TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_test / fe94e56de6431824e585b6861f0792a21ce2d658 / . / host / xtest / regression_4000.c
blob: e5e7cd82b0845c10a8ce6751125cd4e2049f08e1 [file] [log] [blame]
Etienne Carriere9b7b70d2020-05-16 10:27:23 +0200[diff] [blame]1// SPDX-License-Identifier: GPL-2.0
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2/*
3 * Copyright (c) 2014, STMicroelectronics International N.V.
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4 */
5
6#include <stdio.h>
7#include <string.h>
8#include <inttypes.h>
9#include <malloc.h>
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]10#include <time.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]11
12#include "xtest_test.h"
13#include "xtest_helpers.h"
14
15#include <tee_api_types.h>
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]16#include <tee_api_defines_extensions.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]17#include <ta_crypt.h>
18#include <utee_defines.h>
19#include <util.h>
20
Jerome Forissier213ca8a2017-03-31 11:27:56 +0200[diff] [blame]21#include <regression_4000_data.h>
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]22#include <nist/186-2ecdsatestvectors.h>
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]23
24#include <assert.h>
25
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]26static TEEC_Result ta_crypt_cmd_reset_operation(ADBG_Case_t *c, TEEC_Session *s,
27 TEE_OperationHandle oph)
28{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]29 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]30 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]31 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]32
33 assert((uintptr_t)oph <= UINT32_MAX);
34 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
35 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
36 TEEC_NONE);
37 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RESET_OPERATION, &op,
38 &ret_orig);
39 if (res != TEEC_SUCCESS) {
40 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
41 ret_orig);
42 }
43 return res;
44}
45
46static TEEC_Result ta_crypt_cmd_copy_operation(ADBG_Case_t *c,
47 TEEC_Session *s,
48 TEE_OperationHandle dst_oph,
49 TEE_OperationHandle src_oph)
50{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]51 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]52 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]53 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]54
55 assert((uintptr_t)dst_oph <= UINT32_MAX);
56 op.params[0].value.a = (uint32_t)(uintptr_t)dst_oph;
57
58 assert((uintptr_t)src_oph <= UINT32_MAX);
59 op.params[0].value.b = (uint32_t)(uintptr_t)src_oph;
60 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE, TEEC_NONE,
61 TEEC_NONE);
62
63 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_COPY_OPERATION, &op,
64 &ret_orig);
65
66 if (res != TEEC_SUCCESS) {
67 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
68 ret_orig);
69 }
70 return res;
71}
72
73static TEEC_Result ta_crypt_cmd_digest_update(ADBG_Case_t *c, TEEC_Session *s,
74 TEE_OperationHandle oph,
75 const void *chunk,
76 size_t chunk_size)
77{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]78 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]79 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]80 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]81
82 assert((uintptr_t)oph <= UINT32_MAX);
83 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
84 op.params[1].tmpref.buffer = (void *)chunk;
85 op.params[1].tmpref.size = chunk_size;
86
87 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
88 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
89 TEEC_NONE);
90
91 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_UPDATE, &op, &ret_orig);
92
93 if (res != TEEC_SUCCESS) {
94 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
95 ret_orig);
96 }
97
98 return res;
99}
100
101static TEEC_Result ta_crypt_cmd_digest_do_final(ADBG_Case_t *c, TEEC_Session *s,
102 TEE_OperationHandle oph,
103 const void *chunk,
104 size_t chunk_len, void *hash,
105 size_t *hash_len)
106{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]107 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]108 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]109 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]110
111 assert((uintptr_t)oph <= UINT32_MAX);
112 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
113
114 op.params[1].tmpref.buffer = (void *)chunk;
115 op.params[1].tmpref.size = chunk_len;
116
117 op.params[2].tmpref.buffer = (void *)hash;
118 op.params[2].tmpref.size = *hash_len;
119
120 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
121 TEEC_MEMREF_TEMP_INPUT,
122 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
123
124 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_DIGEST_DO_FINAL, &op,
125 &ret_orig);
126
127 if (res != TEEC_SUCCESS) {
128 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
129 ret_orig);
130 }
131
132 if (res == TEEC_SUCCESS)
133 *hash_len = op.params[2].tmpref.size;
134
135 return res;
136}
137
138static TEE_Result ta_crypt_cmd_set_operation_key2(ADBG_Case_t *c,
139 TEEC_Session *s,
140 TEE_OperationHandle oph,
141 TEE_ObjectHandle key1,
142 TEE_ObjectHandle key2)
143{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]144 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]145 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]146 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]147
148 assert((uintptr_t)oph <= UINT32_MAX);
149 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
150
151 assert((uintptr_t)key1 <= UINT32_MAX);
152 op.params[0].value.b = (uint32_t)(uintptr_t)key1;
153
154 assert((uintptr_t)key2 <= UINT32_MAX);
155 op.params[1].value.a = (uint32_t)(uintptr_t)key2;
156 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_INPUT,
157 TEEC_NONE, TEEC_NONE);
158
159 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_SET_OPERATION_KEY2, &op,
160 &ret_orig);
161
162 if (res != TEEC_SUCCESS) {
163 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
164 ret_orig);
165 }
166
167 return res;
168}
169
170static TEEC_Result ta_crypt_cmd_mac_init(ADBG_Case_t *c, TEEC_Session *s,
171 TEE_OperationHandle oph,
172 const void *iv, size_t iv_len)
173{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]174 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]175 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]176 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]177
178 assert((uintptr_t)oph <= UINT32_MAX);
179 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
180
181 if (iv != NULL) {
182 op.params[1].tmpref.buffer = (void *)iv;
183 op.params[1].tmpref.size = iv_len;
184 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
185 TEEC_MEMREF_TEMP_INPUT,
186 TEEC_NONE, TEEC_NONE);
187 } else {
188 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
189 TEEC_NONE, TEEC_NONE);
190 }
191
192 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_INIT, &op, &ret_orig);
193
194 if (res != TEEC_SUCCESS) {
195 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
196 ret_orig);
197 }
198
199 return res;
200}
201
202static TEEC_Result ta_crypt_cmd_mac_update(ADBG_Case_t *c, TEEC_Session *s,
203 TEE_OperationHandle oph,
204 const void *chunk, size_t chunk_size)
205{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]206 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]207 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]208 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]209
210 assert((uintptr_t)oph <= UINT32_MAX);
211 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
212
213 op.params[1].tmpref.buffer = (void *)chunk;
214 op.params[1].tmpref.size = chunk_size;
215
216 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
217 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
218 TEEC_NONE);
219
220 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_UPDATE, &op, &ret_orig);
221
222 if (res != TEEC_SUCCESS) {
223 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
224 ret_orig);
225 }
226
227 return res;
228}
229
230static TEEC_Result ta_crypt_cmd_mac_final_compute(ADBG_Case_t *c,
231 TEEC_Session *s,
232 TEE_OperationHandle oph,
233 const void *chunk,
234 size_t chunk_len,
235 void *hash,
236 size_t *hash_len)
237{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]238 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]239 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]240 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]241
242 assert((uintptr_t)oph <= UINT32_MAX);
243 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
244
245 op.params[1].tmpref.buffer = (void *)chunk;
246 op.params[1].tmpref.size = chunk_len;
247
248 op.params[2].tmpref.buffer = (void *)hash;
249 op.params[2].tmpref.size = *hash_len;
250
251 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
252 TEEC_MEMREF_TEMP_INPUT,
253 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
254
255 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_MAC_FINAL_COMPUTE, &op,
256 &ret_orig);
257
258 if (res != TEEC_SUCCESS) {
259 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
260 ret_orig);
261 }
262
263 if (res == TEEC_SUCCESS)
264 *hash_len = op.params[2].tmpref.size;
265
266 return res;
267}
268
269static TEEC_Result ta_crypt_cmd_cipher_init(ADBG_Case_t *c, TEEC_Session *s,
270 TEE_OperationHandle oph,
271 const void *iv, size_t iv_len)
272{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]273 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]274 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]275 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]276
277 assert((uintptr_t)oph <= UINT32_MAX);
278 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
279
280 if (iv != NULL) {
281 op.params[1].tmpref.buffer = (void *)iv;
282 op.params[1].tmpref.size = iv_len;
283
284 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
285 TEEC_MEMREF_TEMP_INPUT,
286 TEEC_NONE, TEEC_NONE);
287 } else {
288 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_NONE,
289 TEEC_NONE, TEEC_NONE);
290 }
291
292 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_INIT, &op, &ret_orig);
293
294 if (res != TEEC_SUCCESS) {
295 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
296 ret_orig);
297 }
298
299 return res;
300}
301
302static TEEC_Result ta_crypt_cmd_cipher_update(ADBG_Case_t *c, TEEC_Session *s,
303 TEE_OperationHandle oph,
304 const void *src, size_t src_len,
305 void *dst, size_t *dst_len)
306{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]307 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]308 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]309 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]310
311 assert((uintptr_t)oph <= UINT32_MAX);
312 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
313
314 op.params[1].tmpref.buffer = (void *)src;
315 op.params[1].tmpref.size = src_len;
316
317 op.params[2].tmpref.buffer = dst;
318 op.params[2].tmpref.size = *dst_len;
319
320 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
321 TEEC_MEMREF_TEMP_INPUT,
322 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
323
324 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_UPDATE, &op, &ret_orig);
325
326 if (res != TEEC_SUCCESS) {
327 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
328 ret_orig);
329 }
330
331 if (res == TEEC_SUCCESS)
332 *dst_len = op.params[2].tmpref.size;
333
334 return res;
335}
336
337static TEEC_Result ta_crypt_cmd_cipher_do_final(ADBG_Case_t *c,
338 TEEC_Session *s,
339 TEE_OperationHandle oph,
340 const void *src,
341 size_t src_len,
342 void *dst,
343 size_t *dst_len)
344{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]345 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]346 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]347 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]348
349 assert((uintptr_t)oph <= UINT32_MAX);
350 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
351
352 op.params[1].tmpref.buffer = (void *)src;
353 op.params[1].tmpref.size = src_len;
354
355 op.params[2].tmpref.buffer = (void *)dst;
356 op.params[2].tmpref.size = *dst_len;
357
358 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
359 TEEC_MEMREF_TEMP_INPUT,
360 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
361
362 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_CIPHER_DO_FINAL, &op,
363 &ret_orig);
364
365 if (res != TEEC_SUCCESS) {
366 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
367 ret_orig);
368 }
369
370 if (res == TEEC_SUCCESS)
371 *dst_len = op.params[2].tmpref.size;
372
373 return res;
374}
375
376static TEEC_Result ta_crypt_cmd_random_number_generate(ADBG_Case_t *c,
377 TEEC_Session *s,
378 void *buf,
379 size_t blen)
380{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]381 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]382 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]383 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]384
385 op.params[0].tmpref.buffer = buf;
386 op.params[0].tmpref.size = blen;
387
388 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE,
389 TEEC_NONE, TEEC_NONE);
390
Joakim Bech81f97e32020-05-27 12:14:23 +0200[diff] [blame]391 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_RANDOM_NUMBER_GENERATE, &op,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]392 &ret_orig);
393
394 if (res != TEEC_SUCCESS) {
395 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
396 ret_orig);
397 }
398
399 (void)ADBG_EXPECT_COMPARE_UNSIGNED(c, blen, ==,
400 op.params[0].tmpref.size);
401 return res;
402}
403
404static TEEC_Result ta_crypt_cmd_ae_init(ADBG_Case_t *c, TEEC_Session *s,
405 TEE_OperationHandle oph,
406 const void *nonce, size_t nonce_len,
407 size_t tag_len, size_t aad_len,
408 size_t payload_len)
409{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]410 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]411 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]412 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]413
414 assert((uintptr_t)oph <= UINT32_MAX);
415 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
416 op.params[0].value.b = tag_len;
417
418 op.params[1].tmpref.buffer = (void *)nonce;
419 op.params[1].tmpref.size = nonce_len;
420
421 op.params[2].value.a = aad_len;
422 op.params[2].value.b = payload_len;
423
424 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
425 TEEC_MEMREF_TEMP_INPUT,
Jens Wiklander74a42302015-07-07 01:08:41 +0200[diff] [blame]426 TEEC_VALUE_INPUT, TEEC_NONE);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]427
428 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_INIT, &op, &ret_orig);
429
430 if (res != TEEC_SUCCESS) {
431 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
432 ret_orig);
433 }
434 return res;
435}
436
437static TEEC_Result ta_crypt_cmd_ae_update_aad(ADBG_Case_t *c, TEEC_Session *s,
438 TEE_OperationHandle oph,
439 const void *aad, size_t aad_len)
440{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]441 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]442 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]443 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]444
445 assert((uintptr_t)oph <= UINT32_MAX);
446 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
447
448 op.params[1].tmpref.buffer = (void *)aad;
449 op.params[1].tmpref.size = aad_len;
450
451 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
452 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
453 TEEC_NONE);
454
455 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE_AAD, &op, &ret_orig);
456
457 if (res != TEEC_SUCCESS) {
458 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
459 ret_orig);
460 }
461
462 return res;
463}
464
465static TEEC_Result ta_crypt_cmd_ae_update(ADBG_Case_t *c,
466 TEEC_Session *s,
467 TEE_OperationHandle oph,
468 const void *src,
469 size_t src_len,
470 void *dst,
471 size_t *dst_len)
472{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]473 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]474 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]475 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]476
477 assert((uintptr_t)oph <= UINT32_MAX);
478 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
479
480 op.params[1].tmpref.buffer = (void *)src;
481 op.params[1].tmpref.size = src_len;
482
483 op.params[2].tmpref.buffer = (void *)dst;
484 op.params[2].tmpref.size = *dst_len;
485
486 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
487 TEEC_MEMREF_TEMP_INPUT,
488 TEEC_MEMREF_TEMP_OUTPUT, TEEC_NONE);
489
490 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_UPDATE, &op, &ret_orig);
491
492 if (res != TEEC_SUCCESS) {
493 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
494 ret_orig);
495 }
496
497 if (res == TEEC_SUCCESS)
498 *dst_len = op.params[2].tmpref.size;
499
500 return res;
501}
502
503static TEEC_Result ta_crypt_cmd_ae_encrypt_final(ADBG_Case_t *c,
504 TEEC_Session *s,
505 TEE_OperationHandle oph,
506 const void *src,
507 size_t src_len, void *dst,
508 size_t *dst_len, void *tag,
509 size_t *tag_len)
510{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]511 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]512 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]513 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]514
515 assert((uintptr_t)oph <= UINT32_MAX);
516 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
517
518 op.params[1].tmpref.buffer = (void *)src;
519 op.params[1].tmpref.size = src_len;
520
521 op.params[2].tmpref.buffer = (void *)dst;
522 op.params[2].tmpref.size = *dst_len;
523
524 op.params[3].tmpref.buffer = (void *)tag;
525 op.params[3].tmpref.size = *tag_len;
526
527 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
528 TEEC_MEMREF_TEMP_INPUT,
529 TEEC_MEMREF_TEMP_OUTPUT,
530 TEEC_MEMREF_TEMP_OUTPUT);
531
532 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_ENCRYPT_FINAL, &op,
533 &ret_orig);
534
535 if (res != TEEC_SUCCESS) {
536 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
537 ret_orig);
538 }
539
540 if (res == TEEC_SUCCESS) {
541 *dst_len = op.params[2].tmpref.size;
542 *tag_len = op.params[3].tmpref.size;
543 }
544
545 return res;
546}
547
548static TEEC_Result ta_crypt_cmd_ae_decrypt_final(ADBG_Case_t *c,
549 TEEC_Session *s,
550 TEE_OperationHandle oph,
551 const void *src, size_t src_len,
552 void *dst, size_t *dst_len,
553 const void *tag, size_t tag_len)
554{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]555 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]556 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]557 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]558
559 assert((uintptr_t)oph <= UINT32_MAX);
560 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
561
562 op.params[1].tmpref.buffer = (void *)src;
563 op.params[1].tmpref.size = src_len;
564
565 op.params[2].tmpref.buffer = dst;
566 op.params[2].tmpref.size = *dst_len;
567
568 op.params[3].tmpref.buffer = (void *)tag;
569 op.params[3].tmpref.size = tag_len;
570
571 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
572 TEEC_MEMREF_TEMP_INPUT,
573 TEEC_MEMREF_TEMP_OUTPUT,
574 TEEC_MEMREF_TEMP_INPUT);
575
576 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_AE_DECRYPT_FINAL, &op,
577 &ret_orig);
578
579 if (res != TEEC_SUCCESS) {
580 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
581 ret_orig);
582 }
583
584 if (res == TEEC_SUCCESS)
585 *dst_len = op.params[2].tmpref.size;
586
587 return res;
588}
589
590static TEEC_Result ta_crypt_cmd_asymmetric_operate(ADBG_Case_t *c,
591 TEEC_Session *s,
592 TEE_OperationHandle oph,
593 uint32_t cmd,
594 const TEE_Attribute *params,
595 uint32_t paramCount,
596 const void *src,
597 size_t src_len,
598 void *dst,
599 size_t *dst_len)
600{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]601 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]602 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]603 uint32_t ret_orig = 0;
604 uint8_t *buf = NULL;
605 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]606
607 res = pack_attrs(params, paramCount, &buf, &blen);
608 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
609 return res;
610
611 assert((uintptr_t)oph <= UINT32_MAX);
612 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
613
