TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / fc1bbc32e2676e8536e237d6722c3998d9996d97 / . / host / xtest / regression_4000.c
blob: ebc9bae20f54b9d19c469ffc139a7308c810676f [file] [log] [blame]
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1/*
2 * Copyright (c) 2014, STMicroelectronics International N.V.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License Version 2 as
6 * published by the Free Software Foundation.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 */
13
14#include <stdio.h>
15#include <string.h>
16#include <inttypes.h>
17#include <malloc.h>
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]18#include <time.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]19
20#include "xtest_test.h"
21#include "xtest_helpers.h"
22
23#include <tee_api_types.h>
24#include <ta_crypt.h>
25#include <utee_defines.h>
26#include <util.h>
27
Jerome Forissier213ca8a2017-03-31 11:27:56 +0200[diff] [blame]28#include <regression_4000_data.h>
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]29#include <nist/186-2ecdsatestvectors.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]30
31#include <assert.h>
32
33static void xtest_tee_test_4001(ADBG_Case_t *Case_p);
34static void xtest_tee_test_4002(ADBG_Case_t *Case_p);
Jerome Forissier23256842018-02-16 09:25:35 +0100[diff] [blame]35static void xtest_tee_test_4003(ADBG_Case_t *Case_p);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]36static void xtest_tee_test_4004(ADBG_Case_t *Case_p);
37static void xtest_tee_test_4005(ADBG_Case_t *Case_p);
38static void xtest_tee_test_4006(ADBG_Case_t *Case_p);
39static void xtest_tee_test_4007(ADBG_Case_t *Case_p);
40static void xtest_tee_test_4008(ADBG_Case_t *Case_p);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]41static void xtest_tee_test_4009(ADBG_Case_t *Case_p);
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]42static void xtest_tee_test_4010(ADBG_Case_t *Case_p);
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]43static void xtest_tee_test_4011(ADBG_Case_t *Case_p);
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]44#ifdef CFG_SYSTEM_PTA
45static void xtest_tee_test_4012(ADBG_Case_t *Case_p);
46#endif
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]47
Jens Wiklander74abfe32017-01-03 14:17:47 +0100[diff] [blame]48ADBG_CASE_DEFINE(regression, 4001, xtest_tee_test_4001,
Jens Wiklander25a57fe2016-12-26 21:46:24 +0100[diff] [blame]49 "Test TEE Internal API hash operations");
Jens Wiklander74abfe32017-01-03 14:17:47 +0100[diff] [blame]50ADBG_CASE_DEFINE(regression, 4002, xtest_tee_test_4002,
Jens Wiklander25a57fe2016-12-26 21:46:24 +0100[diff] [blame]51 "Test TEE Internal API MAC operations");
Jerome Forissier23256842018-02-16 09:25:35 +0100[diff] [blame]52ADBG_CASE_DEFINE(regression, 4003, xtest_tee_test_4003,
53 "Test TEE Internal API cipher operations");
Jens Wiklander74abfe32017-01-03 14:17:47 +0100[diff] [blame]54ADBG_CASE_DEFINE(regression, 4004, xtest_tee_test_4004,
Jens Wiklander25a57fe2016-12-26 21:46:24 +0100[diff] [blame]55 "Test TEE Internal API get random");
Jens Wiklander74abfe32017-01-03 14:17:47 +0100[diff] [blame]56ADBG_CASE_DEFINE(regression, 4005, xtest_tee_test_4005,
Jens Wiklander25a57fe2016-12-26 21:46:24 +0100[diff] [blame]57 "Test TEE Internal API Authenticated Encryption operations");
Jens Wiklander74abfe32017-01-03 14:17:47 +0100[diff] [blame]58ADBG_CASE_DEFINE(regression, 4006, xtest_tee_test_4006,
Jens Wiklander25a57fe2016-12-26 21:46:24 +0100[diff] [blame]59 "Test TEE Internal API Asymmetric Cipher operations");
Jens Wiklander74abfe32017-01-03 14:17:47 +0100[diff] [blame]60ADBG_CASE_DEFINE(regression, 4007, xtest_tee_test_4007,
Jens Wiklander25a57fe2016-12-26 21:46:24 +0100[diff] [blame]61 "Test TEE Internal API Generate key");
Jens Wiklander74abfe32017-01-03 14:17:47 +0100[diff] [blame]62ADBG_CASE_DEFINE(regression, 4008, xtest_tee_test_4008,
Jens Wiklander25a57fe2016-12-26 21:46:24 +0100[diff] [blame]63 "Test TEE Internal API Derive key");
Jens Wiklander74abfe32017-01-03 14:17:47 +0100[diff] [blame]64ADBG_CASE_DEFINE(regression, 4009, xtest_tee_test_4009,
Jens Wiklander25a57fe2016-12-26 21:46:24 +0100[diff] [blame]65 "Test TEE Internal API Derive key ECDH");
Jens Wiklander74abfe32017-01-03 14:17:47 +0100[diff] [blame]66ADBG_CASE_DEFINE(regression, 4010, xtest_tee_test_4010,
Jens Wiklander25a57fe2016-12-26 21:46:24 +0100[diff] [blame]67 "Test TEE Internal API create transient object (negative)");
Jens Wiklander74abfe32017-01-03 14:17:47 +0100[diff] [blame]68ADBG_CASE_DEFINE(regression, 4011, xtest_tee_test_4011,
Jens Wiklander25a57fe2016-12-26 21:46:24 +0100[diff] [blame]69 "Test TEE Internal API Bleichenbacher attack (negative)");
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]70#ifdef CFG_SYSTEM_PTA
71ADBG_CASE_DEFINE(regression, 4012, xtest_tee_test_4012,
72 "Test seeding RNG entropy");
73#endif
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]74
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]75static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
76 TEEC_Session *s,
77 void *buf, size_t blen);
78
79static TEEC_Result ta_crypt_cmd_reset_operation(ADBG_Case_t *c, TEEC_Session *s,
80 TEE_OperationHandle oph)
81{
82 TEEC_Result res;
83 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
84 uint32_t ret_orig;
85
86 assert((uintptr_t)oph <= UINT32_MAX);
87 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
88 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
89 TEEC_NONE);
90 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RESET_OPERATION, &op,
91 &ret_orig);
92 if (res != TEEC_SUCCESS) {
93 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
94 ret_orig);
95 }
96 return res;
97}
98
99static TEEC_Result ta_crypt_cmd_copy_operation(ADBG_Case_t *c,
100 TEEC_Session *s,
101 TEE_OperationHandle dst_oph,
102 TEE_OperationHandle src_oph)
103{
104 TEEC_Result res;
105 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
106 uint32_t ret_orig;
107
108 assert((uintptr_t)dst_oph <= UINT32_MAX);
109 op.params[0].value.a = (uint32_t)(uintptr_t)dst_oph;
110
111 assert((uintptr_t)src_oph <= UINT32_MAX);
112 op.params[0].value.b = (uint32_t)(uintptr_t)src_oph;
113 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
114 TEEC_NONE);
115
116 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_COPY_OPERATION, &op,
117 &ret_orig);
118
119 if (res != TEEC_SUCCESS) {
120 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
121 ret_orig);
122 }
123 return res;
124}
125
126static TEEC_Result ta_crypt_cmd_digest_update(ADBG_Case_t *c, TEEC_Session *s,
127 TEE_OperationHandle oph,
128 const void *chunk,
129 size_t chunk_size)
130{
131 TEEC_Result res;
132 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
133 uint32_t ret_orig;
134
135 assert((uintptr_t)oph <= UINT32_MAX);
136 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
137 op.params[1].tmpref.buffer = (void *)chunk;
138 op.params[1].tmpref.size = chunk_size;
139
140 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
141 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
142 TEEC_NONE);
143
144 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_UPDATE, &op, &ret_orig);
145
146 if (res != TEEC_SUCCESS) {
147 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
148 ret_orig);
149 }
150
151 return res;
152}
153
154static TEEC_Result ta_crypt_cmd_digest_do_final(ADBG_Case_t *c, TEEC_Session *s,
155 TEE_OperationHandle oph,
156 const void *chunk,
157 size_t chunk_len, void *hash,
158 size_t *hash_len)
159{
160 TEEC_Result res;
161 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
162 uint32_t ret_orig;
163
164 assert((uintptr_t)oph <= UINT32_MAX);
165 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
166
167 op.params[1].tmpref.buffer = (void *)chunk;
168 op.params[1].tmpref.size = chunk_len;
169
170 op.params[2].tmpref.buffer = (void *)hash;
171 op.params[2].tmpref.size = *hash_len;
172
173 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
174 TEEC_MEMREF_TEMP_INPUT,
175 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
176
177 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_DO_FINAL, &op,
178 &ret_orig);
179
180 if (res != TEEC_SUCCESS) {
181 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
182 ret_orig);
183 }
184
185 if (res == TEEC_SUCCESS)
186 *hash_len = op.params[2].tmpref.size;
187
188 return res;
189}
190
191static TEE_Result ta_crypt_cmd_set_operation_key2(ADBG_Case_t *c,
192 TEEC_Session *s,
193 TEE_OperationHandle oph,
194 TEE_ObjectHandle key1,
195 TEE_ObjectHandle key2)
196{
197 TEEC_Result res;
198 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
199 uint32_t ret_orig;
200
201 assert((uintptr_t)oph <= UINT32_MAX);
202 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
203
204 assert((uintptr_t)key1 <= UINT32_MAX);
205 op.params[0].value.b = (uint32_t)(uintptr_t)key1;
206
207 assert((uintptr_t)key2 <= UINT32_MAX);
208 op.params[1].value.a = (uint32_t)(uintptr_t)key2;
209 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_INPUT,
210 TEEC_NONE, TEEC_NONE);
211
212 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_SET_OPERATION_KEY2, &op,
213 &ret_orig);
214
215 if (res != TEEC_SUCCESS) {
216 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
217 ret_orig);
218 }
219
220 return res;
221}
222
223static TEEC_Result ta_crypt_cmd_mac_init(ADBG_Case_t *c, TEEC_Session *s,
224 TEE_OperationHandle oph,
225 const void *iv, size_t iv_len)
226{
227 TEEC_Result res;
228 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
229 uint32_t ret_orig;
230
231 assert((uintptr_t)oph <= UINT32_MAX);
232 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
233
234 if (iv != NULL) {
235 op.params[1].tmpref.buffer = (void *)iv;
236 op.params[1].tmpref.size = iv_len;
237 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
238 TEEC_MEMREF_TEMP_INPUT,
239 TEEC_NONE, TEEC_NONE);
240 } else {
241 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
242 TEEC_NONE, TEEC_NONE);
243 }
244
245 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_INIT, &op, &ret_orig);
246
247 if (res != TEEC_SUCCESS) {
248 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
249 ret_orig);
250 }
251
252 return res;
253}
254
255static TEEC_Result ta_crypt_cmd_mac_update(ADBG_Case_t *c, TEEC_Session *s,
256 TEE_OperationHandle oph,
257 const void *chunk, size_t chunk_size)
258{
259 TEEC_Result res;
260 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
261 uint32_t ret_orig;
262
263 assert((uintptr_t)oph <= UINT32_MAX);
264 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
265
266 op.params[1].tmpref.buffer = (void *)chunk;
267 op.params[1].tmpref.size = chunk_size;
268
269 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
270 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
271 TEEC_NONE);
272
273 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_UPDATE, &op, &ret_orig);
274
275 if (res != TEEC_SUCCESS) {
276 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
277 ret_orig);
278 }
279
280 return res;
281}
282
283static TEEC_Result ta_crypt_cmd_mac_final_compute(ADBG_Case_t *c,
284 TEEC_Session *s,
285 TEE_OperationHandle oph,
286 const void *chunk,
287 size_t chunk_len,
288 void *hash,
289 size_t *hash_len)
290{
291 TEEC_Result res;
292 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
293 uint32_t ret_orig;
294
295 assert((uintptr_t)oph <= UINT32_MAX);
296 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
297
298 op.params[1].tmpref.buffer = (void *)chunk;
299 op.params[1].tmpref.size = chunk_len;
300
301 op.params[2].tmpref.buffer = (void *)hash;
302 op.params[2].tmpref.size = *hash_len;
303
304 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
305 TEEC_MEMREF_TEMP_INPUT,
306 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
307
308 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPUTE, &op,
309 &ret_orig);
310
311 if (res != TEEC_SUCCESS) {
312 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
313 ret_orig);
314 }
315
316 if (res == TEEC_SUCCESS)
317 *hash_len = op.params[2].tmpref.size;
318
319 return res;
320}
321
322static TEEC_Result ta_crypt_cmd_cipher_init(ADBG_Case_t *c, TEEC_Session *s,
323 TEE_OperationHandle oph,
324 const void *iv, size_t iv_len)
325{
326 TEEC_Result res;
327 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
328 uint32_t ret_orig;
329
330 assert((uintptr_t)oph <= UINT32_MAX);
331 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
332
333 if (iv != NULL) {
334 op.params[1].tmpref.buffer = (void *)iv;
335 op.params[1].tmpref.size = iv_len;
336
337 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
338 TEEC_MEMREF_TEMP_INPUT,
339 TEEC_NONE, TEEC_NONE);
340 } else {
341 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
342 TEEC_NONE, TEEC_NONE);
343 }
344
345 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_INIT, &op, &ret_orig);
346
347 if (res != TEEC_SUCCESS) {
348 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
349 ret_orig);
350 }
351
352 return res;
353}
354
355static TEEC_Result ta_crypt_cmd_cipher_update(ADBG_Case_t *c, TEEC_Session *s,
356 TEE_OperationHandle oph,
357 const void *src, size_t src_len,
358 void *dst, size_t *dst_len)
359{
360 TEEC_Result res;
361 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
362 uint32_t ret_orig;
363
364 assert((uintptr_t)oph <= UINT32_MAX);
365 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
366
367 op.params[1].tmpref.buffer = (void *)src;
368 op.params[1].tmpref.size = src_len;
369
370 op.params[2].tmpref.buffer = dst;
371 op.params[2].tmpref.size = *dst_len;
372
373 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
374 TEEC_MEMREF_TEMP_INPUT,
375 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
376
377 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_UPDATE, &op, &ret_orig);
378
379 if (res != TEEC_SUCCESS) {
380 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
381 ret_orig);
382 }
383
384 if (res == TEEC_SUCCESS)
385 *dst_len = op.params[2].tmpref.size;
386
387 return res;
388}
389
390static TEEC_Result ta_crypt_cmd_cipher_do_final(ADBG_Case_t *c,
391 TEEC_Session *s,
392 TEE_OperationHandle oph,
393 const void *src,
394 size_t src_len,
395 void *dst,
396 size_t *dst_len)
397{
398 TEEC_Result res;
399 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
400 uint32_t ret_orig;
401
402 assert((uintptr_t)oph <= UINT32_MAX);
403 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
404
405 op.params[1].tmpref.buffer = (void *)src;
406 op.params[1].tmpref.size = src_len;
407
408 op.params[2].tmpref.buffer = (void *)dst;
409 op.params[2].tmpref.size = *dst_len;
410
411 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
412 TEEC_MEMREF_TEMP_INPUT,
413 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
414
415 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_DO_FINAL, &op,
416 &ret_orig);
417
418 if (res != TEEC_SUCCESS) {
419 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
420 ret_orig);
421 }
422
423 if (res == TEEC_SUCCESS)
424 *dst_len = op.params[2].tmpref.size;
425
426 return res;
427}
428
429static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
430 TEEC_Session *s,
431 void *buf,
432 size_t blen)
433{
434 TEEC_Result res;
435 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
436 uint32_t ret_orig;
437
438 op.params[0].tmpref.buffer = buf;
439 op.params[0].tmpref.size = blen;
440
441 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE,
442 TEEC_NONE, TEEC_NONE);
443
444 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RANDOM_NUMBER_GENEREATE, &op,
445 &ret_orig);
446
447 if (res != TEEC_SUCCESS) {
448 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
449 ret_orig);
450 }
451
452 (void)ADBG_EXPECT_COMPARE_UNSIGNED(c, blen, ==,
453 op.params[0].tmpref.size);
454 return res;
455}
456
457static TEEC_Result ta_crypt_cmd_ae_init(ADBG_Case_t *c, TEEC_Session *s,
458 TEE_OperationHandle oph,
459 const void *nonce, size_t nonce_len,
460 size_t tag_len, size_t aad_len,
461 size_t payload_len)
462{
463 TEEC_Result res;
464 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
465 uint32_t ret_orig;
466
467 assert((uintptr_t)oph <= UINT32_MAX);
468 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
469 op.params[0].value.b = tag_len;
470
471 op.params[1].tmpref.buffer = (void *)nonce;
472 op.params[1].tmpref.size = nonce_len;
473
474 op.params[2].value.a = aad_len;
475 op.params[2].value.b = payload_len;
476
477 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
478 TEEC_MEMREF_TEMP_INPUT,
Jens Wiklander74a42302015-07-07 01:08:41 +0200[diff] [blame]479 TEEC_VALUE_INPUT, TEEC_NONE);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]480
481 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_INIT, &op, &ret_orig);
482
483 if (res != TEEC_SUCCESS) {
484 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
485 ret_orig);
486 }
487 return res;
488}
489
490static TEEC_Result ta_crypt_cmd_ae_update_aad(ADBG_Case_t *c, TEEC_Session *s,
491 TEE_OperationHandle oph,
492 const void *aad, size_t aad_len)
493{
494 TEEC_Result res;
495 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
496 uint32_t ret_orig;
497
498 assert((uintptr_t)oph <= UINT32_MAX);
499 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
500
501 op.params[1].tmpref.buffer = (void *)aad;
502 op.params[1].tmpref.size = aad_len;
503
504 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
505 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
506 TEEC_NONE);
507
508 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE_AAD, &op, &ret_orig);
509
510 if (res != TEEC_SUCCESS) {
511 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
512 ret_orig);
513 }
514
515 return res;
516}
517
518static TEEC_Result ta_crypt_cmd_ae_update(ADBG_Case_t *c,
519 TEEC_Session *s,
520 TEE_OperationHandle oph,
521 const void *src,
522 size_t src_len,
523 void *dst,
524 size_t *dst_len)
525{
526 TEEC_Result res;
527 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
528 uint32_t ret_orig;
529
530 assert((uintptr_t)oph <= UINT32_MAX);
531 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
532
533 op.params[1].tmpref.buffer = (void *)src;
534 op.params[1].tmpref.size = src_len;
535
536 op.params[2].tmpref.buffer = (void *)dst;
537 op.params[2].tmpref.size = *dst_len;
538
539 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
540 TEEC_MEMREF_TEMP_INPUT,
541 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
542
543 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE, &op, &ret_orig);
544
545 if (res != TEEC_SUCCESS) {
546 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
547 ret_orig);
548 }
549
550 if (res == TEEC_SUCCESS)
551 *dst_len = op.params[2].tmpref.size;
552
553 return res;
554}
555
556static TEEC_Result ta_crypt_cmd_ae_encrypt_final(ADBG_Case_t *c,
557 TEEC_Session *s,
558 TEE_OperationHandle oph,
559 const void *src,
560 size_t src_len, void *dst,
561 size_t *dst_len, void *tag,
562 size_t *tag_len)
563{
564 TEEC_Result res;
565 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
566 uint32_t ret_orig;
567
568 assert((uintptr_t)oph <= UINT32_MAX);
569 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
570
571 op.params[1].tmpref.buffer = (void *)src;
572 op.params[1].tmpref.size = src_len;
573
574 op.params[2].tmpref.buffer = (void *)dst;
575 op.params[2].tmpref.size = *dst_len;
576
577 op.params[3].tmpref.buffer = (void *)tag;
578 op.params[3].tmpref.size = *tag_len;
579
580 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
581 TEEC_MEMREF_TEMP_INPUT,
582 TEEC_MEMREF_TEMP_OUTPUT,
583 TEEC_MEMREF_TEMP_OUTPUT);
584
585 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_ENCRYPT_FINAL, &op,
586 &ret_orig);
587
588 if (res != TEEC_SUCCESS) {
589 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
590 ret_orig);
591 }
592
593 if (res == TEEC_SUCCESS) {
594 *dst_len = op.params[2].tmpref.size;
595 *tag_len = op.params[3].tmpref.size;
596 }
597
598 return res;
599}
600
601static TEEC_Result ta_crypt_cmd_ae_decrypt_final(ADBG_Case_t *c,
602 TEEC_Session *s,
603 TEE_OperationHandle oph,
604 const void *src, size_t src_len,
605 void *dst, size_t *dst_len,
606 const void *tag, size_t tag_len)
607{
608 TEEC_Result res;
609 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
610 uint32_t ret_orig;
611
612 assert((uintptr_t)oph <= UINT32_MAX);
613 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
614
615 op.params[1].tmpref.buffer = (void *)src;
616 op.params[1].tmpref.size = src_len;
617
618 op.params[2].tmpref.buffer = dst;
619 op.params[2].tmpref.size = *dst_len;
620
621 op.params[3].tmpref.buffer = (void *)tag;
622 op.params[3].tmpref.size = tag_len;
623
624 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
625 TEEC_MEMREF_TEMP_INPUT,
626 TEEC_MEMREF_TEMP_OUTPUT,
627 TEEC_MEMREF_TEMP_INPUT);
628
629 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_DECRYPT_FINAL, &op,
630 &ret_orig);
631
632 if (res != TEEC_SUCCESS) {
633 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
634 ret_orig);
635 }
636
637 if (res == TEEC_SUCCESS)
638 *dst_len = op.params[2].tmpref.size;
639
640 return res;
641}
642
643static TEEC_Result ta_crypt_cmd_asymmetric_operate(ADBG_Case_t *c,
644 TEEC_Session *s,
645 TEE_OperationHandle oph,
646 uint32_t cmd,
647 const TEE_Attribute *params,
648 uint32_t paramCount,
649 const void *src,
650 size_t src_len,
651 void *dst,
652 size_t *dst_len)
653{
654 TEEC_Result res;
655 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
656 uint32_t ret_orig;
657 uint8_t *buf;
658 size_t blen;
659
660 res = pack_attrs(params, paramCount, &buf, &blen);
661 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
662 return res;
663
664 assert((uintptr_t)oph <= UINT32_MAX);
665 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
666
667 op.params[1].tmpref.buffer = buf;
668 op.params[1].tmpref.size = blen;
669
670 op.params[2].tmpref.buffer = (void *)src;
671 op.params[2].tmpref.size = src_len;
672
673 op.params[3].tmpref.buffer = dst;
674 op.params[3].tmpref.size = *dst_len;
675
676 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
677 TEEC_MEMREF_TEMP_INPUT,
678 TEEC_MEMREF_TEMP_INPUT,
679 TEEC_MEMREF_TEMP_OUTPUT);
680
681 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
682
683 if (res != TEEC_SUCCESS) {
684 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
685 ret_orig);
686 }
687
688 if (res == TEEC_SUCCESS)
689 *dst_len = op.params[3].tmpref.size;
690
691 free(buf);
692 return res;
693}
694
695static TEEC_Result ta_crypt_cmd_asymmetric_encrypt(ADBG_Case_t *c,
696 TEEC_Session *s,
697 TEE_OperationHandle oph,
698 const TEE_Attribute *params,
699 uint32_t paramCount,
700 const void *src,
701 size_t src_len,
702 void *dst,
703 size_t *dst_len)
704{
705 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
706 TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT,
707 params, paramCount,
708 src, src_len, dst, dst_len);
709}
710
711static TEEC_Result ta_crypt_cmd_asymmetric_decrypt(ADBG_Case_t *c,
712 TEEC_Session *s,
713 TEE_OperationHandle oph,
714 const TEE_Attribute *params,
715 uint32_t paramCount,
716 const void *src,
717 size_t src_len,
718 void *dst,
719 size_t *dst_len)
720{
721 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
722 TA_CRYPT_CMD_ASYMMETRIC_DECRYPT,
723 params, paramCount,
724 src, src_len, dst, dst_len);
725}
726
727static TEEC_Result ta_crypt_cmd_asymmetric_sign(ADBG_Case_t *c,
728 TEEC_Session *s,
729 TEE_OperationHandle oph,
730 const TEE_Attribute *params,
731 uint32_t paramCount,
732 const void *digest,
733 size_t digest_len,
734 void *signature,
735 size_t *signature_len)
736{
737 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
738 TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST, params, paramCount,
739 digest, digest_len, signature, signature_len);
740}
741
742static TEEC_Result ta_crypt_cmd_asymmetric_verify(ADBG_Case_t *c,
743 TEEC_Session *s,
744 TEE_OperationHandle oph,
745 const TEE_Attribute *params,
746 uint32_t paramCount,
747 const void *digest,
748 size_t digest_len,
749 const void *signature,
750 size_t signature_len)
751{
752 TEEC_Result res;
753 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
754 uint32_t ret_orig;
755 uint8_t *buf;
756 size_t blen;
757
758 res = pack_attrs(params, paramCount, &buf, &blen);
759 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
760 return res;
761
762 assert((uintptr_t)oph <= UINT32_MAX);
763 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
764
765 op.params[1].tmpref.buffer = buf;
766 op.params[1].tmpref.size = blen;
767
768 op.params[2].tmpref.buffer = (void *)digest;
769 op.params[2].tmpref.size = digest_len;
770
771 op.params[3].tmpref.buffer = (void *)signature;
772 op.params[3].tmpref.size = signature_len;
773
774 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
775 TEEC_MEMREF_TEMP_INPUT,
776 TEEC_MEMREF_TEMP_INPUT,
777 TEEC_MEMREF_TEMP_INPUT);
778
779 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST,
780 &op, &ret_orig);
781
782 if (res != TEEC_SUCCESS) {
783 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
784 ret_orig);
785 }
786
787 free(buf);
788 return res;
789}
790
791static TEEC_Result ta_crypt_cmd_get_object_value_attribute(ADBG_Case_t *c,
792 TEEC_Session *s,
793 TEE_ObjectHandle o,
794 uint32_t attr_id,
795 uint32_t *valuea,
796 uint32_t *valueb)
797{
798 TEEC_Result res;
799 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
800 uint32_t ret_orig;
801
802 assert((uintptr_t)o <= UINT32_MAX);
803 op.params[0].value.a = (uint32_t)(uintptr_t)o;
