186_2_ecdsa_testvector_10),
3623 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3624 nist_186_2_ecdsa_testvector_10),
3625 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3626 nist_186_2_ecdsa_testvector_11),
3627 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3628 nist_186_2_ecdsa_testvector_11),
3629 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3630 nist_186_2_ecdsa_testvector_12),
3631 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3632 nist_186_2_ecdsa_testvector_12),
3633 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3634 nist_186_2_ecdsa_testvector_13),
3635 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3636 nist_186_2_ecdsa_testvector_13),
3637 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3638 nist_186_2_ecdsa_testvector_14),
3639 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3640 nist_186_2_ecdsa_testvector_14),
3641 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3642 nist_186_2_ecdsa_testvector_15),
3643 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3644 nist_186_2_ecdsa_testvector_15),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3645 /* [P-224] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3646 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3647 nist_186_2_ecdsa_testvector_16),
3648 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3649 nist_186_2_ecdsa_testvector_16),
3650 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3651 nist_186_2_ecdsa_testvector_17),
3652 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3653 nist_186_2_ecdsa_testvector_17),
3654 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3655 nist_186_2_ecdsa_testvector_18),
3656 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3657 nist_186_2_ecdsa_testvector_18),
3658 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3659 nist_186_2_ecdsa_testvector_19),
3660 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3661 nist_186_2_ecdsa_testvector_19),
3662 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3663 nist_186_2_ecdsa_testvector_20),
3664 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3665 nist_186_2_ecdsa_testvector_20),
3666 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3667 nist_186_2_ecdsa_testvector_21),
3668 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3669 nist_186_2_ecdsa_testvector_21),
3670 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3671 nist_186_2_ecdsa_testvector_22),
3672 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3673 nist_186_2_ecdsa_testvector_22),
3674 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3675 nist_186_2_ecdsa_testvector_23),
3676 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3677 nist_186_2_ecdsa_testvector_23),
3678 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3679 nist_186_2_ecdsa_testvector_24),
3680 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3681 nist_186_2_ecdsa_testvector_24),
3682 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3683 nist_186_2_ecdsa_testvector_25),
3684 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3685 nist_186_2_ecdsa_testvector_25),
3686 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3687 nist_186_2_ecdsa_testvector_26),
3688 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3689 nist_186_2_ecdsa_testvector_26),
3690 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3691 nist_186_2_ecdsa_testvector_27),
3692 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3693 nist_186_2_ecdsa_testvector_27),
3694 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3695 nist_186_2_ecdsa_testvector_28),
3696 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3697 nist_186_2_ecdsa_testvector_28),
3698 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3699 nist_186_2_ecdsa_testvector_29),
3700 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3701 nist_186_2_ecdsa_testvector_29),
3702 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3703 nist_186_2_ecdsa_testvector_30),
3704 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3705 nist_186_2_ecdsa_testvector_30),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3706 /* [P-256] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3707 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3708 nist_186_2_ecdsa_testvector_31),
3709 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3710 nist_186_2_ecdsa_testvector_31),
3711 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3712 nist_186_2_ecdsa_testvector_32),
3713 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3714 nist_186_2_ecdsa_testvector_32),
3715 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3716 nist_186_2_ecdsa_testvector_33),
3717 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3718 nist_186_2_ecdsa_testvector_33),
3719 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3720 nist_186_2_ecdsa_testvector_34),
3721 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3722 nist_186_2_ecdsa_testvector_34),
3723 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3724 nist_186_2_ecdsa_testvector_35),
3725 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3726 nist_186_2_ecdsa_testvector_35),
3727 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3728 nist_186_2_ecdsa_testvector_36),
3729 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3730 nist_186_2_ecdsa_testvector_36),
3731 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3732 nist_186_2_ecdsa_testvector_37),
3733 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3734 nist_186_2_ecdsa_testvector_37),
3735 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3736 nist_186_2_ecdsa_testvector_38),
3737 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3738 nist_186_2_ecdsa_testvector_38),
3739 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3740 nist_186_2_ecdsa_testvector_39),
3741 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3742 nist_186_2_ecdsa_testvector_39),
3743 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3744 nist_186_2_ecdsa_testvector_40),
3745 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3746 nist_186_2_ecdsa_testvector_40),
3747 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3748 nist_186_2_ecdsa_testvector_41),
3749 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3750 nist_186_2_ecdsa_testvector_41),
3751 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3752 nist_186_2_ecdsa_testvector_42),
3753 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3754 nist_186_2_ecdsa_testvector_42),
3755 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3756 nist_186_2_ecdsa_testvector_43),
3757 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3758 nist_186_2_ecdsa_testvector_43),
3759 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3760 nist_186_2_ecdsa_testvector_44),
3761 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3762 nist_186_2_ecdsa_testvector_44),
3763 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3764 nist_186_2_ecdsa_testvector_45),
3765 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3766 nist_186_2_ecdsa_testvector_45),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3767 /* [P-384] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3768 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3769 nist_186_2_ecdsa_testvector_46),
3770 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3771 nist_186_2_ecdsa_testvector_46),
3772 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3773 nist_186_2_ecdsa_testvector_47),
3774 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3775 nist_186_2_ecdsa_testvector_47),
3776 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3777 nist_186_2_ecdsa_testvector_48),
3778 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3779 nist_186_2_ecdsa_testvector_48),
3780 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3781 nist_186_2_ecdsa_testvector_49),
3782 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3783 nist_186_2_ecdsa_testvector_49),
3784 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3785 nist_186_2_ecdsa_testvector_50),
3786 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3787 nist_186_2_ecdsa_testvector_50),
3788 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3789 nist_186_2_ecdsa_testvector_51),
3790 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3791 nist_186_2_ecdsa_testvector_51),
3792 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3793 nist_186_2_ecdsa_testvector_52),
3794 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3795 nist_186_2_ecdsa_testvector_52),
3796 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3797 nist_186_2_ecdsa_testvector_53),
3798 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3799 nist_186_2_ecdsa_testvector_53),
3800 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3801 nist_186_2_ecdsa_testvector_54),
3802 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3803 nist_186_2_ecdsa_testvector_54),
3804 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3805 nist_186_2_ecdsa_testvector_55),
3806 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3807 nist_186_2_ecdsa_testvector_55),
3808 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3809 nist_186_2_ecdsa_testvector_56),
3810 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3811 nist_186_2_ecdsa_testvector_56),
3812 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3813 nist_186_2_ecdsa_testvector_57),
3814 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3815 nist_186_2_ecdsa_testvector_57),
3816 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3817 nist_186_2_ecdsa_testvector_58),
3818 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3819 nist_186_2_ecdsa_testvector_58),
3820 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3821 nist_186_2_ecdsa_testvector_59),
3822 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3823 nist_186_2_ecdsa_testvector_59),
3824 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3825 nist_186_2_ecdsa_testvector_60),
3826 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3827 nist_186_2_ecdsa_testvector_60),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3828 /* [P-521] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3829 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3830 nist_186_2_ecdsa_testvector_61),
3831 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3832 nist_186_2_ecdsa_testvector_61),
3833 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3834 nist_186_2_ecdsa_testvector_62),
3835 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3836 nist_186_2_ecdsa_testvector_62),
3837 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3838 nist_186_2_ecdsa_testvector_63),
3839 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3840 nist_186_2_ecdsa_testvector_63),
3841 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3842 nist_186_2_ecdsa_testvector_64),
3843 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3844 nist_186_2_ecdsa_testvector_64),
3845 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3846 nist_186_2_ecdsa_testvector_65),
3847 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3848 nist_186_2_ecdsa_testvector_65),
3849 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3850 nist_186_2_ecdsa_testvector_66),
3851 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3852 nist_186_2_ecdsa_testvector_66),
3853 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3854 nist_186_2_ecdsa_testvector_67),