614 op.params[1].tmpref.buffer = buf;
615 op.params[1].tmpref.size = blen;
616
617 op.params[2].tmpref.buffer = (void *)src;
618 op.params[2].tmpref.size = src_len;
619
620 op.params[3].tmpref.buffer = dst;
621 op.params[3].tmpref.size = *dst_len;
622
623 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
624 TEEC_MEMREF_TEMP_INPUT,
625 TEEC_MEMREF_TEMP_INPUT,
626 TEEC_MEMREF_TEMP_OUTPUT);
627
628 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
629
630 if (res != TEEC_SUCCESS) {
631 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
632 ret_orig);
633 }
634
635 if (res == TEEC_SUCCESS)
636 *dst_len = op.params[3].tmpref.size;
637
638 free(buf);
639 return res;
640}
641
642static TEEC_Result ta_crypt_cmd_asymmetric_encrypt(ADBG_Case_t *c,
643 TEEC_Session *s,
644 TEE_OperationHandle oph,
645 const TEE_Attribute *params,
646 uint32_t paramCount,
647 const void *src,
648 size_t src_len,
649 void *dst,
650 size_t *dst_len)
651{
652 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
653 TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT,
654 params, paramCount,
655 src, src_len, dst, dst_len);
656}
657
658static TEEC_Result ta_crypt_cmd_asymmetric_decrypt(ADBG_Case_t *c,
659 TEEC_Session *s,
660 TEE_OperationHandle oph,
661 const TEE_Attribute *params,
662 uint32_t paramCount,
663 const void *src,
664 size_t src_len,
665 void *dst,
666 size_t *dst_len)
667{
668 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
669 TA_CRYPT_CMD_ASYMMETRIC_DECRYPT,
670 params, paramCount,
671 src, src_len, dst, dst_len);
672}
673
674static TEEC_Result ta_crypt_cmd_asymmetric_sign(ADBG_Case_t *c,
675 TEEC_Session *s,
676 TEE_OperationHandle oph,
677 const TEE_Attribute *params,
678 uint32_t paramCount,
679 const void *digest,
680 size_t digest_len,
681 void *signature,
682 size_t *signature_len)
683{
684 return ta_crypt_cmd_asymmetric_operate(c, s, oph,
685 TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST, params, paramCount,
686 digest, digest_len, signature, signature_len);
687}
688
689static TEEC_Result ta_crypt_cmd_asymmetric_verify(ADBG_Case_t *c,
690 TEEC_Session *s,
691 TEE_OperationHandle oph,
692 const TEE_Attribute *params,
693 uint32_t paramCount,
694 const void *digest,
695 size_t digest_len,
696 const void *signature,
697 size_t signature_len)
698{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]699 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]700 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]701 uint32_t ret_orig = 0;
702 uint8_t *buf = NULL;
703 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]704
705 res = pack_attrs(params, paramCount, &buf, &blen);
706 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
707 return res;
708
709 assert((uintptr_t)oph <= UINT32_MAX);
710 op.params[0].value.a = (uint32_t)(uintptr_t)oph;
711
712 op.params[1].tmpref.buffer = buf;
713 op.params[1].tmpref.size = blen;
714
715 op.params[2].tmpref.buffer = (void *)digest;
716 op.params[2].tmpref.size = digest_len;
717
718 op.params[3].tmpref.buffer = (void *)signature;
719 op.params[3].tmpref.size = signature_len;
720
721 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
722 TEEC_MEMREF_TEMP_INPUT,
723 TEEC_MEMREF_TEMP_INPUT,
724 TEEC_MEMREF_TEMP_INPUT);
725
726 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST,
727 &op, &ret_orig);
728
729 if (res != TEEC_SUCCESS) {
730 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
731 ret_orig);
732 }
733
734 free(buf);
735 return res;
736}
737
738static TEEC_Result ta_crypt_cmd_get_object_value_attribute(ADBG_Case_t *c,
739 TEEC_Session *s,
740 TEE_ObjectHandle o,
741 uint32_t attr_id,
742 uint32_t *valuea,
743 uint32_t *valueb)
744{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]745 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]746 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]747 uint32_t ret_orig = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]748
749 assert((uintptr_t)o <= UINT32_MAX);
750 op.params[0].value.a = (uint32_t)(uintptr_t)o;
751 op.params[0].value.b = attr_id;
752 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_OUTPUT,
753 TEEC_NONE, TEEC_NONE);
754
755 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE,
756 &op, &ret_orig);
757
758 if (res != TEEC_SUCCESS) {
759 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
760 ret_orig);
761 }
762
763 if (res == TEEC_SUCCESS) {
764 *valuea = op.params[1].value.a;
765 *valueb = op.params[1].value.b;
766 }
767
768 return res;
769}
770
771static TEEC_Result ta_crypt_cmd_generate_key(ADBG_Case_t *c,
772 TEEC_Session *s,
773 TEE_ObjectHandle o,
774 uint32_t key_size,
775 const TEE_Attribute *params,
776 uint32_t paramCount)
777{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]778 TEEC_Result res = TEEC_ERROR_GENERIC;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]779 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]780 uint32_t ret_orig = 0;
781 uint8_t *buf = NULL;
782 size_t blen = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]783
784 res = pack_attrs(params, paramCount, &buf, &blen);
785 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
786 return res;
787
788 assert((uintptr_t)o <= UINT32_MAX);
789 op.params[0].value.a = (uint32_t)(uintptr_t)o;
790 op.params[0].value.b = key_size;
791
792 op.params[1].tmpref.buffer = buf;
793 op.params[1].tmpref.size = blen;
794
795 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
796 TEEC_MEMREF_TEMP_INPUT, TEEC_NONE,
797 TEEC_NONE);
798
799 res = TEEC_InvokeCommand(s, TA_CRYPT_CMD_GENERATE_KEY, &op, &ret_orig);
800
801 if (res != TEEC_SUCCESS) {
802 (void)ADBG_EXPECT_TEEC_ERROR_ORIGIN(c, TEEC_ORIGIN_TRUSTED_APP,
803 ret_orig);
804 }
805
806 free(buf);
807 return res;
808}
809
810static const uint8_t hash_data_md5_in1[] = {
811 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
812};
813
814static const uint8_t hash_data_md5_out1[] = {
815 0x61, 0x12, 0x71, 0x83, 0x70, 0x8d, 0x3a, 0xc7,
816 0xf1, 0x9b, 0x66, 0x06, 0xfc, 0xae, 0x7d, 0xf6
817};
818
819static const uint8_t hash_data_sha1_in1[] = {
820 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
821};
822
823static const uint8_t hash_data_sha1_out1[] = {
824 0x4b, 0x98, 0x92, 0xb6, 0x52, 0x72, 0x14, 0xaf,
825 0xc6, 0x55, 0xb8, 0xaa, 0x52, 0xf4, 0xd2, 0x03,
826 0xc1, 0x5e, 0x7c, 0x9c
827};
828
829static const uint8_t hash_data_sha224_in1[] = {
830 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
831};
832
833static const uint8_t hash_data_sha224_out1[] = {
834 0x08, 0x21, 0x69, 0xf9, 0x77, 0x1b, 0x80, 0x15,
835 0xf3, 0x97, 0xae, 0xde, 0x5b, 0xba, 0xa2, 0x72,
836 0x2d, 0x8f, 0x5c, 0x19, 0xfe, 0xd2, 0xe2, 0x68,
837 0x92, 0x49, 0xd8, 0x44
838};
839
840static const uint8_t hash_data_sha256_in1[] = { 'a', 'b', 'c' };
841
842static const uint8_t hash_data_sha256_out1[] = {
843 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
844 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
845 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
846 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
847};
848
849static const uint8_t hash_data_sha256_in2[] = { 'e', 'f', 'g' };
850
851static const uint8_t hash_data_sha256_out2[] = {
852 0xd4, 0xff, 0xe8, 0xe9, 0xee, 0x0b, 0x48, 0xeb,
853 0xa7, 0x16, 0x70, 0x61, 0x23, 0xa7, 0x18, 0x7f,
854 0x32, 0xea, 0xe3, 0xbd, 0xcb, 0x0e, 0x77, 0x63,
855 0xe4, 0x1e, 0x53, 0x32, 0x67, 0xbd, 0x8a, 0x53
856};
857
858
859static const uint8_t hash_data_sha384_in1[] = {
860 'a', 'b', 'c', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
861};
862
863static const uint8_t hash_data_sha384_out1[] = {
864 0x4c, 0xab, 0x80, 0x9d, 0x96, 0x84, 0x01, 0x47,
865 0x67, 0x0a, 0xc1, 0x7a, 0xb6, 0xb9, 0xf7, 0x6e,
866 0x35, 0xa6, 0xb0, 0x8c, 0xf5, 0x2a, 0x3d, 0x64,
867 0x9a, 0x8c, 0x7e, 0x0c, 0x55, 0x45, 0xd3, 0x7d,
868 0x1f, 0x7f, 0x28, 0x34, 0x96, 0x14, 0x44, 0x2a,
869 0xf5, 0x98, 0xa2, 0x95, 0x24, 0x76, 0x53, 0x97
870};
871
872static const uint8_t hash_data_sha512_in1[] = {
873 'a', 'b', 'c', 'd', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm'
874};
875
876static const uint8_t hash_data_sha512_out1[] = {
877 0x20, 0xd8, 0x64, 0x4f, 0x54, 0xa2, 0x5f, 0x6f,
878 0x0a, 0xf9, 0xd5, 0x27, 0x7d, 0x17, 0xa8, 0x99,
879 0x4c, 0x64, 0x3f, 0xd0, 0xf3, 0x83, 0x36, 0xee,
880 0x93, 0x12, 0x55, 0xcd, 0x2e, 0x12, 0x34, 0xa0,
881 0xc2, 0xaa, 0xf9, 0xbb, 0x15, 0xc5, 0xe9, 0xfa,
882 0xf7, 0xa7, 0xda, 0xb8, 0x2f, 0x72, 0xa0, 0x47,
883 0xe3, 0x02, 0x04, 0xe8, 0xa0, 0x35, 0x0c, 0x96,
884 0x26, 0xd1, 0xcb, 0x8b, 0x47, 0x45, 0x25, 0xd0
885};
886
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]887/*
888 * SM3
889 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]890 * Appendix A.1
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]891 */
892static const uint8_t hash_data_sm3_a1_in[3] = "abc";
893
894static const uint8_t hash_data_sm3_a1_out[] = {
895 0x66, 0xc7, 0xf0, 0xf4, 0x62, 0xee, 0xed, 0xd9,
896 0xd1, 0xf2, 0xd4, 0x6b, 0xdc, 0x10, 0xe4, 0xe2,
897 0x41, 0x67, 0xc4, 0x87, 0x5c, 0xf2, 0xf7, 0xa2,
898 0x29, 0x7d, 0xa0, 0x2b, 0x8f, 0x4b, 0xa8, 0xe0
899};
900
901/*
902 * SM3
903 * https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]904 * Appendix A.2
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]905 */
906static const uint8_t hash_data_sm3_a2_in[] = {
907 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
908 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
909 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
910 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
911 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
912 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
913 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64,
914 0x61, 0x62, 0x63, 0x64, 0x61, 0x62, 0x63, 0x64
915};
916
917static const uint8_t hash_data_sm3_a2_out[] = {
918 0xde, 0xbe, 0x9f, 0xf9, 0x22, 0x75, 0xb8, 0xa1,
919 0x38, 0x60, 0x48, 0x89, 0xc1, 0x8e, 0x5a, 0x4d,
920 0x6f, 0xdb, 0x70, 0xe5, 0x38, 0x7e, 0x57, 0x65,
921 0x29, 0x3d, 0xcb, 0xa3, 0x9c, 0x0c, 0x57, 0x32
922};
923
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]924struct xtest_hash_case {
925 uint32_t algo;
926 size_t in_incr;
927 const uint8_t *in;
928 size_t in_len;
929 const uint8_t *out;
930 size_t out_len;
931};
932
933#define XTEST_HASH_CASE(algo, in_incr, in, out) \
934 { (algo), (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out) }
935
936static const struct xtest_hash_case hash_cases[] = {
937 XTEST_HASH_CASE(TEE_ALG_MD5, 6, hash_data_md5_in1,
938 hash_data_md5_out1),
939 XTEST_HASH_CASE(TEE_ALG_SHA1, 3, hash_data_sha1_in1,
940 hash_data_sha1_out1),
941 XTEST_HASH_CASE(TEE_ALG_SHA224, 7, hash_data_sha224_in1,
942 hash_data_sha224_out1),
943 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in1,
944 hash_data_sha256_out1),
945 XTEST_HASH_CASE(TEE_ALG_SHA256, 1, hash_data_sha256_in2,
946 hash_data_sha256_out2),
947 XTEST_HASH_CASE(TEE_ALG_SHA384, 1, hash_data_sha384_in1,
948 hash_data_sha384_out1),
949 XTEST_HASH_CASE(TEE_ALG_SHA512, 1, hash_data_sha512_in1,
950 hash_data_sha512_out1),
Jerome Forissier3ed850a2019-12-13 10:58:23 +0100[diff] [blame]951 XTEST_HASH_CASE(TEE_ALG_SM3, 2, hash_data_sm3_a1_in,
952 hash_data_sm3_a1_out),
953 XTEST_HASH_CASE(TEE_ALG_SM3, 19, hash_data_sm3_a2_in,
954 hash_data_sm3_a2_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]955};
956
957static void xtest_tee_test_4001(ADBG_Case_t *c)
958{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]959 TEEC_Session session = { };
960 uint32_t ret_orig = 0;
961 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]962
963 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
964 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
965 &ret_orig)))
966 return;
967
968
969 for (n = 0; n < ARRAY_SIZE(hash_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]970 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
971 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
972 uint8_t out[64] = { };
973 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]974
Jerome Forissier87b00c02020-01-22 16:33:12 +0100[diff] [blame]975 if (hash_cases[n].algo == TEE_ALG_SM3 &&
976 !ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_SM3,
977 TEE_CRYPTO_ELEMENT_NONE)) {
978 Do_ADBG_Log("SM3 not supported: skip subcase");
979 continue;
980 }
981
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]982 Do_ADBG_BeginSubCase(c, "Hash case %d algo 0x%x",
983 (int)n, (unsigned int)hash_cases[n].algo);
984
985 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
986 ta_crypt_cmd_allocate_operation(c, &session, &op1,
987 hash_cases[n].algo,
988 TEE_MODE_DIGEST, 0)))
989 goto out;
990
991 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
992 ta_crypt_cmd_allocate_operation(c, &session, &op2,
993 hash_cases[n].algo,
994 TEE_MODE_DIGEST, 0)))
995 goto out;
996
997 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
998 ta_crypt_cmd_digest_update(c, &session, op1,
999 hash_cases[n].in,
1000 hash_cases[n].in_incr)))
1001 goto out;
1002
1003 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1004 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1005 goto out;
1006
1007 out_size = sizeof(out);
1008 memset(out, 0, sizeof(out));
1009 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1010 ta_crypt_cmd_digest_do_final(c, &session, op2,
1011 hash_cases[n].in + hash_cases[n].in_incr,
1012 hash_cases[n].in_len - hash_cases[n].in_incr,
1013 out, &out_size)))
1014 goto out;
1015
1016 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1017 hash_cases[n].out_len, out, out_size);
1018
1019 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1020 ta_crypt_cmd_reset_operation(c, &session, op1)))
1021 goto out;
1022
1023 out_size = sizeof(out);
1024 memset(out, 0, sizeof(out));
1025 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1026 ta_crypt_cmd_digest_do_final(c, &session, op1,
1027 hash_cases[n].in,
1028 hash_cases[n].in_len, out,
1029 &out_size)))
1030 goto out;
1031
1032 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1033 hash_cases[n].out_len, out, out_size);
1034
Jerome Forissier1e05e262015-07-29 16:09:07 +0200[diff] [blame]1035 /*
1036 * Invoke TEE_DigestDoFinal() a second time to check that state
1037 * was properly reset
1038 */
1039 out_size = sizeof(out);
1040 memset(out, 0, sizeof(out));
1041 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1042 ta_crypt_cmd_digest_do_final(c, &session, op1,
1043 hash_cases[n].in,
1044 hash_cases[n].in_len, out,
1045 &out_size)))
1046 goto out;
1047
1048 (void)ADBG_EXPECT_BUFFER(c, hash_cases[n].out,
1049 hash_cases[n].out_len, out, out_size);
1050
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1051 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1052 ta_crypt_cmd_free_operation(c, &session, op1)))
1053 goto out;
1054
1055 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1056 ta_crypt_cmd_free_operation(c, &session, op2)))
1057 goto out;
1058
1059 Do_ADBG_EndSubCase(c, NULL);
1060 }
1061
1062out:
1063 TEEC_CloseSession(&session);
1064}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1065ADBG_CASE_DEFINE(regression, 4001, xtest_tee_test_4001,
1066 "Test TEE Internal API hash operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1067
1068static const uint8_t mac_data_md5_key1[10] = {
1069 0x6B, 0x65, 0x79, /* key */
1070};
1071
1072static const uint8_t mac_data_md5_in1[] = {
1073 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1074 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1075 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1076 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1077 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1078 0x64, 0x6F, 0x67, /* dog */
1079};
1080
1081static const uint8_t mac_data_md5_out1[] = {
1082 0x80, 0x07, 0x07, 0x13, 0x46, 0x3e, 0x77, 0x49,
1083 0xb9, 0x0c, 0x2d, 0xc2, 0x49, 0x11, 0xe2, 0x75
1084};
1085
1086
1087/* generated with scripts/digest_hmac.pl */
1088static const uint8_t mac_data_sha1_key1[10] = {
1089 0x6B, 0x65, 0x79, /* key */
1090};
1091
1092static const uint8_t mac_data_sha1_in1[] = {
1093 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1094 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1095 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1096 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1097 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1098 0x64, 0x6F, 0x67, /* dog */
1099};
1100
1101static const uint8_t mac_data_sha1_out1[] = {
1102 0xDE, 0x7C, 0x9B, 0x85, 0xB8, 0xB7, 0x8A, 0xA6, /* .|...... */
1103 0xBC, 0x8A, 0x7A, 0x36, 0xF7, 0x0A, 0x90, 0x70, /* ..z6...p */
1104 0x1C, 0x9D, 0xB4, 0xD9, /* .... */
1105};
1106
1107static const uint8_t mac_data_sha224_key1[24] = {
1108 0x6B, 0x65, 0x79, /* key */
1109};
1110
1111static const uint8_t mac_data_sha224_in1[] = {
1112 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1113 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1114 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1115 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1116 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1117 0x64, 0x6F, 0x67, /* dog */
1118};
1119
1120static const uint8_t mac_data_sha224_out1[] = {
1121 0x88, 0xFF, 0x8B, 0x54, 0x67, 0x5D, 0x39, 0xB8, /* ...Tg]9. */
1122 0xF7, 0x23, 0x22, 0xE6, 0x5F, 0xF9, 0x45, 0xC5, /* .#"._.E. */
1123 0x2D, 0x96, 0x37, 0x99, 0x88, 0xAD, 0xA2, 0x56, /* -.7....V */
1124 0x39, 0x74, 0x7E, 0x69, /* 9t~i */
1125};
1126
1127
1128static const uint8_t mac_data_sha256_key1[24] = {
1129 'Q', 'W', 'E', 'R', 'T', 'Y'
1130};
1131
1132static const uint8_t mac_data_sha256_in1[] = { 'a', 'b', 'c' };
1133
1134static const uint8_t mac_data_sha256_out1[] = {
1135 0xee, 0x2e, 0x5d, 0x9b, 0x51, 0xe2, 0x9c, 0x1d,
1136 0x49, 0xe9, 0xae, 0x6f, 0x0a, 0xcc, 0x15, 0x18,
1137 0xde, 0x1e, 0xa3, 0x88, 0x8e, 0xee, 0x48, 0xbb,
1138 0x82, 0x77, 0xe9, 0x09, 0x74, 0x4b, 0xa2, 0xf2
1139};
1140
1141/* generated with scripts/digest_hmac.pl */
1142static const uint8_t mac_data_sha256_key2[24] = {
1143 0x6B, 0x65, 0x79, /* key */
1144};
1145
1146static const uint8_t mac_data_sha256_in2[] = {
1147 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1148 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1149 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1150 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1151 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1152 0x64, 0x6F, 0x67, /* dog */
1153};
1154
1155static const uint8_t mac_data_sha256_out2[] = {
1156 0xF7, 0xBC, 0x83, 0xF4, 0x30, 0x53, 0x84, 0x24, /* ....0S.$ */
1157 0xB1, 0x32, 0x98, 0xE6, 0xAA, 0x6F, 0xB1, 0x43, /* .2...o.C */
1158 0xEF, 0x4D, 0x59, 0xA1, 0x49, 0x46, 0x17, 0x59, /* .MY.IF.Y */
1159 0x97, 0x47, 0x9D, 0xBC, 0x2D, 0x1A, 0x3C, 0xD8, /* .G..-.<. */
1160};
1161
1162static const uint8_t mac_data_sha384_key1[32] = {
1163 0x6B, 0x65, 0x79, /* key */
1164};
1165
1166static const uint8_t mac_data_sha384_in1[] = {
1167 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1168 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1169 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1170 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1171 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1172 0x64, 0x6F, 0x67, /* dog */
1173};
1174
1175static const uint8_t mac_data_sha384_out1[] = {
1176 0xD7, 0xF4, 0x72, 0x7E, 0x2C, 0x0B, 0x39, 0xAE, /* ..r~, .9. */
1177 0x0F, 0x1E, 0x40, 0xCC, 0x96, 0xF6, 0x02, 0x42, /* ..@....B */
1178 0xD5, 0xB7, 0x80, 0x18, 0x41, 0xCE, 0xA6, 0xFC, /* ....A... */
1179 0x59, 0x2C, 0x5D, 0x3E, 0x1A, 0xE5, 0x07, 0x00, /* Y, ]>.... */
1180 0x58, 0x2A, 0x96, 0xCF, 0x35, 0xE1, 0xE5, 0x54, /* X...5..T */
1181 0x99, 0x5F, 0xE4, 0xE0, 0x33, 0x81, 0xC2, 0x37, /* ._..3..7 */
1182};
1183
1184static const uint8_t mac_data_sha512_key1[32] = {
1185 0x6B, 0x65, 0x79, /* key */
1186};
1187
1188static const uint8_t mac_data_sha512_in1[] = {
1189 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, /* The quic */
1190 0x6B, 0x20, 0x62, 0x72, 0x6F, 0x77, 0x6E, 0x20, /* k brown */
1191 0x66, 0x6F, 0x78, 0x20, 0x6A, 0x75, 0x6D, 0x70, /* fox jump */
1192 0x73, 0x20, 0x6F, 0x76, 0x65, 0x72, 0x20, 0x74, /* s over t */
1193 0x68, 0x65, 0x20, 0x6C, 0x61, 0x7A, 0x79, 0x20, /* he lazy */
1194 0x64, 0x6F, 0x67, /* dog */
1195};
1196
1197static const uint8_t mac_data_sha512_out1[] = {
1198 0xB4, 0x2A, 0xF0, 0x90, 0x57, 0xBA, 0xC1, 0xE2, /* ....W... */
1199 0xD4, 0x17, 0x08, 0xE4, 0x8A, 0x90, 0x2E, 0x09, /* ........ */