804 op.params[0].value.b = attr_id;
805 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_OUTPUT,
806 TEEC_NONE, TEEC_NONE);
807
808 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE,
809 &op, &ret_orig);
810
811 if (res != TEEC_SUCCESS) {
812 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
813 ret_orig);
814 }
815
816 if (res == TEEC_SUCCESS) {
817 *valuea = op.params[1].value.a;
818 *valueb = op.params[1].value.b;
819 }
820
821 return res;
822}
823
824static TEEC_Result ta_crypt_cmd_generate_key(ADBG_Case_t *c,
825 TEEC_Session *s,
826 TEE_ObjectHandle o,
827 uint32_t key_size,
828 const TEE_Attribute *params,
829 uint32_t paramCount)
830{
831 TEEC_Result res;
832 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
833 uint32_t ret_orig;
834 uint8_t *buf;
835 size_t blen;
836
837 res = pack_attrs(params, paramCount, &buf, &blen);
838 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
839 return res;
840
841 assert((uintptr_t)o <= UINT32_MAX);
842 op.params[0].value.a = (uint32_t)(uintptr_t)o;
843 op.params[0].value.b = key_size;
844
845 op.params[1].tmpref.buffer = buf;
846 op.params[1].tmpref.size = blen;
847
848 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
849 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
850 TEEC_NONE);
851
852 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GENERATE_KEY, &op, &ret_orig);
853
854 if (res != TEEC_SUCCESS) {
855 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
856 ret_orig);
857 }
858
859 free(buf);
860 return res;
861}
862
863static const uint8_t hash_data_md5_in1[] = {
864 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
865};
866
867static const uint8_t hash_data_md5_out1[] = {
868 0x61, 0x12, 0x71, 0x83, 0x70, 0x8d, 0x3a, 0xc7,
869 0xf1, 0x9b, 0x66, 0x06, 0xfc, 0xae, 0x7d, 0xf6
870};
871
872static const uint8_t hash_data_sha1_in1[] = {
873 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
874};
875
876static const uint8_t hash_data_sha1_out1[] = {
877 0x4b, 0x98, 0x92, 0xb6, 0x52, 0x72, 0x14, 0xaf,
878 0xc6, 0x55, 0xb8, 0xaa, 0x52, 0xf4, 0xd2, 0x03,
879 0xc1, 0x5e, 0x7c, 0x9c
880};
881
882static const uint8_t hash_data_sha224_in1[] = {
883 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
884};
885
886static const uint8_t hash_data_sha224_out1[] = {
887 0x08, 0x21, 0x69, 0xf9, 0x77, 0x1b, 0x80, 0x15,
888 0xf3, 0x97, 0xae, 0xde, 0x5b, 0xba, 0xa2, 0x72,
889 0x2d, 0x8f, 0x5c, 0x19, 0xfe, 0xd2, 0xe2, 0x68,
890 0x92, 0x49, 0xd8, 0x44
891};
892
893static const uint8_t hash_data_sha256_in1[] = { 'a', 'b', 'c' };
894
895static const uint8_t hash_data_sha256_out1[] = {
896 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
897 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
898 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
899 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
900};
901
902static const uint8_t hash_data_sha256_in2[] = { 'e', 'f', 'g' };
903
904static const uint8_t hash_data_sha256_out2[] = {
905 0xd4, 0xff, 0xe8, 0xe9, 0xee, 0x0b, 0x48, 0xeb,
906 0xa7, 0x16, 0x70, 0x61, 0x23, 0xa7, 0x18, 0x7f,
907 0x32, 0xea, 0xe3, 0xbd, 0xcb, 0x0e, 0x77, 0x63,
908 0xe4, 0x1e, 0x53, 0x32, 0x67, 0xbd, 0x8a, 0x53
909};
910
911
912static const uint8_t hash_data_sha384_in1[] = {
913 'a', 'b', 'c', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
914};
915
916static const uint8_t hash_data_sha384_out1[] = {
917 0x4c, 0xab, 0x80, 0x9d, 0x96, 0x84, 0x01, 0x47,
918 0x67, 0x0a, 0xc1, 0x7a, 0xb6, 0xb9, 0xf7, 0x6e,
919 0x35, 0xa6, 0xb0, 0x8c, 0xf5, 0x2a, 0x3d, 0x64,
920 0x9a, 0x8c, 0x7e, 0x0c, 0x55, 0x45, 0xd3, 0x7d,
921 0x1f, 0x7f, 0x28, 0x34, 0x96, 0x14, 0x44, 0x2a,
922 0xf5, 0x98, 0xa2, 0x95, 0x24, 0x76, 0x53, 0x97
923};
924
925static const uint8_t hash_data_sha512_in1[] = {
926 'a', 'b', 'c', 'd', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
927};
928
929static const uint8_t hash_data_sha512_out1[] = {
930 0x20, 0xd8, 0x64, 0x4f, 0x54, 0xa2, 0x5f, 0x6f,
931 0x0a, 0xf9, 0xd5, 0x27, 0x7d, 0x17, 0xa8, 0x99,
932 0x4c, 0x64, 0x3f, 0xd0, 0xf3, 0x83, 0x36, 0xee,
933 0x93, 0x12, 0x55, 0xcd, 0x2e, 0x12, 0x34, 0xa0,
934 0xc2, 0xaa, 0xf9, 0xbb, 0x15, 0xc5, 0xe9, 0xfa,
935 0xf7, 0xa7, 0xda, 0xb8, 0x2f, 0x72, 0xa0, 0x47,
936 0xe3, 0x02, 0x04, 0xe8, 0xa0, 0x35, 0x0c, 0x96,
937 0x26, 0xd1, 0xcb, 0x8b, 0x47, 0x45, 0x25, 0xd0
938};
939
940struct xtest_hash_case {
941 uint32_t algo;
942 size_t in_incr;
943 const uint8_t *in;
944 size_t in_len;
945 const uint8_t *out;
946 size_t out_len;
947};
948
949#define XTEST_HASH_CASE(algo, in_incr, in, out) \
950 { (algo), (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
951
952static const struct xtest_hash_case hash_cases[] = {
953 XTEST_HASH_CASE(TEE_ALG_MD5, 6, hash_data_md5_in1,
954 hash_data_md5_out1),
955 XTEST_HASH_CASE(TEE_ALG_SHA1, 3, hash_data_sha1_in1,
956 hash_data_sha1_out1),
957 XTEST_HASH_CASE(TEE_ALG_SHA224, 7, hash_data_sha224_in1,
958 hash_data_sha224_out1),
959 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in1,
960 hash_data_sha256_out1),
961 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in2,
962 hash_data_sha256_out2),
963 XTEST_HASH_CASE(TEE_ALG_SHA384, 1, hash_data_sha384_in1,
964 hash_data_sha384_out1),
965 XTEST_HASH_CASE(TEE_ALG_SHA512, 1, hash_data_sha512_in1,
966 hash_data_sha512_out1),
967};
968
969static void xtest_tee_test_4001(ADBG_Case_t *c)
970{
971 TEEC_Session session = { 0 };
972 uint32_t ret_orig;
973 size_t n;
974
975 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
976 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
977 &ret_orig)))
978 return;
979
980
981 for (n = 0; n < ARRAY_SIZE(hash_cases); n++) {
982 TEE_OperationHandle op1;
983 TEE_OperationHandle op2;
984 uint8_t out[64];
985 size_t out_size;
986
987 Do_ADBG_BeginSubCase(c, "Hash case %d algo 0x%x",
988 (int)n, (unsigned int)hash_cases[n].algo);
989
990 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
991 ta_crypt_cmd_allocate_operation(c, &session, &op1,
992 hash_cases[n].algo,
993 TEE_MODE_DIGEST, 0)))
994 goto out;
995
996 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
997 ta_crypt_cmd_allocate_operation(c, &session, &op2,
998 hash_cases[n].algo,
999 TEE_MODE_DIGEST, 0)))
1000 goto out;
1001
1002 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1003 ta_crypt_cmd_digest_update(c, &session, op1,
1004 hash_cases[n].in,
1005 hash_cases[n].in_incr)))
1006 goto out;
1007
1008 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1009 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1010 goto out;
1011
1012 out_size = sizeof(out);
1013 memset(out, 0, sizeof(out));
1014 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1015 ta_crypt_cmd_digest_do_final(c, &session, op2,
1016 hash_cases[n].in + hash_cases[n].in_incr,
1017 hash_cases[n].in_len - hash_cases[n].in_incr,
1018 out, &out_size)))
1019 goto out;
1020
1021 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1022 hash_cases[n].out_len, out, out_size);
1023
1024 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1025 ta_crypt_cmd_reset_operation(c, &session, op1)))
1026 goto out;
1027
1028 out_size = sizeof(out);
1029 memset(out, 0, sizeof(out));
1030 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1031 ta_crypt_cmd_digest_do_final(c, &session, op1,
1032 hash_cases[n].in,
1033 hash_cases[n].in_len, out,
1034 &out_size)))
1035 goto out;
1036
1037 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1038 hash_cases[n].out_len, out, out_size);
1039
Jerome Forissier1e05e262015-07-29 16:09:07 +0200[diff] [blame]1040 /*
1041 * Invoke TEE_DigestDoFinal() a second time to check that state
1042 * was properly reset
1043 */
1044 out_size = sizeof(out);
1045 memset(out, 0, sizeof(out));
1046 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1047 ta_crypt_cmd_digest_do_final(c, &session, op1,
1048 hash_cases[n].in,
1049 hash_cases[n].in_len, out,
1050 &out_size)))
1051 goto out;
1052
1053 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1054 hash_cases[n].out_len, out, out_size);
1055
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1056 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1057 ta_crypt_cmd_free_operation(c, &session, op1)))
1058 goto out;
1059
1060 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1061 ta_crypt_cmd_free_operation(c, &session, op2)))
1062 goto out;
1063
1064 Do_ADBG_EndSubCase(c, NULL);
1065 }
1066
1067out:
1068 TEEC_CloseSession(&session);
1069}
1070
1071static const uint8_t mac_data_md5_key1[10] = {
1072 0x6B, 0x65, 0x79, /* key */
1073};
1074
1075static const uint8_t mac_data_md5_in1[] = {
1076 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1077 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1078 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1079 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1080 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1081 0x64, 0x6F, 0x67, /* dog */
1082};
1083
1084static const uint8_t mac_data_md5_out1[] = {
1085 0x80, 0x07, 0x07, 0x13, 0x46, 0x3e, 0x77, 0x49,
1086 0xb9, 0x0c, 0x2d, 0xc2, 0x49, 0x11, 0xe2, 0x75
1087};
1088
1089
1090/* generated with scripts/digest_hmac.pl */
1091static const uint8_t mac_data_sha1_key1[10] = {
1092 0x6B, 0x65, 0x79, /* key */
1093};
1094
1095static const uint8_t mac_data_sha1_in1[] = {
1096 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1097 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1098 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1099 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1100 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1101 0x64, 0x6F, 0x67, /* dog */
1102};
1103
1104static const uint8_t mac_data_sha1_out1[] = {
1105 0xDE, 0x7C, 0x9B, 0x85, 0xB8, 0xB7, 0x8A, 0xA6, /* .|...... */
1106 0xBC, 0x8A, 0x7A, 0x36, 0xF7, 0x0A, 0x90, 0x70, /* ..z6...p */
1107 0x1C, 0x9D, 0xB4, 0xD9, /* .... */
1108};
1109
1110static const uint8_t mac_data_sha224_key1[24] = {
1111 0x6B, 0x65, 0x79, /* key */
1112};
1113
1114static const uint8_t mac_data_sha224_in1[] = {
1115 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1116 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1117 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1118 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1119 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1120 0x64, 0x6F, 0x67, /* dog */
1121};
1122
1123static const uint8_t mac_data_sha224_out1[] = {
1124 0x88, 0xFF, 0x8B, 0x54, 0x67, 0x5D, 0x39, 0xB8, /* ...Tg]9. */
1125 0xF7, 0x23, 0x22, 0xE6, 0x5F, 0xF9, 0x45, 0xC5, /* .#"._.E. */
1126 0x2D, 0x96, 0x37, 0x99, 0x88, 0xAD, 0xA2, 0x56, /* -.7....V */
1127 0x39, 0x74, 0x7E, 0x69, /* 9t~i */
1128};
1129
1130
1131static const uint8_t mac_data_sha256_key1[24] = {
1132 'Q', 'W', 'E', 'R', 'T', 'Y'
1133};
1134
1135static const uint8_t mac_data_sha256_in1[] = { 'a', 'b', 'c' };
1136
1137static const uint8_t mac_data_sha256_out1[] = {
1138 0xee, 0x2e, 0x5d, 0x9b, 0x51, 0xe2, 0x9c, 0x1d,
1139 0x49, 0xe9, 0xae, 0x6f, 0x0a, 0xcc, 0x15, 0x18,
1140 0xde, 0x1e, 0xa3, 0x88, 0x8e, 0xee, 0x48, 0xbb,
1141 0x82, 0x77, 0xe9, 0x09, 0x74, 0x4b, 0xa2, 0xf2
1142};
1143
1144/* generated with scripts/digest_hmac.pl */
1145static const uint8_t mac_data_sha256_key2[24] = {
1146 0x6B, 0x65, 0x79, /* key */
1147};
1148
1149static const uint8_t mac_data_sha256_in2[] = {
1150 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1151 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1152 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1153 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1154 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1155 0x64, 0x6F, 0x67, /* dog */
1156};
1157
1158static const uint8_t mac_data_sha256_out2[] = {
1159 0xF7, 0xBC, 0x83, 0xF4, 0x30, 0x53, 0x84, 0x24, /* ....0S.$ */
1160 0xB1, 0x32, 0x98, 0xE6, 0xAA, 0x6F, 0xB1, 0x43, /* .2...o.C */
1161 0xEF, 0x4D, 0x59, 0xA1, 0x49, 0x46, 0x17, 0x59, /* .MY.IF.Y */
1162 0x97, 0x47, 0x9D, 0xBC, 0x2D, 0x1A, 0x3C, 0xD8, /* .G..-.<. */
1163};
1164
1165static const uint8_t mac_data_sha384_key1[32] = {
1166 0x6B, 0x65, 0x79, /* key */
1167};
1168
1169static const uint8_t mac_data_sha384_in1[] = {
1170 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1171 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1172 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1173 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1174 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1175 0x64, 0x6F, 0x67, /* dog */
1176};
1177
1178static const uint8_t mac_data_sha384_out1[] = {
1179 0xD7, 0xF4, 0x72, 0x7E, 0x2C, 0x0B, 0x39, 0xAE, /* ..r~, .9. */
1180 0x0F, 0x1E, 0x40, 0xCC, 0x96, 0xF6, 0x02, 0x42, /* ..@....B */
1181 0xD5, 0xB7, 0x80, 0x18, 0x41, 0xCE, 0xA6, 0xFC, /* ....A... */
1182 0x59, 0x2C, 0x5D, 0x3E, 0x1A, 0xE5, 0x07, 0x00, /* Y, ]>.... */
1183 0x58, 0x2A, 0x96, 0xCF, 0x35, 0xE1, 0xE5, 0x54, /* X...5..T */
1184 0x99, 0x5F, 0xE4, 0xE0, 0x33, 0x81, 0xC2, 0x37, /* ._..3..7 */
1185};
1186
1187static const uint8_t mac_data_sha512_key1[32] = {
1188 0x6B, 0x65, 0x79, /* key */
1189};
1190
1191static const uint8_t mac_data_sha512_in1[] = {
1192 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1193 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1194 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1195 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1196 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1197 0x64, 0x6F, 0x67, /* dog */
1198};
1199
1200static const uint8_t mac_data_sha512_out1[] = {
1201 0xB4, 0x2A, 0xF0, 0x90, 0x57, 0xBA, 0xC1, 0xE2, /* ....W... */
1202 0xD4, 0x17, 0x08, 0xE4, 0x8A, 0x90, 0x2E, 0x09, /* ........ */
1203 0xB5, 0xFF, 0x7F, 0x12, 0xAB, 0x42, 0x8A, 0x4F, /* .....B.O */
1204 0xE8, 0x66, 0x53, 0xC7, 0x3D, 0xD2, 0x48, 0xFB, /* .fS.=.H. */
1205 0x82, 0xF9, 0x48, 0xA5, 0x49, 0xF7, 0xB7, 0x91, /* ..H.I... */
1206 0xA5, 0xB4, 0x19, 0x15, 0xEE, 0x4D, 0x1E, 0xC3, /* .....M.. */
1207 0x93, 0x53, 0x57, 0xE4, 0xE2, 0x31, 0x72, 0x50, /* .SW..1rP */
1208 0xD0, 0x37, 0x2A, 0xFA, 0x2E, 0xBE, 0xEB, 0x3A, /* .7.....: */
1209};
1210
1211
1212/* AES-CBC-MAC */
1213static const uint8_t mac_cbc_vect1_key[] = {
1214 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1215 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1216};
1217
1218static const uint8_t mac_cbc_vect1_data[] = {
1219 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1220 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1221 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1222 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1223 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1224 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1225 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1226 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1227 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1228 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1229 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1230 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1231 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1232 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1233 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1234 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1235 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1236 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1237 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1238 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1239};
1240
1241static const uint8_t mac_cbc_vect1_out[] = {
1242 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1243 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1244};
1245
1246/* DES-CBC-MAC */
1247static const uint8_t mac_cbc_vect2_key[] = {
1248 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1249};
1250
1251#define mac_cbc_vect2_data mac_cbc_vect1_data
1252static const uint8_t mac_cbc_vect2_out[] = {
1253 0xE9, 0x41, 0x46, 0x30, 0x69, 0x32, 0xBD, 0xD6, /* .AF0i2.. */
1254};
1255
1256/* DES3-CBC-MAC */
1257static const uint8_t mac_cbc_vect3_key[] = {
1258 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1259 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1260 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1261};
1262
1263#define mac_cbc_vect3_data mac_cbc_vect2_data
1264static const uint8_t mac_cbc_vect3_out[] = {
1265 0x1C, 0x17, 0xB7, 0xB5, 0x9F, 0x54, 0x9C, 0x63, /* .....T.c */
1266};
1267
1268/* AES-CBC-MAC PKCS#5 pad*/
1269static const uint8_t mac_cbc_vect4_key[] = {
1270 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1271 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1272 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1273 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1274};
1275
1276#define mac_cbc_vect4_data mac_cbc_vect1_data
1277static const uint8_t mac_cbc_vect4_out[] = {
1278 0x0B, 0x46, 0xC7, 0xA2, 0xE1, 0x5A, 0xE2, 0x23, /* .F...Z.# */
1279 0x83, 0x34, 0x1C, 0x86, 0x53, 0xF8, 0x51, 0x24, /* .4..S.Q$ */
1280};
1281
1282/* DES-CBC-MAC PKCS#5 pad*/
1283static const uint8_t mac_cbc_vect5_key[] = {
1284 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1285};
1286
1287#define mac_cbc_vect5_data mac_cbc_vect1_data
1288static const uint8_t mac_cbc_vect5_out[] = {
1289 0x30, 0x81, 0x4F, 0x42, 0x03, 0x7E, 0xD8, 0xA9, /* 0.OB.~.. */
1290};
1291
1292/* DES3-CBC-MAC PKCS#5 pad*/
1293static const uint8_t mac_cbc_vect6_key[] = {
1294 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1295 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1296 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1297};
1298
1299#define mac_cbc_vect6_data mac_cbc_vect1_data
1300static const uint8_t mac_cbc_vect6_out[] = {
1301 0x6E, 0x37, 0x6E, 0x14, 0x5E, 0x21, 0xDD, 0xF8, /* n7n.^!.. */
1302};
1303
1304/* AES-CBC-MAC PKCS#5 pad*/
1305#define mac_cbc_vect7_key mac_cbc_vect4_key
1306static const uint8_t mac_cbc_vect7_data[] = {
1307 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1308 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1309 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1310 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1311 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1312 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1313 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1314 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1315 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1316 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1317 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1318 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1319 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1320 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1321 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1322 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1323 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1324 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1325 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1326 0x74, 0x69, 0x6F, 0x6E, 0x2E, /* tion. */
1327};
1328
1329static const uint8_t mac_cbc_vect7_out[] = {
1330 0xFD, 0x89, 0x35, 0xB3, 0x93, 0x7F, 0xBB, 0xA2, /* ..5..... */
1331 0xFB, 0x65, 0x60, 0xC4, 0x0A, 0x62, 0xA0, 0xF9, /* .e`..b.. */
1332};
1333
1334/* DES-CBC-MAC PKCS#5 pad*/
1335#define mac_cbc_vect8_key mac_cbc_vect5_key
1336#define mac_cbc_vect8_data mac_cbc_vect7_data
1337static const uint8_t mac_cbc_vect8_out[] = {
1338 0x02, 0x2A, 0xA8, 0x2E, 0x47, 0xC6, 0xBB, 0x7C, /* ....G..| */
1339};
1340
1341/* DES3-CBC-MAC PKCS#5 pad*/
1342#define mac_cbc_vect9_key mac_cbc_vect6_key
1343#define mac_cbc_vect9_data mac_cbc_vect7_data
1344static const uint8_t mac_cbc_vect9_out[] = {
1345 0xD4, 0xF7, 0x3E, 0x27, 0x78, 0x0E, 0x1C, 0x79, /* ..>'x..y */
1346};
1347
1348/*
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1349 * DES3-CBC-MAC, with key size of 112bit
1350 * out obtained with:
1351 * echo -n "Cipher block chaining (CBC) is a common chaining mode in which the previous block's ciphertext is xored with the current block's plaintext before encryption...."|openssl enc -iv 0 -des3 -K 303132333435363738394142434445463031323334353637 |xxd
1352 */
1353/* DES3-CBC-MAC PKCS#5 pad*/
1354static const uint8_t mac_cbc_vect10_key[] = {
1355 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1356 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1357};
1358#define mac_cbc_vect10_data mac_cbc_vect1_data
1359static const uint8_t mac_cbc_vect10_out[] = {
1360 0x30, 0x92, 0x60, 0x99, 0x66, 0xac, 0x8c, 0xa6,
1361};
1362
1363
1364/*
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1365 * AES-CMAC
1366 * Test vectors from
1367 * http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
1368 */
1369
1370/* AES-128 */
1371static const uint8_t mac_cmac_vect1_key[] = {
1372 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
1373 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
1374};
1375
1376static const uint8_t mac_cmac_vect1_out[] = {
1377 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
1378 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46
1379};
1380
1381#define mac_cmac_vect2_key mac_cmac_vect1_key
1382static const uint8_t mac_cmac_vect2_data[] = {
1383 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1384 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1385};
1386
1387static const uint8_t mac_cmac_vect2_out[] = {
1388 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
1389 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
1390};
1391
1392#define mac_cmac_vect3_key mac_cmac_vect1_key
1393static const uint8_t mac_cmac_vect3_data[] = {
1394 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1395 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1396 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1397 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1398 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1399};
1400
1401static const uint8_t mac_cmac_vect3_out[] = {
1402 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30,
1403 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27
1404};
1405
1406#define mac_cmac_vect4_key mac_cmac_vect1_key
1407static const uint8_t mac_cmac_vect4_data[] = {
1408 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1409 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1410 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1411 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1412 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1413 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1414 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1415 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1416};
1417
1418static const uint8_t mac_cmac_vect4_out[] = {
1419 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
1420 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe
1421};
1422
1423/* AES-192 */
1424static const uint8_t mac_cmac_vect5_key[] = {
1425 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
1426 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
1427 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
1428};
1429
1430static const uint8_t mac_cmac_vect5_out[] = {
1431 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5,
1432 0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67
1433};
1434
1435
1436#define mac_cmac_vect6_key mac_cmac_vect5_key
1437static const uint8_t mac_cmac_vect6_data[] = {
1438 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1439 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1440};
1441
1442static const uint8_t mac_cmac_vect6_out[] = {
1443 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90,
1444 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84
1445};
1446
1447#define mac_cmac_vect7_key mac_cmac_vect5_key
1448static const uint8_t mac_cmac_vect7_data[] = {
1449 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1450 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1451 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1452 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1453 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1454};
1455
1456static const uint8_t mac_cmac_vect7_out[] = {
1457 0x8a, 0x1d, 0xe5, 0xbe, 0x2e, 0xb3, 0x1a, 0xad,
1458 0x08, 0x9a, 0x82, 0xe6, 0xee, 0x90, 0x8b, 0x0e
1459};
1460
1461#define mac_cmac_vect8_key mac_cmac_vect5_key
1462static const uint8_t mac_cmac_vect8_data[] = {
1463 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1464 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1465 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1466 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1467 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1468 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1469 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1470 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1471};
1472
1473static const uint8_t mac_cmac_vect8_out[] = {
1474 0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79,
1475 0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11
1476};
1477
1478/* AES-256 */
1479static const uint8_t mac_cmac_vect9_key[] = {
1480 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
1481 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
1482 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
1483 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
1484};
1485
1486static const uint8_t mac_cmac_vect9_out[] = {
1487 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e,
1488 0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83
1489};
1490