3855 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3856 nist_186_2_ecdsa_testvector_67),
3857 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3858 nist_186_2_ecdsa_testvector_68),
3859 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3860 nist_186_2_ecdsa_testvector_68),
3861 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3862 nist_186_2_ecdsa_testvector_69),
3863 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3864 nist_186_2_ecdsa_testvector_69),
3865 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3866 nist_186_2_ecdsa_testvector_70),
3867 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3868 nist_186_2_ecdsa_testvector_70),
3869 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3870 nist_186_2_ecdsa_testvector_71),
3871 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3872 nist_186_2_ecdsa_testvector_71),
3873 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3874 nist_186_2_ecdsa_testvector_72),
3875 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3876 nist_186_2_ecdsa_testvector_72),
3877 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3878 nist_186_2_ecdsa_testvector_73),
3879 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3880 nist_186_2_ecdsa_testvector_73),
3881 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3882 nist_186_2_ecdsa_testvector_74),
3883 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3884 nist_186_2_ecdsa_testvector_74),
3885 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3886 nist_186_2_ecdsa_testvector_75),
3887 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3888 nist_186_2_ecdsa_testvector_75),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3889 /* [K-163] - GP NOT SUPPORTED */
3890 /* [K-233] - GP NOT SUPPORTED */
3891 /* [K-283] - GP NOT SUPPORTED */
3892 /* [K-409] - GP NOT SUPPORTED */
3893 /* [K-571] - GP NOT SUPPORTED */
3894 /* [B-163] - GP NOT SUPPORTED */
3895 /* [B-233] - GP NOT SUPPORTED */
3896 /* [B-283] - GP NOT SUPPORTED */
3897 /* [B-409] - GP NOT SUPPORTED */
3898 /* [B-571] - GP NOT SUPPORTED */
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3899
3900 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_ENCRYPT,
3901 gmt_0003_part5_c2_sm2_testvector),
3902 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_DECRYPT,
3903 gmt_0003_part5_c2_sm2_testvector),
3904 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_ENCRYPT,
3905 sm2_testvector2),
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3906
3907 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_DSA_SM3, TEE_MODE_VERIFY,
3908 gmt_003_part5_a2),
3909 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_DSA_SM3, TEE_MODE_SIGN,
3910 gmt_003_part5_a2),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3911};
3912
3913static bool create_key(ADBG_Case_t *c, TEEC_Session *s,
3914 uint32_t max_key_size, uint32_t key_type,
3915 TEE_Attribute *attrs, size_t num_attrs,
3916 TEE_ObjectHandle *handle)
3917{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3918 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3919
3920 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3921 ta_crypt_cmd_allocate_transient_object(c, s, key_type,
3922 max_key_size, handle)))
3923 return false;
3924
3925 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3926 ta_crypt_cmd_populate_transient_object(c, s, *handle, attrs,
3927 num_attrs)))
3928 return false;
3929
3930 for (n = 0; n < num_attrs; n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3931 uint8_t out[512] = { };
3932 size_t out_size = sizeof(out);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3933
3934 if (attrs[n].attributeID == TEE_ATTR_ECC_CURVE)
3935 continue;
3936
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3937 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3938 ta_crypt_cmd_get_object_buffer_attribute(c, s, *handle,
3939 attrs[n].attributeID, out, &out_size)))
3940 return false;
3941
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3942 if (out_size < attrs[n].content.ref.length) {
3943 memmove(out + (attrs[n].content.ref.length - out_size),
3944 out,
3945 attrs[n].content.ref.length);
3946 memset(out, 0, attrs[n].content.ref.length - out_size);
3947 out_size = attrs[n].content.ref.length;
3948 }
3949
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3950 if (!ADBG_EXPECT_BUFFER(c, attrs[n].content.ref.buffer,
3951 attrs[n].content.ref.length, out, out_size))
3952 return false;
3953 }
3954
3955 return true;
3956}
3957
3958static void xtest_tee_test_4006(ADBG_Case_t *c)
3959{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3960 TEEC_Session session = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3961 TEE_OperationHandle op = TEE_HANDLE_NULL;
3962 TEE_ObjectHandle priv_key_handle = TEE_HANDLE_NULL;
3963 TEE_ObjectHandle pub_key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3964 TEE_Attribute key_attrs[8] = { };
3965 TEE_Attribute algo_params[1] = { };
3966 size_t num_algo_params = 0;
3967 uint8_t out[512] = { };
3968 size_t out_size = 0;
3969 uint8_t out_enc[512] = { };
3970 size_t out_enc_size = 0;
3971 uint8_t ptx_hash[TEE_MAX_HASH_SIZE] = { };
Etienne Carriere481c6602019-01-22 13:27:26 +0100[diff] [blame]3972 size_t ptx_hash_size = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3973 size_t max_key_size = 0;
3974 size_t num_key_attrs = 0;
3975 uint32_t ret_orig = 0;
3976 size_t n = 0;
3977 uint32_t curve = 0;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3978 uint32_t pub_key_type = 0;
3979 uint32_t priv_key_type = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3980 uint32_t hash_algo = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3981
3982 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3983 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
3984 &ret_orig)))
3985 return;
3986
3987 for (n = 0; n < ARRAY_SIZE(xtest_ac_cases); n++) {
3988 const struct xtest_ac_case *tv = xtest_ac_cases + n;
3989
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3990 if (tv->level > level)
3991 continue;
3992
Jerome Forissier4b03e282020-01-22 16:33:12 +0100[diff] [blame]3993 if ((tv->algo == TEE_ALG_SM2_PKE ||
3994 tv->algo == TEE_ALG_SM2_DSA_SM3) &&
3995 !ta_crypt_cmd_is_algo_supported(c, &session, tv->algo,
3996 TEE_ECC_CURVE_SM2)) {
3997 Do_ADBG_Log("SM2 not supported: skip subcase");
3998 continue;
3999 }
4000
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4001 Do_ADBG_BeginSubCase(c, "Asym Crypto case %d algo 0x%x line %d",
4002 (int)n, (unsigned int)tv->algo,
4003 (int)tv->line);
4004
4005 /*
4006 * When signing or verifying we're working with the hash of
4007 * the payload.
4008 */
4009 if (tv->mode == TEE_MODE_VERIFY || tv->mode == TEE_MODE_SIGN) {
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4010 if (TEE_ALG_GET_MAIN_ALG(tv->algo) == TEE_MAIN_ALGO_ECDSA)
4011 hash_algo = TEE_ALG_SHA1;
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]4012#if defined(CFG_CRYPTO_RSASSA_NA1)
4013 else if (tv->algo == TEE_ALG_RSASSA_PKCS1_V1_5)
4014 hash_algo = TEE_ALG_SHA256;
4015#endif
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4016 else
4017 hash_algo = TEE_ALG_HASH_ALGO(
4018 TEE_ALG_GET_DIGEST_HASH(tv->algo));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4019
4020 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4021 ta_crypt_cmd_allocate_operation(c, &session,
4022 &op, hash_algo, TEE_MODE_DIGEST, 0)))
4023 goto out;
4024
4025 ptx_hash_size = sizeof(ptx_hash);
4026 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4027 ta_crypt_cmd_digest_do_final(c, & session, op,
4028 tv->ptx, tv->ptx_len, ptx_hash,
4029 &ptx_hash_size)))
4030 goto out;
4031
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]4032 /*
4033 * When we use DSA algorithms, the size of the hash we
4034 * consider equals the min between the size of the
4035 * "subprime" in the key and the size of the hash
4036 */
4037 if (TEE_ALG_GET_MAIN_ALG(tv->algo) ==
4038 TEE_MAIN_ALGO_DSA) {
4039 if (tv->params.dsa.sub_prime_len <=
4040 ptx_hash_size)
4041 ptx_hash_size =
4042 tv->params.dsa.sub_prime_len;
4043 }
4044
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4045 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4046 ta_crypt_cmd_free_operation(c, &session, op)))
4047 goto out;
4048 }
4049
4050 num_algo_params = 0;
4051 num_key_attrs = 0;
4052 switch (TEE_ALG_GET_MAIN_ALG(tv->algo)) {
4053 case TEE_MAIN_ALGO_RSA:
4054 if (tv->params.rsa.salt_len > 0) {
4055 algo_params[0].attributeID =
4056 TEE_ATTR_RSA_PSS_SALT_LENGTH;
4057 algo_params[0].content.value.a =
4058 tv->params.rsa.salt_len;
4059 algo_params[0].content.value.b = 0;
4060 num_algo_params = 1;
4061 }
4062
4063 max_key_size = tv->params.rsa.modulus_len * 8;
4064
4065 xtest_add_attr(&num_key_attrs, key_attrs,
4066 TEE_ATTR_RSA_MODULUS,
4067 tv->params.rsa.modulus,
4068 tv->params.rsa.modulus_len);
4069 xtest_add_attr(&num_key_attrs, key_attrs,
4070 TEE_ATTR_RSA_PUBLIC_EXPONENT,
4071 tv->params.rsa.pub_exp,
4072 tv->params.rsa.pub_exp_len);
4073
4074 if (!ADBG_EXPECT_TRUE(c,
4075 create_key(c, &session,
4076 max_key_size,
4077 TEE_TYPE_RSA_PUBLIC_KEY,
4078 key_attrs,
4079 num_key_attrs,
4080 &pub_key_handle)))
4081 goto out;
4082
4083 xtest_add_attr(&num_key_attrs, key_attrs,
4084 TEE_ATTR_RSA_PRIVATE_EXPONENT,
4085 tv->params.rsa.priv_exp,
4086 tv->params.rsa.priv_exp_len);
4087
4088 if (tv->params.rsa.prime1_len != 0) {
4089 xtest_add_attr(&num_key_attrs, key_attrs,
4090 TEE_ATTR_RSA_PRIME1,
4091 tv->params.rsa.prime1,
4092 tv->params.rsa.prime1_len);
4093 }
4094
4095 if (tv->params.rsa.prime2_len != 0) {
4096 xtest_add_attr(&num_key_attrs, key_attrs,
4097 TEE_ATTR_RSA_PRIME2,
4098 tv->params.rsa.prime2,
4099 tv->params.rsa.prime2_len);
4100 }
4101
4102 if (tv->params.rsa.exp1_len != 0) {
4103 xtest_add_attr(&num_key_attrs, key_attrs,
4104 TEE_ATTR_RSA_EXPONENT1,
4105 tv->params.rsa.exp1,
4106 tv->params.rsa.exp1_len);
4107 }
4108
4109 if (tv->params.rsa.exp2_len != 0) {
4110 xtest_add_attr(&num_key_attrs, key_attrs,
4111 TEE_ATTR_RSA_EXPONENT2,
4112 tv->params.rsa.exp2,
4113 tv->params.rsa.exp2_len);
4114 }
4115
4116 if (tv->params.rsa.coeff_len != 0) {
4117 xtest_add_attr(&num_key_attrs, key_attrs,
4118 TEE_ATTR_RSA_COEFFICIENT,
4119 tv->params.rsa.coeff,
4120 tv->params.rsa.coeff_len);
4121 }
4122
4123 if (!ADBG_EXPECT_TRUE(c,
4124 create_key(c, &session,
4125 max_key_size,
4126 TEE_TYPE_RSA_KEYPAIR,
4127 key_attrs,
4128 num_key_attrs,
4129 &priv_key_handle)))
4130 goto out;
4131 break;
4132
4133 case TEE_MAIN_ALGO_DSA:
4134 max_key_size = tv->params.dsa.prime_len * 8;
4135
4136 xtest_add_attr(&num_key_attrs, key_attrs,
4137 TEE_ATTR_DSA_PRIME,
4138 tv->params.dsa.prime,
4139 tv->params.dsa.prime_len);
4140 xtest_add_attr(&num_key_attrs, key_attrs,
4141 TEE_ATTR_DSA_SUBPRIME,
4142 tv->params.dsa.sub_prime,
4143 tv->params.dsa.sub_prime_len);
4144 xtest_add_attr(&num_key_attrs, key_attrs,
4145 TEE_ATTR_DSA_BASE,
4146 tv->params.dsa.base,
4147 tv->params.dsa.base_len);
4148 xtest_add_attr(&num_key_attrs, key_attrs,
4149 TEE_ATTR_DSA_PUBLIC_VALUE,
4150 tv->params.dsa.pub_val,
4151 tv->params.dsa.pub_val_len);
4152
4153 if (!ADBG_EXPECT_TRUE(c,
4154 create_key(c, &session, max_key_size,
4155 TEE_TYPE_DSA_PUBLIC_KEY, key_attrs,
4156 num_key_attrs, &pub_key_handle)))
4157 goto out;
4158
4159 xtest_add_attr(&num_key_attrs, key_attrs,
4160 TEE_ATTR_DSA_PRIVATE_VALUE,
4161 tv->params.dsa.priv_val,
4162 tv->params.dsa.priv_val_len);
4163
4164 if (!ADBG_EXPECT_TRUE(c,
4165 create_key(c, &session, max_key_size,
4166 TEE_TYPE_DSA_KEYPAIR, key_attrs,