1200 0xB5, 0xFF, 0x7F, 0x12, 0xAB, 0x42, 0x8A, 0x4F, /* .....B.O */
1201 0xE8, 0x66, 0x53, 0xC7, 0x3D, 0xD2, 0x48, 0xFB, /* .fS.=.H. */
1202 0x82, 0xF9, 0x48, 0xA5, 0x49, 0xF7, 0xB7, 0x91, /* ..H.I... */
1203 0xA5, 0xB4, 0x19, 0x15, 0xEE, 0x4D, 0x1E, 0xC3, /* .....M.. */
1204 0x93, 0x53, 0x57, 0xE4, 0xE2, 0x31, 0x72, 0x50, /* .SW..1rP */
1205 0xD0, 0x37, 0x2A, 0xFA, 0x2E, 0xBE, 0xEB, 0x3A, /* .7.....: */
1206};
1207
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1208/*
1209 * SM3 HMAC
1210 * GM/T 0042-2015
1211 * Section D.3 Test vector 1
1212 */
1213static const uint8_t mac_data_sm3_d31_in[112] =
1214 "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomn"
1215 "opnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmn"
1216 "lmnomnopnopq";
1217
1218static const uint8_t mac_data_sm3_d31_key[] = {
1219 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1220 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1221 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
1222 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
1223};
1224
1225static const uint8_t mac_data_sm3_d31_out[] = {
1226 0xca, 0x05, 0xe1, 0x44, 0xed, 0x05, 0xd1, 0x85,
1227 0x78, 0x40, 0xd1, 0xf3, 0x18, 0xa4, 0xa8, 0x66,
1228 0x9e, 0x55, 0x9f, 0xc8, 0x39, 0x1f, 0x41, 0x44,
1229 0x85, 0xbf, 0xdf, 0x7b, 0xb4, 0x08, 0x96, 0x3a,
1230};
1231
1232/*
1233 * SM3 HMAC
1234 * GM/T 0042-2015
1235 * Section D.3 Test vector 2
1236 */
1237static const uint8_t mac_data_sm3_d32_in[] = {
1238 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1239 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1240 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1241 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1242 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1243 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd,
1244 0xcd, 0xcd
1245};
1246
1247static const uint8_t mac_data_sm3_d32_key[] = {
1248 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1249 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1250 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
1251 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
1252 0x21, 0x22, 0x23, 0x24, 0x25,
1253};
1254
1255static const uint8_t mac_data_sm3_d32_out[] = {
1256 0x22, 0x0b, 0xf5, 0x79, 0xde, 0xd5, 0x55, 0x39,
1257 0x3f, 0x01, 0x59, 0xf6, 0x6c, 0x99, 0x87, 0x78,
1258 0x22, 0xa3, 0xec, 0xf6, 0x10, 0xd1, 0x55, 0x21,
1259 0x54, 0xb4, 0x1d, 0x44, 0xb9, 0x4d, 0xb3, 0xae,
1260};
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1261
1262/* AES-CBC-MAC */
1263static const uint8_t mac_cbc_vect1_key[] = {
1264 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1265 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1266};
1267
1268static const uint8_t mac_cbc_vect1_data[] = {
1269 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1270 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1271 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1272 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1273 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1274 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1275 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1276 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1277 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1278 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1279 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1280 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1281 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1282 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1283 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1284 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1285 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1286 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1287 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1288 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
1289};
1290
1291static const uint8_t mac_cbc_vect1_out[] = {
1292 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
1293 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
1294};
1295
1296/* DES-CBC-MAC */
1297static const uint8_t mac_cbc_vect2_key[] = {
1298 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1299};
1300
1301#define mac_cbc_vect2_data mac_cbc_vect1_data
1302static const uint8_t mac_cbc_vect2_out[] = {
1303 0xE9, 0x41, 0x46, 0x30, 0x69, 0x32, 0xBD, 0xD6, /* .AF0i2.. */
1304};
1305
1306/* DES3-CBC-MAC */
1307static const uint8_t mac_cbc_vect3_key[] = {
1308 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1309 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1310 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1311};
1312
1313#define mac_cbc_vect3_data mac_cbc_vect2_data
1314static const uint8_t mac_cbc_vect3_out[] = {
1315 0x1C, 0x17, 0xB7, 0xB5, 0x9F, 0x54, 0x9C, 0x63, /* .....T.c */
1316};
1317
1318/* AES-CBC-MAC PKCS#5 pad*/
1319static const uint8_t mac_cbc_vect4_key[] = {
1320 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1321 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1322 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1323 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1324};
1325
1326#define mac_cbc_vect4_data mac_cbc_vect1_data
1327static const uint8_t mac_cbc_vect4_out[] = {
1328 0x0B, 0x46, 0xC7, 0xA2, 0xE1, 0x5A, 0xE2, 0x23, /* .F...Z.# */
1329 0x83, 0x34, 0x1C, 0x86, 0x53, 0xF8, 0x51, 0x24, /* .4..S.Q$ */
1330};
1331
1332/* DES-CBC-MAC PKCS#5 pad*/
1333static const uint8_t mac_cbc_vect5_key[] = {
1334 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1335};
1336
1337#define mac_cbc_vect5_data mac_cbc_vect1_data
1338static const uint8_t mac_cbc_vect5_out[] = {
1339 0x30, 0x81, 0x4F, 0x42, 0x03, 0x7E, 0xD8, 0xA9, /* 0.OB.~.. */
1340};
1341
1342/* DES3-CBC-MAC PKCS#5 pad*/
1343static const uint8_t mac_cbc_vect6_key[] = {
1344 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1345 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1346 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1347};
1348
1349#define mac_cbc_vect6_data mac_cbc_vect1_data
1350static const uint8_t mac_cbc_vect6_out[] = {
1351 0x6E, 0x37, 0x6E, 0x14, 0x5E, 0x21, 0xDD, 0xF8, /* n7n.^!.. */
1352};
1353
1354/* AES-CBC-MAC PKCS#5 pad*/
1355#define mac_cbc_vect7_key mac_cbc_vect4_key
1356static const uint8_t mac_cbc_vect7_data[] = {
1357 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1358 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1359 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1360 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1361 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1362 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1363 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1364 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1365 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1366 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1367 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1368 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1369 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1370 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1371 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1372 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1373 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1374 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1375 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1376 0x74, 0x69, 0x6F, 0x6E, 0x2E, /* tion. */
1377};
1378
1379static const uint8_t mac_cbc_vect7_out[] = {
1380 0xFD, 0x89, 0x35, 0xB3, 0x93, 0x7F, 0xBB, 0xA2, /* ..5..... */
1381 0xFB, 0x65, 0x60, 0xC4, 0x0A, 0x62, 0xA0, 0xF9, /* .e`..b.. */
1382};
1383
1384/* DES-CBC-MAC PKCS#5 pad*/
1385#define mac_cbc_vect8_key mac_cbc_vect5_key
1386#define mac_cbc_vect8_data mac_cbc_vect7_data
1387static const uint8_t mac_cbc_vect8_out[] = {
1388 0x02, 0x2A, 0xA8, 0x2E, 0x47, 0xC6, 0xBB, 0x7C, /* ....G..| */
1389};
1390
1391/* DES3-CBC-MAC PKCS#5 pad*/
1392#define mac_cbc_vect9_key mac_cbc_vect6_key
1393#define mac_cbc_vect9_data mac_cbc_vect7_data
1394static const uint8_t mac_cbc_vect9_out[] = {
1395 0xD4, 0xF7, 0x3E, 0x27, 0x78, 0x0E, 0x1C, 0x79, /* ..>'x..y */
1396};
1397
1398/*
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1399 * DES3-CBC-MAC, with key size of 112bit
1400 * out obtained with:
1401 * echo -n "Cipher block chaining (CBC) is a common chaining mode in which the previous block's ciphertext is xored with the current block's plaintext before encryption...."|openssl enc -iv 0 -des3 -K 303132333435363738394142434445463031323334353637 |xxd
1402 */
1403/* DES3-CBC-MAC PKCS#5 pad*/
1404static const uint8_t mac_cbc_vect10_key[] = {
1405 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1406 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1407};
1408#define mac_cbc_vect10_data mac_cbc_vect1_data
1409static const uint8_t mac_cbc_vect10_out[] = {
1410 0x30, 0x92, 0x60, 0x99, 0x66, 0xac, 0x8c, 0xa6,
1411};
1412
1413
1414/*
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1415 * AES-CMAC
1416 * Test vectors from
1417 * http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
1418 */
1419
1420/* AES-128 */
1421static const uint8_t mac_cmac_vect1_key[] = {
1422 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
1423 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
1424};
1425
1426static const uint8_t mac_cmac_vect1_out[] = {
1427 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
1428 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46
1429};
1430
1431#define mac_cmac_vect2_key mac_cmac_vect1_key
1432static const uint8_t mac_cmac_vect2_data[] = {
1433 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1434 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1435};
1436
1437static const uint8_t mac_cmac_vect2_out[] = {
1438 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
1439 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
1440};
1441
1442#define mac_cmac_vect3_key mac_cmac_vect1_key
1443static const uint8_t mac_cmac_vect3_data[] = {
1444 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1445 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1446 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1447 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1448 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1449};
1450
1451static const uint8_t mac_cmac_vect3_out[] = {
1452 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30,
1453 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27
1454};
1455
1456#define mac_cmac_vect4_key mac_cmac_vect1_key
1457static const uint8_t mac_cmac_vect4_data[] = {
1458 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1459 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1460 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1461 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1462 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1463 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1464 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1465 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1466};
1467
1468static const uint8_t mac_cmac_vect4_out[] = {
1469 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
1470 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe
1471};
1472
1473/* AES-192 */
1474static const uint8_t mac_cmac_vect5_key[] = {
1475 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
1476 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
1477 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
1478};
1479
1480static const uint8_t mac_cmac_vect5_out[] = {
1481 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5,
1482 0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67
1483};
1484
1485
1486#define mac_cmac_vect6_key mac_cmac_vect5_key
1487static const uint8_t mac_cmac_vect6_data[] = {
1488 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1489 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1490};
1491
1492static const uint8_t mac_cmac_vect6_out[] = {
1493 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90,
1494 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84
1495};
1496
1497#define mac_cmac_vect7_key mac_cmac_vect5_key
1498static const uint8_t mac_cmac_vect7_data[] = {
1499 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1500 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1501 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1502 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1503 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1504};
1505
1506static const uint8_t mac_cmac_vect7_out[] = {
1507 0x8a, 0x1d, 0xe5, 0xbe, 0x2e, 0xb3, 0x1a, 0xad,
1508 0x08, 0x9a, 0x82, 0xe6, 0xee, 0x90, 0x8b, 0x0e
1509};
1510
1511#define mac_cmac_vect8_key mac_cmac_vect5_key
1512static const uint8_t mac_cmac_vect8_data[] = {
1513 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1514 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1515 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1516 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1517 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1518 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1519 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1520 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1521};
1522
1523static const uint8_t mac_cmac_vect8_out[] = {
1524 0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79,
1525 0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11
1526};
1527
1528/* AES-256 */
1529static const uint8_t mac_cmac_vect9_key[] = {
1530 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
1531 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
1532 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
1533 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
1534};
1535
1536static const uint8_t mac_cmac_vect9_out[] = {
1537 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e,
1538 0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83
1539};
1540
1541#define mac_cmac_vect10_key mac_cmac_vect9_key
1542static const uint8_t mac_cmac_vect10_data[] = {
1543 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1544 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
1545};
1546
1547static const uint8_t mac_cmac_vect10_out[] = {
1548 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82,
1549 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c
1550};
1551
1552#define mac_cmac_vect11_key mac_cmac_vect9_key
1553static const uint8_t mac_cmac_vect11_data[] = {
1554 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1555 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1556 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1557 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1558 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11
1559};
1560
1561static const uint8_t mac_cmac_vect11_out[] = {
1562 0xaa, 0xf3, 0xd8, 0xf1, 0xde, 0x56, 0x40, 0xc2,
1563 0x32, 0xf5, 0xb1, 0x69, 0xb9, 0xc9, 0x11, 0xe6
1564};
1565
1566#define mac_cmac_vect12_key mac_cmac_vect9_key
1567static const uint8_t mac_cmac_vect12_data[] = {
1568 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
1569 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
1570 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
1571 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
1572 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
1573 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
1574 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
1575 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
1576};
1577
1578static const uint8_t mac_cmac_vect12_out[] = {
1579 0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5,
1580 0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10
1581};
1582
1583struct xtest_mac_case {
1584 uint32_t algo;
1585 uint32_t key_type;
1586 const uint8_t *key;
1587 size_t key_len;
1588 size_t in_incr;
1589 const uint8_t *in;
1590 size_t in_len;
1591 const uint8_t *out;
1592 size_t out_len;
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1593 bool multiple_incr;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1594};
1595
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1596#define XTEST_MAC_CASE_1(algo, key_type, key, in_incr, in, out) \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1597 { (algo), (key_type), (key), ARRAY_SIZE(key), \
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1598 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), false }
1599
1600#define XTEST_MAC_CASE_MULT(algo, key_type, key, in_incr, in, out) \
1601 { (algo), (key_type), (key), ARRAY_SIZE(key), \
1602 (in_incr), (in), ARRAY_SIZE(in), (out), ARRAY_SIZE(out), true }
1603
1604#define XTEST_MAC_CASE(algo, key_type, key, in_incr, in, out) \
1605 XTEST_MAC_CASE_1((algo), (key_type), (key), (in_incr), (in), (out)), \
1606 XTEST_MAC_CASE_MULT((algo), (key_type), (key), (in_incr), (in), (out))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1607
1608#define XTEST_MAC_CBC_CASE(algo, key_type, vect, in_incr) \
1609 XTEST_MAC_CASE((algo), (key_type), \
1610 mac_cbc_ ## vect ## _key, (in_incr), \
1611 mac_cbc_ ## vect ## _data, mac_cbc_ ## vect ## _out)
1612
1613#define XTEST_MAC_CMAC_CASE(vect, in_incr) \
1614 XTEST_MAC_CASE(TEE_ALG_AES_CMAC, TEE_TYPE_AES, \
1615 mac_cmac_ ## vect ## _key, (in_incr), \
1616 mac_cmac_ ## vect ## _data, mac_cmac_ ## vect ## _out)
1617
1618static const struct xtest_mac_case mac_cases[] = {
1619 XTEST_MAC_CASE(TEE_ALG_HMAC_MD5, TEE_TYPE_HMAC_MD5,
1620 mac_data_md5_key1,
1621 4, mac_data_md5_in1, mac_data_md5_out1),
1622 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA1, TEE_TYPE_HMAC_SHA1,
1623 mac_data_sha1_key1,
1624 5, mac_data_sha1_in1, mac_data_sha1_out1),
1625 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA224, TEE_TYPE_HMAC_SHA224,
1626 mac_data_sha224_key1,
1627 8, mac_data_sha224_in1, mac_data_sha224_out1),
1628 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1629 mac_data_sha256_key1,
1630 1, mac_data_sha256_in1, mac_data_sha256_out1),
1631 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA256, TEE_TYPE_HMAC_SHA256,
1632 mac_data_sha256_key2,
1633 7, mac_data_sha256_in2, mac_data_sha256_out2),
1634 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA384, TEE_TYPE_HMAC_SHA384,
1635 mac_data_sha384_key1,
1636 11, mac_data_sha384_in1, mac_data_sha384_out1),
1637 XTEST_MAC_CASE(TEE_ALG_HMAC_SHA512, TEE_TYPE_HMAC_SHA512,
1638 mac_data_sha512_key1,
1639 13, mac_data_sha512_in1, mac_data_sha512_out1),
1640
1641 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_NOPAD, TEE_TYPE_AES, vect1, 14),
1642 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_NOPAD, TEE_TYPE_DES, vect2, 16),
1643 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_NOPAD, TEE_TYPE_DES3, vect3,
1644 17),
1645 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect4, 11),
1646 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect5, 9),
1647 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect6, 4),
1648 XTEST_MAC_CBC_CASE(TEE_ALG_AES_CBC_MAC_PKCS5, TEE_TYPE_AES, vect7, 3),
1649 XTEST_MAC_CBC_CASE(TEE_ALG_DES_CBC_MAC_PKCS5, TEE_TYPE_DES, vect8, 23),
1650 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect9,
1651 34),
Pascal Brand5c3d8092015-07-23 08:20:26 +0200[diff] [blame]1652 XTEST_MAC_CBC_CASE(TEE_ALG_DES3_CBC_MAC_PKCS5, TEE_TYPE_DES3, vect10, 4),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1653
1654 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect1_key,
1655 ARRAY_SIZE(mac_cmac_vect1_key), 0, NULL, 0, mac_cmac_vect1_out,
1656 ARRAY_SIZE(mac_cmac_vect1_out) },
1657 XTEST_MAC_CMAC_CASE(vect2, 9),
1658 XTEST_MAC_CMAC_CASE(vect3, 9),
1659 XTEST_MAC_CMAC_CASE(vect4, 9),
1660 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect5_key,
1661 ARRAY_SIZE(mac_cmac_vect5_key), 0, NULL, 0, mac_cmac_vect5_out,
1662 ARRAY_SIZE(mac_cmac_vect5_out) },
1663 XTEST_MAC_CMAC_CASE(vect6, 9),
1664 XTEST_MAC_CMAC_CASE(vect7, 9),
1665 XTEST_MAC_CMAC_CASE(vect8, 9),
1666 { TEE_ALG_AES_CMAC, TEE_TYPE_AES, mac_cmac_vect9_key,
1667 ARRAY_SIZE(mac_cmac_vect9_key), 0, NULL, 0, mac_cmac_vect9_out,
1668 ARRAY_SIZE(mac_cmac_vect9_out) },
1669 XTEST_MAC_CMAC_CASE(vect10, 9),
1670 XTEST_MAC_CMAC_CASE(vect11, 9),
1671 XTEST_MAC_CMAC_CASE(vect12, 9),
Jerome Forissier9f17e262019-12-13 14:12:41 +0100[diff] [blame]1672