1491#define mac_cmac_vect10_key mac_cmac_vect9_key
1492static const uint8_t mac_cmac_vect10_data[] = {
1493 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1494 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1495};
1496
1497static const uint8_t mac_cmac_vect10_out[] = {
1498 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82,
1499 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c
1500};
1501
1502#define mac_cmac_vect11_key mac_cmac_vect9_key
1503static const uint8_t mac_cmac_vect11_data[] = {
1504 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1505 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1506 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1507 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1508 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1509};
1510
1511static const uint8_t mac_cmac_vect11_out[] = {
1512 0xaa, 0xf3, 0xd8, 0xf1, 0xde, 0x56, 0x40, 0xc2,
1513 0x32, 0xf5, 0xb1, 0x69, 0xb9, 0xc9, 0x11, 0xe6
1514};
1515
1516#define mac_cmac_vect12_key mac_cmac_vect9_key
1517static const uint8_t mac_cmac_vect12_data[] = {
1518 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1519 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1520 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1521 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1522 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1523 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1524 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1525 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1526};
1527
1528static const uint8_t mac_cmac_vect12_out[] = {
1529 0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5,
1530 0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10
1531};
1532
1533struct xtest_mac_case {
1534 uint32_t algo;
1535 uint32_t key_type;
1536 const uint8_t *key;
1537 size_t key_len;
1538 size_t in_incr;
1539 const uint8_t *in;
1540 size_t in_len;
1541 const uint8_t *out;
1542 size_t out_len;
1543};
1544
1545#define XTEST_MAC_CASE(algo, key_type, key, in_incr, in, out) \
1546 { (algo), (key_type), (key), ARRAY_SIZE(key), \
1547 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
1548
1549#define XTEST_MAC_CBC_CASE(algo, key_type, vect, in_incr) \
1550 XTEST_MAC_CASE((algo), (key_type), \
1551 mac_cbc_ ## vect ## _key, (in_incr), \
1552 mac_cbc_ ## vect ## _data, mac_cbc_ ## vect ## _out)
1553
1554#define XTEST_MAC_CMAC_CASE(vect, in_incr) \
1555 XTEST_MAC_CASE(TEE_ALG_AES_CMAC, TEE_TYPE_AES, \
1556 mac_cmac_ ## vect ## _key, (in_incr), \
1557 mac_cmac_ ## vect ## _data, mac_cmac_ ## vect ## _out)
1558
1559static const struct xtest_mac_case mac_cases[] = {
1560 XTEST_MAC_CASE(TEE_ALG_HMAC_MD5, TEE_TYPE_HMAC_MD5,
1561 mac_data_md5_key1,
1562 4, mac_data_md5_in1, mac_data_md5_out1),
1563 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA1, TEE_TYPE_HMAC_SHA1,
1564 mac_data_sha1_key1,
1565 5, mac_data_sha1_in1, mac_data_sha1_out1),
1566 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA224, TEE_TYPE_HMAC_SHA224,
1567 mac_data_sha224_key1,
1568 8, mac_data_sha224_in1, mac_data_sha224_out1),
1569 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1570 mac_data_sha256_key1,
1571 1, mac_data_sha256_in1, mac_data_sha256_out1),
1572 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1573 mac_data_sha256_key2,
1574 7, mac_data_sha256_in2, mac_data_sha256_out2),
1575 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA384, TEE_TYPE_HMAC_SHA384,
1576 mac_data_sha384_key1,
1577 11, mac_data_sha384_in1, mac_data_sha384_out1),
1578 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA512, TEE_TYPE_HMAC_SHA512,
1579 mac_data_sha512_key1,
1580 13, mac_data_sha512_in1, mac_data_sha512_out1),
1581
1582 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_NOPAD, TEE_TYPE_AES, vect1, 14),
1583 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_NOPAD, TEE_TYPE_DES, vect2, 16),
1584 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_NOPAD, TEE_TYPE_DES3, vect3,
1585 17),
1586 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect4, 11),
1587 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect5, 9),
1588 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect6, 4),
1589 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect7, 3),
1590 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect8, 23),
1591 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect9,
1592 34),
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1593 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect10, 4),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1594
1595 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect1_key,
1596 ARRAY_SIZE(mac_cmac_vect1_key), 0, NULL, 0, mac_cmac_vect1_out,
1597 ARRAY_SIZE(mac_cmac_vect1_out) },
1598 XTEST_MAC_CMAC_CASE(vect2, 9),
1599 XTEST_MAC_CMAC_CASE(vect3, 9),
1600 XTEST_MAC_CMAC_CASE(vect4, 9),
1601 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect5_key,
1602 ARRAY_SIZE(mac_cmac_vect5_key), 0, NULL, 0, mac_cmac_vect5_out,
1603 ARRAY_SIZE(mac_cmac_vect5_out) },
1604 XTEST_MAC_CMAC_CASE(vect6, 9),
1605 XTEST_MAC_CMAC_CASE(vect7, 9),
1606 XTEST_MAC_CMAC_CASE(vect8, 9),
1607 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect9_key,
1608 ARRAY_SIZE(mac_cmac_vect9_key), 0, NULL, 0, mac_cmac_vect9_out,
1609 ARRAY_SIZE(mac_cmac_vect9_out) },
1610 XTEST_MAC_CMAC_CASE(vect10, 9),
1611 XTEST_MAC_CMAC_CASE(vect11, 9),
1612 XTEST_MAC_CMAC_CASE(vect12, 9),
1613};
1614
1615static void xtest_tee_test_4002(ADBG_Case_t *c)
1616{
1617 TEEC_Session session = { 0 };
1618 TEE_OperationHandle op1;
1619 TEE_OperationHandle op2;
1620 TEE_ObjectHandle key_handle;
1621 uint8_t out[64];
1622 size_t out_size;
1623 uint32_t ret_orig;
1624 size_t n;
1625
1626 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1627 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1628 &ret_orig)))
1629 return;
1630
1631 for (n = 0; n < ARRAY_SIZE(mac_cases); n++) {
1632 TEE_Attribute key_attr;
1633 size_t key_size;
1634
1635 Do_ADBG_BeginSubCase(c, "MAC case %d algo 0x%x",
1636 (int)n, (unsigned int)mac_cases[n].algo);
1637
1638 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
1639 key_attr.content.ref.buffer = (void *)mac_cases[n].key;
1640 key_attr.content.ref.length = mac_cases[n].key_len;
1641
1642 key_size = key_attr.content.ref.length * 8;
1643 if (mac_cases[n].key_type == TEE_TYPE_DES ||
1644 mac_cases[n].key_type == TEE_TYPE_DES3)
1645 /* Exclude parity in bit size of key */
1646 key_size -= key_size / 8;
1647
1648 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1649 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1650 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1651 goto out;
1652
1653 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1654 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1655 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1656 goto out;
1657
1658 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1659 ta_crypt_cmd_allocate_transient_object(c, &session,
1660 mac_cases[n].key_type, key_size, &key_handle)))
1661 goto out;
1662
1663 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1664 ta_crypt_cmd_populate_transient_object(c, &session,
1665 key_handle, &key_attr, 1)))
1666 goto out;
1667
1668 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1669 ta_crypt_cmd_set_operation_key(c, &session, op1,
1670 key_handle)))
1671 goto out;
1672
1673 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1674 ta_crypt_cmd_free_transient_object(c, &session,
1675 key_handle)))
1676 goto out;
1677
1678 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1679 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1680 goto out;
1681
1682 if (mac_cases[n].in != NULL) {
1683 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1684 ta_crypt_cmd_mac_update(c, &session, op1,
1685 mac_cases[n].in, mac_cases[n].in_incr)))
1686 goto out;
1687 }
1688
1689 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1690 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1691 goto out;
1692
1693 out_size = sizeof(out);
1694 memset(out, 0, sizeof(out));
1695 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1696 ta_crypt_cmd_mac_final_compute(c, &session, op2,
1697 mac_cases[n].in + mac_cases[n].in_incr,
1698 mac_cases [n].in_len - mac_cases[n].in_incr,
1699 out, &out_size)))
1700 goto out;
1701
1702 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1703 mac_cases[n].out_len, out, out_size);
1704
1705 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1706 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1707 goto out;
1708
1709 out_size = sizeof(out);
1710 memset(out, 0, sizeof(out));
1711 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1712 ta_crypt_cmd_mac_final_compute(c, &session, op1,
1713 mac_cases[n].in, mac_cases[n].in_len, out,
1714 &out_size)))
1715 goto out;
1716
1717 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1718 mac_cases[n].out_len, out, out_size);
1719
1720 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1721 ta_crypt_cmd_free_operation(c, &session, op1)))
1722 goto out;
1723
1724 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1725 ta_crypt_cmd_free_operation(c, &session, op2)))
1726 goto out;
1727
1728 Do_ADBG_EndSubCase(c, NULL);
1729 }
1730out:
1731 TEEC_CloseSession(&session);
1732}
1733
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1734static const uint8_t ciph_data_aes_key1[] = {
1735 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1736 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1737};
1738
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1739static const uint8_t ciph_data_aes_key2[] = {
1740 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1741 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1742};
1743
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1744static const uint8_t ciph_data_des_key1[] = {
1745 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 /* 01234567 */
1746};
1747
1748static const uint8_t ciph_data_des_key2[] = {
1749 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1750};
1751
1752
1753static const uint8_t ciph_data_des3_key1[] = {
1754 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1755 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1756 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1757};
1758
1759static const uint8_t ciph_data_des3_key2[] = {
1760 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1761 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1762 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1763};
1764
1765static const uint8_t ciph_data_des2_key1[] = {
1766 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1767 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1768};
1769
1770static const uint8_t ciph_data_in1[] = {
1771 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1772 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1773 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1774 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1775 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1776 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1777};
1778
1779static const uint8_t ciph_data_in3[] = {
1780 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1781 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1782 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1783 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1784 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1785 0x43, 0x44, 0x45, 0x46, 0x30, /* CDEF0 */
1786};
1787
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1788static const uint8_t ciph_data_in4[] = {
1789 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1790 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1791 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1792 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1793 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1794 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1795 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1796 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1797};
1798
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1799static const uint8_t ciph_data_in5[] = {
1800 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1801 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1802 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1803 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1804 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1805 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1806 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1807 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1808 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1809 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1810 0x01, 0x01, 0x01
1811};
1812
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1813static const uint8_t ciph_data_128_iv1[] = {
1814 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1815 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, /* 9ABCDEF0 */
1816};
1817
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1818static const uint8_t ciph_data_128_iv2[] = {
1819 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1820 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1821};
1822
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1823static const uint8_t ciph_data_64_iv1[] = {
1824 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1825};
1826
1827static const uint8_t ciph_data_in2[] = {
1828 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
1829};
1830
1831static const uint8_t ciph_data_aes_ecb_nopad_out1[] = {
1832 0xA5, 0xBE, 0x14, 0xD5, 0x01, 0x05, 0x24, 0x48, /* ......$H */
1833 0x58, 0x1A, 0x6B, 0x82, 0xD4, 0x41, 0xD2, 0xB3, /* X.k..A.. */
1834 0xBB, 0xF9, 0xAE, 0x37, 0x94, 0xAC, 0x18, 0x50, /* ...7...P */
1835 0x87, 0x09, 0xCC, 0x3F, 0x43, 0xD2, 0xC2, 0xB7, /* ...?C... */
1836 0xD7, 0x6F, 0x84, 0x07, 0xB4, 0x78, 0xCE, 0x34, /* .o...x.4 */
1837 0x48, 0xC9, 0x16, 0x86, 0x42, 0xB8, 0xFF, 0xCF, /* H...B... */
1838};
1839
1840static const uint8_t ciph_data_aes_cbc_nopad_out1[] = {
1841 0x8D, 0x9F, 0x88, 0xD8, 0xAF, 0x9F, 0xC1, 0x3B, /* .......; */
1842 0x02, 0x15, 0x43, 0x6A, 0x8C, 0x1E, 0x34, 0x5C, /* ..Cj..4\ */
1843 0x83, 0xF4, 0x85, 0x3E, 0x43, 0x0F, 0xE5, 0x5F, /* ...>C.._ */
1844 0x81, 0x4C, 0xC0, 0x28, 0x3F, 0xD9, 0x98, 0x53, /* .L.(?..S */
1845 0xB1, 0x44, 0x51, 0x38, 0x21, 0xAB, 0x10, 0xCE, /* .DQ8!... */
1846 0xC2, 0xEC, 0x65, 0x54, 0xDD, 0x5C, 0xEA, 0xDC, /* ..eT.\.. */
1847};
1848
1849static const uint8_t ciph_data_aes_ctr_out1[] = {
1850 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1851 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1852 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1853 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1854 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1855 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1856};
1857
1858static const uint8_t ciph_data_aes_ctr_out2[] = {
1859 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1860 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1861 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1862 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1863 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1864 0x72, 0x0E, 0x3C, 0xD1, 0xA1, /* r.<.. */
1865};
1866
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1867static const uint8_t ciph_data_aes_ctr_out4[] = {
1868 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1869 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1870 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1871 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1872 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1873 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1874 0x9F, 0xD7, 0x0C, 0x92, 0xD4, 0xA5, 0x9D, 0x06, /* ........ */
1875 0x01, 0x80, 0x38, 0xCD, 0xC2, 0x71, 0x5D, 0x4A, /* ..8..q]J */
1876};
1877
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1878static const uint8_t ciph_data_aes_ctr_out5[] = {
1879 0xbb, 0xfe, 0x07, 0x04, 0x1c, 0x8e, 0x09, 0x61,
1880 0xfb, 0xb1, 0x7c, 0xa5, 0x4d, 0x2b, 0x30, 0xf6,
1881 0x26, 0x9e, 0xff, 0x61, 0x18, 0x47, 0xc6, 0x06,
1882 0x81, 0x02, 0x84, 0xcd, 0x9c, 0x4b, 0x6d, 0x21,
1883 0xe2, 0x64, 0xa6, 0x50, 0x7f, 0x28, 0x81, 0x6f,
1884 0x29, 0xda, 0xd5, 0x56, 0x3f, 0x46, 0xac, 0xca,
1885 0x37, 0xe7, 0x77, 0x36, 0xbc, 0x76, 0x39, 0x57,
1886 0xaa, 0x67, 0x1b, 0x2a, 0xe6, 0x36, 0x57, 0x6d,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1887 0x2a, 0xb8, 0x77, 0x41, 0xc2, 0x4e, 0x4f, 0x27,
1888 0x4c, 0x34, 0x7a, 0x01, 0x6a, 0xda, 0x75, 0x75,
1889 0x3e, 0x68, 0xb2
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1890};
1891
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1892static const uint8_t ciph_data_aes_cbc_vect1_key[] = {
1893 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1894 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1895};
1896
1897static const uint8_t ciph_data_aes_cbc_vect1_iv[] = {
1898 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1899 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1900};
1901
1902static const uint8_t ciph_data_aes_cbc_vect1_ptx[] = {
1903 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1904 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1905 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1906 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1907 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1908 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1909 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1910 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1911 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1912 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1913 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1914 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1915 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1916 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1917 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1918 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1919 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1920 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1921 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1922 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1923};
1924
1925static const uint8_t ciph_data_aes_cbc_vect1_ctx[] = {
1926 0xDD, 0x16, 0xC3, 0x47, 0x69, 0xEC, 0xF5, 0x86, /* ...Gi... */
1927 0x20, 0xB4, 0xF7, 0xE3, 0xB9, 0x36, 0xE8, 0xAC, /* ....6.. */
1928 0xC9, 0xA2, 0x11, 0x71, 0x3B, 0x10, 0x9D, 0x45, /* ...q;..E */
1929 0xCA, 0xE2, 0x49, 0xA6, 0x4E, 0x56, 0x07, 0xC5, /* ..I.NV.. */
1930 0xCE, 0xA3, 0x14, 0xB5, 0x30, 0x1B, 0x63, 0xBB, /* ....0.c. */
1931 0x2D, 0x6F, 0xE9, 0xCA, 0x0B, 0x00, 0x31, 0x3F, /* -o....1? */
1932 0xA4, 0x9A, 0x39, 0xE1, 0xC8, 0xD2, 0x24, 0x95, /* ..9...$. */
1933 0x14, 0xE9, 0xD2, 0x43, 0xE8, 0xA8, 0x1E, 0x0A, /* ...C.... */
1934 0xFE, 0x9D, 0x4F, 0xF5, 0xBB, 0x16, 0xB9, 0x54, /* ..O....T */
1935 0x78, 0x07, 0x94, 0x05, 0x8E, 0x47, 0xC3, 0xCB, /* x....G.. */
1936 0x7C, 0xEC, 0xF4, 0xF8, 0xF2, 0xA4, 0x59, 0x6E, /* |.....Yn */
1937 0xED, 0xAD, 0x7F, 0x62, 0xAF, 0x89, 0xA8, 0x5B, /* ...b...[ */
1938 0x75, 0xD4, 0x73, 0xE3, 0xBA, 0x9F, 0x9A, 0xD2, /* u.s..... */
1939 0x0F, 0xFD, 0x3C, 0xE6, 0xC6, 0xA4, 0xD6, 0x6C, /* ..<....l */
1940 0x6A, 0x09, 0xE2, 0x16, 0xB0, 0x8C, 0x69, 0x3C, /* j.....i< */
1941 0xC8, 0x1C, 0xE4, 0x3E, 0x86, 0x4D, 0xB0, 0x2B, /* ...>.M.+ */
1942 0x29, 0xA0, 0x5A, 0xA3, 0x67, 0xBA, 0xDC, 0x11, /* ).Z.g... */
1943 0x08, 0x5E, 0x69, 0xB4, 0x6F, 0xA5, 0xE2, 0xB8, /* .^i.o... */
1944 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1945 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1946};
1947
1948/* AES-CTS test vectors from http://tools.ietf.org/html/rfc3962
1949 * and http://tools.ietf.org/html/draft-raeburn-krb-rijndael-krb-02 */
1950static const uint8_t ciph_data_aes_cts_vect1_key[] = {
1951 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
1952 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
1953};
1954
1955static const uint8_t ciph_data_aes_cts_vect1_iv[16] = {
1956 0x00
1957};
1958
1959static const uint8_t ciph_data_aes_cts_vect1_ptx[] = {
1960 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1961 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1962 0x20
1963};
1964
1965static const uint8_t ciph_data_aes_cts_vect1_ctx[] = {
1966 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
1967 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
1968 0x97
1969};
1970
1971#define ciph_data_aes_cts_vect2_key ciph_data_aes_cts_vect1_key
1972#define ciph_data_aes_cts_vect2_iv ciph_data_aes_cts_vect1_iv
1973static const uint8_t ciph_data_aes_cts_vect2_ptx[] = {
1974 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1975 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1976 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1977 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20
1978};
1979
1980static const uint8_t ciph_data_aes_cts_vect2_ctx[] = {
1981 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
1982 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
1983 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
1984 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
1985};
1986
1987#define ciph_data_aes_cts_vect3_key ciph_data_aes_cts_vect1_key
1988#define ciph_data_aes_cts_vect3_iv ciph_data_aes_cts_vect1_iv
1989static const uint8_t ciph_data_aes_cts_vect3_ptx[] = {
1990 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
1991 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
1992 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
1993 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
1994};
1995
1996static const uint8_t ciph_data_aes_cts_vect3_ctx[] = {
1997 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
1998 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
1999 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2000 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2001};
2002
2003#define ciph_data_aes_cts_vect4_key ciph_data_aes_cts_vect1_key
2004#define ciph_data_aes_cts_vect4_iv ciph_data_aes_cts_vect1_iv
2005static const uint8_t ciph_data_aes_cts_vect4_ptx[] = {
2006 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2007 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2008 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2009 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2010 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2011 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c,
2012};
2013
2014static const uint8_t ciph_data_aes_cts_vect4_ctx[] = {
2015 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2016 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2017 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
2018 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
2019 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2020 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5,
2021};
2022
2023#define ciph_data_aes_cts_vect5_key ciph_data_aes_cts_vect1_key
2024#define ciph_data_aes_cts_vect5_iv ciph_data_aes_cts_vect1_iv
2025static const uint8_t ciph_data_aes_cts_vect5_ptx[] = {
2026 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2027 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2028 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2029 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2030 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2031 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
2032};
2033
2034static const uint8_t ciph_data_aes_cts_vect5_ctx[] = {
2035 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2036 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2037 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
2038 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
2039 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2040 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2041};
2042
2043#define ciph_data_aes_cts_vect6_key ciph_data_aes_cts_vect1_key
2044#define ciph_data_aes_cts_vect6_iv ciph_data_aes_cts_vect1_iv
2045static const uint8_t ciph_data_aes_cts_vect6_ptx[] = {
2046 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2047 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2048 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2049 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2050 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2051 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
2052 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74,
2053 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e,
2054};
2055
2056static const uint8_t ciph_data_aes_cts_vect6_ctx[] = {
2057 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2058 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2059 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2060 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2061 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
2062 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
2063 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
2064 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
2065};
2066
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2067/*
2068 * Test case for https://github.com/OP-TEE/optee_os/issues/1203
2069 * 80 bytes of data, processed in two steps (32 + 48).