4167 num_key_attrs, &priv_key_handle)))
4168 goto out;
4169 break;
4170
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4171 case TEE_MAIN_ALGO_ECDSA:
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4172 case TEE_MAIN_ALGO_SM2_PKE:
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]4173 case TEE_MAIN_ALGO_SM2_DSA_SM3:
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4174 switch (tv->algo) {
4175 case TEE_ALG_ECDSA_P192:
4176 curve = TEE_ECC_CURVE_NIST_P192;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4177 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
4178 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4179 break;
4180 case TEE_ALG_ECDSA_P224:
4181 curve = TEE_ECC_CURVE_NIST_P224;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4182 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
4183 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4184 break;
4185 case TEE_ALG_ECDSA_P256:
4186 curve = TEE_ECC_CURVE_NIST_P256;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4187 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
4188 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4189 break;
4190 case TEE_ALG_ECDSA_P384:
4191 curve = TEE_ECC_CURVE_NIST_P384;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4192 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
4193 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4194 break;
4195 case TEE_ALG_ECDSA_P521:
4196 curve = TEE_ECC_CURVE_NIST_P521;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4197 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
4198 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
4199 break;
4200 case TEE_ALG_SM2_PKE:
4201 curve = TEE_ECC_CURVE_SM2;
4202 pub_key_type = TEE_TYPE_SM2_PKE_PUBLIC_KEY;
4203 priv_key_type = TEE_TYPE_SM2_PKE_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4204 break;
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]4205 case TEE_ALG_SM2_DSA_SM3:
4206 curve = TEE_ECC_CURVE_SM2;
4207 pub_key_type = TEE_TYPE_SM2_DSA_PUBLIC_KEY;
4208 priv_key_type = TEE_TYPE_SM2_DSA_KEYPAIR;
4209 break;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4210 default:
4211 curve = 0xFF;
4212 break;
4213 }
4214
4215 if (tv->algo == TEE_ALG_ECDSA_P521)
4216 max_key_size = 521;
4217 else
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]4218 max_key_size = tv->params.ecc.private_len * 8;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4219
4220 xtest_add_attr_value(&num_key_attrs, key_attrs,
4221 TEE_ATTR_ECC_CURVE, curve, 0);
4222 xtest_add_attr(&num_key_attrs, key_attrs,
4223 TEE_ATTR_ECC_PUBLIC_VALUE_X,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]4224 tv->params.ecc.public_x,
4225 tv->params.ecc.public_x_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4226 xtest_add_attr(&num_key_attrs, key_attrs,
4227 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]4228 tv->params.ecc.public_y,
4229 tv->params.ecc.public_y_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4230
4231 if (!ADBG_EXPECT_TRUE(c,
4232 create_key(c, &session, max_key_size,
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4233 pub_key_type, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4234 num_key_attrs, &pub_key_handle)))
4235 goto out;
4236
4237 xtest_add_attr(&num_key_attrs, key_attrs,
4238 TEE_ATTR_ECC_PRIVATE_VALUE,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]4239 tv->params.ecc.private,
4240 tv->params.ecc.private_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4241
4242 if (!ADBG_EXPECT_TRUE(c,
4243 create_key(c, &session, max_key_size,
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4244 priv_key_type, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4245 num_key_attrs, &priv_key_handle)))
4246 goto out;
4247 break;
4248
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4249 default:
4250 ADBG_EXPECT_TRUE(c, false);
4251 goto out;
4252 }
4253
4254 out_size = sizeof(out);
4255 memset(out, 0, sizeof(out));
4256 switch (tv->mode) {
4257 case TEE_MODE_ENCRYPT:
4258 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4259 ta_crypt_cmd_allocate_operation(c, &session,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4260 &op, tv->algo, TEE_MODE_ENCRYPT,
4261 max_key_size)))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4262 goto out;
4263
4264 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4265 ta_crypt_cmd_set_operation_key(c, &session, op,
4266 pub_key_handle)))
4267 goto out;
4268
4269 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4270 ta_crypt_cmd_free_transient_object(c, &session,
4271 pub_key_handle)))
4272 goto out;
4273 pub_key_handle = TEE_HANDLE_NULL;
4274
4275 out_enc_size = sizeof(out_enc);
4276 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4277 ta_crypt_cmd_asymmetric_encrypt(c, &session, op,
4278 NULL, 0, tv->ptx, tv->ptx_len, out_enc,
4279 &out_enc_size)))
4280 goto out;
4281
4282 /*
4283 * A PS which is random is added when formatting the
4284 * message internally of the algorithm so we can't
4285 * verify against precomputed values, instead we use the
4286 * decrypt operation to see that output is correct.
4287 */
4288
4289 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4290 ta_crypt_cmd_free_operation(c, &session, op)))
4291 goto out;
4292
4293 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4294 ta_crypt_cmd_allocate_operation(c, &session,
4295 &op, tv->algo, TEE_MODE_DECRYPT,
4296 max_key_size)))
4297 goto out;
4298
4299 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4300 ta_crypt_cmd_set_operation_key(c, &session, op,
4301 priv_key_handle)))
4302 goto out;
4303
4304 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4305 ta_crypt_cmd_free_transient_object(c, &session,
4306 priv_key_handle)))
4307 goto out;
4308
4309 priv_key_handle = TEE_HANDLE_NULL;
4310
4311 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4312 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
4313 NULL, 0, out_enc, out_enc_size, out,
4314 &out_size)))
4315 goto out;
4316
4317 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
4318 out_size);
4319 break;
4320
4321 case TEE_MODE_DECRYPT:
4322 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4323 ta_crypt_cmd_allocate_operation(c, &session,
4324 &op, tv->algo, TEE_MODE_DECRYPT,
4325 max_key_size)))
4326 goto out;
4327
4328 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4329 ta_crypt_cmd_set_operation_key(c, &session, op,
4330 priv_key_handle)))
4331 goto out;
4332
4333 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4334 ta_crypt_cmd_free_transient_object(c, &session,
4335 priv_key_handle)))
4336 goto out;
4337
4338 priv_key_handle = TEE_HANDLE_NULL;
4339
4340 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4341 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
4342 NULL, 0, tv->ctx, tv->ctx_len, out,
4343 &out_size)))
4344 goto out;
4345
4346 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
4347 out_size);
4348 break;
4349
4350 case TEE_MODE_VERIFY:
4351 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4352 ta_crypt_cmd_allocate_operation(c, &session,
4353 &op, tv->algo, TEE_MODE_VERIFY,
4354 max_key_size)))
4355 goto out;
4356
4357 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4358 ta_crypt_cmd_set_operation_key(c, &session, op,
4359 pub_key_handle)))
4360 goto out;
4361
4362 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4363 ta_crypt_cmd_free_transient_object(c, &session,
4364 pub_key_handle)))
4365 goto out;
4366
4367 pub_key_handle = TEE_HANDLE_NULL;
4368
4369 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4370 ta_crypt_cmd_asymmetric_verify(c, &session, op,
4371 algo_params, num_algo_params, ptx_hash,
4372 ptx_hash_size, tv->ctx, tv->ctx_len)))
4373 goto out;
4374 break;
4375
4376 case TEE_MODE_SIGN:
4377 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4378 ta_crypt_cmd_allocate_operation(c, &session,
4379 &op, tv->algo, TEE_MODE_SIGN,
4380 max_key_size)))
4381 goto out;
4382
4383 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4384 ta_crypt_cmd_set_operation_key(c, &session, op,
4385 priv_key_handle)))
4386 goto out;
4387
4388 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4389 ta_crypt_cmd_free_transient_object(c, &session,
4390 priv_key_handle)))
4391 goto out;
4392
4393 priv_key_handle = TEE_HANDLE_NULL;
4394
4395 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4396 ta_crypt_cmd_asymmetric_sign(c, &session, op,
4397 algo_params, num_algo_params, ptx_hash,
4398 ptx_hash_size, out, &out_size)))
4399 goto out;
4400
4401 if (TEE_ALG_GET_CHAIN_MODE(tv->algo) ==
4402 TEE_CHAIN_MODE_PKCS1_PSS_MGF1 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4403 tv->algo == TEE_ALG_DSA_SHA1 ||
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]4404 tv->algo == TEE_ALG_DSA_SHA224 ||
4405 tv->algo == TEE_ALG_DSA_SHA256 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4406 TEE_ALG_GET_MAIN_ALG(tv->algo) ==
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]4407 TEE_MAIN_ALGO_ECDSA ||
4408 tv->algo == TEE_ALG_SM2_DSA_SM3) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4409 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4410 ta_crypt_cmd_free_operation(c, &session,
4411 op)))
4412 goto out;
4413 /*
4414 * The salt or K is random so we can't verify
4415 * signing against precomputed values, instead
4416 * we use the verify operation to see that
4417 * output is correct.
4418 */
4419 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4420 ta_crypt_cmd_allocate_operation(c,
4421 &session, &op, tv->algo,
4422 TEE_MODE_VERIFY, max_key_size)))
4423 goto out;
4424
4425 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4426 ta_crypt_cmd_set_operation_key(c,
4427 &session, op, pub_key_handle)))
4428 goto out;
4429
4430 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4431 ta_crypt_cmd_free_transient_object(c,
4432 &session, pub_key_handle)))
4433 goto out;
4434
4435 pub_key_handle = TEE_HANDLE_NULL;
4436
4437 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4438 ta_crypt_cmd_asymmetric_verify(c,
4439 &session, op, algo_params,
4440 num_algo_params, ptx_hash,
4441 ptx_hash_size, out, out_size)))
4442 goto out;
4443 } else {
4444 (void)ADBG_EXPECT_BUFFER(c, tv->ctx,
4445 tv->ctx_len, out,
4446 out_size);
4447 }
4448 break;
4449
4450 default:
4451 break;
4452 }
4453
4454 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4455 ta_crypt_cmd_free_operation(c, &session, op)))
4456 goto out;
4457
4458 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4459 ta_crypt_cmd_free_transient_object(c, &session,
4460 pub_key_handle)))
4461 goto out;
4462 pub_key_handle = TEE_HANDLE_NULL;
4463
4464 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4465 ta_crypt_cmd_free_transient_object(c, &session,
4466 priv_key_handle)))
4467 goto out;
4468
4469 priv_key_handle = TEE_HANDLE_NULL;
4470
4471 Do_ADBG_EndSubCase(c, NULL);
4472 }
4473out:
4474 TEEC_CloseSession(&session);
4475}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4476ADBG_CASE_DEFINE(regression, 4006, xtest_tee_test_4006,
4477 "Test TEE Internal API Asymmetric Cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4478
4479#define KEY_ATTR(x, y) { #x, (x), y }
4480
4481struct key_attrs {
4482 const char *name;
4483 uint32_t attr;
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4484 /*
4485 * When keysize_check != 0: size of attribute is checked
4486 * Expected value is key_size bits except for DH in which case it is
4487 * the value of keysize_check.