1673 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1674 mac_data_sm3_d31_key,
1675 13, mac_data_sm3_d31_in, mac_data_sm3_d31_out),
1676 XTEST_MAC_CASE(TEE_ALG_HMAC_SM3, TEE_TYPE_HMAC_SM3,
1677 mac_data_sm3_d32_key,
1678 13, mac_data_sm3_d32_in, mac_data_sm3_d32_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1679};
1680
1681static void xtest_tee_test_4002(ADBG_Case_t *c)
1682{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1683 TEEC_Session session = { };
1684 TEE_OperationHandle op1 = TEE_HANDLE_NULL;
1685 TEE_OperationHandle op2 = TEE_HANDLE_NULL;
1686 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
1687 uint8_t out[64] = { };
1688 size_t out_size = 0;
1689 uint32_t ret_orig = 0;
1690 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1691
1692 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1693 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
1694 &ret_orig)))
1695 return;
1696
1697 for (n = 0; n < ARRAY_SIZE(mac_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]1698 TEE_Attribute key_attr = { };
1699 size_t key_size = 0;
1700 size_t offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1701
1702 Do_ADBG_BeginSubCase(c, "MAC case %d algo 0x%x",
1703 (int)n, (unsigned int)mac_cases[n].algo);
1704
1705 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
1706 key_attr.content.ref.buffer = (void *)mac_cases[n].key;
1707 key_attr.content.ref.length = mac_cases[n].key_len;
1708
1709 key_size = key_attr.content.ref.length * 8;
1710 if (mac_cases[n].key_type == TEE_TYPE_DES ||
1711 mac_cases[n].key_type == TEE_TYPE_DES3)
1712 /* Exclude parity in bit size of key */
1713 key_size -= key_size / 8;
1714
1715 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1716 ta_crypt_cmd_allocate_operation(c, &session, &op1,
1717 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1718 goto out;
1719
1720 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1721 ta_crypt_cmd_allocate_operation(c, &session, &op2,
1722 mac_cases[n].algo, TEE_MODE_MAC, key_size)))
1723 goto out;
1724
1725 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1726 ta_crypt_cmd_allocate_transient_object(c, &session,
1727 mac_cases[n].key_type, key_size, &key_handle)))
1728 goto out;
1729
1730 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1731 ta_crypt_cmd_populate_transient_object(c, &session,
1732 key_handle, &key_attr, 1)))
1733 goto out;
1734
1735 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1736 ta_crypt_cmd_set_operation_key(c, &session, op1,
1737 key_handle)))
1738 goto out;
1739
1740 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1741 ta_crypt_cmd_free_transient_object(c, &session,
1742 key_handle)))
1743 goto out;
1744
1745 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1746 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1747 goto out;
1748
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1749 offs = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1750 if (mac_cases[n].in != NULL) {
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1751 while (offs + mac_cases[n].in_incr <
1752 mac_cases[n].in_len) {
1753 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1754 ta_crypt_cmd_mac_update(c, &session,
1755 op1, mac_cases[n].in + offs,
1756 mac_cases[n].in_incr)))
1757 goto out;
1758 offs += mac_cases[n].in_incr;
1759 if (!mac_cases[n].multiple_incr)
1760 break;
1761 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1762 }
1763
1764 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1765 ta_crypt_cmd_copy_operation(c, &session, op2, op1)))
1766 goto out;
1767
1768 out_size = sizeof(out);
1769 memset(out, 0, sizeof(out));
1770 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1771 ta_crypt_cmd_mac_final_compute(c, &session, op2,
Jerome Forissier3dec7442019-01-30 17:50:05 +0100[diff] [blame]1772 mac_cases[n].in + offs,
1773 mac_cases [n].in_len - offs,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1774 out, &out_size)))
1775 goto out;
1776
1777 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1778 mac_cases[n].out_len, out, out_size);
1779
1780 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1781 ta_crypt_cmd_mac_init(c, &session, op1, NULL, 0)))
1782 goto out;
1783
1784 out_size = sizeof(out);
1785 memset(out, 0, sizeof(out));
1786 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1787 ta_crypt_cmd_mac_final_compute(c, &session, op1,
1788 mac_cases[n].in, mac_cases[n].in_len, out,
1789 &out_size)))
1790 goto out;
1791
1792 (void)ADBG_EXPECT_BUFFER(c, mac_cases[n].out,
1793 mac_cases[n].out_len, out, out_size);
1794
1795 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1796 ta_crypt_cmd_free_operation(c, &session, op1)))
1797 goto out;
1798
1799 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
1800 ta_crypt_cmd_free_operation(c, &session, op2)))
1801 goto out;
1802
1803 Do_ADBG_EndSubCase(c, NULL);
1804 }
1805out:
1806 TEEC_CloseSession(&session);
1807}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]1808ADBG_CASE_DEFINE(regression, 4002, xtest_tee_test_4002,
1809 "Test TEE Internal API MAC operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1810
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1811static const uint8_t ciph_data_aes_key1[] = {
1812 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1813 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1814};
1815
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1816static const uint8_t ciph_data_aes_key2[] = {
1817 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1818 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02,
1819};
1820
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1821static const uint8_t ciph_data_des_key1[] = {
1822 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37 /* 01234567 */
1823};
1824
1825static const uint8_t ciph_data_des_key2[] = {
1826 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1827};
1828
1829
1830static const uint8_t ciph_data_des3_key1[] = {
1831 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1832 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1833 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1834};
1835
1836static const uint8_t ciph_data_des3_key2[] = {
1837 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1838 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1,
1839 0x13, 0x34, 0x57, 0x79, 0x9B, 0xBC, 0xDF, 0xF1
1840};
1841
1842static const uint8_t ciph_data_des2_key1[] = {
1843 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1844 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1845};
1846
1847static const uint8_t ciph_data_in1[] = {
1848 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1849 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1850 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1851 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1852 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1853 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1854};
1855
1856static const uint8_t ciph_data_in3[] = {
1857 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1858 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1859 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1860 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1861 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1862 0x43, 0x44, 0x45, 0x46, 0x30, /* CDEF0 */
1863};
1864
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1865static const uint8_t ciph_data_in4[] = {
1866 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, /* 23456789 */
1867 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, /* ABCDEF01 */
1868 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, /* 3456789A */
1869 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, /* BCDEF012 */
1870 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, /* 456789AB */
1871 0x43, 0x44, 0x45, 0x46, 0x30, 0x31, 0x32, 0x33, /* CDEF0123 */
1872 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1873 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1874};
1875
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1876static const uint8_t ciph_data_in5[] = {
1877 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1878 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1879 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1880 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1881 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1882 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1883 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1884 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1885 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
1886 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1887 0x01, 0x01, 0x01
1888};
1889
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1890static const uint8_t ciph_data_128_iv1[] = {
1891 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1892 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x30, /* 9ABCDEF0 */
1893};
1894
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1895static const uint8_t ciph_data_128_iv2[] = {
1896 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1897 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
1898};
1899
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1900static const uint8_t ciph_data_64_iv1[] = {
1901 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, /* 12345678 */
1902};
1903
1904static const uint8_t ciph_data_in2[] = {
1905 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
1906};
1907
1908static const uint8_t ciph_data_aes_ecb_nopad_out1[] = {
1909 0xA5, 0xBE, 0x14, 0xD5, 0x01, 0x05, 0x24, 0x48, /* ......$H */
1910 0x58, 0x1A, 0x6B, 0x82, 0xD4, 0x41, 0xD2, 0xB3, /* X.k..A.. */
1911 0xBB, 0xF9, 0xAE, 0x37, 0x94, 0xAC, 0x18, 0x50, /* ...7...P */
1912 0x87, 0x09, 0xCC, 0x3F, 0x43, 0xD2, 0xC2, 0xB7, /* ...?C... */
1913 0xD7, 0x6F, 0x84, 0x07, 0xB4, 0x78, 0xCE, 0x34, /* .o...x.4 */
1914 0x48, 0xC9, 0x16, 0x86, 0x42, 0xB8, 0xFF, 0xCF, /* H...B... */
1915};
1916
1917static const uint8_t ciph_data_aes_cbc_nopad_out1[] = {
1918 0x8D, 0x9F, 0x88, 0xD8, 0xAF, 0x9F, 0xC1, 0x3B, /* .......; */
1919 0x02, 0x15, 0x43, 0x6A, 0x8C, 0x1E, 0x34, 0x5C, /* ..Cj..4\ */
1920 0x83, 0xF4, 0x85, 0x3E, 0x43, 0x0F, 0xE5, 0x5F, /* ...>C.._ */
1921 0x81, 0x4C, 0xC0, 0x28, 0x3F, 0xD9, 0x98, 0x53, /* .L.(?..S */
1922 0xB1, 0x44, 0x51, 0x38, 0x21, 0xAB, 0x10, 0xCE, /* .DQ8!... */
1923 0xC2, 0xEC, 0x65, 0x54, 0xDD, 0x5C, 0xEA, 0xDC, /* ..eT.\.. */
1924};
1925
1926static const uint8_t ciph_data_aes_ctr_out1[] = {
1927 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1928 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1929 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1930 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1931 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1932 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1933};
1934
1935static const uint8_t ciph_data_aes_ctr_out2[] = {
1936 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1937 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1938 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1939 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1940 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1941 0x72, 0x0E, 0x3C, 0xD1, 0xA1, /* r.<.. */
1942};
1943
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]1944static const uint8_t ciph_data_aes_ctr_out4[] = {
1945 0xD2, 0xDD, 0x11, 0xA8, 0xF7, 0xB0, 0xAE, 0x55, /* .......U */
1946 0xBE, 0x61, 0x7A, 0xE6, 0xA1, 0x6C, 0x79, 0xF4, /* .az..ly. */
1947 0x62, 0x51, 0x7B, 0xE9, 0x7C, 0xA0, 0x31, 0x0C, /* bQ{.|.1. */
1948 0x24, 0x15, 0x70, 0x7F, 0x47, 0x37, 0x69, 0xE0, /* $.p.G7i. */
1949 0x24, 0xC3, 0x29, 0xCD, 0xF2, 0x26, 0x69, 0xFF, /* $.)..&i. */
1950 0x72, 0x0E, 0x3C, 0xD1, 0xA1, 0x2F, 0x5D, 0x33, /* r.<../]3 */
1951 0x9F, 0xD7, 0x0C, 0x92, 0xD4, 0xA5, 0x9D, 0x06, /* ........ */
1952 0x01, 0x80, 0x38, 0xCD, 0xC2, 0x71, 0x5D, 0x4A, /* ..8..q]J */
1953};
1954
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1955static const uint8_t ciph_data_aes_ctr_out5[] = {
1956 0xbb, 0xfe, 0x07, 0x04, 0x1c, 0x8e, 0x09, 0x61,
1957 0xfb, 0xb1, 0x7c, 0xa5, 0x4d, 0x2b, 0x30, 0xf6,
1958 0x26, 0x9e, 0xff, 0x61, 0x18, 0x47, 0xc6, 0x06,
1959 0x81, 0x02, 0x84, 0xcd, 0x9c, 0x4b, 0x6d, 0x21,
1960 0xe2, 0x64, 0xa6, 0x50, 0x7f, 0x28, 0x81, 0x6f,
1961 0x29, 0xda, 0xd5, 0x56, 0x3f, 0x46, 0xac, 0xca,
1962 0x37, 0xe7, 0x77, 0x36, 0xbc, 0x76, 0x39, 0x57,
1963 0xaa, 0x67, 0x1b, 0x2a, 0xe6, 0x36, 0x57, 0x6d,
Jerome Forissierbf9009e2018-06-05 18:44:42 +0200[diff] [blame]1964 0x2a, 0xb8, 0x77, 0x41, 0xc2, 0x4e, 0x4f, 0x27,
1965 0x4c, 0x34, 0x7a, 0x01, 0x6a, 0xda, 0x75, 0x75,
1966 0x3e, 0x68, 0xb2
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]1967};
1968
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]1969static const uint8_t ciph_data_aes_cbc_vect1_key[] = {
1970 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 01234567 */
1971 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, /* 89ABCDEF */
1972};
1973
1974static const uint8_t ciph_data_aes_cbc_vect1_iv[] = {
1975 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1976 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* ........ */
1977};
1978
1979static const uint8_t ciph_data_aes_cbc_vect1_ptx[] = {
1980 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x20, 0x62, /* Cipher b */
1981 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x63, 0x68, 0x61, /* lock cha */
1982 0x69, 0x6E, 0x69, 0x6E, 0x67, 0x20, 0x28, 0x43, /* ining (C */
1983 0x42, 0x43, 0x29, 0x20, 0x69, 0x73, 0x20, 0x61, /* BC) is a */
1984 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x6F, 0x6E, 0x20, /* common */
1985 0x63, 0x68, 0x61, 0x69, 0x6E, 0x69, 0x6E, 0x67, /* chaining */
1986 0x20, 0x6D, 0x6F, 0x64, 0x65, 0x20, 0x69, 0x6E, /* mode in */
1987 0x20, 0x77, 0x68, 0x69, 0x63, 0x68, 0x20, 0x74, /* which t */
1988 0x68, 0x65, 0x20, 0x70, 0x72, 0x65, 0x76, 0x69, /* he previ */
1989 0x6F, 0x75, 0x73, 0x20, 0x62, 0x6C, 0x6F, 0x63, /* ous bloc */
1990 0x6B, 0x27, 0x73, 0x20, 0x63, 0x69, 0x70, 0x68, /* k's ciph */
1991 0x65, 0x72, 0x74, 0x65, 0x78, 0x74, 0x20, 0x69, /* ertext i */
1992 0x73, 0x20, 0x78, 0x6F, 0x72, 0x65, 0x64, 0x20, /* s xored */
1993 0x77, 0x69, 0x74, 0x68, 0x20, 0x74, 0x68, 0x65, /* with the */
1994 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6E, 0x74, /* current */
1995 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x27, 0x73, /* block's */
1996 0x20, 0x70, 0x6C, 0x61, 0x69, 0x6E, 0x74, 0x65, /* plainte */
1997 0x78, 0x74, 0x20, 0x62, 0x65, 0x66, 0x6F, 0x72, /* xt befor */
1998 0x65, 0x20, 0x65, 0x6E, 0x63, 0x72, 0x79, 0x70, /* e encryp */
1999 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x2E, 0x2E, 0x2E, /* tion.... */
2000};
2001
2002static const uint8_t ciph_data_aes_cbc_vect1_ctx[] = {
2003 0xDD, 0x16, 0xC3, 0x47, 0x69, 0xEC, 0xF5, 0x86, /* ...Gi... */
2004 0x20, 0xB4, 0xF7, 0xE3, 0xB9, 0x36, 0xE8, 0xAC, /* ....6.. */
2005 0xC9, 0xA2, 0x11, 0x71, 0x3B, 0x10, 0x9D, 0x45, /* ...q;..E */
2006 0xCA, 0xE2, 0x49, 0xA6, 0x4E, 0x56, 0x07, 0xC5, /* ..I.NV.. */
2007 0xCE, 0xA3, 0x14, 0xB5, 0x30, 0x1B, 0x63, 0xBB, /* ....0.c. */
2008 0x2D, 0x6F, 0xE9, 0xCA, 0x0B, 0x00, 0x31, 0x3F, /* -o....1? */
2009 0xA4, 0x9A, 0x39, 0xE1, 0xC8, 0xD2, 0x24, 0x95, /* ..9...$. */
2010 0x14, 0xE9, 0xD2, 0x43, 0xE8, 0xA8, 0x1E, 0x0A, /* ...C.... */
2011 0xFE, 0x9D, 0x4F, 0xF5, 0xBB, 0x16, 0xB9, 0x54, /* ..O....T */
2012 0x78, 0x07, 0x94, 0x05, 0x8E, 0x47, 0xC3, 0xCB, /* x....G.. */
2013 0x7C, 0xEC, 0xF4, 0xF8, 0xF2, 0xA4, 0x59, 0x6E, /* |.....Yn */
2014 0xED, 0xAD, 0x7F, 0x62, 0xAF, 0x89, 0xA8, 0x5B, /* ...b...[ */
2015 0x75, 0xD4, 0x73, 0xE3, 0xBA, 0x9F, 0x9A, 0xD2, /* u.s..... */
2016 0x0F, 0xFD, 0x3C, 0xE6, 0xC6, 0xA4, 0xD6, 0x6C, /* ..<....l */
2017 0x6A, 0x09, 0xE2, 0x16, 0xB0, 0x8C, 0x69, 0x3C, /* j.....i< */
2018 0xC8, 0x1C, 0xE4, 0x3E, 0x86, 0x4D, 0xB0, 0x2B, /* ...>.M.+ */
2019 0x29, 0xA0, 0x5A, 0xA3, 0x67, 0xBA, 0xDC, 0x11, /* ).Z.g... */
2020 0x08, 0x5E, 0x69, 0xB4, 0x6F, 0xA5, 0xE2, 0xB8, /* .^i.o... */
2021 0xC9, 0x6E, 0x83, 0x7E, 0x35, 0xC8, 0xA7, 0xA0, /* .n.~5... */
2022 0x33, 0xA3, 0xB1, 0x4B, 0x5A, 0x92, 0x51, 0x2E, /* 3..KZ.Q. */
2023};
2024
2025/* AES-CTS test vectors from http://tools.ietf.org/html/rfc3962
2026 * and http://tools.ietf.org/html/draft-raeburn-krb-rijndael-krb-02 */
2027static const uint8_t ciph_data_aes_cts_vect1_key[] = {
2028 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
2029 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
2030};
2031
2032static const uint8_t ciph_data_aes_cts_vect1_iv[16] = {
2033 0x00
2034};
2035
2036static const uint8_t ciph_data_aes_cts_vect1_ptx[] = {
2037 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2038 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2039 0x20
2040};
2041
2042static const uint8_t ciph_data_aes_cts_vect1_ctx[] = {
2043 0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
2044 0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
2045 0x97
2046};
2047
2048#define ciph_data_aes_cts_vect2_key ciph_data_aes_cts_vect1_key
2049#define ciph_data_aes_cts_vect2_iv ciph_data_aes_cts_vect1_iv
2050static const uint8_t ciph_data_aes_cts_vect2_ptx[] = {
2051 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2052 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2053 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2054 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20
2055};
2056
2057static const uint8_t ciph_data_aes_cts_vect2_ctx[] = {
2058 0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
2059 0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
2060 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2061 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
2062};
2063
2064#define ciph_data_aes_cts_vect3_key ciph_data_aes_cts_vect1_key
2065#define ciph_data_aes_cts_vect3_iv ciph_data_aes_cts_vect1_iv
2066static const uint8_t ciph_data_aes_cts_vect3_ptx[] = {
2067 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2068 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2069 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2070 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2071};
2072
2073static const uint8_t ciph_data_aes_cts_vect3_ctx[] = {
2074 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2075 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2076 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2077 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2078};
2079
2080#define ciph_data_aes_cts_vect4_key ciph_data_aes_cts_vect1_key
2081#define ciph_data_aes_cts_vect4_iv ciph_data_aes_cts_vect1_iv
2082static const uint8_t ciph_data_aes_cts_vect4_ptx[] = {
2083 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2084 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2085 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2086 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2087 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2088 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c,
2089};
2090
2091static const uint8_t ciph_data_aes_cts_vect4_ctx[] = {
2092 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2093 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2094 0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
2095 0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
2096 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2097 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5,
2098};
2099
2100#define ciph_data_aes_cts_vect5_key ciph_data_aes_cts_vect1_key
2101#define ciph_data_aes_cts_vect5_iv ciph_data_aes_cts_vect1_iv
2102static const uint8_t ciph_data_aes_cts_vect5_ptx[] = {
2103 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2104 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2105 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2106 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2107 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2108 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
2109};
2110
2111static const uint8_t ciph_data_aes_cts_vect5_ctx[] = {
2112 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2113 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2114 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
2115 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