2070 */
2071
2072#define ciph_data_aes_cts_issue1203_key ciph_data_aes_cts_vect1_key
2073
2074static const uint8_t ciph_data_aes_cts_issue1203_iv[] = {
2075 0x5b, 0x11, 0x7b, 0xf9, 0x83, 0x6a, 0x01, 0x27,
2076 0x1d, 0x2a, 0xae, 0x0a, 0xd3, 0x27, 0x35, 0x81,
2077};
2078
2079static const uint8_t ciph_data_aes_cts_issue1203_ptx[] = {
2080 0x33, 0x2a, 0xf4, 0x8c, 0x18, 0xa1, 0x30, 0x7c,
2081 0xa7, 0x52, 0x76, 0xca, 0xa6, 0x68, 0xad, 0xf6,
2082 0x1e, 0xba, 0xc9, 0x66, 0x66, 0x52, 0x1a, 0xe7,
2083 0x3e, 0xbc, 0xba, 0x60, 0x95, 0x71, 0x04, 0x5e,
2084 0xb4, 0xb7, 0x10, 0xd7, 0x93, 0x6d, 0x5f, 0x9a,
2085 0xb8, 0xbb, 0x6b, 0xb0, 0x6d, 0x47, 0x93, 0x41,
2086 0x29, 0x21, 0xf2, 0x84, 0xf5, 0xb2, 0xf2, 0x6d,
2087 0xbe, 0xe5, 0x8a, 0x2b, 0x58, 0x8d, 0x1b, 0x5e,
2088 0x41, 0x04, 0xba, 0x9e, 0x92, 0xe9, 0x52, 0xb6,
2089 0x8b, 0x1e, 0x36, 0x72, 0x91, 0xe4, 0x56, 0x66,
2090};
2091
2092/*
2093 * Ciphertext was generated by an online tool for AES CBC.
2094 * Since the input size is a multiple of the block size, and the ciphertext
2095 * format is CS3, the output is the same as plain AES CBC with the last
2096 * two blocks swapped.
2097 */
2098static const uint8_t ciph_data_aes_cts_issue1203_ctx[] = {
2099 0x6c, 0xfe, 0xef, 0x6a, 0x1c, 0x8f, 0xd3, 0xc3,
2100 0x66, 0xc4, 0xd9, 0x0e, 0xbe, 0x24, 0x17, 0x3f,
2101 0xcd, 0x19, 0xc9, 0xd2, 0x10, 0x3f, 0xcf, 0xdc,
2102 0xe9, 0x05, 0xab, 0xd5, 0x1a, 0x31, 0x41, 0x77,
2103 0x3b, 0xd7, 0x6a, 0x26, 0xae, 0x0d, 0xc9, 0x47,
2104 0x77, 0xd4, 0xa7, 0xd5, 0x73, 0x88, 0x9e, 0xde,
2105 0x72, 0x66, 0xe0, 0xe2, 0x3d, 0x62, 0x91, 0x22,
2106 0xae, 0x11, 0x01, 0x97, 0x22, 0x6a, 0x45, 0xa9,
2107 0xba, 0x56, 0xd2, 0xbc, 0x55, 0x2d, 0x99, 0x4d,
2108 0x3d, 0x22, 0x27, 0x9a, 0xac, 0x66, 0x2f, 0xf5,
2109};
2110
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2111static const uint8_t ciph_data_des_ecb_nopad_out1[] = {
2112 0x46, 0x2B, 0x91, 0xA8, 0x55, 0xE6, 0x7E, 0x75, /* F+..U.~u */
2113 0x5E, 0x53, 0xF4, 0x8F, 0x29, 0x41, 0x4E, 0xEF, /* ^S..)AN. */
2114 0x32, 0x1B, 0x58, 0x42, 0x9B, 0xB4, 0x3A, 0x1F, /* 2.XB..:. */
2115 0x9A, 0xEA, 0xA4, 0xB4, 0xCD, 0xE9, 0x87, 0x7C, /* .......| */
2116 0xC0, 0x05, 0x34, 0xED, 0x86, 0x3C, 0x2A, 0x81, /* ..4..<.. */
2117 0x5E, 0x93, 0x0E, 0x86, 0xA9, 0xBB, 0x80, 0xFF, /* ^....... */
2118};
2119
2120static const uint8_t ciph_data_des_ecb_nopad_out2[] = {
2121 0x85, 0xE8, 0x13, 0x54, 0x0F, 0x0A, 0xB4, 0x05
2122};
2123
2124static const uint8_t ciph_data_des_cbc_nopad_out1[] = {
2125 0xAD, 0xD6, 0xD6, 0x3E, 0x88, 0xD0, 0xDD, 0xD4, /* ...>.... */
2126 0x9A, 0x93, 0x95, 0xA0, 0x86, 0x22, 0x5B, 0x9E, /* ....."[. */
2127 0x84, 0x0C, 0x6F, 0x12, 0x04, 0x11, 0x6F, 0xD4, /* ..o...o. */
2128 0x12, 0x29, 0xC6, 0x78, 0x0C, 0xFB, 0x58, 0x5B, /* .).x..X[ */
2129 0x66, 0x82, 0x0E, 0x52, 0xDC, 0x25, 0x16, 0x51, /* f..R.%.Q */
2130 0x69, 0xDF, 0xFE, 0x4E, 0x11, 0x1D, 0x9D, 0x08, /* i..N.... */
2131};
2132
2133static const uint8_t ciph_data_des3_ecb_nopad_out1[] = {
2134 0xA7, 0x46, 0xEC, 0xA8, 0x6A, 0x7F, 0x4A, 0xF1, /* .F..j.J. */
2135 0x44, 0x60, 0x37, 0x3B, 0x7F, 0x76, 0xE5, 0xFF, /* D`7;.v.. */
2136 0xC1, 0xE7, 0xA5, 0x04, 0x9C, 0x29, 0x5C, 0xA5, /* .....)\. */
2137 0xDD, 0xC8, 0xEE, 0x36, 0x1F, 0x48, 0xE0, 0xA9, /* ...6.H.. */
2138 0x82, 0x2D, 0x53, 0x84, 0x49, 0x69, 0x78, 0xFA, /* .-S.Iix. */
2139 0x23, 0x69, 0x1D, 0xF7, 0x08, 0x38, 0x44, 0x05, /* #i...8D. */
2140};
2141
2142static const uint8_t ciph_data_des3_cbc_nopad_out1[] = {
2143 0x18, 0x09, 0xEB, 0x98, 0xE4, 0x58, 0x72, 0x11, /* .....Xr. */
2144 0x30, 0x58, 0xAB, 0x38, 0xB0, 0xC9, 0x2B, 0xED, /* 0X.8..+. */
2145 0xDA, 0xC5, 0xE8, 0xA9, 0xF6, 0x8A, 0xA7, 0x80, /* ........ */
2146 0xBE, 0x54, 0x1F, 0x63, 0xF6, 0xEE, 0xA2, 0x4C, /* .T.c...L */
2147 0x7C, 0xEB, 0x84, 0x7D, 0xDA, 0xCA, 0x1E, 0xB2, /* |..}.... */
2148 0xED, 0x5E, 0x96, 0xB8, 0x01, 0x4B, 0x77, 0x02, /* .^...Kw. */
2149};
2150
2151static const uint8_t ciph_data_des2_ecb_nopad_out1[] = {
2152 0xAB, 0x12, 0xB6, 0xE2, 0x4A, 0x3A, 0x26, 0x14, /* ....J:&. */
2153 0xF0, 0x7D, 0x23, 0xD0, 0x55, 0xDF, 0x5C, 0x16, /* .}#.U.\. */
2154 0x43, 0x59, 0x1E, 0x44, 0x01, 0x76, 0xD7, 0x50, /* CY.D.v.P */
2155 0x44, 0xC0, 0x15, 0xDF, 0x2E, 0x7F, 0x8B, 0xC5, /* D....... */
2156 0xFF, 0x8B, 0x87, 0xFE, 0x33, 0xD7, 0xCB, 0x2C, /* ....3.., */
2157 0xDA, 0x79, 0x6F, 0xA4, 0x05, 0x2B, 0x30, 0xCE, /* .yo..+0. */
2158};
2159
2160static const uint8_t ciph_data_des2_cbc_nopad_out1[] = {
2161 0x47, 0x2F, 0xB1, 0x83, 0xC4, 0xBB, 0x93, 0x16, /* G/...... */
2162 0x73, 0xF9, 0xAD, 0x6F, 0x00, 0xF9, 0xCB, 0x4A, /* s..o...J */
2163 0x0F, 0x4F, 0x75, 0x75, 0xFB, 0x39, 0x0B, 0xFC, /* .Ouu.9.. */
2164 0x9F, 0x48, 0x52, 0xAD, 0xA2, 0x75, 0x2C, 0xF1, /* .HR..u, . */
2165 0x7D, 0xC3, 0x8F, 0x16, 0xCF, 0xC9, 0x76, 0x29, /* }.....v) */
2166 0x1A, 0xBF, 0xB3, 0xD9, 0x10, 0x7E, 0xAA, 0x49, /* .....~.I */
2167};
2168
2169struct xtest_ciph_case {
2170 uint32_t algo;
2171 uint32_t mode;
2172 uint32_t key_type;
2173 const uint8_t *key1;
2174 size_t key1_len;
2175 const uint8_t *key2;
2176 size_t key2_len;
2177 const uint8_t *iv;
2178 size_t iv_len;
2179 size_t in_incr;
2180 const uint8_t *in;
2181 size_t in_len;
2182 const uint8_t *out;
2183 size_t out_len;
2184 size_t line;
2185};
2186
2187#define XTEST_CIPH_CASE_NO_IV(algo, key_type, key, in_incr, ptx, ctx) \
2188 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2189 NULL, 0, NULL, 0, \
2190 (in_incr), (ptx), ARRAY_SIZE(ptx), (ctx), ARRAY_SIZE(ctx), \
2191 __LINE__ }, \
2192 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2193 NULL, 0, NULL, 0, \
2194 (in_incr), (ctx), ARRAY_SIZE(ctx), (ptx), ARRAY_SIZE(ptx), __LINE__ }
2195
2196#define XTEST_CIPH_CASE(algo, key_type, key, iv, in_incr, ptx, ctx) \
2197 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2198 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ptx), ARRAY_SIZE(ptx), \
2199 (ctx), ARRAY_SIZE(ctx), __LINE__ }, \
2200 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2201 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ctx), ARRAY_SIZE(ctx), \
2202 (ptx), ARRAY_SIZE(ptx), __LINE__ }
2203
2204#define XTEST_CIPH_CASE_AES_XTS(vect, in_incr) \
2205 { TEE_ALG_AES_XTS, TEE_MODE_ENCRYPT, TEE_TYPE_AES, \
2206 ciph_data_aes_xts_ ## vect ## _key1, \
2207 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2208 ciph_data_aes_xts_ ## vect ## _key2, \
2209 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2210 ciph_data_aes_xts_ ## vect ## _iv, \
2211 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2212 (in_incr), \
2213 ciph_data_aes_xts_ ## vect ## _ptx, \
2214 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), \
2215 ciph_data_aes_xts_ ## vect ## _ctx, \
2216 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), __LINE__ }, \
2217 { TEE_ALG_AES_XTS, TEE_MODE_DECRYPT, TEE_TYPE_AES, \
2218 ciph_data_aes_xts_ ## vect ## _key1, \
2219 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2220 ciph_data_aes_xts_ ## vect ## _key2, \
2221 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2222 ciph_data_aes_xts_ ## vect ## _iv, \
2223 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2224 (in_incr), \
2225 ciph_data_aes_xts_ ## vect ## _ctx, \
2226 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), \
2227 ciph_data_aes_xts_ ## vect ## _ptx, \
2228 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), __LINE__ }
2229
2230#define XTEST_CIPH_CASE_AES_CBC(vect, in_incr) \
2231 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES, \
2232 ciph_data_aes_cbc_ ## vect ## _key, \
2233 ciph_data_aes_cbc_ ## vect ## _iv, \
2234 (in_incr), ciph_data_aes_cbc_ ## vect ## _ptx, \
2235 ciph_data_aes_cbc_ ## vect ## _ctx)
2236
2237#define XTEST_CIPH_CASE_AES_CTS(vect, in_incr) \
2238 XTEST_CIPH_CASE(TEE_ALG_AES_CTS, TEE_TYPE_AES, \
2239 ciph_data_aes_cts_ ## vect ## _key, \
2240 ciph_data_aes_cts_ ## vect ## _iv, \
2241 (in_incr), ciph_data_aes_cts_ ## vect ## _ptx, \
2242 ciph_data_aes_cts_ ## vect ## _ctx)
2243
2244static const struct xtest_ciph_case ciph_cases[] = {
2245 /* AES */
2246 XTEST_CIPH_CASE_NO_IV(TEE_ALG_AES_ECB_NOPAD, TEE_TYPE_AES,
2247 ciph_data_aes_key1, 11, ciph_data_in1,
2248 ciph_data_aes_ecb_nopad_out1),
2249 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES,
2250 ciph_data_aes_key1, ciph_data_128_iv1, 11,
2251 ciph_data_in1,
2252 ciph_data_aes_cbc_nopad_out1),
2253 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2254 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2255 ciph_data_in1,
2256 ciph_data_aes_ctr_out1),
2257 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2258 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2259 ciph_data_in3,
2260 ciph_data_aes_ctr_out2),
Jens Wiklander692efd12018-01-19 09:52:00 +0100[diff] [blame]2261 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2262 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2263 ciph_data_in3,
2264 ciph_data_aes_ctr_out2),
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]2265 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2266 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2267 ciph_data_in4,
2268 ciph_data_aes_ctr_out4),
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]2269 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2270 ciph_data_aes_key2, ciph_data_128_iv2, 11,
2271 ciph_data_in5,
2272 ciph_data_aes_ctr_out5),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2273
2274 XTEST_CIPH_CASE_AES_CBC(vect1, 11),
Jerome Forissierfc1bbc32018-06-12 10:13:04 +0200[diff] [blame^]2275 XTEST_CIPH_CASE_AES_CBC(vect1, 64),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2276
2277 /* AES-CTS */
2278 XTEST_CIPH_CASE_AES_CTS(vect1, 13),
2279 XTEST_CIPH_CASE_AES_CTS(vect2, 14),
2280 XTEST_CIPH_CASE_AES_CTS(vect3, 11),
2281 XTEST_CIPH_CASE_AES_CTS(vect4, 9),
2282 XTEST_CIPH_CASE_AES_CTS(vect5, 7),
2283 XTEST_CIPH_CASE_AES_CTS(vect6, 17),
2284 XTEST_CIPH_CASE_AES_CTS(vect6, 0x20),
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2285 XTEST_CIPH_CASE_AES_CTS(issue1203, 32),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2286
2287 /* DES */
2288 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2289 ciph_data_des_key1, 14, ciph_data_in1,
2290 ciph_data_des_ecb_nopad_out1),
2291 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2292 ciph_data_des_key2, 3, ciph_data_in2,
2293 ciph_data_des_ecb_nopad_out2),
2294 XTEST_CIPH_CASE(TEE_ALG_DES_CBC_NOPAD, TEE_TYPE_DES,
2295 ciph_data_des_key1, ciph_data_64_iv1, 15, ciph_data_in1,
2296 ciph_data_des_cbc_nopad_out1),
2297
2298 /* DES3 */
2299 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2300 ciph_data_des3_key1, 11, ciph_data_in1,
2301 ciph_data_des3_ecb_nopad_out1),
2302 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2303 ciph_data_des3_key2, 3, ciph_data_in2,
2304 ciph_data_des_ecb_nopad_out2),
2305 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2306 ciph_data_des3_key1, ciph_data_64_iv1, 11,
2307 ciph_data_in1,
2308 ciph_data_des3_cbc_nopad_out1),
2309
2310 /* DES2 */
2311 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2312 ciph_data_des2_key1, 11, ciph_data_in1,
2313 ciph_data_des2_ecb_nopad_out1),
2314 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2315 ciph_data_des2_key1, ciph_data_64_iv1, 11,
2316 ciph_data_in1,
2317 ciph_data_des2_cbc_nopad_out1),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2318
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2319 /* AES-XTS */
2320 XTEST_CIPH_CASE_AES_XTS(vect1, 3),
2321 XTEST_CIPH_CASE_AES_XTS(vect2, 6),
2322 XTEST_CIPH_CASE_AES_XTS(vect3, 7),
2323 XTEST_CIPH_CASE_AES_XTS(vect4, 8),
2324 XTEST_CIPH_CASE_AES_XTS(vect5, 9),
2325 XTEST_CIPH_CASE_AES_XTS(vect6, 13),
2326 XTEST_CIPH_CASE_AES_XTS(vect7, 1),
2327 XTEST_CIPH_CASE_AES_XTS(vect8, 3),
2328 XTEST_CIPH_CASE_AES_XTS(vect9, 2),
2329 XTEST_CIPH_CASE_AES_XTS(vect10, 5),
2330 XTEST_CIPH_CASE_AES_XTS(vect11, 6),
2331 XTEST_CIPH_CASE_AES_XTS(vect12, 7),
2332 XTEST_CIPH_CASE_AES_XTS(vect13, 3),
2333 XTEST_CIPH_CASE_AES_XTS(vect14, 2),
2334 XTEST_CIPH_CASE_AES_XTS(vect15, 0),
2335 XTEST_CIPH_CASE_AES_XTS(vect16, 9),
2336 XTEST_CIPH_CASE_AES_XTS(vect17, 6),
2337 XTEST_CIPH_CASE_AES_XTS(vect18, 8),
2338 XTEST_CIPH_CASE_AES_XTS(vect19, 23),
2339};
2340
Jerome Forissier23256842018-02-16 09:25:35 +0100[diff] [blame]2341static void xtest_tee_test_4003(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2342{
2343 TEEC_Session session = { 0 };
2344 TEE_OperationHandle op;
2345 TEE_ObjectHandle key1_handle = TEE_HANDLE_NULL;
2346 TEE_ObjectHandle key2_handle = TEE_HANDLE_NULL;
2347 uint8_t out[2048];
2348 size_t out_size;
2349 size_t out_offs;
2350 uint32_t ret_orig;
2351 size_t n;
2352
2353 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2354 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2355 &ret_orig)))
2356 return;
2357
2358 for (n = 0; n < ARRAY_SIZE(ciph_cases); n++) {
2359 TEE_Attribute key_attr;
2360 size_t key_size;
2361 size_t op_key_size;
2362
2363
2364 Do_ADBG_BeginSubCase(c, "Cipher case %d algo 0x%x line %d",
2365 (int)n, (unsigned int)ciph_cases[n].algo,
2366 (int)ciph_cases[n].line);
2367
2368 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2369 key_attr.content.ref.buffer = (void *)ciph_cases[n].key1;
2370 key_attr.content.ref.length = ciph_cases[n].key1_len;
2371
2372 key_size = key_attr.content.ref.length * 8;
2373 if (ciph_cases[n].key_type == TEE_TYPE_DES ||
2374 ciph_cases[n].key_type == TEE_TYPE_DES3)
2375 /* Exclude parity in bit size of key */
2376 key_size -= key_size / 8;
2377
2378 op_key_size = key_size;
2379 if (ciph_cases[n].key2 != NULL)
2380 op_key_size *= 2;
2381
2382 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2383 ta_crypt_cmd_allocate_operation(c, &session, &op,
2384 ciph_cases[n].algo, ciph_cases[n].mode,
2385 op_key_size)))
2386 goto out;
2387
2388 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2389 ta_crypt_cmd_allocate_transient_object(c, &session,
2390 ciph_cases[n].key_type, key_size,
2391 &key1_handle)))
2392 goto out;
2393
2394 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2395 ta_crypt_cmd_populate_transient_object(c, &session,
2396 key1_handle, &key_attr, 1)))
2397 goto out;
2398
2399 if (ciph_cases[n].key2 != NULL) {
2400 key_attr.content.ref.buffer =
2401 (void *)ciph_cases[n].key2;
2402 key_attr.content.ref.length = ciph_cases[n].key2_len;
2403
2404 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2405 ta_crypt_cmd_allocate_transient_object(c,
2406 &session, ciph_cases[n].key_type,
2407 key_attr.content.ref.length * 8,
2408 &key2_handle)))
2409 goto out;
2410
2411 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2412 ta_crypt_cmd_populate_transient_object(c,
2413 &session, key2_handle, &key_attr, 1)))
2414 goto out;
2415
2416 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2417 ta_crypt_cmd_set_operation_key2(c, &session, op,
2418 key1_handle, key2_handle)))
2419 goto out;
2420 } else {
2421 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2422 ta_crypt_cmd_set_operation_key(c, &session, op,
2423 key1_handle)))
2424 goto out;
2425 }
2426
2427 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2428 ta_crypt_cmd_free_transient_object(c, &session,
2429 key1_handle)))
2430 goto out;
2431 key1_handle = TEE_HANDLE_NULL;
2432
2433 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2434 ta_crypt_cmd_free_transient_object(c, &session,
2435 key2_handle)))
2436 goto out;
2437 key2_handle = TEE_HANDLE_NULL;
2438
2439 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2440 ta_crypt_cmd_cipher_init(c, &session, op,
2441 ciph_cases[n].iv, ciph_cases[n].iv_len)))
2442 goto out;
2443
2444 out_offs = 0;
2445 out_size = sizeof(out);
2446 memset(out, 0, sizeof(out));
2447 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2448 ta_crypt_cmd_cipher_update(c, &session, op,
2449 ciph_cases[n].in, ciph_cases[n].in_incr, out,
2450 &out_size)))
2451 goto out;
2452
Jerome Forissierd2d94b42017-06-02 16:39:34 +0200[diff] [blame]2453 if (ciph_cases[n].algo == TEE_ALG_AES_CTR)
2454 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
2455 ciph_cases[n].in_incr);
2456
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2457 out_offs += out_size;
2458 out_size = sizeof(out) - out_offs;
2459
2460 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2461 ta_crypt_cmd_cipher_do_final(c, &session, op,
2462 ciph_cases[n].in + ciph_cases[n].in_incr,
2463 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2464 out + out_offs,
2465 &out_size)))
2466 goto out;
2467
2468 out_offs += out_size;
2469
2470 (void)ADBG_EXPECT_BUFFER(c, ciph_cases[n].out,
2471 ciph_cases[n].out_len, out, out_offs);
2472
2473 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2474 ta_crypt_cmd_free_operation(c, &session, op)))
2475 goto out;
2476
2477 Do_ADBG_EndSubCase(c, NULL);
2478 }
2479out:
2480 TEEC_CloseSession(&session);
2481}
2482
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2483static void xtest_tee_test_4004(ADBG_Case_t *c)
2484{
2485 TEEC_Session session = { 0 };
2486 uint32_t ret_orig;
2487 uint8_t buf1[45] = { 0 };
2488 uint8_t buf2[45] = { 0 };
2489 static const uint8_t zeros[45] = { 0 };
2490
2491 Do_ADBG_BeginSubCase(c, "TEE get random");
2492 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2493 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2494 &ret_orig)))
2495 return;
2496
2497 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2498 ta_crypt_cmd_random_number_generate(c, &session, buf1,
2499 sizeof(buf1))))
2500 goto out;
2501
2502 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2503 0, !=, memcmp(buf1, zeros, sizeof(buf1)));
2504
2505 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2506 ta_crypt_cmd_random_number_generate(c, &session, buf2,
2507 sizeof(buf2))))
2508 goto out;
2509
2510 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2511 0, !=, memcmp(buf2, zeros, sizeof(buf2)));
2512
2513 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2514 0, !=, memcmp(buf2, buf1, sizeof(buf1)));
2515out:
2516 TEEC_CloseSession(&session);
2517 Do_ADBG_EndSubCase(c, "TEE get random");
2518}
2519
2520
2521struct xtest_ae_case {
2522 uint32_t algo;
2523 uint32_t mode;
2524 uint32_t key_type;
2525 const uint8_t *key;
2526 size_t key_len;
2527 const uint8_t *nonce;
2528 size_t nonce_len;
2529 size_t aad_incr;
2530 const uint8_t *aad;
2531 size_t aad_len;
2532 size_t in_incr;
2533 const uint8_t *ptx;
2534 size_t ptx_len;
2535 const uint8_t *ctx;
2536 size_t ctx_len;
2537 const uint8_t *tag;
2538 size_t tag_len;
2539 size_t line;
2540};
2541
2542
2543#define ARRAY(a) a, ARRAY_SIZE(a)
2544#define NULL_ARRAY(a) NULL, 0
2545
2546#define XTEST_AE_CASE(algo, vect, aad_incr, in_incr, \
2547 aad_array, ptx_array, ctx_array) \
2548 { (algo), TEE_MODE_ENCRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2549 ARRAY(vect ## _nonce), (aad_incr), \
2550 aad_array(vect ## _aad), (in_incr), \
2551 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2552 ARRAY(vect ## _tag), \
2553 __LINE__ }, \
2554 { (algo), TEE_MODE_DECRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2555 ARRAY(vect ## _nonce), (aad_incr), \
2556 aad_array(vect ## _aad), (in_incr), \
2557 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2558 ARRAY(vect ## _tag), \
2559 __LINE__ }
2560
2561#define XTEST_AE_CASE_AES_CCM(vect, aad_incr, in_incr) \
2562 XTEST_AE_CASE(TEE_ALG_AES_CCM, ae_data_aes_ccm_ ## vect, aad_incr, \
2563 in_incr, ARRAY, ARRAY, ARRAY)
2564
2565#define XTEST_AE_CASE_AES_GCM(vect, aad_incr, in_incr, \
2566 aad_array, ptx_array, ctx_array) \
2567 XTEST_AE_CASE(TEE_ALG_AES_GCM, ae_data_aes_gcm_ ## vect, aad_incr, \
2568 in_incr, aad_array, ptx_array, ctx_array)
2569
2570
2571
2572static const struct xtest_ae_case ae_cases[] = {
2573 XTEST_AE_CASE_AES_CCM(vect1, 3, 2),
2574 XTEST_AE_CASE_AES_CCM(vect2, 7, 13),
2575 XTEST_AE_CASE_AES_CCM(vect3, 5, 21),
2576
2577 XTEST_AE_CASE_AES_GCM(vect1, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2578 XTEST_AE_CASE_AES_GCM(vect2, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2579 XTEST_AE_CASE_AES_GCM(vect3, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
Jens Wiklander9fc63f52017-11-10 11:13:26 +0100[diff] [blame]2580 XTEST_AE_CASE_AES_GCM(vect3, 0, 0x1F, NULL_ARRAY, ARRAY, ARRAY),
2581 XTEST_AE_CASE_AES_GCM(vect4, 5, 0x20, ARRAY, ARRAY, ARRAY),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2582 XTEST_AE_CASE_AES_GCM(vect5, 5, 9, ARRAY, ARRAY, ARRAY),
2583 XTEST_AE_CASE_AES_GCM(vect6, 5, 9, ARRAY, ARRAY, ARRAY),
2584 XTEST_AE_CASE_AES_GCM(vect7, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2585 XTEST_AE_CASE_AES_GCM(vect8, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2586 XTEST_AE_CASE_AES_GCM(vect9, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2587 XTEST_AE_CASE_AES_GCM(vect10, 5, 9, ARRAY, ARRAY, ARRAY),
2588 XTEST_AE_CASE_AES_GCM(vect11, 5, 9, ARRAY, ARRAY, ARRAY),
2589 XTEST_AE_CASE_AES_GCM(vect12, 5, 9, ARRAY, ARRAY, ARRAY),
2590 XTEST_AE_CASE_AES_GCM(vect13, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2591 XTEST_AE_CASE_AES_GCM(vect14, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2592 XTEST_AE_CASE_AES_GCM(vect15, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2593 XTEST_AE_CASE_AES_GCM(vect16, 5, 9, ARRAY, ARRAY, ARRAY),
2594 XTEST_AE_CASE_AES_GCM(vect17, 5, 9, ARRAY, ARRAY, ARRAY),
2595 XTEST_AE_CASE_AES_GCM(vect18, 5, 9, ARRAY, ARRAY, ARRAY),
Jens Wiklanderf6efe242017-11-06 13:16:43 +0100[diff] [blame]2596#ifdef CFG_GCM_NIST_VECTORS
2597#include "gcmDecrypt128.h"
2598#include "gcmDecrypt192.h"
2599#include "gcmDecrypt256.h"
2600#include "gcmEncryptExtIV128.h"
2601#include "gcmEncryptExtIV192.h"
2602#include "gcmEncryptExtIV256.h"
2603#endif
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2604};
2605
2606static void xtest_tee_test_4005(ADBG_Case_t *c)
2607{
2608 TEEC_Session session = { 0 };
2609 TEE_OperationHandle op;
2610 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
2611 TEE_Attribute key_attr;
2612 uint8_t out[512];
2613 size_t out_size;
2614 size_t out_offs;
2615 uint32_t ret_orig;
2616 size_t n;
2617
2618 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2619 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2620 &ret_orig)))
2621 return;
2622
2623 for (n = 0; n < ARRAY_SIZE(ae_cases); n++) {
2624 Do_ADBG_BeginSubCase(c, "AE case %d algo 0x%x line %d",
2625 (int)n, (unsigned int)ae_cases[n].algo,
2626 (int)ae_cases[n].line);
2627
2628 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2629 key_attr.content.ref.buffer = (void *)ae_cases[n].key;
2630 key_attr.content.ref.length = ae_cases[n].key_len;
2631
2632 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2633 ta_crypt_cmd_allocate_operation(c, &session, &op,
2634 ae_cases[n].algo, ae_cases[n].mode,
2635 key_attr.content.ref.length * 8)))
2636 goto out;
2637
2638 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2639 ta_crypt_cmd_allocate_transient_object(c, &session,
2640 ae_cases[n].key_type,
2641 key_attr.content.ref.length * 8,
2642 &key_handle)))
2643 goto out;
2644
2645 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2646 ta_crypt_cmd_populate_transient_object(c, &session,
2647 key_handle, &key_attr, 1)))
2648 goto out;
2649
2650 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2651 ta_crypt_cmd_set_operation_key(c, &session, op,
2652 key_handle)))
2653 goto out;
2654
2655 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2656 ta_crypt_cmd_free_transient_object(c, &session,
2657 key_handle)))
2658 goto out;
2659 key_handle = TEE_HANDLE_NULL;
2660
2661 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2662 ta_crypt_cmd_ae_init(c, &session, op, ae_cases[n].nonce,
2663 ae_cases[n].nonce_len, ae_cases[n].tag_len,
2664 ae_cases[n].aad_len, ae_cases[n].ptx_len)))
2665 goto out;
2666
2667 if (ae_cases[n].aad != NULL) {
2668 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2669 ta_crypt_cmd_ae_update_aad(c, &session, op,
2670 ae_cases[n].aad, ae_cases[n].aad_incr)))
2671 goto out;
2672
2673 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2674 ta_crypt_cmd_ae_update_aad(c, &session, op,
2675 ae_cases[n].aad + ae_cases[n].aad_incr,
2676 ae_cases [n].aad_len -
2677 ae_cases[n].aad_incr)))
2678 goto out;
2679 }
2680
2681 out_offs = 0;
2682 out_size = sizeof(out);
2683 memset(out, 0, sizeof(out));
2684 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2685 if (ae_cases[n].ptx != NULL) {
2686 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2687 ta_crypt_cmd_ae_update(c, &session, op,
2688 ae_cases[n].ptx,
2689 ae_cases[n].in_incr, out,
2690 &out_size)))
2691 goto out;
2692 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2693 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2694 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2695 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2696 }
2697 } else {
2698 if (ae_cases[n].ctx != NULL) {
2699 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2700 ta_crypt_cmd_ae_update(c, &session, op,
2701 ae_cases[n].ctx,
2702 ae_cases[n].in_incr, out,
2703 &out_size)))
2704 goto out;
2705 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2706 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2707 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2708 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2709 }
2710 }
2711
2712 out_size = sizeof(out) - out_offs;
2713 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2714 uint8_t out_tag[64];
2715 size_t out_tag_len = MIN(sizeof(out_tag),
2716 ae_cases[n].tag_len);
2717
2718 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2719 ta_crypt_cmd_ae_encrypt_final(c, &session, op,
2720 ae_cases[n].ptx + ae_cases[n].in_incr,
2721 ae_cases[n].ptx_len -
2722 ae_cases[n].in_incr,
2723 out + out_offs,
2724 &out_size, out_tag, &out_tag_len)))
2725 goto out;
2726
2727 (void)ADBG_EXPECT_BUFFER(c,
2728 ae_cases[n].tag, ae_cases[n].tag_len, out_tag,
2729 out_tag_len);
2730
2731 out_offs += out_size;
2732
2733 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2734 ae_cases[n].ctx_len, out, out_offs);
2735 } else {
2736 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2737 ta_crypt_cmd_ae_decrypt_final(c, &session, op,
2738 ae_cases[n].ctx + ae_cases[n].in_incr,
2739 ae_cases[n].ctx_len -
2740 ae_cases[n].in_incr,
2741 out + out_offs,
2742 &out_size, ae_cases[n].tag,
2743 ae_cases[n].tag_len)))
2744 goto out;
2745
2746 out_offs += out_size;
2747
2748 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
2749 ae_cases[n].ptx_len, out, out_offs);
2750 }
2751
2752 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2753 ta_crypt_cmd_free_operation(c, &session, op)))
2754 goto out;
2755
2756 Do_ADBG_EndSubCase(c, NULL);
2757 }
2758out:
2759 TEEC_CloseSession(&session);
2760}
2761
2762struct xtest_ac_case {
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2763 unsigned int level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2764 uint32_t algo;
2765 TEE_OperationMode mode;
2766
2767 union {
2768 struct {
2769 const uint8_t *modulus;
2770 size_t modulus_len;
2771
2772 const uint8_t *pub_exp;
2773 size_t pub_exp_len;
2774
2775 const uint8_t *priv_exp;
2776 size_t priv_exp_len;
2777
2778 const uint8_t *prime1; /* q */
2779 size_t prime1_len;
2780 const uint8_t *prime2; /* p */
2781 size_t prime2_len;
2782 const uint8_t *exp1; /* dp */
2783 size_t exp1_len;
2784 const uint8_t *exp2; /* dq */
2785 size_t exp2_len;
2786 const uint8_t *coeff; /* iq */
2787 size_t coeff_len;
2788
2789 int salt_len;
2790 } rsa;
2791 struct {
2792 const uint8_t *prime;
2793 size_t prime_len;
2794 const uint8_t *sub_prime;
2795 size_t sub_prime_len;
2796 const uint8_t *base;
2797 size_t base_len;
2798 const uint8_t *pub_val;
2799 size_t pub_val_len;
2800 const uint8_t *priv_val;
2801 size_t priv_val_len;
2802 } dsa;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2803 struct {
2804 const uint8_t *private;
2805 size_t private_len;
2806 const uint8_t *public_x;
2807 size_t public_x_len;
2808 const uint8_t *public_y;
2809 size_t public_y_len;
2810 } ecdsa;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2811 } params;
2812
2813 const uint8_t *ptx;
2814 size_t ptx_len;
2815 const uint8_t *ctx;
2816 size_t ctx_len;
2817 size_t line;
2818};
2819
2820#define WITHOUT_SALT(x) -1
2821#define WITH_SALT(x) x
2822
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2823#define XTEST_AC_CASE(level, algo, mode, vect, union_params) \
2824 { level, (algo), (mode), .params = union_params, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2825 ARRAY(vect ## _ptx), \
2826 ARRAY(vect ## _out), \
2827 __LINE__ }
2828
2829#define XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt) \
2830 { .rsa = { \
2831 ARRAY(vect ## _modulus), \
2832 ARRAY(vect ## _pub_exp), \
2833 ARRAY(vect ## _priv_exp), \
2834 opt_crt_array(vect ## _prime1), \
2835 opt_crt_array(vect ## _prime2), \
2836 opt_crt_array(vect ## _exp1), \
2837 opt_crt_array(vect ## _exp2), \
2838 opt_crt_array(vect ## _coeff), \
2839 opt_salt(vect ## _salt_len) \
2840 } }
2841
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2842#define XTEST_AC_RSA_CASE(level, algo, mode, vect, opt_crt_array, opt_salt) \
2843 XTEST_AC_CASE(level, algo, mode, vect, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2844 XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt))
2845
2846#define XTEST_AC_DSA_UNION(vect) \
2847 { .dsa = { \
2848 ARRAY(vect ## _prime), \
2849 ARRAY(vect ## _sub_prime), \
2850 ARRAY(vect ## _base), \
2851 ARRAY(vect ## _pub_val), \
2852 ARRAY(vect ## _priv_val), \
2853 } }
2854
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2855#define XTEST_AC_DSA_CASE(level, algo, mode, vect) \
2856 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_DSA_UNION(vect))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2857
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2858#define XTEST_AC_ECDSA_UNION(vect) \
2859 { .ecdsa = { \
2860 ARRAY(vect ## _private), \
2861 ARRAY(vect ## _public_x), \
2862 ARRAY(vect ## _public_y), \
2863 } }
2864
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]2865#define XTEST_AC_ECDSA_CASE(level, algo, mode, vect) \
2866 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_ECDSA_UNION(vect))
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]2867
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2868static const struct xtest_ac_case xtest_ac_cases[] = {