4488 */
4489 uint32_t keysize_check;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4490};
4491
4492static bool test_keygen_attributes(ADBG_Case_t *c, TEEC_Session *s,
4493 TEE_ObjectHandle key, uint32_t key_size,
4494 struct key_attrs *attrs, size_t num_attrs)
4495{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4496 uint8_t out[2048] = { };
4497 size_t out_size = 0;
4498 size_t n = 0;
4499 size_t m = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4500
4501 for (m = 0; m < num_attrs; m++) {
4502 if ((attrs[m].attr & TEE_ATTR_BIT_VALUE) == 0) {
4503 out_size = sizeof(out);
4504 memset(out, 0, sizeof(out));
4505 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4506 ta_crypt_cmd_get_object_buffer_attribute(c, s,
4507 key, attrs[m].attr, out, &out_size)))
4508 return false;
4509
4510 if (attrs[m].keysize_check)
4511 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
4512 key_size / 8);
4513
4514 if (out_size > 0) {
4515 /* Check that buffer isn't all zeroes */
4516 for (n = 0; n < out_size; n++)
4517 if (out[n] != 0)
4518 break;
4519 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <,
4520 out_size))
4521 return false;
4522 }
4523 } else {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4524 uint32_t a = 0;
4525 uint32_t b = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4526
4527 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4528 ta_crypt_cmd_get_object_value_attribute(c, s, key,
4529 attrs[m].attr, &a, &b)))
4530 return false;
4531 }
4532 }
4533 return true;
4534}
4535
4536static bool test_secret_value(ADBG_Case_t *c, TEEC_Session *s,
4537 TEE_ObjectHandle key, uint32_t key_size)
4538{
4539 const struct key_attrs attrs[] = {
4540 KEY_ATTR(TEE_ATTR_SECRET_VALUE, true),
4541 };
4542
4543 return test_keygen_attributes(c, s, key, key_size,
4544 (struct key_attrs *)&attrs,
4545 ARRAY_SIZE(attrs));
4546}
4547
4548
4549static bool test_rsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4550 TEE_ObjectHandle key, uint32_t key_size)
4551{
4552 const struct key_attrs attrs[] = {
4553 KEY_ATTR(TEE_ATTR_RSA_MODULUS, true),
4554 KEY_ATTR(TEE_ATTR_RSA_PUBLIC_EXPONENT, false),
4555 KEY_ATTR(TEE_ATTR_RSA_PRIVATE_EXPONENT, false),
4556 KEY_ATTR(TEE_ATTR_RSA_PRIME1, false),
4557 KEY_ATTR(TEE_ATTR_RSA_PRIME2, false),
4558 KEY_ATTR(TEE_ATTR_RSA_EXPONENT1, false),
4559 KEY_ATTR(TEE_ATTR_RSA_EXPONENT2, false),
4560 KEY_ATTR(TEE_ATTR_RSA_COEFFICIENT, false),
4561 };
4562
4563 return test_keygen_attributes(c, s, key, key_size,
4564 (struct key_attrs *)&attrs,
4565 ARRAY_SIZE(attrs));
4566}
4567
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4568static bool test_ecc_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4569 TEE_ObjectHandle key, uint32_t key_size)
4570{
4571 const struct key_attrs attrs[] = {
4572 KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE, false),
4573 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X , false),
4574 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y , false),
4575 /* KEY_ATTR(TEE_ATTR_ECC_CURVE, false), - do not test */
4576 };
4577
4578 return test_keygen_attributes(c, s, key, key_size,
4579 (struct key_attrs *)&attrs,
4580 ARRAY_SIZE(attrs));
4581}
4582
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4583static bool test_dh_key_pair(ADBG_Case_t *c, TEEC_Session *s,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4584 TEE_ObjectHandle key, uint32_t check_keysize)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4585{
4586 const struct key_attrs attrs[] = {
4587 KEY_ATTR(TEE_ATTR_DH_PRIME, false),
4588 KEY_ATTR(TEE_ATTR_DH_BASE, false),
4589 KEY_ATTR(TEE_ATTR_DH_PUBLIC_VALUE, false),
4590 KEY_ATTR(TEE_ATTR_DH_PRIVATE_VALUE, check_keysize),
4591 KEY_ATTR(TEE_ATTR_DH_X_BITS, false),
4592 };
4593
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4594 return test_keygen_attributes(c, s, key, check_keysize,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4595 (struct key_attrs *)&attrs,
4596 ARRAY_SIZE(attrs));
4597}
4598
4599static bool test_dsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4600 TEE_ObjectHandle key, uint32_t key_size)
4601{
4602 const struct key_attrs attrs[] = {
4603 KEY_ATTR(TEE_ATTR_DSA_PRIME, true),
4604 KEY_ATTR(TEE_ATTR_DSA_SUBPRIME, false),
4605 KEY_ATTR(TEE_ATTR_DSA_BASE, false),
4606 KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE, false),
4607 KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE, false),
4608 };
4609
4610 return test_keygen_attributes(c, s, key, key_size,
4611 (struct key_attrs *)&attrs,
4612 ARRAY_SIZE(attrs));
4613}
4614
4615static bool generate_and_test_key(ADBG_Case_t *c, TEEC_Session *s,
4616 uint32_t key_type, uint32_t check_keysize,
4617 uint32_t key_size,
4618 TEE_Attribute *params, size_t param_count)
4619{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4620 TEE_ObjectHandle key = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4621 bool ret_val = true;
4622
4623 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4624 ta_crypt_cmd_allocate_transient_object(c, s, key_type, key_size,
4625 &key)))
4626 return false;
4627
4628 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4629 ta_crypt_cmd_generate_key(c, s, key, key_size, params,
4630 param_count)))
4631 return false;
4632
4633 switch (key_type) {
4634 case TEE_TYPE_DES:
4635 case TEE_TYPE_DES3:
4636 ret_val = ADBG_EXPECT_TRUE(c,
4637 test_secret_value(c, s, key,
4638 key_size + key_size / 7));
4639 break;
4640 case TEE_TYPE_AES:
4641 case TEE_TYPE_HMAC_MD5:
4642 case TEE_TYPE_HMAC_SHA1:
4643 case TEE_TYPE_HMAC_SHA224:
4644 case TEE_TYPE_HMAC_SHA256:
4645 case TEE_TYPE_HMAC_SHA384:
4646 case TEE_TYPE_HMAC_SHA512:
4647 case TEE_TYPE_GENERIC_SECRET:
4648 ret_val = ADBG_EXPECT_TRUE(c,
4649 test_secret_value(c, s, key, key_size));
4650 break;
4651
4652 case TEE_TYPE_RSA_KEYPAIR:
4653 ret_val = ADBG_EXPECT_TRUE(c,
4654 test_rsa_key_pair(c, s, key, key_size));
4655 break;
4656
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4657 case TEE_TYPE_ECDSA_KEYPAIR:
4658 case TEE_TYPE_ECDH_KEYPAIR:
4659 ret_val = ADBG_EXPECT_TRUE(c,
4660 test_ecc_key_pair(c, s, key, key_size));
4661 break;
4662
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4663 case TEE_TYPE_DH_KEYPAIR:
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4664 ret_val = ADBG_EXPECT_TRUE(c,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4665 test_dh_key_pair(c, s, key, check_keysize));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4666 break;
4667
4668 case TEE_TYPE_DSA_KEYPAIR:
4669 ret_val = ADBG_EXPECT_TRUE(c,
4670 test_dsa_key_pair(c, s, key, key_size));
4671 break;
4672
4673 default:
4674 ret_val = false;
4675 break;
4676 }
4677
4678 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4679 ta_crypt_cmd_free_transient_object(c, s, key)))
4680 return false;
4681
4682 return ret_val;
4683}
4684
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4685struct key_types_noparam {
4686 unsigned level;
4687 const char *name;
4688 uint32_t key_type;
4689 uint32_t quanta;
4690 uint32_t min_size;
4691 uint32_t max_size;
4692};
4693
4694static void keygen_noparams(ADBG_Case_t *c, TEEC_Session *session,
4695 const struct key_types_noparam *key_types,
4696 size_t num_key_types)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4697{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4698 size_t n = 0;
4699 uint32_t key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4700
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4701 for (n = 0; n < num_key_types; n++) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4702 uint32_t min_size = key_types[n].min_size;
4703 uint32_t max_size = key_types[n].max_size;
4704 uint32_t quanta = key_types[n].quanta;
4705
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4706 if (key_types[n].level > level)
4707 continue;
4708
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4709 Do_ADBG_BeginSubCase(c, "Generate %s key", key_types[n].name);
4710
4711 for (key_size = min_size; key_size <= max_size;
4712 key_size += quanta) {
4713 if (!ADBG_EXPECT_TRUE(c,
4714 generate_and_test_key(c, session, key_types
4715 [n].key_type, 1, key_size, NULL, 0)))
4716 break;
4717 }
4718
4719 Do_ADBG_EndSubCase(c, "Generate %s key", key_types[n].name);
4720 }
4721}
4722
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4723static void xtest_tee_test_4007_symmetric(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4724{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4725 TEEC_Session session = { };
4726 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4727 static const struct key_types_noparam key_types[] = {
4728 { 0, "AES", TEE_TYPE_AES, 64, 128,
4729 256 /* valid sizes 128, 192, 256 */ },
4730 { 0, "DES", TEE_TYPE_DES, 56, 56, 56 /* valid size 56 */ },
4731 { 0, "DES3", TEE_TYPE_DES3, 56, 112,
4732 168 /* valid sizes 112, 168 */ },
4733 { 0, "HMAC-MD5", TEE_TYPE_HMAC_MD5, 8, 64, 512 },
4734 { 0, "HMAC-SHA1", TEE_TYPE_HMAC_SHA1, 8, 80, 512 },
4735 { 0, "HMAC-SHA224", TEE_TYPE_HMAC_SHA224, 8, 112, 512 },
4736 { 0, "HMAC-SHA256", TEE_TYPE_HMAC_SHA256, 8, 192, 1024 },
4737 { 0, "HMAC-SHA384", TEE_TYPE_HMAC_SHA384, 8, 256, 1024 },
4738 { 0, "HMAC-SHA512", TEE_TYPE_HMAC_SHA512, 8, 256, 1024 },
4739 { 0, "Generic secret", TEE_TYPE_GENERIC_SECRET, 8, 128, 4096 },
4740 };
4741
4742 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4743 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4744 &ret_orig)))
4745 return;
4746
4747 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4748
4749 TEEC_CloseSession(&session);
4750}
4751ADBG_CASE_DEFINE(regression, 4007_symmetric, xtest_tee_test_4007_symmetric,
4752 "Test TEE Internal API Generate Symmetric key");