2116 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2117 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2118};
2119
2120#define ciph_data_aes_cts_vect6_key ciph_data_aes_cts_vect1_key
2121#define ciph_data_aes_cts_vect6_iv ciph_data_aes_cts_vect1_iv
2122static const uint8_t ciph_data_aes_cts_vect6_ptx[] = {
2123 0x49, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20,
2124 0x6c, 0x69, 0x6b, 0x65, 0x20, 0x74, 0x68, 0x65,
2125 0x20, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c,
2126 0x20, 0x47, 0x61, 0x75, 0x27, 0x73, 0x20, 0x43,
2127 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x2c, 0x20,
2128 0x70, 0x6c, 0x65, 0x61, 0x73, 0x65, 0x2c, 0x20,
2129 0x61, 0x6e, 0x64, 0x20, 0x77, 0x6f, 0x6e, 0x74,
2130 0x6f, 0x6e, 0x20, 0x73, 0x6f, 0x75, 0x70, 0x2e,
2131};
2132
2133static const uint8_t ciph_data_aes_cts_vect6_ctx[] = {
2134 0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
2135 0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
2136 0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
2137 0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
2138 0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
2139 0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
2140 0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
2141 0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
2142};
2143
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2144/*
2145 * Test case for https://github.com/OP-TEE/optee_os/issues/1203
2146 * 80 bytes of data, processed in two steps (32 + 48).
2147 */
2148
2149#define ciph_data_aes_cts_issue1203_key ciph_data_aes_cts_vect1_key
2150
2151static const uint8_t ciph_data_aes_cts_issue1203_iv[] = {
2152 0x5b, 0x11, 0x7b, 0xf9, 0x83, 0x6a, 0x01, 0x27,
2153 0x1d, 0x2a, 0xae, 0x0a, 0xd3, 0x27, 0x35, 0x81,
2154};
2155
2156static const uint8_t ciph_data_aes_cts_issue1203_ptx[] = {
2157 0x33, 0x2a, 0xf4, 0x8c, 0x18, 0xa1, 0x30, 0x7c,
2158 0xa7, 0x52, 0x76, 0xca, 0xa6, 0x68, 0xad, 0xf6,
2159 0x1e, 0xba, 0xc9, 0x66, 0x66, 0x52, 0x1a, 0xe7,
2160 0x3e, 0xbc, 0xba, 0x60, 0x95, 0x71, 0x04, 0x5e,
2161 0xb4, 0xb7, 0x10, 0xd7, 0x93, 0x6d, 0x5f, 0x9a,
2162 0xb8, 0xbb, 0x6b, 0xb0, 0x6d, 0x47, 0x93, 0x41,
2163 0x29, 0x21, 0xf2, 0x84, 0xf5, 0xb2, 0xf2, 0x6d,
2164 0xbe, 0xe5, 0x8a, 0x2b, 0x58, 0x8d, 0x1b, 0x5e,
2165 0x41, 0x04, 0xba, 0x9e, 0x92, 0xe9, 0x52, 0xb6,
2166 0x8b, 0x1e, 0x36, 0x72, 0x91, 0xe4, 0x56, 0x66,
2167};
2168
2169/*
2170 * Ciphertext was generated by an online tool for AES CBC.
2171 * Since the input size is a multiple of the block size, and the ciphertext
2172 * format is CS3, the output is the same as plain AES CBC with the last
2173 * two blocks swapped.
2174 */
2175static const uint8_t ciph_data_aes_cts_issue1203_ctx[] = {
2176 0x6c, 0xfe, 0xef, 0x6a, 0x1c, 0x8f, 0xd3, 0xc3,
2177 0x66, 0xc4, 0xd9, 0x0e, 0xbe, 0x24, 0x17, 0x3f,
2178 0xcd, 0x19, 0xc9, 0xd2, 0x10, 0x3f, 0xcf, 0xdc,
2179 0xe9, 0x05, 0xab, 0xd5, 0x1a, 0x31, 0x41, 0x77,
2180 0x3b, 0xd7, 0x6a, 0x26, 0xae, 0x0d, 0xc9, 0x47,
2181 0x77, 0xd4, 0xa7, 0xd5, 0x73, 0x88, 0x9e, 0xde,
2182 0x72, 0x66, 0xe0, 0xe2, 0x3d, 0x62, 0x91, 0x22,
2183 0xae, 0x11, 0x01, 0x97, 0x22, 0x6a, 0x45, 0xa9,
2184 0xba, 0x56, 0xd2, 0xbc, 0x55, 0x2d, 0x99, 0x4d,
2185 0x3d, 0x22, 0x27, 0x9a, 0xac, 0x66, 0x2f, 0xf5,
2186};
2187
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2188static const uint8_t ciph_data_des_ecb_nopad_out1[] = {
2189 0x46, 0x2B, 0x91, 0xA8, 0x55, 0xE6, 0x7E, 0x75, /* F+..U.~u */
2190 0x5E, 0x53, 0xF4, 0x8F, 0x29, 0x41, 0x4E, 0xEF, /* ^S..)AN. */
2191 0x32, 0x1B, 0x58, 0x42, 0x9B, 0xB4, 0x3A, 0x1F, /* 2.XB..:. */
2192 0x9A, 0xEA, 0xA4, 0xB4, 0xCD, 0xE9, 0x87, 0x7C, /* .......| */
2193 0xC0, 0x05, 0x34, 0xED, 0x86, 0x3C, 0x2A, 0x81, /* ..4..<.. */
2194 0x5E, 0x93, 0x0E, 0x86, 0xA9, 0xBB, 0x80, 0xFF, /* ^....... */
2195};
2196
2197static const uint8_t ciph_data_des_ecb_nopad_out2[] = {
2198 0x85, 0xE8, 0x13, 0x54, 0x0F, 0x0A, 0xB4, 0x05
2199};
2200
2201static const uint8_t ciph_data_des_cbc_nopad_out1[] = {
2202 0xAD, 0xD6, 0xD6, 0x3E, 0x88, 0xD0, 0xDD, 0xD4, /* ...>.... */
2203 0x9A, 0x93, 0x95, 0xA0, 0x86, 0x22, 0x5B, 0x9E, /* ....."[. */
2204 0x84, 0x0C, 0x6F, 0x12, 0x04, 0x11, 0x6F, 0xD4, /* ..o...o. */
2205 0x12, 0x29, 0xC6, 0x78, 0x0C, 0xFB, 0x58, 0x5B, /* .).x..X[ */
2206 0x66, 0x82, 0x0E, 0x52, 0xDC, 0x25, 0x16, 0x51, /* f..R.%.Q */
2207 0x69, 0xDF, 0xFE, 0x4E, 0x11, 0x1D, 0x9D, 0x08, /* i..N.... */
2208};
2209
2210static const uint8_t ciph_data_des3_ecb_nopad_out1[] = {
2211 0xA7, 0x46, 0xEC, 0xA8, 0x6A, 0x7F, 0x4A, 0xF1, /* .F..j.J. */
2212 0x44, 0x60, 0x37, 0x3B, 0x7F, 0x76, 0xE5, 0xFF, /* D`7;.v.. */
2213 0xC1, 0xE7, 0xA5, 0x04, 0x9C, 0x29, 0x5C, 0xA5, /* .....)\. */
2214 0xDD, 0xC8, 0xEE, 0x36, 0x1F, 0x48, 0xE0, 0xA9, /* ...6.H.. */
2215 0x82, 0x2D, 0x53, 0x84, 0x49, 0x69, 0x78, 0xFA, /* .-S.Iix. */
2216 0x23, 0x69, 0x1D, 0xF7, 0x08, 0x38, 0x44, 0x05, /* #i...8D. */
2217};
2218
2219static const uint8_t ciph_data_des3_cbc_nopad_out1[] = {
2220 0x18, 0x09, 0xEB, 0x98, 0xE4, 0x58, 0x72, 0x11, /* .....Xr. */
2221 0x30, 0x58, 0xAB, 0x38, 0xB0, 0xC9, 0x2B, 0xED, /* 0X.8..+. */
2222 0xDA, 0xC5, 0xE8, 0xA9, 0xF6, 0x8A, 0xA7, 0x80, /* ........ */
2223 0xBE, 0x54, 0x1F, 0x63, 0xF6, 0xEE, 0xA2, 0x4C, /* .T.c...L */
2224 0x7C, 0xEB, 0x84, 0x7D, 0xDA, 0xCA, 0x1E, 0xB2, /* |..}.... */
2225 0xED, 0x5E, 0x96, 0xB8, 0x01, 0x4B, 0x77, 0x02, /* .^...Kw. */
2226};
2227
2228static const uint8_t ciph_data_des2_ecb_nopad_out1[] = {
2229 0xAB, 0x12, 0xB6, 0xE2, 0x4A, 0x3A, 0x26, 0x14, /* ....J:&. */
2230 0xF0, 0x7D, 0x23, 0xD0, 0x55, 0xDF, 0x5C, 0x16, /* .}#.U.\. */
2231 0x43, 0x59, 0x1E, 0x44, 0x01, 0x76, 0xD7, 0x50, /* CY.D.v.P */
2232 0x44, 0xC0, 0x15, 0xDF, 0x2E, 0x7F, 0x8B, 0xC5, /* D....... */
2233 0xFF, 0x8B, 0x87, 0xFE, 0x33, 0xD7, 0xCB, 0x2C, /* ....3.., */
2234 0xDA, 0x79, 0x6F, 0xA4, 0x05, 0x2B, 0x30, 0xCE, /* .yo..+0. */
2235};
2236
2237static const uint8_t ciph_data_des2_cbc_nopad_out1[] = {
2238 0x47, 0x2F, 0xB1, 0x83, 0xC4, 0xBB, 0x93, 0x16, /* G/...... */
2239 0x73, 0xF9, 0xAD, 0x6F, 0x00, 0xF9, 0xCB, 0x4A, /* s..o...J */
2240 0x0F, 0x4F, 0x75, 0x75, 0xFB, 0x39, 0x0B, 0xFC, /* .Ouu.9.. */
2241 0x9F, 0x48, 0x52, 0xAD, 0xA2, 0x75, 0x2C, 0xF1, /* .HR..u, . */
2242 0x7D, 0xC3, 0x8F, 0x16, 0xCF, 0xC9, 0x76, 0x29, /* }.....v) */
2243 0x1A, 0xBF, 0xB3, 0xD9, 0x10, 0x7E, 0xAA, 0x49, /* .....~.I */
2244};
2245
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]2246/* SM4 ECB */
2247
2248static const uint8_t ciph_data_sm4_key1[] = {
2249 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2250 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2251};
2252
2253static const uint8_t ciph_data_sm4_in1[] = {
2254 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2255 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2256};
2257
2258static const uint8_t ciph_data_sm4_ecb_nopad_out1[] = {
2259 0x68, 0x1e, 0xdf, 0x34, 0xd2, 0x06, 0x96, 0x5e,
2260 0x86, 0xb3, 0xe9, 0x4f, 0x53, 0x6e, 0x42, 0x46,
2261};
2262
2263/*
2264 * SM4 CBC
2265 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.1
2266 */
2267static const uint8_t ciph_data_sm4_cbc_a221_key[] = {
2268 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2269 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2270};
2271
2272static const uint8_t ciph_data_sm4_cbc_a221_iv[] = {
2273 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
2274 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
2275};
2276
2277static const uint8_t ciph_data_sm4_cbc_a221_in[] = {
2278 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
2279 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
2280 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
2281 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
2282};
2283
2284static const uint8_t ciph_data_sm4_cbc_a221_out[] = {
2285 0x78, 0xeb, 0xb1, 0x1c, 0xc4, 0x0b, 0x0a, 0x48,
2286 0x31, 0x2a, 0xae, 0xb2, 0x04, 0x02, 0x44, 0xcb,
2287 0x4c, 0xb7, 0x01, 0x69, 0x51, 0x90, 0x92, 0x26,
2288 0x97, 0x9b, 0x0d, 0x15, 0xdc, 0x6a, 0x8f, 0x6d,
2289};
2290
2291/*
2292 * SM4 CBC
2293 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.2.2
2294 */
2295static const uint8_t ciph_data_sm4_cbc_a222_key[] = {
2296 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2297 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2298};
2299
2300static const uint8_t ciph_data_sm4_cbc_a222_iv[] = {
2301 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
2302 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
2303};
2304
2305static const uint8_t ciph_data_sm4_cbc_a222_in[] = {
2306 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
2307 0xcc, 0xcc, 0xcc, 0xcc, 0xdd, 0xdd, 0xdd, 0xdd,
2308 0xee, 0xee, 0xee, 0xee, 0xff, 0xff, 0xff, 0xff,
2309 0xaa, 0xaa, 0xaa, 0xaa, 0xbb, 0xbb, 0xbb, 0xbb,
2310};
2311
2312static const uint8_t ciph_data_sm4_cbc_a222_out[] = {
2313 0x0d, 0x3a, 0x6d, 0xdc, 0x2d, 0x21, 0xc6, 0x98,
2314 0x85, 0x72, 0x15, 0x58, 0x7b, 0x7b, 0xb5, 0x9a,
2315 0x91, 0xf2, 0xc1, 0x47, 0x91, 0x1a, 0x41, 0x44,
2316 0x66, 0x5e, 0x1f, 0xa1, 0xd4, 0x0b, 0xae, 0x38,
2317};
2318
2319/*
2320 * SM4 CTR
2321 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.1
2322 */
2323static const uint8_t ciph_data_sm4_ctr_a251_key[] = {
2324 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2325 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2326};
2327
2328static const uint8_t ciph_data_sm4_ctr_a251_iv[] = {
2329 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
2330 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
2331};
2332
2333static const uint8_t ciph_data_sm4_ctr_a251_in[] = {
2334 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2335 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2336 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
2337 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
2338 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
2339 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
2340 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2341 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2342};
2343
2344static const uint8_t ciph_data_sm4_ctr_a251_out[] = {
2345 0xac, 0x32, 0x36, 0xcb, 0x97, 0x0c, 0xc2, 0x07,
2346 0x91, 0x36, 0x4c, 0x39, 0x5a, 0x13, 0x42, 0xd1,
2347 0xa3, 0xcb, 0xc1, 0x87, 0x8c, 0x6f, 0x30, 0xcd,
2348 0x07, 0x4c, 0xce, 0x38, 0x5c, 0xdd, 0x70, 0xc7,
2349 0xf2, 0x34, 0xbc, 0x0e, 0x24, 0xc1, 0x19, 0x80,
2350 0xfd, 0x12, 0x86, 0x31, 0x0c, 0xe3, 0x7b, 0x92,
2351 0x6e, 0x02, 0xfc, 0xd0, 0xfa, 0xa0, 0xba, 0xf3,
2352 0x8b, 0x29, 0x33, 0x85, 0x1d, 0x82, 0x45, 0x14,
2353};
2354
2355/*
2356 * SM4 CTR
2357 * https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10#appendix-A.2.5.2
2358 */
2359static const uint8_t ciph_data_sm4_ctr_a252_key[] = {
2360 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
2361 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
2362};
2363
2364static const uint8_t ciph_data_sm4_ctr_a252_iv[] = {
2365 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
2366 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
2367};
2368
2369static const uint8_t ciph_data_sm4_ctr_a252_in[] = {
2370 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2371 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2372 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc,
2373 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
2374 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee, 0xee,
2375 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
2376 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
2377 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb,
2378};
2379
2380static const uint8_t ciph_data_sm4_ctr_a252_out[] = {
2381 0x5d, 0xcc, 0xcd, 0x25, 0xb9, 0x5a, 0xb0, 0x74,
2382 0x17, 0xa0, 0x85, 0x12, 0xee, 0x16, 0x0e, 0x2f,
2383 0x8f, 0x66, 0x15, 0x21, 0xcb, 0xba, 0xb4, 0x4c,
2384 0xc8, 0x71, 0x38, 0x44, 0x5b, 0xc2, 0x9e, 0x5c,
2385 0x0a, 0xe0, 0x29, 0x72, 0x05, 0xd6, 0x27, 0x04,
2386 0x17, 0x3b, 0x21, 0x23, 0x9b, 0x88, 0x7f, 0x6c,
2387 0x8c, 0xb5, 0xb8, 0x00, 0x91, 0x7a, 0x24, 0x88,
2388 0x28, 0x4b, 0xde, 0x9e, 0x16, 0xea, 0x29, 0x06,
2389};
2390
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2391struct xtest_ciph_case {
2392 uint32_t algo;
2393 uint32_t mode;
2394 uint32_t key_type;
2395 const uint8_t *key1;
2396 size_t key1_len;
2397 const uint8_t *key2;
2398 size_t key2_len;
2399 const uint8_t *iv;
2400 size_t iv_len;
2401 size_t in_incr;
2402 const uint8_t *in;
2403 size_t in_len;
2404 const uint8_t *out;
2405 size_t out_len;
2406 size_t line;
2407};
2408
2409#define XTEST_CIPH_CASE_NO_IV(algo, key_type, key, in_incr, ptx, ctx) \
2410 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2411 NULL, 0, NULL, 0, \
2412 (in_incr), (ptx), ARRAY_SIZE(ptx), (ctx), ARRAY_SIZE(ctx), \
2413 __LINE__ }, \
2414 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2415 NULL, 0, NULL, 0, \
2416 (in_incr), (ctx), ARRAY_SIZE(ctx), (ptx), ARRAY_SIZE(ptx), __LINE__ }
2417
2418#define XTEST_CIPH_CASE(algo, key_type, key, iv, in_incr, ptx, ctx) \
2419 { (algo), TEE_MODE_ENCRYPT, (key_type), (key), ARRAY_SIZE(key), \
2420 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ptx), ARRAY_SIZE(ptx), \
2421 (ctx), ARRAY_SIZE(ctx), __LINE__ }, \
2422 { (algo), TEE_MODE_DECRYPT, (key_type), (key), ARRAY_SIZE(key), \
2423 NULL, 0, iv, ARRAY_SIZE(iv), (in_incr), (ctx), ARRAY_SIZE(ctx), \
2424 (ptx), ARRAY_SIZE(ptx), __LINE__ }
2425
2426#define XTEST_CIPH_CASE_AES_XTS(vect, in_incr) \
2427 { TEE_ALG_AES_XTS, TEE_MODE_ENCRYPT, TEE_TYPE_AES, \
2428 ciph_data_aes_xts_ ## vect ## _key1, \
2429 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2430 ciph_data_aes_xts_ ## vect ## _key2, \
2431 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2432 ciph_data_aes_xts_ ## vect ## _iv, \
2433 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2434 (in_incr), \
2435 ciph_data_aes_xts_ ## vect ## _ptx, \
2436 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), \
2437 ciph_data_aes_xts_ ## vect ## _ctx, \
2438 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), __LINE__ }, \
2439 { TEE_ALG_AES_XTS, TEE_MODE_DECRYPT, TEE_TYPE_AES, \
2440 ciph_data_aes_xts_ ## vect ## _key1, \
2441 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key1), \
2442 ciph_data_aes_xts_ ## vect ## _key2, \
2443 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _key2), \
2444 ciph_data_aes_xts_ ## vect ## _iv, \
2445 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _iv), \
2446 (in_incr), \
2447 ciph_data_aes_xts_ ## vect ## _ctx, \
2448 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ctx), \
2449 ciph_data_aes_xts_ ## vect ## _ptx, \
2450 ARRAY_SIZE(ciph_data_aes_xts_ ## vect ## _ptx), __LINE__ }
2451
2452#define XTEST_CIPH_CASE_AES_CBC(vect, in_incr) \
2453 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES, \
2454 ciph_data_aes_cbc_ ## vect ## _key, \
2455 ciph_data_aes_cbc_ ## vect ## _iv, \
2456 (in_incr), ciph_data_aes_cbc_ ## vect ## _ptx, \
2457 ciph_data_aes_cbc_ ## vect ## _ctx)
2458
2459#define XTEST_CIPH_CASE_AES_CTS(vect, in_incr) \
2460 XTEST_CIPH_CASE(TEE_ALG_AES_CTS, TEE_TYPE_AES, \
2461 ciph_data_aes_cts_ ## vect ## _key, \
2462 ciph_data_aes_cts_ ## vect ## _iv, \
2463 (in_incr), ciph_data_aes_cts_ ## vect ## _ptx, \
2464 ciph_data_aes_cts_ ## vect ## _ctx)
2465
2466static const struct xtest_ciph_case ciph_cases[] = {
2467 /* AES */
2468 XTEST_CIPH_CASE_NO_IV(TEE_ALG_AES_ECB_NOPAD, TEE_TYPE_AES,
2469 ciph_data_aes_key1, 11, ciph_data_in1,
2470 ciph_data_aes_ecb_nopad_out1),
2471 XTEST_CIPH_CASE(TEE_ALG_AES_CBC_NOPAD, TEE_TYPE_AES,
2472 ciph_data_aes_key1, ciph_data_128_iv1, 11,
2473 ciph_data_in1,
2474 ciph_data_aes_cbc_nopad_out1),
2475 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2476 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2477 ciph_data_in1,
2478 ciph_data_aes_ctr_out1),
2479 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2480 ciph_data_aes_key1, ciph_data_128_iv1, 13,
2481 ciph_data_in3,
2482 ciph_data_aes_ctr_out2),
Jens Wiklander692efd12018-01-19 09:52:00 +0100[diff] [blame]2483 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2484 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2485 ciph_data_in3,
2486 ciph_data_aes_ctr_out2),
Jerome Forissier45218eb2018-04-11 13:03:26 +0200[diff] [blame]2487 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2488 ciph_data_aes_key1, ciph_data_128_iv1, 16,
2489 ciph_data_in4,
2490 ciph_data_aes_ctr_out4),
Jerome Forissier0780ad42018-06-05 15:02:37 +0200[diff] [blame]2491 XTEST_CIPH_CASE(TEE_ALG_AES_CTR, TEE_TYPE_AES,
2492 ciph_data_aes_key2, ciph_data_128_iv2, 11,
2493 ciph_data_in5,
2494 ciph_data_aes_ctr_out5),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2495
2496 XTEST_CIPH_CASE_AES_CBC(vect1, 11),
Jerome Forissierfc1bbc32018-06-12 10:13:04 +0200[diff] [blame]2497 XTEST_CIPH_CASE_AES_CBC(vect1, 64),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2498
2499 /* AES-CTS */
2500 XTEST_CIPH_CASE_AES_CTS(vect1, 13),
2501 XTEST_CIPH_CASE_AES_CTS(vect2, 14),
2502 XTEST_CIPH_CASE_AES_CTS(vect3, 11),
2503 XTEST_CIPH_CASE_AES_CTS(vect4, 9),
2504 XTEST_CIPH_CASE_AES_CTS(vect5, 7),
2505 XTEST_CIPH_CASE_AES_CTS(vect6, 17),
2506 XTEST_CIPH_CASE_AES_CTS(vect6, 0x20),
Jerome Forissiered00e162017-01-20 09:22:52 +0100[diff] [blame]2507 XTEST_CIPH_CASE_AES_CTS(issue1203, 32),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2508
2509 /* DES */
2510 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2511 ciph_data_des_key1, 14, ciph_data_in1,
2512 ciph_data_des_ecb_nopad_out1),
2513 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES_ECB_NOPAD, TEE_TYPE_DES,
2514 ciph_data_des_key2, 3, ciph_data_in2,
2515 ciph_data_des_ecb_nopad_out2),
2516 XTEST_CIPH_CASE(TEE_ALG_DES_CBC_NOPAD, TEE_TYPE_DES,
2517 ciph_data_des_key1, ciph_data_64_iv1, 15, ciph_data_in1,
2518 ciph_data_des_cbc_nopad_out1),
2519
2520 /* DES3 */
2521 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2522 ciph_data_des3_key1, 11, ciph_data_in1,
2523 ciph_data_des3_ecb_nopad_out1),
2524 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2525 ciph_data_des3_key2, 3, ciph_data_in2,
2526 ciph_data_des_ecb_nopad_out2),
2527 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2528 ciph_data_des3_key1, ciph_data_64_iv1, 11,
2529 ciph_data_in1,
2530 ciph_data_des3_cbc_nopad_out1),
2531
2532 /* DES2 */
2533 XTEST_CIPH_CASE_NO_IV(TEE_ALG_DES3_ECB_NOPAD, TEE_TYPE_DES3,
2534 ciph_data_des2_key1, 11, ciph_data_in1,
2535 ciph_data_des2_ecb_nopad_out1),
2536 XTEST_CIPH_CASE(TEE_ALG_DES3_CBC_NOPAD, TEE_TYPE_DES3,
2537 ciph_data_des2_key1, ciph_data_64_iv1, 11,
2538 ciph_data_in1,
2539 ciph_data_des2_cbc_nopad_out1),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2540
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2541 /* AES-XTS */
2542 XTEST_CIPH_CASE_AES_XTS(vect1, 3),
2543 XTEST_CIPH_CASE_AES_XTS(vect2, 6),
2544 XTEST_CIPH_CASE_AES_XTS(vect3, 7),
2545 XTEST_CIPH_CASE_AES_XTS(vect4, 8),
2546 XTEST_CIPH_CASE_AES_XTS(vect5, 9),
2547 XTEST_CIPH_CASE_AES_XTS(vect6, 13),
2548 XTEST_CIPH_CASE_AES_XTS(vect7, 1),
2549 XTEST_CIPH_CASE_AES_XTS(vect8, 3),
2550 XTEST_CIPH_CASE_AES_XTS(vect9, 2),
2551 XTEST_CIPH_CASE_AES_XTS(vect10, 5),
2552 XTEST_CIPH_CASE_AES_XTS(vect11, 6),
2553 XTEST_CIPH_CASE_AES_XTS(vect12, 7),
2554 XTEST_CIPH_CASE_AES_XTS(vect13, 3),
2555 XTEST_CIPH_CASE_AES_XTS(vect14, 2),
2556 XTEST_CIPH_CASE_AES_XTS(vect15, 0),
2557 XTEST_CIPH_CASE_AES_XTS(vect16, 9),
2558 XTEST_CIPH_CASE_AES_XTS(vect17, 6),
2559 XTEST_CIPH_CASE_AES_XTS(vect18, 8),
2560 XTEST_CIPH_CASE_AES_XTS(vect19, 23),
Jerome Forissiere73e0fb2019-12-12 17:08:03 +0100[diff] [blame]2561
2562 /* SM4 */
2563 XTEST_CIPH_CASE_NO_IV(TEE_ALG_SM4_ECB_NOPAD, TEE_TYPE_SM4,
2564 ciph_data_sm4_key1, 11, ciph_data_sm4_in1,
2565 ciph_data_sm4_ecb_nopad_out1),
2566 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2567 ciph_data_sm4_cbc_a221_key, ciph_data_sm4_cbc_a221_iv,
2568 11, ciph_data_sm4_cbc_a221_in,
2569 ciph_data_sm4_cbc_a221_out),
2570 XTEST_CIPH_CASE(TEE_ALG_SM4_CBC_NOPAD, TEE_TYPE_SM4,
2571 ciph_data_sm4_cbc_a222_key, ciph_data_sm4_cbc_a222_iv,
2572 11, ciph_data_sm4_cbc_a222_in,
2573 ciph_data_sm4_cbc_a222_out),
2574 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2575 ciph_data_sm4_ctr_a251_key, ciph_data_sm4_ctr_a251_iv,
2576 11, ciph_data_sm4_ctr_a251_in,
2577 ciph_data_sm4_ctr_a251_out),
2578 XTEST_CIPH_CASE(TEE_ALG_SM4_CTR, TEE_TYPE_SM4,