2869 /* RSA test without crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2870 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2871 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2872 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2873 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2874 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2875 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2876 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2877 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissiere576f052018-03-23 21:24:21 +0800[diff] [blame]2878 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2879 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
2880 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2881 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissier0451e372018-03-27 00:10:23 +0800[diff] [blame]2882 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
2883 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
2884 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
2885 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2886 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2887 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2888 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2889 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2890 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2891 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2892 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2893 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2894 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2895 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2896 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2897 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2898 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2899 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2900 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2901 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2902 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2903 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2904 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2905 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2906 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
2907 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
2908 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
2909 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2910
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2911 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2912 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2913 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2914 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2915
2916 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2917 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2918 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2919 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2920
2921 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2922 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2923 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2924 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2925
2926 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2927 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2928 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2929 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
2930
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2931 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
2932 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2933 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2934 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2935 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2936
2937 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2938 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2939 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2940 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
2941 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2942 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2943
2944 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2945 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2946 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2947 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
2948 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2949 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2950
2951 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2952 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2953 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2954 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
2955 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2956 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2957
2958 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2959 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2960 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2961 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
2962 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2963 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
2964
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2965 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2966 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2967 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2968 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2969 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2970 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2971 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2972 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2973 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2974 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2975 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2976 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
2977
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2978 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2979 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2980 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2981 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2982 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2983 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2984 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2985 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2986 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2987 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2988 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2989 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2990 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2991 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2992 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2993 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
2994 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2995 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
2996
2997 /* RSA test with crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]2998 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2999 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3000 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3001 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3002 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3003 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3004 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3005 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3006 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3007 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3008 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3009 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3010 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3011 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3012 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3013 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3014 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3015 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3016 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3017 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3018 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3019 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3020 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3021 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3022 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3023 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3024 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3025 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3026 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3027 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3028 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3029 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3030 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3031 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3032 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3033 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3034 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3035 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3036 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3037 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3038 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3039 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3040 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3041 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
3042
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3043 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
3044 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3045 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3046 XTEST_AC_RSA_CASE(1,TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3047 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3048 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3049 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3050 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3051 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3052 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3053 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3054 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3055 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3056 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3057 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3058 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3059 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3060 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3061 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3062 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3063 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3064 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3065 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3066 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3067 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3068 ac_rsassa_vect15, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3069 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3070 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3071 ac_rsassa_vect15, ARRAY, WITH_SALT),
3072
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3073 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3074 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3075 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3076 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3077 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3078 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3079 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3080 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3081 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3082 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3083 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3084 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
3085
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3086 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3087 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3088 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3089 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3090 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3091 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3092 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3093 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3094 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3095 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3096 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3097 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3098 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3099 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3100 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3101 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3102 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3103 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
3104
3105 /* DSA tests */
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3106 /* [mod = L=1024, N=160, SHA-1] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3107 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect1),
3108 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3109 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect2),
3110 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect2),
3111 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect3),
3112 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect3),
3113 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect4),
3114 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect4),
3115 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect5),
3116 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect5),
3117 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect6),
3118 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect6),
3119 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect7),
3120 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect7),
3121 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect8),
3122 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect8),
3123 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect9),
3124 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect9),
3125 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect10),
3126 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect10),
3127 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect11),
3128 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect11),
3129 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect12),
3130 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect12),
3131 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect13),
3132 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect13),
3133 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect14),
3134 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect14),
3135 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect15),
3136 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect15),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3137 /* [mod = L=1024, N=160, SHA-224] - GP NOT SUPPORTED */
3138 /* [mod = L=1024, N=160, SHA-256] - GP NOT SUPPORTED */
3139 /* [mod = L=1024, N=160, SHA-384] - GP NOT SUPPORTED */
3140 /* [mod = L=1024, N=160, SHA-512] - GP NOT SUPPORTED */
3141 /* [mod = L=2048, N=224, SHA-1] - GP NOT SUPPORTED */
3142 /* [mod = L=2048, N=224, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3143 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect91),
3144 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect91),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3145 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect92),
3146 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect92),
3147 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect93),
3148 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect93),
3149 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect94),
3150 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect94),
3151 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect95),
3152 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect95),
3153 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect96),
3154 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect96),
3155 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect97),
3156 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect97),
3157 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect98),
3158 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect98),
3159 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect99),
3160 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect99),
3161 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect100),
3162 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect100),
3163 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect101),
3164 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect101),
3165 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect102),
3166 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect102),
3167 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect103),
3168 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect103),
3169 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect104),
3170 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect104),
3171 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect105),
3172 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect105),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3173 /* [mod = L=2048, N=224, SHA-256] */
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3174 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect106),
3175 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect106),
3176 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect107),
3177 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect107),
3178 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect108),
3179 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect108),
3180 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect109),
3181 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect109),
3182 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect110),
3183 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect110),
3184 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect111),
3185 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect111),
3186 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect112),
3187 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect112),
3188 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect113),
3189 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect113),
3190 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect114),
3191 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect114),
3192 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect115),
3193 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect115),
3194 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect116),
3195 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect116),
3196 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect117),
3197 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect117),
3198 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect118),
3199 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect118),
3200 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect119),
3201 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect119),
3202 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect120),
3203 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect120),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3204 /* [mod = L=2048, N=224, SHA-384] - GP NOT SUPPORTED */
3205 /* [mod = L=2048, N=224, SHA-512] - GP NOT SUPPORTED */
3206 /* [mod = L=2048, N=256, SHA-1] - GP NOT SUPPORTED */
3207 /* [mod = L=2048, N=256, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3208 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect166),
3209 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect166),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3210 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect167),
3211 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect167),
3212 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect168),
3213 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect168),
3214 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect169),
3215 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect169),
3216 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect170),
3217 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect170),
3218 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect171),
3219 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect171),
3220 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect172),
3221 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect172),
3222 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect173),
3223 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect173),
3224 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect174),
3225 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect174),
3226 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect175),
3227 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect175),
3228 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect176),
3229 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect176),
3230 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect177),
3231 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect177),
3232 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect178),
3233 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect178),
3234 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect179),
3235 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect179),
3236 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect180),
3237 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect180),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3238 /* [mod = L=2048, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3239 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect181),
3240 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect181),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3241 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect182),
3242 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect182),
3243 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect183),
3244 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect183),
3245 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect184),
3246 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect184),
3247 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect185),
3248 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect185),
3249 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect186),
3250 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect186),
3251 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect187),
3252 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect187),
3253 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect188),
3254 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect188),
3255 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect189),
3256 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect189),
3257 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect190),
3258 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect190),
3259 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect191),
3260 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect191),
3261 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect192),
3262 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect192),
3263 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect193),
3264 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect193),
3265 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect194),
3266 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect194),
3267 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect195),
3268 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect195),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3269 /* [mod = L=2048, N=256, SHA-384] - GP NOT SUPPORTED */
3270 /* [mod = L=2048, N=256, SHA-512] - GP NOT SUPPORTED */
3271 /* [mod = L=3072, N=256, SHA-1] - GP NOT SUPPORTED */
3272 /* [mod = L=3072, N=256, SHA-224] - GP NOT SUPPORTED */
3273 /* [mod = L=3072, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3274 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect256),
3275 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect256),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3276 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect257),
3277 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect257),
3278 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect258),
3279 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect258),
3280 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect259),
3281 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect259),
3282 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect260),
3283 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect260),
3284 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect261),
3285 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect261),
3286 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect262),
3287 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect262),
3288 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect263),
3289 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect263),
3290 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect264),
3291 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect264),
3292 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect265),
3293 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect265),
3294 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect266),
3295 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect266),
3296 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect267),
3297 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect267),
3298 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect268),
3299 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect268),
3300 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect269),
3301 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect269),
3302 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect270),
3303 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect270),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3304 /* [mod = L=3072, N=256, SHA-384] - GP NOT SUPPORTED */
3305 /* [mod = L=3072, N=256, SHA-512] - GP NOT SUPPORTED */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3306
3307 /* ECDSA tests */
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3308 /* [P-192] */
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3309 XTEST_AC_ECDSA_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3310 nist_186_2_ecdsa_testvector_1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3311 XTEST_AC_ECDSA_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3312 nist_186_2_ecdsa_testvector_1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3313 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3314 nist_186_2_ecdsa_testvector_2),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3315 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3316 nist_186_2_ecdsa_testvector_2),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3317 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3318 nist_186_2_ecdsa_testvector_3),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3319 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3320 nist_186_2_ecdsa_testvector_3),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3321 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3322 nist_186_2_ecdsa_testvector_4),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3323 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3324 nist_186_2_ecdsa_testvector_4),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3325 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3326 nist_186_2_ecdsa_testvector_5),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3327 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3328 nist_186_2_ecdsa_testvector_5),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3329 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3330 nist_186_2_ecdsa_testvector_6),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3331 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3332 nist_186_2_ecdsa_testvector_6),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3333 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3334 nist_186_2_ecdsa_testvector_7),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3335 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3336 nist_186_2_ecdsa_testvector_7),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3337 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3338 nist_186_2_ecdsa_testvector_8),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3339 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3340 nist_186_2_ecdsa_testvector_8),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3341 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3342 nist_186_2_ecdsa_testvector_9),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3343 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3344 nist_186_2_ecdsa_testvector_9),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3345 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3346 nist_186_2_ecdsa_testvector_10),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3347 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3348 nist_186_2_ecdsa_testvector_10),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3349 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3350 nist_186_2_ecdsa_testvector_11),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3351 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3352 nist_186_2_ecdsa_testvector_11),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3353 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3354 nist_186_2_ecdsa_testvector_12),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3355 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3356 nist_186_2_ecdsa_testvector_12),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3357 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3358 nist_186_2_ecdsa_testvector_13),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3359 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3360 nist_186_2_ecdsa_testvector_13),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3361 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3362 nist_186_2_ecdsa_testvector_14),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3363 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3364 nist_186_2_ecdsa_testvector_14),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3365 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3366 nist_186_2_ecdsa_testvector_15),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3367 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3368 nist_186_2_ecdsa_testvector_15),