4753
4754static void xtest_tee_test_4007_rsa(ADBG_Case_t *c)
4755{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4756 TEEC_Session session = { };
4757 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4758 static const struct key_types_noparam key_types[] = {
4759 { 0, "RSA-256", TEE_TYPE_RSA_KEYPAIR, 1, 256, 256 },
4760 { 1, "RSA-384", TEE_TYPE_RSA_KEYPAIR, 1, 384, 384 },
4761 { 1, "RSA-512", TEE_TYPE_RSA_KEYPAIR, 1, 512, 512 },
4762 { 1, "RSA-640", TEE_TYPE_RSA_KEYPAIR, 1, 640, 640 },
4763 { 1, "RSA-768", TEE_TYPE_RSA_KEYPAIR, 1, 768, 768 },
4764 { 1, "RSA-896", TEE_TYPE_RSA_KEYPAIR, 1, 896, 896 },
4765 { 1, "RSA-1024", TEE_TYPE_RSA_KEYPAIR, 1, 1024, 1024 },
4766 { 1, "RSA-2048", TEE_TYPE_RSA_KEYPAIR, 1, 2048, 2048 },
4767 { 1, "RSA-3072", TEE_TYPE_RSA_KEYPAIR, 1, 3072, 3072 },
4768 { 1, "RSA-4096", TEE_TYPE_RSA_KEYPAIR, 1, 4096, 4096 },
4769 };
4770
4771 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4772 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4773 &ret_orig)))
4774 return;
4775
4776 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4777
4778 TEEC_CloseSession(&session);
4779}
4780ADBG_CASE_DEFINE(regression, 4007_rsa, xtest_tee_test_4007_rsa,
4781 "Test TEE Internal API Generate RSA key");
4782
4783static void xtest_tee_test_4007_dh(ADBG_Case_t *c)
4784{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4785 TEEC_Session session = { };
4786 uint32_t ret_orig = 0;
4787 size_t n = 0;
4788 size_t param_count = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4789 /*
4790 * Note that the key size parameter is not used when creating the keys
4791 * but specifying these sizes make it possible to test the expected size
4792 * of the private value. This also means that the keysize must match the
4793 * size of p or what is specified in private_bits or the equvivalent
4794 * size of the subprime parameter.
4795 */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4796 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4797
4798#define XTEST_DH_GK_DATA(vect) \
4799 ARRAY(vect ## _p), \
4800 ARRAY(vect ## _g), \
4801 &vect ## _private_bits, \
4802 0, 0
4803#define XTEST_DH_GK_DATA_SUBPRIME(vect) \
4804 ARRAY(vect ## _p), \
4805 ARRAY(vect ## _g), \
4806 &vect ## _private_bits, \
4807 ARRAY(vect ## _subprime)
4808 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4809 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4810 uint32_t key_size;
4811 const uint8_t *p;
4812 size_t p_len;
4813 const uint8_t *g;
4814 size_t g_len;
4815 const uint32_t *private_bits;
4816 const uint8_t *subprime;
4817 size_t subprime_len;
4818 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4819 { 0, 256, XTEST_DH_GK_DATA(keygen_dh256) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4820 { 0, 320, XTEST_DH_GK_DATA(keygen_dh320) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4821 { 1, 384, XTEST_DH_GK_DATA(keygen_dh384) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4822 { 1, 448, XTEST_DH_GK_DATA(keygen_dh448) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4823 { 1, 512, XTEST_DH_GK_DATA(keygen_dh512) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4824 { 1, 576, XTEST_DH_GK_DATA(keygen_dh576) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4825 { 1, 640, XTEST_DH_GK_DATA(keygen_dh640) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4826 { 1, 704, XTEST_DH_GK_DATA(keygen_dh704) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4827 { 1, 768, XTEST_DH_GK_DATA(keygen_dh768) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4828 { 1, 832, XTEST_DH_GK_DATA(keygen_dh832) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4829 { 1, 896, XTEST_DH_GK_DATA(keygen_dh896) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4830 { 1, 960, XTEST_DH_GK_DATA(keygen_dh960) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4831 { 1, 1024, XTEST_DH_GK_DATA(keygen_dh1024) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4832 { 1, 1088, XTEST_DH_GK_DATA(keygen_dh1088) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4833 { 1, 1152, XTEST_DH_GK_DATA(keygen_dh1152) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4834 { 1, 1216, XTEST_DH_GK_DATA(keygen_dh1216) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4835 { 1, 1280, XTEST_DH_GK_DATA(keygen_dh1280) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4836 { 1, 1344, XTEST_DH_GK_DATA(keygen_dh1344) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4837 { 1, 1408, XTEST_DH_GK_DATA(keygen_dh1408) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4838 { 1, 1472, XTEST_DH_GK_DATA(keygen_dh1472) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4839 { 1, 1536, XTEST_DH_GK_DATA(keygen_dh1536) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4840 { 1, 1600, XTEST_DH_GK_DATA(keygen_dh1600) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4841 { 1, 1664, XTEST_DH_GK_DATA(keygen_dh1664) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4842 { 1, 1728, XTEST_DH_GK_DATA(keygen_dh1728) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4843 { 1, 1792, XTEST_DH_GK_DATA(keygen_dh1792) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4844 { 1, 1856, XTEST_DH_GK_DATA(keygen_dh1856) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4845 { 1, 1920, XTEST_DH_GK_DATA(keygen_dh1920) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4846 { 1, 1984, XTEST_DH_GK_DATA(keygen_dh1984) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4847 { 1, 2048, XTEST_DH_GK_DATA(keygen_dh2048) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4848 { 1, 2048, XTEST_DH_GK_DATA_SUBPRIME(keygen_dh2048_subprime) }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4849 };
4850
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4851 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4852 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4853 &ret_orig)))
4854 return;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4855
4856 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4857 if (key_types[n].level > level)
4858 continue;
4859
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4860 Do_ADBG_BeginSubCase(c,
4861 "Generate DH key %d bits - Private bits = %d",
4862 key_types[n].key_size,
4863 *key_types[n].private_bits);
4864 param_count = 0;
4865
4866 xtest_add_attr(&param_count, params,
4867 TEE_ATTR_DH_PRIME,
4868 key_types[n].p, key_types[n].p_len);
4869
4870 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4871 key_types[n].g, key_types[n].g_len);
4872
4873 if (key_types[n].private_bits != 0) {
4874 params[param_count].attributeID = TEE_ATTR_DH_X_BITS;
4875
4876 params[param_count].content.value.a =
4877 *key_types[n].private_bits;
4878
4879 params[param_count].content.value.b = 0;
4880 param_count++;
4881 }
4882
4883 if (key_types[n].subprime != 0) {
4884 xtest_add_attr(&param_count, params,
4885 TEE_ATTR_DH_SUBPRIME,
4886 key_types[n].subprime,
4887 key_types[n].subprime_len);
4888 }
4889
4890 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4891 generate_and_test_key(c, &session, TEE_TYPE_DH_KEYPAIR,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4892 *key_types[n].private_bits,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4893 key_types[n]. key_size, params, param_count)))
4894 break;
4895
4896 Do_ADBG_EndSubCase(c,
4897 "Generate DH key %d bits - Private bits = %d",
4898 key_types[n].key_size,
4899 *key_types[n].private_bits);
4900 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4901
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4902 TEEC_CloseSession(&session);
4903}
4904ADBG_CASE_DEFINE(regression, 4007_dh, xtest_tee_test_4007_dh,
4905 "Test TEE Internal API Generate DH key");
4906
4907static void xtest_tee_test_4007_dsa(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4908{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4909 TEEC_Session session = { };
4910 uint32_t ret_orig = 0;
4911 size_t n = 0;
4912 size_t param_count = 0;
4913 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4914
4915#define XTEST_DSA_GK_DATA(vect) \
4916 ARRAY(vect ## _p), \
4917 ARRAY(vect ## _g), \
4918 ARRAY(vect ## _q)
4919 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4920 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4921 uint32_t key_size;
4922 const uint8_t *prime;
4923 size_t prime_len;
4924 const uint8_t *base;
4925 size_t base_len;
4926 const uint8_t *sub_prime;
4927 size_t sub_prime_len;
4928 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4929 { 1, 1024, XTEST_DSA_GK_DATA(keygen_dsa_test1) },
4930 { 0, 512, XTEST_DSA_GK_DATA(keygen_dsa512) },
4931 { 1, 576, XTEST_DSA_GK_DATA(keygen_dsa576) },
4932 { 1, 640, XTEST_DSA_GK_DATA(keygen_dsa640) },
4933 { 1, 704, XTEST_DSA_GK_DATA(keygen_dsa704) },
4934 { 1, 768, XTEST_DSA_GK_DATA(keygen_dsa768) },
4935 { 1, 832, XTEST_DSA_GK_DATA(keygen_dsa832) },
4936 { 1, 896, XTEST_DSA_GK_DATA(keygen_dsa896) },
4937 { 1, 960, XTEST_DSA_GK_DATA(keygen_dsa960) },
4938 { 1, 1024, XTEST_DSA_GK_DATA(keygen_dsa1024) },
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4939 };
4940
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4941 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4942 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4943 &ret_orig)))
4944 return;
4945
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4946 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4947 if (key_types[n].level > level)
4948 continue;
4949
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4950 Do_ADBG_BeginSubCase(c, "Generate DSA key %d bits",
4951 key_types[n].key_size);
4952 param_count = 0;
4953
4954
4955 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_PRIME,
4956 key_types[n].prime, key_types[n].prime_len);