2579 ciph_data_sm4_ctr_a252_key, ciph_data_sm4_ctr_a252_iv,
2580 11, ciph_data_sm4_ctr_a252_in,
2581 ciph_data_sm4_ctr_a252_out),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2582};
2583
Jerome Forissier23256842018-02-16 09:25:35 +0100[diff] [blame]2584static void xtest_tee_test_4003(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2585{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2586 TEEC_Session session = { };
2587 TEE_OperationHandle op = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2588 TEE_ObjectHandle key1_handle = TEE_HANDLE_NULL;
2589 TEE_ObjectHandle key2_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2590 uint8_t out[2048] = { };
2591 size_t out_size = 0;
2592 size_t out_offs = 0;
2593 uint32_t ret_orig = 0;
2594 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2595
2596 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2597 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2598 &ret_orig)))
2599 return;
2600
2601 for (n = 0; n < ARRAY_SIZE(ciph_cases); n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2602 TEE_Attribute key_attr = { };
2603 size_t key_size = 0;
2604 size_t op_key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2605
Jerome Forissier817d99f2020-01-22 16:33:12 +0100[diff] [blame]2606 switch (ciph_cases[n].algo) {
2607 case TEE_ALG_SM4_CTR:
2608 case TEE_ALG_SM4_CBC_NOPAD:
2609 case TEE_ALG_SM4_ECB_NOPAD:
2610 if (!ta_crypt_cmd_is_algo_supported(c, &session,
2611 ciph_cases[n].algo, TEE_CRYPTO_ELEMENT_NONE)) {
2612 Do_ADBG_Log("SM4 not supported: skip subcase");
2613 continue;
2614 }
2615 break;
2616 default:
2617 break;
2618 }
2619
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2620 Do_ADBG_BeginSubCase(c, "Cipher case %d algo 0x%x line %d",
2621 (int)n, (unsigned int)ciph_cases[n].algo,
2622 (int)ciph_cases[n].line);
2623
2624 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2625 key_attr.content.ref.buffer = (void *)ciph_cases[n].key1;
2626 key_attr.content.ref.length = ciph_cases[n].key1_len;
2627
2628 key_size = key_attr.content.ref.length * 8;
2629 if (ciph_cases[n].key_type == TEE_TYPE_DES ||
2630 ciph_cases[n].key_type == TEE_TYPE_DES3)
2631 /* Exclude parity in bit size of key */
2632 key_size -= key_size / 8;
2633
2634 op_key_size = key_size;
2635 if (ciph_cases[n].key2 != NULL)
2636 op_key_size *= 2;
2637
2638 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2639 ta_crypt_cmd_allocate_operation(c, &session, &op,
2640 ciph_cases[n].algo, ciph_cases[n].mode,
2641 op_key_size)))
2642 goto out;
2643
2644 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2645 ta_crypt_cmd_allocate_transient_object(c, &session,
2646 ciph_cases[n].key_type, key_size,
2647 &key1_handle)))
2648 goto out;
2649
2650 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2651 ta_crypt_cmd_populate_transient_object(c, &session,
2652 key1_handle, &key_attr, 1)))
2653 goto out;
2654
2655 if (ciph_cases[n].key2 != NULL) {
2656 key_attr.content.ref.buffer =
2657 (void *)ciph_cases[n].key2;
2658 key_attr.content.ref.length = ciph_cases[n].key2_len;
2659
2660 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2661 ta_crypt_cmd_allocate_transient_object(c,
2662 &session, ciph_cases[n].key_type,
2663 key_attr.content.ref.length * 8,
2664 &key2_handle)))
2665 goto out;
2666
2667 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2668 ta_crypt_cmd_populate_transient_object(c,
2669 &session, key2_handle, &key_attr, 1)))
2670 goto out;
2671
2672 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2673 ta_crypt_cmd_set_operation_key2(c, &session, op,
2674 key1_handle, key2_handle)))
2675 goto out;
2676 } else {
2677 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2678 ta_crypt_cmd_set_operation_key(c, &session, op,
2679 key1_handle)))
2680 goto out;
2681 }
2682
2683 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2684 ta_crypt_cmd_free_transient_object(c, &session,
2685 key1_handle)))
2686 goto out;
2687 key1_handle = TEE_HANDLE_NULL;
2688
2689 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2690 ta_crypt_cmd_free_transient_object(c, &session,
2691 key2_handle)))
2692 goto out;
2693 key2_handle = TEE_HANDLE_NULL;
2694
2695 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2696 ta_crypt_cmd_cipher_init(c, &session, op,
2697 ciph_cases[n].iv, ciph_cases[n].iv_len)))
2698 goto out;
2699
2700 out_offs = 0;
2701 out_size = sizeof(out);
2702 memset(out, 0, sizeof(out));
2703 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2704 ta_crypt_cmd_cipher_update(c, &session, op,
2705 ciph_cases[n].in, ciph_cases[n].in_incr, out,
2706 &out_size)))
2707 goto out;
2708
Jerome Forissierd2d94b42017-06-02 16:39:34 +0200[diff] [blame]2709 if (ciph_cases[n].algo == TEE_ALG_AES_CTR)
2710 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, ==,
2711 ciph_cases[n].in_incr);
2712
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2713 out_offs += out_size;
2714 out_size = sizeof(out) - out_offs;
2715
2716 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2717 ta_crypt_cmd_cipher_do_final(c, &session, op,
2718 ciph_cases[n].in + ciph_cases[n].in_incr,
2719 ciph_cases[n].in_len - ciph_cases[n].in_incr,
2720 out + out_offs,
2721 &out_size)))
2722 goto out;
2723
2724 out_offs += out_size;
2725
2726 (void)ADBG_EXPECT_BUFFER(c, ciph_cases[n].out,
2727 ciph_cases[n].out_len, out, out_offs);
2728
2729 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2730 ta_crypt_cmd_free_operation(c, &session, op)))
2731 goto out;
2732
2733 Do_ADBG_EndSubCase(c, NULL);
2734 }
2735out:
2736 TEEC_CloseSession(&session);
2737}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2738ADBG_CASE_DEFINE(regression, 4003, xtest_tee_test_4003,
2739 "Test TEE Internal API cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2740
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2741static void xtest_tee_test_4004(ADBG_Case_t *c)
2742{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2743 TEEC_Session session = { };
2744 uint32_t ret_orig = 0;
2745 uint8_t buf1[45] = { };
2746 uint8_t buf2[45] = { };
2747 static const uint8_t zeros[45];
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2748
2749 Do_ADBG_BeginSubCase(c, "TEE get random");
2750 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2751 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2752 &ret_orig)))
2753 return;
2754
2755 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2756 ta_crypt_cmd_random_number_generate(c, &session, buf1,
2757 sizeof(buf1))))
2758 goto out;
2759
2760 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2761 0, !=, memcmp(buf1, zeros, sizeof(buf1)));
2762
2763 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2764 ta_crypt_cmd_random_number_generate(c, &session, buf2,
2765 sizeof(buf2))))
2766 goto out;
2767
2768 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2769 0, !=, memcmp(buf2, zeros, sizeof(buf2)));
2770
2771 (void)ADBG_EXPECT_COMPARE_SIGNED(c,
2772 0, !=, memcmp(buf2, buf1, sizeof(buf1)));
2773out:
2774 TEEC_CloseSession(&session);
2775 Do_ADBG_EndSubCase(c, "TEE get random");
2776}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]2777ADBG_CASE_DEFINE(regression, 4004, xtest_tee_test_4004,
2778 "Test TEE Internal API get random");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2779
2780struct xtest_ae_case {
2781 uint32_t algo;
2782 uint32_t mode;
2783 uint32_t key_type;
2784 const uint8_t *key;
2785 size_t key_len;
2786 const uint8_t *nonce;
2787 size_t nonce_len;
2788 size_t aad_incr;
2789 const uint8_t *aad;
2790 size_t aad_len;
2791 size_t in_incr;
2792 const uint8_t *ptx;
2793 size_t ptx_len;
2794 const uint8_t *ctx;
2795 size_t ctx_len;
2796 const uint8_t *tag;
2797 size_t tag_len;
2798 size_t line;
2799};
2800
2801
2802#define ARRAY(a) a, ARRAY_SIZE(a)
2803#define NULL_ARRAY(a) NULL, 0
2804
2805#define XTEST_AE_CASE(algo, vect, aad_incr, in_incr, \
2806 aad_array, ptx_array, ctx_array) \
2807 { (algo), TEE_MODE_ENCRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2808 ARRAY(vect ## _nonce), (aad_incr), \
2809 aad_array(vect ## _aad), (in_incr), \
2810 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2811 ARRAY(vect ## _tag), \
2812 __LINE__ }, \
2813 { (algo), TEE_MODE_DECRYPT, TEE_TYPE_AES, ARRAY(vect ## _key), \
2814 ARRAY(vect ## _nonce), (aad_incr), \
2815 aad_array(vect ## _aad), (in_incr), \
2816 ptx_array(vect ## _ptx), ctx_array(vect ## _ctx), \
2817 ARRAY(vect ## _tag), \
2818 __LINE__ }
2819
2820#define XTEST_AE_CASE_AES_CCM(vect, aad_incr, in_incr) \
2821 XTEST_AE_CASE(TEE_ALG_AES_CCM, ae_data_aes_ccm_ ## vect, aad_incr, \
2822 in_incr, ARRAY, ARRAY, ARRAY)
2823
2824#define XTEST_AE_CASE_AES_GCM(vect, aad_incr, in_incr, \
2825 aad_array, ptx_array, ctx_array) \
2826 XTEST_AE_CASE(TEE_ALG_AES_GCM, ae_data_aes_gcm_ ## vect, aad_incr, \
2827 in_incr, aad_array, ptx_array, ctx_array)
2828
2829
2830
2831static const struct xtest_ae_case ae_cases[] = {
2832 XTEST_AE_CASE_AES_CCM(vect1, 3, 2),
2833 XTEST_AE_CASE_AES_CCM(vect2, 7, 13),
2834 XTEST_AE_CASE_AES_CCM(vect3, 5, 21),
2835
2836 XTEST_AE_CASE_AES_GCM(vect1, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2837 XTEST_AE_CASE_AES_GCM(vect2, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2838 XTEST_AE_CASE_AES_GCM(vect3, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
Jens Wiklander9fc63f52017-11-10 11:13:26 +0100[diff] [blame]2839 XTEST_AE_CASE_AES_GCM(vect3, 0, 0x1F, NULL_ARRAY, ARRAY, ARRAY),
2840 XTEST_AE_CASE_AES_GCM(vect4, 5, 0x20, ARRAY, ARRAY, ARRAY),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2841 XTEST_AE_CASE_AES_GCM(vect5, 5, 9, ARRAY, ARRAY, ARRAY),
2842 XTEST_AE_CASE_AES_GCM(vect6, 5, 9, ARRAY, ARRAY, ARRAY),
2843 XTEST_AE_CASE_AES_GCM(vect7, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2844 XTEST_AE_CASE_AES_GCM(vect8, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2845 XTEST_AE_CASE_AES_GCM(vect9, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2846 XTEST_AE_CASE_AES_GCM(vect10, 5, 9, ARRAY, ARRAY, ARRAY),
2847 XTEST_AE_CASE_AES_GCM(vect11, 5, 9, ARRAY, ARRAY, ARRAY),
2848 XTEST_AE_CASE_AES_GCM(vect12, 5, 9, ARRAY, ARRAY, ARRAY),
2849 XTEST_AE_CASE_AES_GCM(vect13, 0, 0, NULL_ARRAY, NULL_ARRAY, NULL_ARRAY),
2850 XTEST_AE_CASE_AES_GCM(vect14, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2851 XTEST_AE_CASE_AES_GCM(vect15, 0, 9, NULL_ARRAY, ARRAY, ARRAY),
2852 XTEST_AE_CASE_AES_GCM(vect16, 5, 9, ARRAY, ARRAY, ARRAY),
2853 XTEST_AE_CASE_AES_GCM(vect17, 5, 9, ARRAY, ARRAY, ARRAY),
2854 XTEST_AE_CASE_AES_GCM(vect18, 5, 9, ARRAY, ARRAY, ARRAY),
Jens Wiklanderf6efe242017-11-06 13:16:43 +0100[diff] [blame]2855#ifdef CFG_GCM_NIST_VECTORS
2856#include "gcmDecrypt128.h"
2857#include "gcmDecrypt192.h"
2858#include "gcmDecrypt256.h"
2859#include "gcmEncryptExtIV128.h"
2860#include "gcmEncryptExtIV192.h"
2861#include "gcmEncryptExtIV256.h"
2862#endif
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2863};
2864
2865static void xtest_tee_test_4005(ADBG_Case_t *c)
2866{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2867 TEEC_Session session = { };
2868 TEE_OperationHandle op = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2869 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]2870 TEE_Attribute key_attr = { };
2871 uint8_t out[512] = { };
2872 size_t out_size = 0;
2873 size_t out_offs = 0;
2874 uint32_t ret_orig = 0;
2875 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2876
2877 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2878 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
2879 &ret_orig)))
2880 return;
2881
2882 for (n = 0; n < ARRAY_SIZE(ae_cases); n++) {
2883 Do_ADBG_BeginSubCase(c, "AE case %d algo 0x%x line %d",
2884 (int)n, (unsigned int)ae_cases[n].algo,
2885 (int)ae_cases[n].line);
2886
2887 key_attr.attributeID = TEE_ATTR_SECRET_VALUE;
2888 key_attr.content.ref.buffer = (void *)ae_cases[n].key;
2889 key_attr.content.ref.length = ae_cases[n].key_len;
2890
2891 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2892 ta_crypt_cmd_allocate_operation(c, &session, &op,
2893 ae_cases[n].algo, ae_cases[n].mode,
2894 key_attr.content.ref.length * 8)))
2895 goto out;
2896
2897 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2898 ta_crypt_cmd_allocate_transient_object(c, &session,
2899 ae_cases[n].key_type,
2900 key_attr.content.ref.length * 8,
2901 &key_handle)))
2902 goto out;
2903
2904 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2905 ta_crypt_cmd_populate_transient_object(c, &session,
2906 key_handle, &key_attr, 1)))
2907 goto out;
2908
2909 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2910 ta_crypt_cmd_set_operation_key(c, &session, op,
2911 key_handle)))
2912 goto out;
2913
2914 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2915 ta_crypt_cmd_free_transient_object(c, &session,
2916 key_handle)))
2917 goto out;
2918 key_handle = TEE_HANDLE_NULL;
2919
2920 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2921 ta_crypt_cmd_ae_init(c, &session, op, ae_cases[n].nonce,
2922 ae_cases[n].nonce_len, ae_cases[n].tag_len,
2923 ae_cases[n].aad_len, ae_cases[n].ptx_len)))
2924 goto out;
2925
2926 if (ae_cases[n].aad != NULL) {
2927 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2928 ta_crypt_cmd_ae_update_aad(c, &session, op,
2929 ae_cases[n].aad, ae_cases[n].aad_incr)))
2930 goto out;
2931
2932 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2933 ta_crypt_cmd_ae_update_aad(c, &session, op,
2934 ae_cases[n].aad + ae_cases[n].aad_incr,
2935 ae_cases [n].aad_len -
2936 ae_cases[n].aad_incr)))
2937 goto out;
2938 }
2939
2940 out_offs = 0;
2941 out_size = sizeof(out);
2942 memset(out, 0, sizeof(out));
2943 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2944 if (ae_cases[n].ptx != NULL) {
2945 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2946 ta_crypt_cmd_ae_update(c, &session, op,
2947 ae_cases[n].ptx,
2948 ae_cases[n].in_incr, out,
2949 &out_size)))
2950 goto out;
2951 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2952 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2953 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2954 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2955 }
2956 } else {
2957 if (ae_cases[n].ctx != NULL) {
2958 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2959 ta_crypt_cmd_ae_update(c, &session, op,
2960 ae_cases[n].ctx,
2961 ae_cases[n].in_incr, out,
2962 &out_size)))
2963 goto out;
2964 out_offs += out_size;
Jerome Forissierc13fafa2017-06-01 15:49:07 +0200[diff] [blame]2965 if (ae_cases[n].algo == TEE_ALG_AES_GCM)
2966 ADBG_EXPECT_COMPARE_UNSIGNED(c,
2967 out_size, ==, ae_cases[n].in_incr);
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]2968 }
2969 }
2970
2971 out_size = sizeof(out) - out_offs;
2972 if (ae_cases[n].mode == TEE_MODE_ENCRYPT) {
2973 uint8_t out_tag[64];
2974 size_t out_tag_len = MIN(sizeof(out_tag),
2975 ae_cases[n].tag_len);
2976
2977 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2978 ta_crypt_cmd_ae_encrypt_final(c, &session, op,
2979 ae_cases[n].ptx + ae_cases[n].in_incr,
2980 ae_cases[n].ptx_len -
2981 ae_cases[n].in_incr,
2982 out + out_offs,
2983 &out_size, out_tag, &out_tag_len)))
2984 goto out;
2985
2986 (void)ADBG_EXPECT_BUFFER(c,
2987 ae_cases[n].tag, ae_cases[n].tag_len, out_tag,
2988 out_tag_len);
2989
2990 out_offs += out_size;
2991
2992 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ctx,
2993 ae_cases[n].ctx_len, out, out_offs);
2994 } else {
2995 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
2996 ta_crypt_cmd_ae_decrypt_final(c, &session, op,
2997 ae_cases[n].ctx + ae_cases[n].in_incr,
2998 ae_cases[n].ctx_len -
2999 ae_cases[n].in_incr,
3000 out + out_offs,
3001 &out_size, ae_cases[n].tag,
3002 ae_cases[n].tag_len)))
3003 goto out;
3004
3005 out_offs += out_size;
3006
3007 (void)ADBG_EXPECT_BUFFER(c, ae_cases[n].ptx,
3008 ae_cases[n].ptx_len, out, out_offs);
3009 }
3010
3011 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3012 ta_crypt_cmd_free_operation(c, &session, op)))
3013 goto out;
3014
3015 Do_ADBG_EndSubCase(c, NULL);
3016 }
3017out:
3018 TEEC_CloseSession(&session);
3019}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]3020ADBG_CASE_DEFINE(regression, 4005, xtest_tee_test_4005,
3021 "Test TEE Internal API Authenticated Encryption operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3022
3023struct xtest_ac_case {
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3024 unsigned int level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3025 uint32_t algo;
3026 TEE_OperationMode mode;
3027
3028 union {
3029 struct {
3030 const uint8_t *modulus;
3031 size_t modulus_len;
3032
3033 const uint8_t *pub_exp;
3034 size_t pub_exp_len;
3035
3036 const uint8_t *priv_exp;
3037 size_t priv_exp_len;
3038
3039 const uint8_t *prime1; /* q */
3040 size_t prime1_len;
3041 const uint8_t *prime2; /* p */
3042 size_t prime2_len;
3043 const uint8_t *exp1; /* dp */
3044 size_t exp1_len;
3045 const uint8_t *exp2; /* dq */
3046 size_t exp2_len;
3047 const uint8_t *coeff; /* iq */
3048 size_t coeff_len;
3049
3050 int salt_len;
3051 } rsa;
3052 struct {
3053 const uint8_t *prime;
3054 size_t prime_len;
3055 const uint8_t *sub_prime;
3056 size_t sub_prime_len;
3057 const uint8_t *base;
3058 size_t base_len;
3059 const uint8_t *pub_val;
3060 size_t pub_val_len;
3061 const uint8_t *priv_val;
3062 size_t priv_val_len;
3063 } dsa;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3064 struct {
3065 const uint8_t *private;
3066 size_t private_len;
3067 const uint8_t *public_x;
3068 size_t public_x_len;
3069 const uint8_t *public_y;
3070 size_t public_y_len;
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3071 } ecc;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3072 } params;
3073
3074 const uint8_t *ptx;
3075 size_t ptx_len;
3076 const uint8_t *ctx;
3077 size_t ctx_len;
3078 size_t line;
3079};
3080
3081#define WITHOUT_SALT(x) -1
3082#define WITH_SALT(x) x
3083
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3084#define XTEST_AC_CASE(level, algo, mode, vect, union_params) \
3085 { level, (algo), (mode), .params = union_params, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3086 ARRAY(vect ## _ptx), \
3087 ARRAY(vect ## _out), \
3088 __LINE__ }
3089
3090#define XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt) \
3091 { .rsa = { \
3092 ARRAY(vect ## _modulus), \
3093 ARRAY(vect ## _pub_exp), \
3094 ARRAY(vect ## _priv_exp), \
3095 opt_crt_array(vect ## _prime1), \
3096 opt_crt_array(vect ## _prime2), \
3097 opt_crt_array(vect ## _exp1), \
3098 opt_crt_array(vect ## _exp2), \
3099 opt_crt_array(vect ## _coeff), \
3100 opt_salt(vect ## _salt_len) \
3101 } }
3102
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3103#define XTEST_AC_RSA_CASE(level, algo, mode, vect, opt_crt_array, opt_salt) \
3104 XTEST_AC_CASE(level, algo, mode, vect, \
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3105 XTEST_AC_RSA_UNION(vect, opt_crt_array, opt_salt))
3106
3107#define XTEST_AC_DSA_UNION(vect) \
3108 { .dsa = { \
3109 ARRAY(vect ## _prime), \
3110 ARRAY(vect ## _sub_prime), \
3111 ARRAY(vect ## _base), \
3112 ARRAY(vect ## _pub_val), \
3113 ARRAY(vect ## _priv_val), \
3114 } }
3115
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3116#define XTEST_AC_DSA_CASE(level, algo, mode, vect) \
3117 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_DSA_UNION(vect))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3118
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3119#define XTEST_AC_ECDSA_UNION(vect) \
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3120 { .ecc = { \
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3121 ARRAY(vect ## _private), \
3122 ARRAY(vect ## _public_x), \
3123 ARRAY(vect ## _public_y), \
3124 } }
3125
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3126#define XTEST_AC_ECC_CASE(level, algo, mode, vect) \
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3127 XTEST_AC_CASE(level, algo, mode, vect, XTEST_AC_ECDSA_UNION(vect))
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3128
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3129static const struct xtest_ac_case xtest_ac_cases[] = {