3369 /* [P-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3370 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3371 nist_186_2_ecdsa_testvector_16),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3372 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3373 nist_186_2_ecdsa_testvector_16),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3374 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3375 nist_186_2_ecdsa_testvector_17),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3376 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3377 nist_186_2_ecdsa_testvector_17),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3378 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3379 nist_186_2_ecdsa_testvector_18),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3380 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3381 nist_186_2_ecdsa_testvector_18),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3382 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3383 nist_186_2_ecdsa_testvector_19),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3384 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3385 nist_186_2_ecdsa_testvector_19),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3386 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3387 nist_186_2_ecdsa_testvector_20),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3388 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3389 nist_186_2_ecdsa_testvector_20),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3390 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3391 nist_186_2_ecdsa_testvector_21),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3392 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3393 nist_186_2_ecdsa_testvector_21),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3394 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3395 nist_186_2_ecdsa_testvector_22),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3396 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3397 nist_186_2_ecdsa_testvector_22),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3398 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3399 nist_186_2_ecdsa_testvector_23),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3400 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3401 nist_186_2_ecdsa_testvector_23),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3402 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3403 nist_186_2_ecdsa_testvector_24),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3404 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3405 nist_186_2_ecdsa_testvector_24),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3406 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3407 nist_186_2_ecdsa_testvector_25),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3408 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3409 nist_186_2_ecdsa_testvector_25),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3410 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3411 nist_186_2_ecdsa_testvector_26),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3412 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3413 nist_186_2_ecdsa_testvector_26),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3414 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3415 nist_186_2_ecdsa_testvector_27),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3416 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3417 nist_186_2_ecdsa_testvector_27),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3418 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3419 nist_186_2_ecdsa_testvector_28),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3420 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3421 nist_186_2_ecdsa_testvector_28),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3422 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3423 nist_186_2_ecdsa_testvector_29),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3424 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3425 nist_186_2_ecdsa_testvector_29),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3426 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3427 nist_186_2_ecdsa_testvector_30),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3428 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3429 nist_186_2_ecdsa_testvector_30),
3430 /* [P-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3431 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3432 nist_186_2_ecdsa_testvector_31),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3433 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3434 nist_186_2_ecdsa_testvector_31),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3435 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3436 nist_186_2_ecdsa_testvector_32),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3437 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3438 nist_186_2_ecdsa_testvector_32),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3439 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3440 nist_186_2_ecdsa_testvector_33),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3441 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3442 nist_186_2_ecdsa_testvector_33),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3443 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3444 nist_186_2_ecdsa_testvector_34),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3445 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3446 nist_186_2_ecdsa_testvector_34),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3447 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3448 nist_186_2_ecdsa_testvector_35),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3449 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3450 nist_186_2_ecdsa_testvector_35),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3451 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3452 nist_186_2_ecdsa_testvector_36),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3453 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3454 nist_186_2_ecdsa_testvector_36),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3455 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3456 nist_186_2_ecdsa_testvector_37),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3457 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3458 nist_186_2_ecdsa_testvector_37),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3459 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3460 nist_186_2_ecdsa_testvector_38),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3461 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3462 nist_186_2_ecdsa_testvector_38),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3463 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3464 nist_186_2_ecdsa_testvector_39),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3465 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3466 nist_186_2_ecdsa_testvector_39),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3467 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3468 nist_186_2_ecdsa_testvector_40),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3469 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3470 nist_186_2_ecdsa_testvector_40),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3471 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3472 nist_186_2_ecdsa_testvector_41),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3473 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3474 nist_186_2_ecdsa_testvector_41),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3475 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3476 nist_186_2_ecdsa_testvector_42),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3477 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3478 nist_186_2_ecdsa_testvector_42),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3479 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3480 nist_186_2_ecdsa_testvector_43),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3481 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3482 nist_186_2_ecdsa_testvector_43),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3483 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3484 nist_186_2_ecdsa_testvector_44),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3485 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3486 nist_186_2_ecdsa_testvector_44),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3487 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3488 nist_186_2_ecdsa_testvector_45),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3489 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3490 nist_186_2_ecdsa_testvector_45),
3491 /* [P-384] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3492 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3493 nist_186_2_ecdsa_testvector_46),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3494 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3495 nist_186_2_ecdsa_testvector_46),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3496 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3497 nist_186_2_ecdsa_testvector_47),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3498 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3499 nist_186_2_ecdsa_testvector_47),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3500 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3501 nist_186_2_ecdsa_testvector_48),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3502 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3503 nist_186_2_ecdsa_testvector_48),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3504 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3505 nist_186_2_ecdsa_testvector_49),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3506 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3507 nist_186_2_ecdsa_testvector_49),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3508 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3509 nist_186_2_ecdsa_testvector_50),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3510 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3511 nist_186_2_ecdsa_testvector_50),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3512 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3513 nist_186_2_ecdsa_testvector_51),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3514 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3515 nist_186_2_ecdsa_testvector_51),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3516 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3517 nist_186_2_ecdsa_testvector_52),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3518 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3519 nist_186_2_ecdsa_testvector_52),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3520 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3521 nist_186_2_ecdsa_testvector_53),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3522 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3523 nist_186_2_ecdsa_testvector_53),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3524 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3525 nist_186_2_ecdsa_testvector_54),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3526 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3527 nist_186_2_ecdsa_testvector_54),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3528 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3529 nist_186_2_ecdsa_testvector_55),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3530 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3531 nist_186_2_ecdsa_testvector_55),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3532 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3533 nist_186_2_ecdsa_testvector_56),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3534 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3535 nist_186_2_ecdsa_testvector_56),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3536 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3537 nist_186_2_ecdsa_testvector_57),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3538 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3539 nist_186_2_ecdsa_testvector_57),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3540 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3541 nist_186_2_ecdsa_testvector_58),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3542 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3543 nist_186_2_ecdsa_testvector_58),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3544 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3545 nist_186_2_ecdsa_testvector_59),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3546 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3547 nist_186_2_ecdsa_testvector_59),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3548 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3549 nist_186_2_ecdsa_testvector_60),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3550 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3551 nist_186_2_ecdsa_testvector_60),
3552 /* [P-521] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3553 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3554 nist_186_2_ecdsa_testvector_61),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3555 XTEST_AC_ECDSA_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3556 nist_186_2_ecdsa_testvector_61),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3557 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3558 nist_186_2_ecdsa_testvector_62),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3559 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3560 nist_186_2_ecdsa_testvector_62),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3561 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3562 nist_186_2_ecdsa_testvector_63),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3563 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3564 nist_186_2_ecdsa_testvector_63),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3565 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3566 nist_186_2_ecdsa_testvector_64),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3567 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3568 nist_186_2_ecdsa_testvector_64),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3569 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3570 nist_186_2_ecdsa_testvector_65),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3571 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3572 nist_186_2_ecdsa_testvector_65),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3573 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3574 nist_186_2_ecdsa_testvector_66),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3575 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3576 nist_186_2_ecdsa_testvector_66),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3577 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3578 nist_186_2_ecdsa_testvector_67),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3579 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3580 nist_186_2_ecdsa_testvector_67),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3581 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3582 nist_186_2_ecdsa_testvector_68),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3583 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3584 nist_186_2_ecdsa_testvector_68),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3585 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3586 nist_186_2_ecdsa_testvector_69),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3587 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3588 nist_186_2_ecdsa_testvector_69),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3589 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3590 nist_186_2_ecdsa_testvector_70),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3591 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3592 nist_186_2_ecdsa_testvector_70),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3593 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3594 nist_186_2_ecdsa_testvector_71),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3595 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3596 nist_186_2_ecdsa_testvector_71),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3597 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3598 nist_186_2_ecdsa_testvector_72),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3599 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3600 nist_186_2_ecdsa_testvector_72),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3601 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3602 nist_186_2_ecdsa_testvector_73),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3603 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3604 nist_186_2_ecdsa_testvector_73),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3605 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3606 nist_186_2_ecdsa_testvector_74),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3607 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3608 nist_186_2_ecdsa_testvector_74),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3609 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3610 nist_186_2_ecdsa_testvector_75),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3611 XTEST_AC_ECDSA_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3612 nist_186_2_ecdsa_testvector_75),
3613 /* [K-163] - GP NOT SUPPORTED */
3614 /* [K-233] - GP NOT SUPPORTED */
3615 /* [K-283] - GP NOT SUPPORTED */
3616 /* [K-409] - GP NOT SUPPORTED */
3617 /* [K-571] - GP NOT SUPPORTED */
3618 /* [B-163] - GP NOT SUPPORTED */
3619 /* [B-233] - GP NOT SUPPORTED */
3620 /* [B-283] - GP NOT SUPPORTED */
3621 /* [B-409] - GP NOT SUPPORTED */
3622 /* [B-571] - GP NOT SUPPORTED */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3623};
3624
3625static bool create_key(ADBG_Case_t *c, TEEC_Session *s,
3626 uint32_t max_key_size, uint32_t key_type,
3627 TEE_Attribute *attrs, size_t num_attrs,
3628 TEE_ObjectHandle *handle)
3629{
3630 size_t n;
3631
3632 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3633 ta_crypt_cmd_allocate_transient_object(c, s, key_type,
3634 max_key_size, handle)))
3635 return false;
3636
3637 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3638 ta_crypt_cmd_populate_transient_object(c, s, *handle, attrs,
3639 num_attrs)))
3640 return false;
3641
3642 for (n = 0; n < num_attrs; n++) {
Jerome Forissier0451e372018-03-27 00:10:23 +0800[diff] [blame]3643 uint8_t out[512];
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3644 size_t out_size;
3645
3646 out_size = sizeof(out);
3647 memset(out, 0, sizeof(out));
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3648
3649 if (attrs[n].attributeID == TEE_ATTR_ECC_CURVE)
3650 continue;
3651
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3652 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3653 ta_crypt_cmd_get_object_buffer_attribute(c, s, *handle,
3654 attrs[n].attributeID, out, &out_size)))
3655 return false;
3656
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3657 if (out_size < attrs[n].content.ref.length) {
3658 memmove(out + (attrs[n].content.ref.length - out_size),
3659 out,
3660 attrs[n].content.ref.length);
3661 memset(out, 0, attrs[n].content.ref.length - out_size);
3662 out_size = attrs[n].content.ref.length;
3663 }
3664
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3665 if (!ADBG_EXPECT_BUFFER(c, attrs[n].content.ref.buffer,
3666 attrs[n].content.ref.length, out, out_size))
3667 return false;
3668 }
3669
3670 return true;
3671}
3672
3673static void xtest_tee_test_4006(ADBG_Case_t *c)
3674{
3675 TEEC_Session session = { 0 };
3676 TEE_OperationHandle op = TEE_HANDLE_NULL;
3677 TEE_ObjectHandle priv_key_handle = TEE_HANDLE_NULL;
3678 TEE_ObjectHandle pub_key_handle = TEE_HANDLE_NULL;
3679 TEE_Attribute key_attrs[8];
3680 TEE_Attribute algo_params[1];
3681 size_t num_algo_params;
3682 uint8_t out[512];
3683 size_t out_size;
3684 uint8_t out_enc[512];
3685 size_t out_enc_size;
3686 uint8_t ptx_hash[TEE_MAX_HASH_SIZE];
3687 size_t ptx_hash_size;
3688 size_t max_key_size;
3689 size_t num_key_attrs;
3690 uint32_t ret_orig;
3691 size_t n;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3692 uint32_t curve;
3693 uint32_t hash_algo;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3694
3695 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3696 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
3697 &ret_orig)))
3698 return;
3699
3700 for (n = 0; n < ARRAY_SIZE(xtest_ac_cases); n++) {
3701 const struct xtest_ac_case *tv = xtest_ac_cases + n;
3702
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3703 if (tv->level > level)
3704 continue;
3705
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3706 Do_ADBG_BeginSubCase(c, "Asym Crypto case %d algo 0x%x line %d",
3707 (int)n, (unsigned int)tv->algo,
3708 (int)tv->line);
3709
3710 /*
3711 * When signing or verifying we're working with the hash of
3712 * the payload.
3713 */
3714 if (tv->mode == TEE_MODE_VERIFY || tv->mode == TEE_MODE_SIGN) {
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3715 if (TEE_ALG_GET_MAIN_ALG(tv->algo) == TEE_MAIN_ALGO_ECDSA)
3716 hash_algo = TEE_ALG_SHA1;
3717 else
3718 hash_algo = TEE_ALG_HASH_ALGO(
3719 TEE_ALG_GET_DIGEST_HASH(tv->algo));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3720
3721 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3722 ta_crypt_cmd_allocate_operation(c, &session,
3723 &op, hash_algo, TEE_MODE_DIGEST, 0)))
3724 goto out;
3725
3726 ptx_hash_size = sizeof(ptx_hash);
3727 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3728 ta_crypt_cmd_digest_do_final(c, & session, op,
3729 tv->ptx, tv->ptx_len, ptx_hash,
3730 &ptx_hash_size)))
3731 goto out;
3732
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3733 /*
3734 * When we use DSA algorithms, the size of the hash we
3735 * consider equals the min between the size of the
3736 * "subprime" in the key and the size of the hash
3737 */
3738 if (TEE_ALG_GET_MAIN_ALG(tv->algo) ==
3739 TEE_MAIN_ALGO_DSA) {
3740 if (tv->params.dsa.sub_prime_len <=
3741 ptx_hash_size)
3742 ptx_hash_size =
3743 tv->params.dsa.sub_prime_len;
3744 }
3745
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3746 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3747 ta_crypt_cmd_free_operation(c, &session, op)))
3748 goto out;
3749 }
3750
3751 num_algo_params = 0;
3752 num_key_attrs = 0;
3753 switch (TEE_ALG_GET_MAIN_ALG(tv->algo)) {
3754 case TEE_MAIN_ALGO_RSA:
3755 if (tv->params.rsa.salt_len > 0) {
3756 algo_params[0].attributeID =
3757 TEE_ATTR_RSA_PSS_SALT_LENGTH;
3758 algo_params[0].content.value.a =
3759 tv->params.rsa.salt_len;
3760 algo_params[0].content.value.b = 0;
3761 num_algo_params = 1;
3762 }
3763
3764 max_key_size = tv->params.rsa.modulus_len * 8;
3765
3766 xtest_add_attr(&num_key_attrs, key_attrs,
3767 TEE_ATTR_RSA_MODULUS,
3768 tv->params.rsa.modulus,
3769 tv->params.rsa.modulus_len);
3770 xtest_add_attr(&num_key_attrs, key_attrs,
3771 TEE_ATTR_RSA_PUBLIC_EXPONENT,
3772 tv->params.rsa.pub_exp,
3773 tv->params.rsa.pub_exp_len);
3774
3775 if (!ADBG_EXPECT_TRUE(c,
3776 create_key(c, &session,
3777 max_key_size,
3778 TEE_TYPE_RSA_PUBLIC_KEY,
3779 key_attrs,
3780 num_key_attrs,
3781 &pub_key_handle)))
3782 goto out;
3783
3784 xtest_add_attr(&num_key_attrs, key_attrs,
3785 TEE_ATTR_RSA_PRIVATE_EXPONENT,
3786 tv->params.rsa.priv_exp,
3787 tv->params.rsa.priv_exp_len);
3788
3789 if (tv->params.rsa.prime1_len != 0) {
3790 xtest_add_attr(&num_key_attrs, key_attrs,
3791 TEE_ATTR_RSA_PRIME1,
3792 tv->params.rsa.prime1,
3793 tv->params.rsa.prime1_len);
3794 }
3795
3796 if (tv->params.rsa.prime2_len != 0) {
3797 xtest_add_attr(&num_key_attrs, key_attrs,
3798 TEE_ATTR_RSA_PRIME2,
3799 tv->params.rsa.prime2,
3800 tv->params.rsa.prime2_len);
3801 }
3802
3803 if (tv->params.rsa.exp1_len != 0) {
3804 xtest_add_attr(&num_key_attrs, key_attrs,
3805 TEE_ATTR_RSA_EXPONENT1,
3806 tv->params.rsa.exp1,
3807 tv->params.rsa.exp1_len);
3808 }
3809
3810 if (tv->params.rsa.exp2_len != 0) {
3811 xtest_add_attr(&num_key_attrs, key_attrs,
3812 TEE_ATTR_RSA_EXPONENT2,
3813 tv->params.rsa.exp2,
3814 tv->params.rsa.exp2_len);
3815 }
3816
3817 if (tv->params.rsa.coeff_len != 0) {
3818 xtest_add_attr(&num_key_attrs, key_attrs,
3819 TEE_ATTR_RSA_COEFFICIENT,
3820 tv->params.rsa.coeff,
3821 tv->params.rsa.coeff_len);
3822 }
3823
3824 if (!ADBG_EXPECT_TRUE(c,
3825 create_key(c, &session,
3826 max_key_size,
3827 TEE_TYPE_RSA_KEYPAIR,
3828 key_attrs,
3829 num_key_attrs,
3830 &priv_key_handle)))
3831 goto out;
3832 break;
3833
3834 case TEE_MAIN_ALGO_DSA:
3835 max_key_size = tv->params.dsa.prime_len * 8;
3836
3837 xtest_add_attr(&num_key_attrs, key_attrs,
3838 TEE_ATTR_DSA_PRIME,
3839 tv->params.dsa.prime,
3840 tv->params.dsa.prime_len);
3841 xtest_add_attr(&num_key_attrs, key_attrs,
3842 TEE_ATTR_DSA_SUBPRIME,
3843 tv->params.dsa.sub_prime,
3844 tv->params.dsa.sub_prime_len);
3845 xtest_add_attr(&num_key_attrs, key_attrs,
3846 TEE_ATTR_DSA_BASE,
3847 tv->params.dsa.base,
3848 tv->params.dsa.base_len);
3849 xtest_add_attr(&num_key_attrs, key_attrs,
3850 TEE_ATTR_DSA_PUBLIC_VALUE,
3851 tv->params.dsa.pub_val,
3852 tv->params.dsa.pub_val_len);
3853
3854 if (!ADBG_EXPECT_TRUE(c,
3855 create_key(c, &session, max_key_size,
3856 TEE_TYPE_DSA_PUBLIC_KEY, key_attrs,
3857 num_key_attrs, &pub_key_handle)))
3858 goto out;
3859
3860 xtest_add_attr(&num_key_attrs, key_attrs,
3861 TEE_ATTR_DSA_PRIVATE_VALUE,
3862 tv->params.dsa.priv_val,
3863 tv->params.dsa.priv_val_len);
3864
3865 if (!ADBG_EXPECT_TRUE(c,
3866 create_key(c, &session, max_key_size,
3867 TEE_TYPE_DSA_KEYPAIR, key_attrs,
3868 num_key_attrs, &priv_key_handle)))
3869 goto out;
3870 break;
3871
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3872 case TEE_MAIN_ALGO_ECDSA:
3873 switch (tv->algo) {
3874 case TEE_ALG_ECDSA_P192:
3875 curve = TEE_ECC_CURVE_NIST_P192;
3876 break;
3877 case TEE_ALG_ECDSA_P224:
3878 curve = TEE_ECC_CURVE_NIST_P224;
3879 break;
3880 case TEE_ALG_ECDSA_P256:
3881 curve = TEE_ECC_CURVE_NIST_P256;
3882 break;
3883 case TEE_ALG_ECDSA_P384:
3884 curve = TEE_ECC_CURVE_NIST_P384;
3885 break;
3886 case TEE_ALG_ECDSA_P521:
3887 curve = TEE_ECC_CURVE_NIST_P521;
3888 break;
3889 default:
3890 curve = 0xFF;
3891 break;
3892 }
3893
3894 if (tv->algo == TEE_ALG_ECDSA_P521)
3895 max_key_size = 521;
3896 else
3897 max_key_size = tv->params.ecdsa.private_len * 8;
3898
3899 xtest_add_attr_value(&num_key_attrs, key_attrs,
3900 TEE_ATTR_ECC_CURVE, curve, 0);
3901 xtest_add_attr(&num_key_attrs, key_attrs,
3902 TEE_ATTR_ECC_PUBLIC_VALUE_X,
3903 tv->params.ecdsa.public_x,
3904 tv->params.ecdsa.public_x_len);
3905 xtest_add_attr(&num_key_attrs, key_attrs,
3906 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
3907 tv->params.ecdsa.public_y,
3908 tv->params.ecdsa.public_y_len);
3909
3910 if (!ADBG_EXPECT_TRUE(c,
3911 create_key(c, &session, max_key_size,
3912 TEE_TYPE_ECDSA_PUBLIC_KEY, key_attrs,
3913 num_key_attrs, &pub_key_handle)))
3914 goto out;
3915
3916 xtest_add_attr(&num_key_attrs, key_attrs,
3917 TEE_ATTR_ECC_PRIVATE_VALUE,
3918 tv->params.ecdsa.private,
3919 tv->params.ecdsa.private_len);
3920
3921 if (!ADBG_EXPECT_TRUE(c,
3922 create_key(c, &session, max_key_size,
3923 TEE_TYPE_ECDSA_KEYPAIR, key_attrs,
3924 num_key_attrs, &priv_key_handle)))
3925 goto out;
3926 break;
3927
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3928 default:
3929 ADBG_EXPECT_TRUE(c, false);
3930 goto out;
3931 }
3932
3933 out_size = sizeof(out);
3934 memset(out, 0, sizeof(out));
3935 switch (tv->mode) {
3936 case TEE_MODE_ENCRYPT:
3937 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3938 ta_crypt_cmd_allocate_operation(c, &session,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3939 &op, tv->algo, TEE_MODE_ENCRYPT,
3940 max_key_size)))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3941 goto out;
3942
3943 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3944 ta_crypt_cmd_set_operation_key(c, &session, op,
3945 pub_key_handle)))
3946 goto out;
3947
3948 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3949 ta_crypt_cmd_free_transient_object(c, &session,
3950 pub_key_handle)))
3951 goto out;
3952 pub_key_handle = TEE_HANDLE_NULL;
3953
3954 out_enc_size = sizeof(out_enc);
3955 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3956 ta_crypt_cmd_asymmetric_encrypt(c, &session, op,
3957 NULL, 0, tv->ptx, tv->ptx_len, out_enc,
3958 &out_enc_size)))
3959 goto out;
3960
3961 /*
3962 * A PS which is random is added when formatting the
3963 * message internally of the algorithm so we can't
3964 * verify against precomputed values, instead we use the
3965 * decrypt operation to see that output is correct.