4957
4958 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_SUBPRIME,
4959 key_types[n].sub_prime,
4960 key_types[n].sub_prime_len);
4961
4962 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_BASE,
4963 key_types[n].base, key_types[n].base_len);
4964
4965 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4966 generate_and_test_key(c, &session, TEE_TYPE_DSA_KEYPAIR,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4967 1, key_types[n]. key_size, params,
4968 param_count)))
4969 break;
4970
4971 Do_ADBG_EndSubCase(c, "Generate DSA key %d bits",
4972 key_types[n].key_size);
4973 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4974
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4975 TEEC_CloseSession(&session);
4976}
4977ADBG_CASE_DEFINE(regression, 4007_dsa, xtest_tee_test_4007_dsa,
4978 "Test TEE Internal API Generate DSA key");
4979
4980static void xtest_tee_test_4007_ecc(ADBG_Case_t *c)
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4981{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4982 TEEC_Session session = { };
4983 uint32_t ret_orig = 0;
4984 size_t n = 0;
4985 size_t param_count = 0;
4986 TEE_Attribute params[4] = { };
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4987
4988 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4989 unsigned level;
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4990 const char *name;
4991 uint32_t algo;
4992 uint32_t curve;
4993 uint32_t key_size;
4994 } key_types[] = {
4995 /* ECDSA */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4996 { 0, "ECDSA-192", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4997 192 },
4998 { 1, "ECDSA-224", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4999 224 },
5000 { 1, "ECDSA-256", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
5001 256 },
5002 { 1, "ECDSA-384", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
5003 384 },
5004 { 1, "ECDSA-521", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
5005 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]5006
5007 /* ECDH */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]5008 { 0, "ECDH-192", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
5009 192 },
5010 { 1, "ECDH-224", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
5011 224 },
5012 { 1, "ECDH-256", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
5013 256 },
5014 { 1, "ECDH-384", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
5015 384 },
5016 { 1, "ECDH-521", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
5017 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]5018 };
5019
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]5020 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5021 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5022 &ret_orig)))
5023 return;
5024
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]5025 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]5026 if (key_types[n].level > level)
5027 continue;
5028
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]5029 Do_ADBG_BeginSubCase(c, "Generate %s", key_types[n].name);
5030 param_count = 0;
5031
5032 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5033 key_types[n].curve, 0);
5034
5035 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]5036 generate_and_test_key(c, &session, key_types[n].algo,
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]5037 0, key_types[n].key_size, params,
5038 param_count)))
5039 break;
5040
5041 Do_ADBG_EndSubCase(c, "Generate %s", key_types[n].name);
5042 }
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]5043
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5044 TEEC_CloseSession(&session);
5045}
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]5046ADBG_CASE_DEFINE(regression, 4007_ecc, xtest_tee_test_4007_ecc,
5047 "Test TEE Internal API Generate ECC key");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5048
5049static void xtest_tee_test_4008(ADBG_Case_t *c)
5050{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5051 TEEC_Session session = { };
5052 uint32_t ret_orig = 0;
5053 TEE_OperationHandle op = TEE_HANDLE_NULL;
5054 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
5055 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5056 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5057 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5058 uint8_t out[2048] = { };
5059 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5060
5061 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5062 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5063 &ret_orig)))
5064 return;
5065
5066 Do_ADBG_BeginSubCase(c, "Derive DH key success");
5067
5068 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5069 ta_crypt_cmd_allocate_operation(c, &session, &op,
5070 TEE_ALG_DH_DERIVE_SHARED_SECRET, TEE_MODE_DERIVE,
5071 derive_key_max_keysize)))
5072 goto out;
5073
5074 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5075 ta_crypt_cmd_allocate_transient_object(c, & session,
5076 TEE_TYPE_DH_KEYPAIR, derive_key_max_keysize,
5077 &key_handle)))
5078 goto out;
5079
5080 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIME,
5081 ARRAY(derive_key_dh_prime));
5082
5083 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
5084 ARRAY(derive_key_dh_base));
5085
5086 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
5087 ARRAY(derive_key_dh_public_value));
5088
5089 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIVATE_VALUE,
5090 ARRAY(derive_key_dh_private_value));
5091
5092 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5093 ta_crypt_cmd_populate_transient_object(c, &session, key_handle,
5094 params, param_count)))
5095 goto out;
5096
5097 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5098 ta_crypt_cmd_set_operation_key(c, &session, op, key_handle)))
5099 goto out;
5100
5101 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5102 ta_crypt_cmd_free_transient_object(c, & session, key_handle)))
5103 goto out;
5104
5105 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5106 ta_crypt_cmd_allocate_transient_object(c, &session,
5107 TEE_TYPE_GENERIC_SECRET, derive_key_max_keysize,
5108 &sv_handle)))
5109 goto out;
5110
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5111 /* reuse but reset params and param-count */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5112 param_count = 0;
5113
5114 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
5115 ARRAY(derive_key_dh_public_value_2));
5116
5117 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5118 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5119 param_count)))
5120 goto out;
5121
5122 out_size = sizeof(out);
5123 memset(out, 0, sizeof(out));
5124 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5125 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5126 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5127 goto out;
5128
5129 if (!ADBG_EXPECT_BUFFER(c, derive_key_dh_shared_secret,
5130 sizeof(derive_key_dh_shared_secret), out,
5131 out_size))
5132 goto out;
5133
5134 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5135 ta_crypt_cmd_free_operation(c, &session, op)))
5136 goto out;
5137
5138 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5139 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
5140 goto out;
5141out:
5142 Do_ADBG_EndSubCase(c, "Derive DH key success");
5143 TEEC_CloseSession(&session);
5144}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5145ADBG_CASE_DEFINE(regression, 4008, xtest_tee_test_4008,
5146 "Test TEE Internal API Derive key");
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5147
5148static void xtest_tee_test_4009(ADBG_Case_t *c)
5149{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5150 TEEC_Session session = { };
5151 uint32_t ret_orig = 0;
5152 TEE_OperationHandle op = TEE_HANDLE_NULL;
5153 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
5154 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5155 TEE_Attribute params[4] = { };
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5156 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5157 uint8_t out[2048] = { };
5158 size_t out_size = 0;
5159 uint32_t size_bytes = 0;
5160 uint32_t i = 0;
5161 struct derive_key_ecdh_t *pt = NULL;
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5162
5163 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5164 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5165 &ret_orig)))
5166 return;
5167
5168 for (i = 0; i < ARRAY_SIZE(derive_key_ecdh); i++) {
5169 pt = &derive_key_ecdh[i];
5170
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]5171 if (pt->level > level)
5172 continue;
5173
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5174 Do_ADBG_BeginSubCase(c, "Derive ECDH key - algo = 0x%x",
5175 pt->algo);
5176 size_bytes = (pt->keysize + 7) / 8;
5177 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5178 ta_crypt_cmd_allocate_operation(c, &session, &op,
5179 pt->algo,
5180 TEE_MODE_DERIVE, pt->keysize)))
5181 goto out;
5182
5183 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5184 ta_crypt_cmd_allocate_transient_object(c, & session,
5185 TEE_TYPE_ECDH_KEYPAIR, pt->keysize,
5186 &key_handle)))
5187 goto out;
5188
5189 param_count = 0;
5190 xtest_add_attr_value(&param_count, params,
5191 TEE_ATTR_ECC_CURVE, pt->curve, 0);
5192 xtest_add_attr(&param_count, params,
5193 TEE_ATTR_ECC_PRIVATE_VALUE,
5194 pt->private, size_bytes);
5195 /*
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]5196 * The public value is not used, but we should provide a valid
5197 * one to avoid rejection in case TEE_PopulateTransientObject()
5198 * checks for key validity.