3130 /* RSA test without crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3131 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3132 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3133 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3134 ac_rsassa_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3135 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3136 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3137 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3138 ac_rsassa_vect2, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissiere576f052018-03-23 21:24:21 +0800[diff] [blame]3139 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
3140 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
3141 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
3142 ac_rsassa_vect18, NULL_ARRAY, WITHOUT_SALT),
Jerome Forissier0451e372018-03-27 00:10:23 +0800[diff] [blame]3143 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
3144 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
3145 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
3146 ac_rsassa_vect19, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3147 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3148 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3149 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3150 ac_rsassa_vect3, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3151 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3152 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3153 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3154 ac_rsassa_vect4, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3155 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3156 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3157 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3158 ac_rsassa_vect5, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3159 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3160 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3161 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3162 ac_rsassa_vect6, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3163 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3164 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3165 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3166 ac_rsassa_vect7, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3167 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
3168 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
3169 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
3170 ac_rsassa_vect8, NULL_ARRAY, WITHOUT_SALT),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3171
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3172 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3173 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3174 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA224, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3175 ac_rsassa_vect16, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3176
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]3177#ifdef CFG_CRYPTO_RSASSA_NA1
3178 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_SIGN,
3179 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
3180 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5, TEE_MODE_VERIFY,
3181 ac_rsassa_vect20, NULL_ARRAY, WITHOUT_SALT),
3182#endif
3183
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3184 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3185 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3186 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3187 ac_rsassa_vect9, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3188
3189 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3190 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3191 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3192 ac_rsassa_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3193
3194 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3195 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3196 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3197 ac_rsassa_vect11, NULL_ARRAY, WITHOUT_SALT),
3198
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3199 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
3200 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3201 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3202 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3203 ac_rsassa_vect12, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3204
3205 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3206 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3207 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3208 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3209 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3210 ac_rsassa_vect17, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3211
3212 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3213 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3214 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3215 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3216 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3217 ac_rsassa_vect13, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3218
3219 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3220 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3221 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3222 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3223 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3224 ac_rsassa_vect14, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3225
3226 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3227 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3228 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3229 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3230 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3231 ac_rsassa_vect15, NULL_ARRAY, WITH_SALT),
3232
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3233 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3234 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3235 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3236 ac_rsaes_pkcs1_v1_5_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3237 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3238 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3239 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3240 ac_rsaes_pkcs1_v1_5_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3241 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3242 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3243 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3244 ac_rsaes_pkcs1_v1_5_vect15, NULL_ARRAY, WITHOUT_SALT),
3245
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3246 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3247 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3248 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3249 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3250 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3251 ac_rsaes_oaep_vect1, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3252 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3253 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3254 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3255 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3256 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3257 ac_rsaes_oaep_vect2, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3258 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3259 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3260 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3261 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3262 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3263 ac_rsaes_oaep_vect10, NULL_ARRAY, WITHOUT_SALT),
3264
3265 /* RSA test with crt parameters */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3266 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3267 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3268 XTEST_AC_RSA_CASE(0, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3269 ac_rsassa_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3270 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3271 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3272 XTEST_AC_RSA_CASE(1, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3273 ac_rsassa_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3274 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3275 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3276 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3277 ac_rsassa_vect3, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3278 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3279 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3280 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3281 ac_rsassa_vect4, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3282 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3283 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3284 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3285 ac_rsassa_vect5, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3286 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3287 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3288 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3289 ac_rsassa_vect6, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3290 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3291 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3292 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3293 ac_rsassa_vect7, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3294 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3295 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3296 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3297 ac_rsassa_vect8, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3298 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3299 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3300 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_V1_5_SHA256, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3301 ac_rsassa_vect9, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3302 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3303 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3304 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA384, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3305 ac_rsassa_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3306 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3307 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3308 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_V1_5_SHA512, TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3309 ac_rsassa_vect11, ARRAY, WITHOUT_SALT),
3310
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3311 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1,
3312 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3313 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3314 XTEST_AC_RSA_CASE(1,TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1, TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3315 ac_rsassa_vect12, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3316 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3317 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3318 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3319 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224,
3320 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3321 ac_rsassa_vect17, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3322 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3323 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3324 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3325 XTEST_AC_RSA_CASE(0, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256,
3326 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3327 ac_rsassa_vect13, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3328 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3329 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3330 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3331 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384,
3332 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3333 ac_rsassa_vect14, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3334 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3335 TEE_MODE_VERIFY,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3336 ac_rsassa_vect15, ARRAY, WITH_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3337 XTEST_AC_RSA_CASE(1, TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512,
3338 TEE_MODE_SIGN,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3339 ac_rsassa_vect15, ARRAY, WITH_SALT),
3340
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3341 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3342 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3343 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3344 ac_rsaes_pkcs1_v1_5_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3345 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3346 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3347 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3348 ac_rsaes_pkcs1_v1_5_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3349 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3350 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3351 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_V1_5, TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3352 ac_rsaes_pkcs1_v1_5_vect15, ARRAY, WITHOUT_SALT),
3353
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3354 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3355 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3356 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3357 XTEST_AC_RSA_CASE(0, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3358 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3359 ac_rsaes_oaep_vect1, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3360 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3361 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3362 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3363 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3364 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3365 ac_rsaes_oaep_vect2, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3366 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3367 TEE_MODE_DECRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3368 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3369 XTEST_AC_RSA_CASE(1, TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1,
3370 TEE_MODE_ENCRYPT,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3371 ac_rsaes_oaep_vect10, ARRAY, WITHOUT_SALT),
3372
3373 /* DSA tests */
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3374 /* [mod = L=1024, N=160, SHA-1] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3375 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect1),
3376 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect1),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3377 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect2),
3378 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect2),
3379 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect3),
3380 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect3),
3381 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect4),
3382 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect4),
3383 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect5),
3384 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect5),
3385 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect6),
3386 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect6),
3387 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect7),
3388 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect7),
3389 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect8),
3390 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect8),
3391 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect9),
3392 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect9),
3393 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect10),
3394 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect10),
3395 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect11),
3396 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect11),
3397 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect12),
3398 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect12),
3399 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect13),
3400 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect13),
3401 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect14),
3402 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect14),
3403 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_VERIFY, ac_dsa_vect15),
3404 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA1, TEE_MODE_SIGN, ac_dsa_vect15),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3405 /* [mod = L=1024, N=160, SHA-224] - GP NOT SUPPORTED */
3406 /* [mod = L=1024, N=160, SHA-256] - GP NOT SUPPORTED */
3407 /* [mod = L=1024, N=160, SHA-384] - GP NOT SUPPORTED */
3408 /* [mod = L=1024, N=160, SHA-512] - GP NOT SUPPORTED */
3409 /* [mod = L=2048, N=224, SHA-1] - GP NOT SUPPORTED */
3410 /* [mod = L=2048, N=224, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3411 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect91),
3412 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect91),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3413 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect92),
3414 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect92),
3415 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect93),
3416 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect93),
3417 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect94),
3418 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect94),
3419 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect95),
3420 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect95),
3421 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect96),
3422 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect96),
3423 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect97),
3424 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect97),
3425 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect98),
3426 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect98),
3427 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect99),
3428 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect99),
3429 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect100),
3430 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect100),
3431 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect101),
3432 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect101),
3433 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect102),
3434 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect102),
3435 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect103),
3436 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect103),
3437 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect104),
3438 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect104),
3439 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect105),
3440 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect105),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3441 /* [mod = L=2048, N=224, SHA-256] */
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3442 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect106),
3443 XTEST_AC_DSA_CASE(0, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect106),
3444 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect107),
3445 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect107),
3446 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect108),
3447 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect108),
3448 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect109),
3449 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect109),
3450 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect110),
3451 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect110),
3452 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect111),