3966 */
3967
3968 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3969 ta_crypt_cmd_free_operation(c, &session, op)))
3970 goto out;
3971
3972 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3973 ta_crypt_cmd_allocate_operation(c, &session,
3974 &op, tv->algo, TEE_MODE_DECRYPT,
3975 max_key_size)))
3976 goto out;
3977
3978 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3979 ta_crypt_cmd_set_operation_key(c, &session, op,
3980 priv_key_handle)))
3981 goto out;
3982
3983 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3984 ta_crypt_cmd_free_transient_object(c, &session,
3985 priv_key_handle)))
3986 goto out;
3987
3988 priv_key_handle = TEE_HANDLE_NULL;
3989
3990 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3991 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
3992 NULL, 0, out_enc, out_enc_size, out,
3993 &out_size)))
3994 goto out;
3995
3996 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
3997 out_size);
3998 break;
3999
4000 case TEE_MODE_DECRYPT:
4001 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4002 ta_crypt_cmd_allocate_operation(c, &session,
4003 &op, tv->algo, TEE_MODE_DECRYPT,
4004 max_key_size)))
4005 goto out;
4006
4007 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4008 ta_crypt_cmd_set_operation_key(c, &session, op,
4009 priv_key_handle)))
4010 goto out;
4011
4012 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4013 ta_crypt_cmd_free_transient_object(c, &session,
4014 priv_key_handle)))
4015 goto out;
4016
4017 priv_key_handle = TEE_HANDLE_NULL;
4018
4019 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4020 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
4021 NULL, 0, tv->ctx, tv->ctx_len, out,
4022 &out_size)))
4023 goto out;
4024
4025 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
4026 out_size);
4027 break;
4028
4029 case TEE_MODE_VERIFY:
4030 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4031 ta_crypt_cmd_allocate_operation(c, &session,
4032 &op, tv->algo, TEE_MODE_VERIFY,
4033 max_key_size)))
4034 goto out;
4035
4036 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4037 ta_crypt_cmd_set_operation_key(c, &session, op,
4038 pub_key_handle)))
4039 goto out;
4040
4041 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4042 ta_crypt_cmd_free_transient_object(c, &session,
4043 pub_key_handle)))
4044 goto out;
4045
4046 pub_key_handle = TEE_HANDLE_NULL;
4047
4048 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4049 ta_crypt_cmd_asymmetric_verify(c, &session, op,
4050 algo_params, num_algo_params, ptx_hash,
4051 ptx_hash_size, tv->ctx, tv->ctx_len)))
4052 goto out;
4053 break;
4054
4055 case TEE_MODE_SIGN:
4056 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4057 ta_crypt_cmd_allocate_operation(c, &session,
4058 &op, tv->algo, TEE_MODE_SIGN,
4059 max_key_size)))
4060 goto out;
4061
4062 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4063 ta_crypt_cmd_set_operation_key(c, &session, op,
4064 priv_key_handle)))
4065 goto out;
4066
4067 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4068 ta_crypt_cmd_free_transient_object(c, &session,
4069 priv_key_handle)))
4070 goto out;
4071
4072 priv_key_handle = TEE_HANDLE_NULL;
4073
4074 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4075 ta_crypt_cmd_asymmetric_sign(c, &session, op,
4076 algo_params, num_algo_params, ptx_hash,
4077 ptx_hash_size, out, &out_size)))
4078 goto out;
4079
4080 if (TEE_ALG_GET_CHAIN_MODE(tv->algo) ==
4081 TEE_CHAIN_MODE_PKCS1_PSS_MGF1 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4082 tv->algo == TEE_ALG_DSA_SHA1 ||
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]4083 tv->algo == TEE_ALG_DSA_SHA224 ||
4084 tv->algo == TEE_ALG_DSA_SHA256 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4085 TEE_ALG_GET_MAIN_ALG(tv->algo) ==
4086 TEE_MAIN_ALGO_ECDSA) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4087 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4088 ta_crypt_cmd_free_operation(c, &session,
4089 op)))
4090 goto out;
4091 /*
4092 * The salt or K is random so we can't verify
4093 * signing against precomputed values, instead
4094 * we use the verify operation to see that
4095 * output is correct.
4096 */
4097 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4098 ta_crypt_cmd_allocate_operation(c,
4099 &session, &op, tv->algo,
4100 TEE_MODE_VERIFY, max_key_size)))
4101 goto out;
4102
4103 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4104 ta_crypt_cmd_set_operation_key(c,
4105 &session, op, pub_key_handle)))
4106 goto out;
4107
4108 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4109 ta_crypt_cmd_free_transient_object(c,
4110 &session, pub_key_handle)))
4111 goto out;
4112
4113 pub_key_handle = TEE_HANDLE_NULL;
4114
4115 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4116 ta_crypt_cmd_asymmetric_verify(c,
4117 &session, op, algo_params,
4118 num_algo_params, ptx_hash,
4119 ptx_hash_size, out, out_size)))
4120 goto out;
4121 } else {
4122 (void)ADBG_EXPECT_BUFFER(c, tv->ctx,
4123 tv->ctx_len, out,
4124 out_size);
4125 }
4126 break;
4127
4128 default:
4129 break;
4130 }
4131
4132 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4133 ta_crypt_cmd_free_operation(c, &session, op)))
4134 goto out;
4135
4136 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4137 ta_crypt_cmd_free_transient_object(c, &session,
4138 pub_key_handle)))
4139 goto out;
4140 pub_key_handle = TEE_HANDLE_NULL;
4141
4142 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4143 ta_crypt_cmd_free_transient_object(c, &session,
4144 priv_key_handle)))
4145 goto out;
4146
4147 priv_key_handle = TEE_HANDLE_NULL;
4148
4149 Do_ADBG_EndSubCase(c, NULL);
4150 }
4151out:
4152 TEEC_CloseSession(&session);
4153}
4154
4155#define KEY_ATTR(x, y) { #x, (x), y }
4156
4157struct key_attrs {
4158 const char *name;
4159 uint32_t attr;
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4160 /*
4161 * When keysize_check != 0: size of attribute is checked
4162 * Expected value is key_size bits except for DH in which case it is
4163 * the value of keysize_check.
4164 */
4165 uint32_t keysize_check;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4166};
4167
4168static bool test_keygen_attributes(ADBG_Case_t *c, TEEC_Session *s,
4169 TEE_ObjectHandle key, uint32_t key_size,
4170 struct key_attrs *attrs, size_t num_attrs)
4171{
4172 uint8_t out[2048];
4173 size_t out_size;
4174 size_t n;
4175 size_t m;
4176
4177 for (m = 0; m < num_attrs; m++) {
4178 if ((attrs[m].attr & TEE_ATTR_BIT_VALUE) == 0) {
4179 out_size = sizeof(out);
4180 memset(out, 0, sizeof(out));
4181 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4182 ta_crypt_cmd_get_object_buffer_attribute(c, s,
4183 key, attrs[m].attr, out, &out_size)))
4184 return false;
4185
4186 if (attrs[m].keysize_check)
4187 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
4188 key_size / 8);
4189
4190 if (out_size > 0) {
4191 /* Check that buffer isn't all zeroes */
4192 for (n = 0; n < out_size; n++)
4193 if (out[n] != 0)
4194 break;
4195 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <,
4196 out_size))
4197 return false;
4198 }
4199 } else {
4200 uint32_t a;
4201 uint32_t b;
4202
4203 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4204 ta_crypt_cmd_get_object_value_attribute(c, s, key,
4205 attrs[m].attr, &a, &b)))
4206 return false;
4207 }
4208 }
4209 return true;
4210}
4211
4212static bool test_secret_value(ADBG_Case_t *c, TEEC_Session *s,
4213 TEE_ObjectHandle key, uint32_t key_size)
4214{
4215 const struct key_attrs attrs[] = {
4216 KEY_ATTR(TEE_ATTR_SECRET_VALUE, true),
4217 };
4218
4219 return test_keygen_attributes(c, s, key, key_size,
4220 (struct key_attrs *)&attrs,
4221 ARRAY_SIZE(attrs));
4222}
4223
4224
4225static bool test_rsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4226 TEE_ObjectHandle key, uint32_t key_size)
4227{
4228 const struct key_attrs attrs[] = {
4229 KEY_ATTR(TEE_ATTR_RSA_MODULUS, true),
4230 KEY_ATTR(TEE_ATTR_RSA_PUBLIC_EXPONENT, false),
4231 KEY_ATTR(TEE_ATTR_RSA_PRIVATE_EXPONENT, false),
4232 KEY_ATTR(TEE_ATTR_RSA_PRIME1, false),
4233 KEY_ATTR(TEE_ATTR_RSA_PRIME2, false),
4234 KEY_ATTR(TEE_ATTR_RSA_EXPONENT1, false),
4235 KEY_ATTR(TEE_ATTR_RSA_EXPONENT2, false),
4236 KEY_ATTR(TEE_ATTR_RSA_COEFFICIENT, false),
4237 };
4238
4239 return test_keygen_attributes(c, s, key, key_size,
4240 (struct key_attrs *)&attrs,
4241 ARRAY_SIZE(attrs));
4242}
4243
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4244static bool test_ecc_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4245 TEE_ObjectHandle key, uint32_t key_size)
4246{
4247 const struct key_attrs attrs[] = {
4248 KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE, false),
4249 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X , false),
4250 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y , false),
4251 /* KEY_ATTR(TEE_ATTR_ECC_CURVE, false), - do not test */
4252 };
4253
4254 return test_keygen_attributes(c, s, key, key_size,
4255 (struct key_attrs *)&attrs,
4256 ARRAY_SIZE(attrs));
4257}
4258
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4259static bool test_dh_key_pair(ADBG_Case_t *c, TEEC_Session *s,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4260 TEE_ObjectHandle key, uint32_t check_keysize)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4261{
4262 const struct key_attrs attrs[] = {
4263 KEY_ATTR(TEE_ATTR_DH_PRIME, false),
4264 KEY_ATTR(TEE_ATTR_DH_BASE, false),
4265 KEY_ATTR(TEE_ATTR_DH_PUBLIC_VALUE, false),
4266 KEY_ATTR(TEE_ATTR_DH_PRIVATE_VALUE, check_keysize),
4267 KEY_ATTR(TEE_ATTR_DH_X_BITS, false),
4268 };
4269
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4270 return test_keygen_attributes(c, s, key, check_keysize,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4271 (struct key_attrs *)&attrs,
4272 ARRAY_SIZE(attrs));
4273}
4274
4275static bool test_dsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4276 TEE_ObjectHandle key, uint32_t key_size)
4277{
4278 const struct key_attrs attrs[] = {
4279 KEY_ATTR(TEE_ATTR_DSA_PRIME, true),
4280 KEY_ATTR(TEE_ATTR_DSA_SUBPRIME, false),
4281 KEY_ATTR(TEE_ATTR_DSA_BASE, false),
4282 KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE, false),
4283 KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE, false),
4284 };
4285
4286 return test_keygen_attributes(c, s, key, key_size,
4287 (struct key_attrs *)&attrs,
4288 ARRAY_SIZE(attrs));
4289}
4290
4291static bool generate_and_test_key(ADBG_Case_t *c, TEEC_Session *s,
4292 uint32_t key_type, uint32_t check_keysize,
4293 uint32_t key_size,
4294 TEE_Attribute *params, size_t param_count)
4295{
4296 TEE_ObjectHandle key;
4297 bool ret_val = true;
4298
4299 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4300 ta_crypt_cmd_allocate_transient_object(c, s, key_type, key_size,
4301 &key)))
4302 return false;
4303
4304 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4305 ta_crypt_cmd_generate_key(c, s, key, key_size, params,
4306 param_count)))
4307 return false;
4308
4309 switch (key_type) {
4310 case TEE_TYPE_DES:
4311 case TEE_TYPE_DES3:
4312 ret_val = ADBG_EXPECT_TRUE(c,
4313 test_secret_value(c, s, key,
4314 key_size + key_size / 7));
4315 break;
4316 case TEE_TYPE_AES:
4317 case TEE_TYPE_HMAC_MD5:
4318 case TEE_TYPE_HMAC_SHA1:
4319 case TEE_TYPE_HMAC_SHA224:
4320 case TEE_TYPE_HMAC_SHA256:
4321 case TEE_TYPE_HMAC_SHA384:
4322 case TEE_TYPE_HMAC_SHA512:
4323 case TEE_TYPE_GENERIC_SECRET:
4324 ret_val = ADBG_EXPECT_TRUE(c,
4325 test_secret_value(c, s, key, key_size));
4326 break;
4327
4328 case TEE_TYPE_RSA_KEYPAIR:
4329 ret_val = ADBG_EXPECT_TRUE(c,
4330 test_rsa_key_pair(c, s, key, key_size));
4331 break;
4332
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4333 case TEE_TYPE_ECDSA_KEYPAIR:
4334 case TEE_TYPE_ECDH_KEYPAIR:
4335 ret_val = ADBG_EXPECT_TRUE(c,
4336 test_ecc_key_pair(c, s, key, key_size));
4337 break;
4338
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4339 case TEE_TYPE_DH_KEYPAIR:
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4340 ret_val = ADBG_EXPECT_TRUE(c,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4341 test_dh_key_pair(c, s, key, check_keysize));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4342 break;
4343
4344 case TEE_TYPE_DSA_KEYPAIR:
4345 ret_val = ADBG_EXPECT_TRUE(c,
4346 test_dsa_key_pair(c, s, key, key_size));
4347 break;
4348
4349 default:
4350 ret_val = false;
4351 break;
4352 }
4353
4354 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4355 ta_crypt_cmd_free_transient_object(c, s, key)))
4356 return false;
4357
4358 return ret_val;
4359}
4360
4361static void xtest_test_keygen_noparams(ADBG_Case_t *c, TEEC_Session *session)
4362{
4363 size_t n;
4364 uint32_t key_size;
4365 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4366 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4367 const char *name;
4368 uint32_t key_type;
4369 uint32_t quanta;
4370 uint32_t min_size;
4371 uint32_t max_size;
4372 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4373 { 0, "AES", TEE_TYPE_AES, 64, 128,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4374 256 /* valid sizes 128, 192, 256 */ },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4375 { 0, "DES", TEE_TYPE_DES, 56, 56, 56 /* valid size 56 */ },
4376 { 0, "DES3", TEE_TYPE_DES3, 56, 112,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4377 168 /* valid sizes 112, 168 */ },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4378 { 0, "HMAC-MD5", TEE_TYPE_HMAC_MD5, 8, 64, 512 },
4379 { 0, "HMAC-SHA1", TEE_TYPE_HMAC_SHA1, 8, 80, 512 },
4380 { 0, "HMAC-SHA224", TEE_TYPE_HMAC_SHA224, 8, 112, 512 },
4381 { 0, "HMAC-SHA256", TEE_TYPE_HMAC_SHA256, 8, 192, 1024 },
4382 { 0, "HMAC-SHA384", TEE_TYPE_HMAC_SHA384, 8, 256, 1024 },
4383 { 0, "HMAC-SHA512", TEE_TYPE_HMAC_SHA512, 8, 256, 1024 },
4384 { 0, "Generic secret", TEE_TYPE_GENERIC_SECRET, 8, 128, 4096 },
4385 { 1, "RSA-2048", TEE_TYPE_RSA_KEYPAIR, 1, 2048, 2048 },
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4386
4387 /* New tests added to check non-regression of issue #5398 */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4388 { 0, "RSA-256", TEE_TYPE_RSA_KEYPAIR, 1, 256, 256 },
4389 { 1, "RSA-384", TEE_TYPE_RSA_KEYPAIR, 1, 384, 384 },
4390 { 1, "RSA-512", TEE_TYPE_RSA_KEYPAIR, 1, 512, 512 },
4391 { 1, "RSA-640", TEE_TYPE_RSA_KEYPAIR, 1, 640, 640 },
4392 { 1, "RSA-768", TEE_TYPE_RSA_KEYPAIR, 1, 768, 768 },
4393 { 1, "RSA-896", TEE_TYPE_RSA_KEYPAIR, 1, 896, 896 },
4394 { 1, "RSA-1024", TEE_TYPE_RSA_KEYPAIR, 1, 1024, 1024 },
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4395 };
4396
4397 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
4398 uint32_t min_size = key_types[n].min_size;
4399 uint32_t max_size = key_types[n].max_size;
4400 uint32_t quanta = key_types[n].quanta;
4401
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4402 if (key_types[n].level > level)
4403 continue;
4404
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4405 Do_ADBG_BeginSubCase(c, "Generate %s key", key_types[n].name);
4406
4407 for (key_size = min_size; key_size <= max_size;
4408 key_size += quanta) {
4409 if (!ADBG_EXPECT_TRUE(c,
4410 generate_and_test_key(c, session, key_types
4411 [n].key_type, 1, key_size, NULL, 0)))
4412 break;
4413 }
4414
4415 Do_ADBG_EndSubCase(c, "Generate %s key", key_types[n].name);
4416 }
4417}
4418
4419static void xtest_test_keygen_dh(ADBG_Case_t *c, TEEC_Session *session)
4420{
4421 size_t n;
4422 size_t param_count;
4423 /*
4424 * Note that the key size parameter is not used when creating the keys
4425 * but specifying these sizes make it possible to test the expected size
4426 * of the private value. This also means that the keysize must match the
4427 * size of p or what is specified in private_bits or the equvivalent
4428 * size of the subprime parameter.