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5199 */
5200 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]5201 TEE_ATTR_ECC_PUBLIC_VALUE_X,
5202 pt->public_x, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5203 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]5204 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5205 pt->public_y, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5206
5207 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5208 ta_crypt_cmd_populate_transient_object(c,
5209 &session,
5210 key_handle, params, param_count)))
5211 goto out;
5212
5213 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5214 ta_crypt_cmd_set_operation_key(c, &session, op,
5215 key_handle)))
5216 goto out;
5217
5218 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5219 ta_crypt_cmd_free_transient_object(c, & session,
5220 key_handle)))
5221 goto out;
5222
5223 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5224 ta_crypt_cmd_allocate_transient_object(c, &session,
5225 TEE_TYPE_GENERIC_SECRET, size_bytes * 8,
5226 &sv_handle)))
5227 goto out;
5228
5229 /* reuse but reset params and param-count */
5230 param_count = 0;
5231
5232 xtest_add_attr(&param_count, params,
5233 TEE_ATTR_ECC_PUBLIC_VALUE_X,
5234 pt->public_x, size_bytes);
5235 xtest_add_attr(&param_count, params,
5236 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5237 pt->public_y, size_bytes);
5238
5239 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5240 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
5241 params, param_count)))
5242 goto out;
5243
5244 out_size = sizeof(out);
5245 memset(out, 0, sizeof(out));
5246 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5247 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
5248 sv_handle,
5249 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5250 goto out;
5251
5252 if (!ADBG_EXPECT_BUFFER(c, pt->out, size_bytes,
5253 out, out_size))
5254 goto out;
5255
5256 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5257 ta_crypt_cmd_free_operation(c, &session, op)))
5258 goto out;
5259
5260 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5261 ta_crypt_cmd_free_transient_object(c, &session,
5262 sv_handle)))
5263 goto out;
5264
5265 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x",
5266 pt->algo);
5267 }
5268
5269 goto noerror;
5270
5271out:
5272 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x", pt->algo);
5273
5274noerror:
5275 TEEC_CloseSession(&session);
5276}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5277ADBG_CASE_DEFINE(regression, 4009, xtest_tee_test_4009,
5278 "Test TEE Internal API Derive key ECDH");
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]5279
5280static void xtest_tee_test_4010(ADBG_Case_t *c)
5281{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5282 TEEC_Session session = { };
5283 uint32_t ret_orig = 0;
5284 TEE_ObjectHandle o = TEE_HANDLE_NULL;
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]5285 static const uint8_t large_key[1024] = { 1, 2, 3, 4, 5, 6 };
5286 static const TEE_Attribute attr = {
5287 .attributeID = TEE_ATTR_SECRET_VALUE,
5288 .content.ref.buffer = (void *)large_key,
5289 .content.ref.length = sizeof(large_key),
5290 };
5291
5292 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5293 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5294 &ret_orig)))
5295 return;
5296
5297 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5298 ta_crypt_cmd_allocate_transient_object(c, &session,
5299 TEE_TYPE_HMAC_SHA256, 1024, &o)))
5300 goto out;
5301
5302 ADBG_EXPECT_TEEC_RESULT(c, TEEC_ERROR_TARGET_DEAD,
5303 ta_crypt_cmd_populate_transient_object(c, &session, o,
5304 &attr, 1));
5305
5306out:
5307 TEEC_CloseSession(&session);
5308}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5309ADBG_CASE_DEFINE(regression, 4010, xtest_tee_test_4010,
5310 "Test TEE Internal API create transient object (negative)");
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5311
5312static void xtest_tee_test_4011(ADBG_Case_t *c)
5313{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5314 TEEC_Session s = { };
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5315 size_t key_size = 512;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5316 TEE_ObjectHandle key = TEE_HANDLE_NULL;
5317 TEE_OperationHandle ops = TEE_HANDLE_NULL;
5318 TEE_OperationHandle opv = TEE_HANDLE_NULL;
5319 TEE_OperationHandle ope = TEE_HANDLE_NULL;
5320 TEE_OperationHandle opd = TEE_HANDLE_NULL;
5321 uint32_t ret_orig = 0;
5322 uint8_t in[TEE_SHA1_HASH_SIZE] = { };
5323 uint8_t out[1024] = { };
5324 uint8_t tmp[1024] = { };
5325 size_t out_size = 0;
5326 size_t tmp_size = 0;
5327 size_t n = 0;
5328 size_t m = 0;
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5329 size_t i = 0;
5330
5331 /* Setup session, initialize message to sign, create a keypair */
5332 if (!ADBG_EXPECT_TEEC_SUCCESS(c, xtest_teec_open_session(&s,
5333 &crypt_user_ta_uuid, NULL, &ret_orig)))
5334 return;
5335 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_random_number_generate(c,
5336 &s, in, sizeof(in))))
5337 goto out;
5338 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_transient_object(
5339 c, &s, TEE_TYPE_RSA_KEYPAIR, key_size, &key)))
5340 goto out;
5341 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_generate_key(c, &s,
5342 key, key_size, NULL, 0)))
5343 goto out;
5344
5345 /* Allocate operations for sign, verify, encrypt and decrypt */
5346 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5347 &ops, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
5348 key_size)))
5349 goto out;
5350 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5351 &opv, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
5352 key_size)))
5353 goto out;
5354 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5355 &ope, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT, key_size)))
5356 goto out;
5357 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5358 &opd, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT, key_size)))
5359 goto out;
5360
5361 /* Assign the keypair to all operations */
5362 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5363 ta_crypt_cmd_set_operation_key(c, &s, ops, key)))
5364 goto out;
5365 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5366 ta_crypt_cmd_set_operation_key(c, &s, opv, key)))
5367 goto out;
5368 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5369 ta_crypt_cmd_set_operation_key(c, &s, ope, key)))
5370 goto out;
5371 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5372 ta_crypt_cmd_set_operation_key(c, &s, opd, key)))
5373 goto out;
5374
5375 /*
5376 * The core of the test case is inspired by the one in libtomcrypt:
5377 * https://github.com/libtom/libtomcrypt/blob/6ad52252688bb34f90b5e79da4830a927e87b81f/testprof/rsa_test.c#L398
5378 *
5379 * Testcase for Bleichenbacher attack
5380 *
5381 * (1) Create a valid signature
5382 * (2) Check that it can be verified
5383 * (3) Transform the package to fetch plain text (using the encrypt
5384 * operation in GP TEE Internal API)
5385 * (4) Forge the structure of PKCS#1-EMSA encoded data
5386 * (4.1) Search for start and end of the padding string
5387 * (4.2) Move the signature to the front of the padding string
5388 * (4.3) Zero the message until the end
5389 * (5) Transform the package back (using the decrypt operation in
5390 * GP TEE Internal API)
5391 * (6) The result should not be valid if the implementation is robust.
5392 */
5393
5394
5395 for (i = 0; i < 9; i++) {
5396 Do_ADBG_Log("Iteration %zu", i);
5397
5398 /* 1 */
5399 out_size = sizeof(out);
5400 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5401 ta_crypt_cmd_asymmetric_sign(c, &s, ops, NULL, 0,
5402 in, sizeof(in), out, &out_size)))
5403 goto out;
5404
5405 /* 2 */
5406 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5407 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5408 in, sizeof(in), out, out_size)))
5409 goto out;
5410
5411 /* 3 */
5412 tmp_size = sizeof(tmp);
5413 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5414 ta_crypt_cmd_asymmetric_encrypt(c, &s, ope, NULL, 0,
5415 out, out_size, tmp, &tmp_size)))
5416 goto out;
5417
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5418 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, tmp_size, <=, sizeof(tmp)))
5419 goto out;
5420
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5421 /* 4.1 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5422 for (n = 0; n < tmp_size - i; n++)
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5423 if (tmp[n] == 0xff)
5424 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5425
5426 /* Shall find at least a padding start before buffer end */
5427 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <, tmp_size - i - 1))
5428 goto out;
5429
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5430 for (m = n + 1; m < tmp_size; m++)
5431 if (tmp[m] != 0xff)
5432 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5433
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5434 /* 4.2 */
5435 memmove(tmp + n + i, tmp + m, tmp_size - m);
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5436
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5437 /* 4.3 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5438 n = n + i + tmp_size - m;
5439 memset(tmp + n, 0, tmp_size - n);
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5440
5441 /* 5 */
5442 out_size = sizeof(out);
5443 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5444 ta_crypt_cmd_asymmetric_decrypt(c, &s, opd, NULL, 0,
5445 tmp, tmp_size, out, &out_size)))
5446 goto out;
5447
5448 /* 6 */
5449 if (!ADBG_EXPECT_TEEC_RESULT(c, TEE_ERROR_SIGNATURE_INVALID,
5450 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5451 in, sizeof(in), out, out_size)))
5452 goto out;
5453 }
5454
5455out:
5456 TEEC_CloseSession(&s);
5457}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5458ADBG_CASE_DEFINE(regression, 4011, xtest_tee_test_4011,
5459 "Test TEE Internal API Bleichenbacher attack (negative)");
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5460
5461#ifdef CFG_SYSTEM_PTA
5462static void xtest_tee_test_4012(ADBG_Case_t *c)
5463{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5464 TEEC_Session session = { };
5465 uint32_t ret_orig = 0;
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5466 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5467 /* Fortuna PRNG requires seed <= 32 bytes */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5468 uint8_t pool_input[32] = { };
5469 time_t t = 0;
5470 struct tm tm_local = { };
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5471
5472 t = time(NULL);
5473 tm_local = *localtime(&t);
5474
5475 memcpy((void *)pool_input, (void *)&tm_local,
5476 sizeof(pool_input) < sizeof(tm_local) ?
5477 sizeof(pool_input) : sizeof(tm_local));
5478
5479
5480 op.params[0].tmpref.buffer = pool_input;
5481 op.params[0].tmpref.size = sizeof(pool_input);
5482 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5483 TEEC_NONE,
5484 TEEC_NONE,
5485 TEEC_NONE);
5486 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5487 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5488 &ret_orig)))
5489 return;
5490
5491 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5492 TEEC_InvokeCommand(&session,
5493 TA_CRYPT_CMD_SEED_RNG_POOL,
5494 &op,
5495 &ret_orig));
5496 TEEC_CloseSession(&session);
5497}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5498ADBG_CASE_DEFINE(regression, 4012, xtest_tee_test_4012,
5499 "Test seeding RNG entropy");
Joakim Bech83a30ca2019-05-29 11:22:27 +0200[diff] [blame]5500
5501static void xtest_tee_test_4013(ADBG_Case_t *c)
5502{
5503 TEEC_Session session = { };
5504 uint32_t ret_orig = 0;
5505 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5506 uint8_t key[32] = { };
5507 uint8_t extra_data[32] = { };
5508
5509 op.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE,
5510 TEEC_NONE,
5511 TEEC_NONE,
5512 TEEC_NONE);
5513 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5514 xtest_teec_open_session(&session, &crypt_user_ta_uuid,
5515 NULL, &ret_orig)))
5516 return;
5517
5518 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5519 TEEC_InvokeCommand(&session,
5520 TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY,
5521 &op,
5522 &ret_orig));
5523
5524 /* Negative test using non-secure memory */
5525 memset(&op, 0, sizeof(op));
5526 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5527 TEEC_MEMREF_TEMP_OUTPUT,
5528 TEEC_NONE,
5529 TEEC_NONE);
5530
5531 op.params[0].tmpref.buffer = extra_data;
5532 op.params[0].tmpref.size = sizeof(extra_data);
5533 op.params[1].tmpref.buffer = key;
5534 op.params[1].tmpref.size = sizeof(key);
5535 (void)ADBG_EXPECT_TEEC_RESULT(c,
5536 TEEC_ERROR_SECURITY,
5537 TEEC_InvokeCommand(&session,
5538 TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY_SHM,
5539 &op,
5540 &ret_orig));
5541
5542 TEEC_CloseSession(&session);
5543}
5544ADBG_CASE_DEFINE(regression, 4013, xtest_tee_test_4013,
5545 "Test generation of device unique TA keys");
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame^]5546
5547static void xtest_tee_test_4014(ADBG_Case_t *c)
5548{
5549 TEEC_Session session = { };
5550 uint32_t ret_orig = 0;
5551 TEE_OperationHandle op = TEE_HANDLE_NULL;
5552 TEE_ObjectHandle keyA = TEE_HANDLE_NULL;
5553 TEE_ObjectHandle eph_keyA = TEE_HANDLE_NULL;
5554 TEE_ObjectHandle keyB = TEE_HANDLE_NULL;
5555 TEE_ObjectHandle eph_keyB = TEE_HANDLE_NULL;
5556 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5557 TEE_Attribute params[9] = { };
5558 size_t param_count = 0;
5559 uint8_t out[128] = { };
5560 size_t out_size = 0;
5561 uint8_t conf_A[32] = { };
5562 uint8_t conf_B[32] = { };
5563
5564 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5565 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5566 &ret_orig)))
5567 return;
5568
5569 if (!ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_SM2_KEP,
5570 TEE_ECC_CURVE_SM2)) {
5571 Do_ADBG_Log("SM2 KEP not supported: skip subcase");
5572 goto out;
5573 }
5574
5575 Do_ADBG_BeginSubCase(c, "Initiator side");
5576
5577 /*
5578 * Key exchange protocol running on user A's side. A is initiator.