4429 */
4430 TEE_Attribute params[4];
4431
4432#define XTEST_DH_GK_DATA(vect) \
4433 ARRAY(vect ## _p), \
4434 ARRAY(vect ## _g), \
4435 &vect ## _private_bits, \
4436 0, 0
4437#define XTEST_DH_GK_DATA_SUBPRIME(vect) \
4438 ARRAY(vect ## _p), \
4439 ARRAY(vect ## _g), \
4440 &vect ## _private_bits, \
4441 ARRAY(vect ## _subprime)
4442 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4443 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4444 uint32_t key_size;
4445 const uint8_t *p;
4446 size_t p_len;
4447 const uint8_t *g;
4448 size_t g_len;
4449 const uint32_t *private_bits;
4450 const uint8_t *subprime;
4451 size_t subprime_len;
4452 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4453 { 0, 256, XTEST_DH_GK_DATA(keygen_dh256) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4454 { 0, 320, XTEST_DH_GK_DATA(keygen_dh320) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4455 { 1, 384, XTEST_DH_GK_DATA(keygen_dh384) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4456 { 1, 448, XTEST_DH_GK_DATA(keygen_dh448) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4457 { 1, 512, XTEST_DH_GK_DATA(keygen_dh512) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4458 { 1, 576, XTEST_DH_GK_DATA(keygen_dh576) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4459 { 1, 640, XTEST_DH_GK_DATA(keygen_dh640) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4460 { 1, 704, XTEST_DH_GK_DATA(keygen_dh704) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4461 { 1, 768, XTEST_DH_GK_DATA(keygen_dh768) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4462 { 1, 832, XTEST_DH_GK_DATA(keygen_dh832) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4463 { 1, 896, XTEST_DH_GK_DATA(keygen_dh896) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4464 { 1, 960, XTEST_DH_GK_DATA(keygen_dh960) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4465 { 1, 1024, XTEST_DH_GK_DATA(keygen_dh1024) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4466 { 1, 1088, XTEST_DH_GK_DATA(keygen_dh1088) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4467 { 1, 1152, XTEST_DH_GK_DATA(keygen_dh1152) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4468 { 1, 1216, XTEST_DH_GK_DATA(keygen_dh1216) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4469 { 1, 1280, XTEST_DH_GK_DATA(keygen_dh1280) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4470 { 1, 1344, XTEST_DH_GK_DATA(keygen_dh1344) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4471 { 1, 1408, XTEST_DH_GK_DATA(keygen_dh1408) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4472 { 1, 1472, XTEST_DH_GK_DATA(keygen_dh1472) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4473 { 1, 1536, XTEST_DH_GK_DATA(keygen_dh1536) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4474 { 1, 1600, XTEST_DH_GK_DATA(keygen_dh1600) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4475 { 1, 1664, XTEST_DH_GK_DATA(keygen_dh1664) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4476 { 1, 1728, XTEST_DH_GK_DATA(keygen_dh1728) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4477 { 1, 1792, XTEST_DH_GK_DATA(keygen_dh1792) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4478 { 1, 1856, XTEST_DH_GK_DATA(keygen_dh1856) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4479 { 1, 1920, XTEST_DH_GK_DATA(keygen_dh1920) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4480 { 1, 1984, XTEST_DH_GK_DATA(keygen_dh1984) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4481 { 1, 2048, XTEST_DH_GK_DATA(keygen_dh2048) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4482 { 1, 2048, XTEST_DH_GK_DATA_SUBPRIME(keygen_dh2048_subprime) }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4483 };
4484
4485
4486 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4487 if (key_types[n].level > level)
4488 continue;
4489
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4490 Do_ADBG_BeginSubCase(c,
4491 "Generate DH key %d bits - Private bits = %d",
4492 key_types[n].key_size,
4493 *key_types[n].private_bits);
4494 param_count = 0;
4495
4496 xtest_add_attr(&param_count, params,
4497 TEE_ATTR_DH_PRIME,
4498 key_types[n].p, key_types[n].p_len);
4499
4500 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4501 key_types[n].g, key_types[n].g_len);
4502
4503 if (key_types[n].private_bits != 0) {
4504 params[param_count].attributeID = TEE_ATTR_DH_X_BITS;
4505
4506 params[param_count].content.value.a =
4507 *key_types[n].private_bits;
4508
4509 params[param_count].content.value.b = 0;
4510 param_count++;
4511 }
4512
4513 if (key_types[n].subprime != 0) {
4514 xtest_add_attr(&param_count, params,
4515 TEE_ATTR_DH_SUBPRIME,
4516 key_types[n].subprime,
4517 key_types[n].subprime_len);
4518 }
4519
4520 if (!ADBG_EXPECT_TRUE(c,
4521 generate_and_test_key(c, session, TEE_TYPE_DH_KEYPAIR,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4522 *key_types[n].private_bits,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4523 key_types[n]. key_size, params, param_count)))
4524 break;
4525
4526 Do_ADBG_EndSubCase(c,
4527 "Generate DH key %d bits - Private bits = %d",
4528 key_types[n].key_size,
4529 *key_types[n].private_bits);
4530 }
4531}
4532
4533static void xtest_test_keygen_dsa(ADBG_Case_t *c, TEEC_Session *session)
4534{
4535 size_t n;
4536 size_t param_count;
4537 TEE_Attribute params[4];
4538
4539#define XTEST_DSA_GK_DATA(vect) \
4540 ARRAY(vect ## _p), \
4541 ARRAY(vect ## _g), \
4542 ARRAY(vect ## _q)
4543 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4544 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4545 uint32_t key_size;
4546 const uint8_t *prime;
4547 size_t prime_len;
4548 const uint8_t *base;
4549 size_t base_len;
4550 const uint8_t *sub_prime;
4551 size_t sub_prime_len;
4552 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4553 { 1, 1024, XTEST_DSA_GK_DATA(keygen_dsa_test1) },
4554 { 0, 512, XTEST_DSA_GK_DATA(keygen_dsa512) },
4555 { 1, 576, XTEST_DSA_GK_DATA(keygen_dsa576) },
4556 { 1, 640, XTEST_DSA_GK_DATA(keygen_dsa640) },
4557 { 1, 704, XTEST_DSA_GK_DATA(keygen_dsa704) },
4558 { 1, 768, XTEST_DSA_GK_DATA(keygen_dsa768) },
4559 { 1, 832, XTEST_DSA_GK_DATA(keygen_dsa832) },
4560 { 1, 896, XTEST_DSA_GK_DATA(keygen_dsa896) },
4561 { 1, 960, XTEST_DSA_GK_DATA(keygen_dsa960) },
4562 { 1, 1024, XTEST_DSA_GK_DATA(keygen_dsa1024) },
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4563 };
4564
4565 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4566 if (key_types[n].level > level)
4567 continue;
4568
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4569 Do_ADBG_BeginSubCase(c, "Generate DSA key %d bits",
4570 key_types[n].key_size);
4571 param_count = 0;
4572
4573
4574 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_PRIME,
4575 key_types[n].prime, key_types[n].prime_len);
4576
4577 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_SUBPRIME,
4578 key_types[n].sub_prime,
4579 key_types[n].sub_prime_len);
4580
4581 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_BASE,
4582 key_types[n].base, key_types[n].base_len);
4583
4584 if (!ADBG_EXPECT_TRUE(c,
4585 generate_and_test_key(c, session, TEE_TYPE_DSA_KEYPAIR,
4586 1, key_types[n]. key_size, params,
4587 param_count)))
4588 break;
4589
4590 Do_ADBG_EndSubCase(c, "Generate DSA key %d bits",
4591 key_types[n].key_size);
4592 }
4593}
4594
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4595static void xtest_test_keygen_ecc(ADBG_Case_t *c, TEEC_Session *session)
4596{
4597 size_t n;
4598 size_t param_count;
4599 TEE_Attribute params[4];
4600
4601 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4602 unsigned level;
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4603 const char *name;
4604 uint32_t algo;
4605 uint32_t curve;
4606 uint32_t key_size;
4607 } key_types[] = {
4608 /* ECDSA */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4609 { 0, "ECDSA-192", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4610 192 },
4611 { 1, "ECDSA-224", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4612 224 },
4613 { 1, "ECDSA-256", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4614 256 },
4615 { 1, "ECDSA-384", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4616 384 },
4617 { 1, "ECDSA-521", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4618 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4619
4620 /* ECDH */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4621 { 0, "ECDH-192", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4622 192 },
4623 { 1, "ECDH-224", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4624 224 },
4625 { 1, "ECDH-256", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4626 256 },
4627 { 1, "ECDH-384", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4628 384 },
4629 { 1, "ECDH-521", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4630 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4631 };
4632
4633 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4634 if (key_types[n].level > level)
4635 continue;
4636
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4637 Do_ADBG_BeginSubCase(c, "Generate %s", key_types[n].name);
4638 param_count = 0;
4639
4640 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
4641 key_types[n].curve, 0);
4642
4643 if (!ADBG_EXPECT_TRUE(c,
4644 generate_and_test_key(c, session, key_types[n].algo,
4645 0, key_types[n].key_size, params,
4646 param_count)))
4647 break;
4648
4649 Do_ADBG_EndSubCase(c, "Generate %s", key_types[n].name);
4650 }
4651}
4652
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4653static void xtest_tee_test_4007(ADBG_Case_t *c)
4654{
4655 TEEC_Session session = { 0 };
4656 uint32_t ret_orig;
4657
4658 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4659 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4660 &ret_orig)))
4661 return;
4662
4663 xtest_test_keygen_noparams(c, &session);
4664
4665 xtest_test_keygen_dh(c, &session);
4666
4667 xtest_test_keygen_dsa(c, &session);
4668
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4669 xtest_test_keygen_ecc (c, &session);
4670
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4671 TEEC_CloseSession(&session);
4672}
4673
4674static void xtest_tee_test_4008(ADBG_Case_t *c)
4675{
4676 TEEC_Session session = { 0 };
4677 uint32_t ret_orig;
4678 TEE_OperationHandle op;
4679 TEE_ObjectHandle key_handle;
4680 TEE_ObjectHandle sv_handle;
4681 TEE_Attribute params[4];
4682 size_t param_count = 0;
4683 uint8_t out[2048];
4684 size_t out_size;
4685
4686 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4687 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4688 &ret_orig)))
4689 return;
4690
4691 Do_ADBG_BeginSubCase(c, "Derive DH key success");
4692
4693 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4694 ta_crypt_cmd_allocate_operation(c, &session, &op,
4695 TEE_ALG_DH_DERIVE_SHARED_SECRET, TEE_MODE_DERIVE,
4696 derive_key_max_keysize)))
4697 goto out;
4698
4699 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4700 ta_crypt_cmd_allocate_transient_object(c, & session,
4701 TEE_TYPE_DH_KEYPAIR, derive_key_max_keysize,
4702 &key_handle)))
4703 goto out;
4704
4705 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIME,
4706 ARRAY(derive_key_dh_prime));
4707
4708 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4709 ARRAY(derive_key_dh_base));
4710
4711 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4712 ARRAY(derive_key_dh_public_value));
4713
4714 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIVATE_VALUE,
4715 ARRAY(derive_key_dh_private_value));
4716
4717 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4718 ta_crypt_cmd_populate_transient_object(c, &session, key_handle,
4719 params, param_count)))
4720 goto out;
4721
4722 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4723 ta_crypt_cmd_set_operation_key(c, &session, op, key_handle)))
4724 goto out;
4725
4726 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4727 ta_crypt_cmd_free_transient_object(c, & session, key_handle)))
4728 goto out;
4729
4730 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4731 ta_crypt_cmd_allocate_transient_object(c, &session,
4732 TEE_TYPE_GENERIC_SECRET, derive_key_max_keysize,
4733 &sv_handle)))
4734 goto out;
4735
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4736 /* reuse but reset params and param-count */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4737 param_count = 0;
4738
4739 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
4740 ARRAY(derive_key_dh_public_value_2));
4741
4742 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4743 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
4744 param_count)))
4745 goto out;
4746
4747 out_size = sizeof(out);
4748 memset(out, 0, sizeof(out));
4749 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4750 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
4751 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4752 goto out;
4753
4754 if (!ADBG_EXPECT_BUFFER(c, derive_key_dh_shared_secret,
4755 sizeof(derive_key_dh_shared_secret), out,
4756 out_size))
4757 goto out;
4758
4759 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4760 ta_crypt_cmd_free_operation(c, &session, op)))
4761 goto out;
4762
4763 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4764 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
4765 goto out;
4766out:
4767 Do_ADBG_EndSubCase(c, "Derive DH key success");
4768 TEEC_CloseSession(&session);
4769}
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4770
4771static void xtest_tee_test_4009(ADBG_Case_t *c)
4772{
4773 TEEC_Session session = { 0 };
4774 uint32_t ret_orig;
4775 TEE_OperationHandle op;
4776 TEE_ObjectHandle key_handle;
4777 TEE_ObjectHandle sv_handle;
4778 TEE_Attribute params[4];
4779 size_t param_count = 0;
4780 uint8_t out[2048];
4781 size_t out_size;
4782 uint32_t size_bytes;
Peng Fane13ad9b2015-07-21 11:46:26 +0800[diff] [blame]4783 uint32_t i;
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4784 struct derive_key_ecdh_t *pt;
4785
4786 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4787 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4788 &ret_orig)))
4789 return;
4790
4791 for (i = 0; i < ARRAY_SIZE(derive_key_ecdh); i++) {
4792 pt = &derive_key_ecdh[i];
4793
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]4794 if (pt->level > level)
4795 continue;
4796
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]4797 Do_ADBG_BeginSubCase(c, "Derive ECDH key - algo = 0x%x",
4798 pt->algo);
4799 size_bytes = (pt->keysize + 7) / 8;
4800 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4801 ta_crypt_cmd_allocate_operation(c, &session, &op,
4802 pt->algo,
4803 TEE_MODE_DERIVE, pt->keysize)))
4804 goto out;
4805
4806 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4807 ta_crypt_cmd_allocate_transient_object(c, & session,
4808 TEE_TYPE_ECDH_KEYPAIR, pt->keysize,
4809 &key_handle)))
4810 goto out;
4811
4812 param_count = 0;
4813 xtest_add_attr_value(&param_count, params,
4814 TEE_ATTR_ECC_CURVE, pt->curve, 0);
4815 xtest_add_attr(&param_count, params,
4816 TEE_ATTR_ECC_PRIVATE_VALUE,
4817 pt->private, size_bytes);
4818 /*
4819 * The public value is not used. This is why we provide
4820 * another buffer
4821 */
4822 xtest_add_attr(&param_count, params,
4823 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4824 pt->private, size_bytes);
4825 xtest_add_attr(&param_count, params,
4826 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4827 pt->private, size_bytes);
4828
4829 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4830 ta_crypt_cmd_populate_transient_object(c,
4831 &session,
4832 key_handle, params, param_count)))
4833 goto out;
4834
4835 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4836 ta_crypt_cmd_set_operation_key(c, &session, op,
4837 key_handle)))
4838 goto out;
4839
4840 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4841 ta_crypt_cmd_free_transient_object(c, & session,
4842 key_handle)))
4843 goto out;
4844
4845 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4846 ta_crypt_cmd_allocate_transient_object(c, &session,
4847 TEE_TYPE_GENERIC_SECRET, size_bytes * 8,
4848 &sv_handle)))
4849 goto out;
4850
4851 /* reuse but reset params and param-count */
4852 param_count = 0;
4853
4854 xtest_add_attr(&param_count, params,
4855 TEE_ATTR_ECC_PUBLIC_VALUE_X,
4856 pt->public_x, size_bytes);
4857 xtest_add_attr(&param_count, params,
4858 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
4859 pt->public_y, size_bytes);
4860
4861 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4862 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
4863 params, param_count)))
4864 goto out;
4865
4866 out_size = sizeof(out);
4867 memset(out, 0, sizeof(out));
4868 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4869 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
4870 sv_handle,
4871 TEE_ATTR_SECRET_VALUE, out, &out_size)))
4872 goto out;
4873
4874 if (!ADBG_EXPECT_BUFFER(c, pt->out, size_bytes,
4875 out, out_size))
4876 goto out;
4877
4878 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4879 ta_crypt_cmd_free_operation(c, &session, op)))
4880 goto out;
4881
4882 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4883 ta_crypt_cmd_free_transient_object(c, &session,
4884 sv_handle)))
4885 goto out;
4886
4887 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x",
4888 pt->algo);
4889 }
4890
4891 goto noerror;
4892
4893out:
4894 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x", pt->algo);
4895
4896noerror:
4897 TEEC_CloseSession(&session);
4898}
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]4899
4900static void xtest_tee_test_4010(ADBG_Case_t *c)
4901{
4902 TEEC_Session session = { 0 };
4903 uint32_t ret_orig;
4904 TEE_ObjectHandle o;
4905 static const uint8_t large_key[1024] = { 1, 2, 3, 4, 5, 6 };
4906 static const TEE_Attribute attr = {
4907 .attributeID = TEE_ATTR_SECRET_VALUE,
4908 .content.ref.buffer = (void *)large_key,
4909 .content.ref.length = sizeof(large_key),
4910 };
4911
4912 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4913 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4914 &ret_orig)))
4915 return;
4916
4917 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4918 ta_crypt_cmd_allocate_transient_object(c, &session,
4919 TEE_TYPE_HMAC_SHA256, 1024, &o)))
4920 goto out;
4921
4922 ADBG_EXPECT_TEEC_RESULT(c, TEEC_ERROR_TARGET_DEAD,
4923 ta_crypt_cmd_populate_transient_object(c, &session, o,
4924 &attr, 1));
4925
4926out:
4927 TEEC_CloseSession(&session);
4928}
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]4929
4930static void xtest_tee_test_4011(ADBG_Case_t *c)
4931{
4932 TEEC_Session s = { 0 };
4933 size_t key_size = 512;
4934 TEE_ObjectHandle key;
4935 TEE_OperationHandle ops;
4936 TEE_OperationHandle opv;
4937 TEE_OperationHandle ope;
4938 TEE_OperationHandle opd;
4939 uint32_t ret_orig;
4940 uint8_t in[TEE_SHA1_HASH_SIZE];
4941 uint8_t out[1024];
4942 uint8_t tmp[1024];
4943 size_t out_size;
4944 size_t tmp_size;
4945 size_t n;
4946 size_t m;
4947 size_t i = 0;
4948
4949 /* Setup session, initialize message to sign, create a keypair */
4950 if (!ADBG_EXPECT_TEEC_SUCCESS(c, xtest_teec_open_session(&s,
4951 &crypt_user_ta_uuid, NULL, &ret_orig)))
4952 return;
4953 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_random_number_generate(c,
4954 &s, in, sizeof(in))))
4955 goto out;
4956 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_transient_object(
4957 c, &s, TEE_TYPE_RSA_KEYPAIR, key_size, &key)))
4958 goto out;
4959 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_generate_key(c, &s,
4960 key, key_size, NULL, 0)))
4961 goto out;
4962
4963 /* Allocate operations for sign, verify, encrypt and decrypt */
4964 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4965 &ops, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
4966 key_size)))
4967 goto out;
4968 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4969 &opv, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
4970 key_size)))
4971 goto out;
4972 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4973 &ope, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT, key_size)))
4974 goto out;
4975 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
4976 &opd, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT, key_size)))
4977 goto out;
4978
4979 /* Assign the keypair to all operations */
4980 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4981 ta_crypt_cmd_set_operation_key(c, &s, ops, key)))
4982 goto out;
4983 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4984 ta_crypt_cmd_set_operation_key(c, &s, opv, key)))
4985 goto out;
4986 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4987 ta_crypt_cmd_set_operation_key(c, &s, ope, key)))
4988 goto out;
4989 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4990 ta_crypt_cmd_set_operation_key(c, &s, opd, key)))
4991 goto out;
4992
4993 /*
4994 * The core of the test case is inspired by the one in libtomcrypt:
4995 * https://github.com/libtom/libtomcrypt/blob/6ad52252688bb34f90b5e79da4830a927e87b81f/testprof/rsa_test.c#L398
4996 *
4997 * Testcase for Bleichenbacher attack
4998 *
4999 * (1) Create a valid signature
5000 * (2) Check that it can be verified
5001 * (3) Transform the package to fetch plain text (using the encrypt
5002 * operation in GP TEE Internal API)
5003 * (4) Forge the structure of PKCS#1-EMSA encoded data
5004 * (4.1) Search for start and end of the padding string
5005 * (4.2) Move the signature to the front of the padding string
5006 * (4.3) Zero the message until the end
5007 * (5) Transform the package back (using the decrypt operation in
5008 * GP TEE Internal API)
5009 * (6) The result should not be valid if the implementation is robust.
5010 */
5011
5012
5013 for (i = 0; i < 9; i++) {
5014 Do_ADBG_Log("Iteration %zu", i);
5015
5016 /* 1 */
5017 out_size = sizeof(out);
5018 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5019 ta_crypt_cmd_asymmetric_sign(c, &s, ops, NULL, 0,
5020 in, sizeof(in), out, &out_size)))
5021 goto out;
5022
5023 /* 2 */
5024 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5025 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5026 in, sizeof(in), out, out_size)))
5027 goto out;
5028
5029 /* 3 */
5030 tmp_size = sizeof(tmp);
5031 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5032 ta_crypt_cmd_asymmetric_encrypt(c, &s, ope, NULL, 0,
5033 out, out_size, tmp, &tmp_size)))
5034 goto out;
5035
5036 /* 4.1 */
5037 for (n = 0; n < tmp_size; n++)
5038 if (tmp[n] == 0xff)
5039 break;
5040 for (m = n + 1; m < tmp_size; m++)
5041 if (tmp[m] != 0xff)
5042 break;
5043 /* 4.2 */
5044 memmove(tmp + n + i, tmp + m, tmp_size - m);
5045 /* 4.3 */
5046 for (n = n + tmp_size - m + i; n < tmp_size; n++)
5047 tmp[n] = 0;
5048
5049 /* 5 */
5050 out_size = sizeof(out);
5051 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5052 ta_crypt_cmd_asymmetric_decrypt(c, &s, opd, NULL, 0,
5053 tmp, tmp_size, out, &out_size)))
5054 goto out;
5055
5056 /* 6 */
5057 if (!ADBG_EXPECT_TEEC_RESULT(c, TEE_ERROR_SIGNATURE_INVALID,
5058 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5059 in, sizeof(in), out, out_size)))
5060 goto out;
5061 }
5062
5063out:
5064 TEEC_CloseSession(&s);
5065}
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5066
5067
5068#ifdef CFG_SYSTEM_PTA
5069static void xtest_tee_test_4012(ADBG_Case_t *c)
5070{
5071 TEEC_Session session = { 0 };
5072 uint32_t ret_orig;
5073 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5074 /* Fortuna PRNG requires seed <= 32 bytes */
5075 uint8_t pool_input[32] = {};
5076 time_t t;
5077 struct tm tm_local;
5078
5079 t = time(NULL);
5080 tm_local = *localtime(&t);
5081
5082 memcpy((void *)pool_input, (void *)&tm_local,
5083 sizeof(pool_input) < sizeof(tm_local) ?
5084 sizeof(pool_input) : sizeof(tm_local));
5085
5086
5087 op.params[0].tmpref.buffer = pool_input;
5088 op.params[0].tmpref.size = sizeof(pool_input);
5089 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5090 TEEC_NONE,
5091 TEEC_NONE,
5092 TEEC_NONE);
5093 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5094 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5095 &ret_orig)))
5096 return;
5097
5098 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5099 TEEC_InvokeCommand(&session,
5100 TA_CRYPT_CMD_SEED_RNG_POOL,
5101 &op,
5102 &ret_orig));
5103 TEEC_CloseSession(&session);
5104}
5105#endif