5579 */
5580
5581 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5582 ta_crypt_cmd_allocate_operation(c, &session, &op,
5583 TEE_ALG_SM2_KEP, TEE_MODE_DERIVE, 512)))
5584 goto out;
5585
5586 /* Allocate and initialize keypair of user A */
5587
5588 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5589 ta_crypt_cmd_allocate_transient_object(c, &session,
5590 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &keyA)))
5591 goto out;
5592
5593 param_count = 0;
5594
5595 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5596 TEE_ECC_CURVE_SM2, 0);
5597
5598 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5599 ARRAY(gmt_003_part5_b2_public_xA));
5600
5601 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5602 ARRAY(gmt_003_part5_b2_public_yA));
5603
5604 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5605 ARRAY(gmt_003_part5_b2_private_A));
5606
5607 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5608 ta_crypt_cmd_populate_transient_object(c, &session, keyA,
5609 params, param_count)))
5610 goto out;
5611
5612 /*
5613 * Allocate and set ephemeral key of user A. Note: it is a regular ECC
5614 * key -- we don't use the *_EPHEMERAL_* attributes flags which are
5615 * reserved for use in TEE_DeriveKey() to pass the ephermeral key of
5616 * user B.
5617 */
5618
5619 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5620 ta_crypt_cmd_allocate_transient_object(c, &session,
5621 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &eph_keyA)))
5622 goto out;
5623
5624 param_count = 0;
5625
5626 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5627 TEE_ECC_CURVE_SM2, 0);
5628
5629 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5630 ARRAY(gmt_003_part5_b2_eph_public_xA));
5631
5632 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5633 ARRAY(gmt_003_part5_b2_eph_public_yA));
5634
5635 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5636 ARRAY(gmt_003_part5_b2_eph_private_A));
5637
5638 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5639 ta_crypt_cmd_populate_transient_object(c, &session, eph_keyA,
5640 params, param_count)))
5641 goto out;
5642
5643 /* Associate user A keys with operation */
5644
5645 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5646 ta_crypt_cmd_set_operation_key2(c, &session, op, keyA,
5647 eph_keyA)))
5648 goto out;
5649
5650 /* Keys have been set, free key objects */
5651
5652 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5653 ta_crypt_cmd_free_transient_object(c, &session, keyA)))
5654 goto out;
5655
5656 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5657 ta_crypt_cmd_free_transient_object(c, &session, eph_keyA)))
5658 goto out;
5659
5660 /* Allocate output object */
5661
5662 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5663 ta_crypt_cmd_allocate_transient_object(c, &session,
5664 TEE_TYPE_GENERIC_SECRET,
5665 sizeof(gmt_003_part5_b2_shared_secret),
5666 &sv_handle)))
5667 goto out;
5668
5669 /* Set key derivation parameters: user A role, user B information */
5670
5671 params[0].attributeID = TEE_ATTR_SM2_KEP_USER;
5672 params[0].content.value.a = 0; /* Initiator role */
5673 params[0].content.value.b = 0; /* Not used */
5674 param_count = 1;
5675
5676 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5677 ARRAY(gmt_003_part5_b2_public_xB));
5678
5679 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5680 ARRAY(gmt_003_part5_b2_public_yB));
5681
5682 xtest_add_attr(&param_count, params,
5683 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X,
5684 ARRAY(gmt_003_part5_b2_eph_public_xB));
5685
5686 xtest_add_attr(&param_count, params,
5687 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y,
5688 ARRAY(gmt_003_part5_b2_eph_public_yB));
5689
5690 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_INITIATOR,
5691 ARRAY(gmt_003_part5_b2_id_A));
5692
5693 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_RESPONDER,
5694 ARRAY(gmt_003_part5_b2_id_B));
5695
5696 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_IN,
5697 ARRAY(gmt_003_part5_b2_conf_B));
5698
5699 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_OUT,
5700 ARRAY(conf_A));
5701
5702 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5703 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5704 param_count)))
5705 goto out;
5706
5707 out_size = sizeof(out);
5708 memset(out, 0, sizeof(out));
5709 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5710 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5711 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5712 goto out;
5713
5714 /* Check derived key */
5715 if (!ADBG_EXPECT_BUFFER(c, gmt_003_part5_b2_shared_secret,
5716 sizeof(gmt_003_part5_b2_shared_secret), out,
5717 out_size))
5718 goto out;
5719
5720 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5721 ta_crypt_cmd_free_operation(c, &session, op)))
5722 goto out;
5723
5724 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5725 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
5726 goto out;
5727
5728 Do_ADBG_EndSubCase(c, "Initiator side");
5729
5730 Do_ADBG_BeginSubCase(c, "Responder side");
5731
5732 /*
5733 * Key derivation on user B's side
5734 */
5735
5736 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5737 ta_crypt_cmd_allocate_operation(c, &session, &op,
5738 TEE_ALG_SM2_KEP, TEE_MODE_DERIVE, 512)))
5739 goto out;
5740
5741 /* Allocate and initialize keypair of user B */
5742
5743 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5744 ta_crypt_cmd_allocate_transient_object(c, &session,
5745 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &keyB)))
5746 goto out;
5747
5748 param_count = 0;
5749
5750 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5751 TEE_ECC_CURVE_SM2, 0);
5752
5753 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5754 ARRAY(gmt_003_part5_b2_public_xB));
5755
5756 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5757 ARRAY(gmt_003_part5_b2_public_yB));
5758
5759 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5760 ARRAY(gmt_003_part5_b2_private_B));
5761
5762 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5763 ta_crypt_cmd_populate_transient_object(c, &session, keyB,
5764 params, param_count)))
5765 goto out;
5766
5767 /* Allocate and set ephemeral key of user B */
5768
5769 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5770 ta_crypt_cmd_allocate_transient_object(c, &session,
5771 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &eph_keyB)))
5772 goto out;
5773
5774 param_count = 0;
5775
5776 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5777 TEE_ECC_CURVE_SM2, 0);
5778
5779 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5780 ARRAY(gmt_003_part5_b2_eph_public_xB));
5781
5782 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5783 ARRAY(gmt_003_part5_b2_eph_public_yB));
5784
5785 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5786 ARRAY(gmt_003_part5_b2_eph_private_B));
5787
5788 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5789 ta_crypt_cmd_populate_transient_object(c, &session, eph_keyB,
5790 params, param_count)))
5791 goto out;
5792
5793 /* Associate user B keys with operation */
5794
5795 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5796 ta_crypt_cmd_set_operation_key2(c, &session, op, keyB,
5797 eph_keyB)))
5798 goto out;
5799
5800 /* Keys have been set, free key objects */
5801
5802 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5803 ta_crypt_cmd_free_transient_object(c, &session, keyB)))
5804 goto out;
5805
5806 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5807 ta_crypt_cmd_free_transient_object(c, &session, eph_keyB)))
5808 goto out;
5809
5810 /* Allocate output object */
5811
5812 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5813 ta_crypt_cmd_allocate_transient_object(c, &session,
5814 TEE_TYPE_GENERIC_SECRET,
5815 sizeof(gmt_003_part5_b2_shared_secret),
5816 &sv_handle)))
5817 goto out;
5818
5819 /* Set key derivation parameters: user B role, user A information */
5820
5821 params[0].attributeID = TEE_ATTR_SM2_KEP_USER;
5822 params[0].content.value.a = 1; /* Responder role */
5823 params[0].content.value.b = 0; /* Not used */
5824 param_count = 1;
5825
5826 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5827 ARRAY(gmt_003_part5_b2_public_xA));
5828
5829 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5830 ARRAY(gmt_003_part5_b2_public_yA));
5831
5832 xtest_add_attr(&param_count, params,
5833 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X,
5834 ARRAY(gmt_003_part5_b2_eph_public_xA));
5835
5836 xtest_add_attr(&param_count, params,
5837 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y,
5838 ARRAY(gmt_003_part5_b2_eph_public_yA));
5839
5840 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_INITIATOR,
5841 ARRAY(gmt_003_part5_b2_id_A));
5842
5843 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_RESPONDER,
5844 ARRAY(gmt_003_part5_b2_id_B));
5845
5846 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_IN,
5847 ARRAY(gmt_003_part5_b2_conf_A));
5848
5849 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_OUT,
5850 ARRAY(conf_B));
5851
5852 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5853 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5854 param_count)))
5855 goto out;
5856
5857 out_size = sizeof(out);
5858 memset(out, 0, sizeof(out));
5859 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5860 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5861 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5862 goto out;
5863
5864 /* Check derived key */
5865 if (!ADBG_EXPECT_BUFFER(c, gmt_003_part5_b2_shared_secret,
5866 sizeof(gmt_003_part5_b2_shared_secret), out,
5867 out_size))
5868 goto out;
5869
5870 Do_ADBG_EndSubCase(c, "Responder side");
5871
5872out:
5873 TEEC_CloseSession(&session);
5874}
5875ADBG_CASE_DEFINE(regression, 4014, xtest_tee_test_4014,
5876 "Test SM2 KEP (key derivation)");
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5877#endif /*CFG_SYSTEM_PTA*/