3453 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect111),
3454 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect112),
3455 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect112),
3456 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect113),
3457 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect113),
3458 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect114),
3459 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect114),
3460 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect115),
3461 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect115),
3462 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect116),
3463 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect116),
3464 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect117),
3465 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect117),
3466 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect118),
3467 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect118),
3468 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect119),
3469 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect119),
3470 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect120),
3471 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect120),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3472 /* [mod = L=2048, N=224, SHA-384] - GP NOT SUPPORTED */
3473 /* [mod = L=2048, N=224, SHA-512] - GP NOT SUPPORTED */
3474 /* [mod = L=2048, N=256, SHA-1] - GP NOT SUPPORTED */
3475 /* [mod = L=2048, N=256, SHA-224] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3476 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect166),
3477 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect166),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3478 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect167),
3479 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect167),
3480 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect168),
3481 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect168),
3482 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect169),
3483 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect169),
3484 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect170),
3485 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect170),
3486 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect171),
3487 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect171),
3488 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect172),
3489 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect172),
3490 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect173),
3491 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect173),
3492 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect174),
3493 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect174),
3494 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect175),
3495 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect175),
3496 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect176),
3497 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect176),
3498 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect177),
3499 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect177),
3500 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect178),
3501 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect178),
3502 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect179),
3503 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect179),
3504 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_VERIFY, ac_dsa_vect180),
3505 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA224, TEE_MODE_SIGN, ac_dsa_vect180),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3506 /* [mod = L=2048, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3507 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect181),
3508 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect181),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3509 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect182),
3510 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect182),
3511 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect183),
3512 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect183),
3513 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect184),
3514 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect184),
3515 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect185),
3516 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect185),
3517 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect186),
3518 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect186),
3519 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect187),
3520 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect187),
3521 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect188),
3522 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect188),
3523 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect189),
3524 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect189),
3525 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect190),
3526 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect190),
3527 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect191),
3528 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect191),
3529 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect192),
3530 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect192),
3531 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect193),
3532 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect193),
3533 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect194),
3534 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect194),
3535 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect195),
3536 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect195),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3537 /* [mod = L=2048, N=256, SHA-384] - GP NOT SUPPORTED */
3538 /* [mod = L=2048, N=256, SHA-512] - GP NOT SUPPORTED */
3539 /* [mod = L=3072, N=256, SHA-1] - GP NOT SUPPORTED */
3540 /* [mod = L=3072, N=256, SHA-224] - GP NOT SUPPORTED */
3541 /* [mod = L=3072, N=256, SHA-256] */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]3542 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect256),
3543 XTEST_AC_DSA_CASE(1, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect256),
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3544 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect257),
3545 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect257),
3546 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect258),
3547 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect258),
3548 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect259),
3549 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect259),
3550 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect260),
3551 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect260),
3552 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect261),
3553 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect261),
3554 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect262),
3555 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect262),
3556 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect263),
3557 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect263),
3558 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect264),
3559 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect264),
3560 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect265),
3561 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect265),
3562 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect266),
3563 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect266),
3564 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect267),
3565 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect267),
3566 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect268),
3567 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect268),
3568 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect269),
3569 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect269),
3570 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_VERIFY, ac_dsa_vect270),
3571 XTEST_AC_DSA_CASE(15, TEE_ALG_DSA_SHA256, TEE_MODE_SIGN, ac_dsa_vect270),
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]3572 /* [mod = L=3072, N=256, SHA-384] - GP NOT SUPPORTED */
3573 /* [mod = L=3072, N=256, SHA-512] - GP NOT SUPPORTED */
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3574
3575 /* ECDSA tests */
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3576 /* [P-192] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3577 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3578 nist_186_2_ecdsa_testvector_1),
3579 XTEST_AC_ECC_CASE(0, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3580 nist_186_2_ecdsa_testvector_1),
3581 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3582 nist_186_2_ecdsa_testvector_2),
3583 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3584 nist_186_2_ecdsa_testvector_2),
3585 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3586 nist_186_2_ecdsa_testvector_3),
3587 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3588 nist_186_2_ecdsa_testvector_3),
3589 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3590 nist_186_2_ecdsa_testvector_4),
3591 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3592 nist_186_2_ecdsa_testvector_4),
3593 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3594 nist_186_2_ecdsa_testvector_5),
3595 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3596 nist_186_2_ecdsa_testvector_5),
3597 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3598 nist_186_2_ecdsa_testvector_6),
3599 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3600 nist_186_2_ecdsa_testvector_6),
3601 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3602 nist_186_2_ecdsa_testvector_7),
3603 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3604 nist_186_2_ecdsa_testvector_7),
3605 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3606 nist_186_2_ecdsa_testvector_8),
3607 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3608 nist_186_2_ecdsa_testvector_8),
3609 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3610 nist_186_2_ecdsa_testvector_9),
3611 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3612 nist_186_2_ecdsa_testvector_9),
3613 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3614 nist_186_2_ecdsa_testvector_10),
3615 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3616 nist_186_2_ecdsa_testvector_10),
3617 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3618 nist_186_2_ecdsa_testvector_11),
3619 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3620 nist_186_2_ecdsa_testvector_11),
3621 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3622 nist_186_2_ecdsa_testvector_12),
3623 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3624 nist_186_2_ecdsa_testvector_12),
3625 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3626 nist_186_2_ecdsa_testvector_13),
3627 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3628 nist_186_2_ecdsa_testvector_13),
3629 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3630 nist_186_2_ecdsa_testvector_14),
3631 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3632 nist_186_2_ecdsa_testvector_14),
3633 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_VERIFY,
3634 nist_186_2_ecdsa_testvector_15),
3635 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P192, TEE_MODE_SIGN,
3636 nist_186_2_ecdsa_testvector_15),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3637 /* [P-224] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3638 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3639 nist_186_2_ecdsa_testvector_16),
3640 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3641 nist_186_2_ecdsa_testvector_16),
3642 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3643 nist_186_2_ecdsa_testvector_17),
3644 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3645 nist_186_2_ecdsa_testvector_17),
3646 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3647 nist_186_2_ecdsa_testvector_18),
3648 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3649 nist_186_2_ecdsa_testvector_18),
3650 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3651 nist_186_2_ecdsa_testvector_19),
3652 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3653 nist_186_2_ecdsa_testvector_19),
3654 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3655 nist_186_2_ecdsa_testvector_20),
3656 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3657 nist_186_2_ecdsa_testvector_20),
3658 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3659 nist_186_2_ecdsa_testvector_21),
3660 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3661 nist_186_2_ecdsa_testvector_21),
3662 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3663 nist_186_2_ecdsa_testvector_22),
3664 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3665 nist_186_2_ecdsa_testvector_22),
3666 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3667 nist_186_2_ecdsa_testvector_23),
3668 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3669 nist_186_2_ecdsa_testvector_23),
3670 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3671 nist_186_2_ecdsa_testvector_24),
3672 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3673 nist_186_2_ecdsa_testvector_24),
3674 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3675 nist_186_2_ecdsa_testvector_25),
3676 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3677 nist_186_2_ecdsa_testvector_25),
3678 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3679 nist_186_2_ecdsa_testvector_26),
3680 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3681 nist_186_2_ecdsa_testvector_26),
3682 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3683 nist_186_2_ecdsa_testvector_27),
3684 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3685 nist_186_2_ecdsa_testvector_27),
3686 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3687 nist_186_2_ecdsa_testvector_28),
3688 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3689 nist_186_2_ecdsa_testvector_28),
3690 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3691 nist_186_2_ecdsa_testvector_29),
3692 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3693 nist_186_2_ecdsa_testvector_29),
3694 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_VERIFY,
3695 nist_186_2_ecdsa_testvector_30),
3696 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P224, TEE_MODE_SIGN,
3697 nist_186_2_ecdsa_testvector_30),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3698 /* [P-256] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3699 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3700 nist_186_2_ecdsa_testvector_31),
3701 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3702 nist_186_2_ecdsa_testvector_31),
3703 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3704 nist_186_2_ecdsa_testvector_32),
3705 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3706 nist_186_2_ecdsa_testvector_32),
3707 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3708 nist_186_2_ecdsa_testvector_33),
3709 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3710 nist_186_2_ecdsa_testvector_33),
3711 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3712 nist_186_2_ecdsa_testvector_34),
3713 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3714 nist_186_2_ecdsa_testvector_34),
3715 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3716 nist_186_2_ecdsa_testvector_35),
3717 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3718 nist_186_2_ecdsa_testvector_35),
3719 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3720 nist_186_2_ecdsa_testvector_36),
3721 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3722 nist_186_2_ecdsa_testvector_36),
3723 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3724 nist_186_2_ecdsa_testvector_37),
3725 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3726 nist_186_2_ecdsa_testvector_37),
3727 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3728 nist_186_2_ecdsa_testvector_38),
3729 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3730 nist_186_2_ecdsa_testvector_38),
3731 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3732 nist_186_2_ecdsa_testvector_39),
3733 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3734 nist_186_2_ecdsa_testvector_39),
3735 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3736 nist_186_2_ecdsa_testvector_40),
3737 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3738 nist_186_2_ecdsa_testvector_40),
3739 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3740 nist_186_2_ecdsa_testvector_41),
3741 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3742 nist_186_2_ecdsa_testvector_41),
3743 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3744 nist_186_2_ecdsa_testvector_42),
3745 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3746 nist_186_2_ecdsa_testvector_42),
3747 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3748 nist_186_2_ecdsa_testvector_43),
3749 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3750 nist_186_2_ecdsa_testvector_43),
3751 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3752 nist_186_2_ecdsa_testvector_44),
3753 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3754 nist_186_2_ecdsa_testvector_44),
3755 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_VERIFY,
3756 nist_186_2_ecdsa_testvector_45),
3757 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P256, TEE_MODE_SIGN,
3758 nist_186_2_ecdsa_testvector_45),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3759 /* [P-384] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3760 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3761 nist_186_2_ecdsa_testvector_46),
3762 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3763 nist_186_2_ecdsa_testvector_46),
3764 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3765 nist_186_2_ecdsa_testvector_47),
3766 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3767 nist_186_2_ecdsa_testvector_47),
3768 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3769 nist_186_2_ecdsa_testvector_48),
3770 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3771 nist_186_2_ecdsa_testvector_48),
3772 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3773 nist_186_2_ecdsa_testvector_49),
3774 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3775 nist_186_2_ecdsa_testvector_49),
3776 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3777 nist_186_2_ecdsa_testvector_50),
3778 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3779 nist_186_2_ecdsa_testvector_50),
3780 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3781 nist_186_2_ecdsa_testvector_51),
3782 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3783 nist_186_2_ecdsa_testvector_51),
3784 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3785 nist_186_2_ecdsa_testvector_52),
3786 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3787 nist_186_2_ecdsa_testvector_52),
3788 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3789 nist_186_2_ecdsa_testvector_53),
3790 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3791 nist_186_2_ecdsa_testvector_53),
3792 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3793 nist_186_2_ecdsa_testvector_54),
3794 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3795 nist_186_2_ecdsa_testvector_54),
3796 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3797 nist_186_2_ecdsa_testvector_55),
3798 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3799 nist_186_2_ecdsa_testvector_55),
3800 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3801 nist_186_2_ecdsa_testvector_56),
3802 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3803 nist_186_2_ecdsa_testvector_56),
3804 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3805 nist_186_2_ecdsa_testvector_57),
3806 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3807 nist_186_2_ecdsa_testvector_57),
3808 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3809 nist_186_2_ecdsa_testvector_58),
3810 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3811 nist_186_2_ecdsa_testvector_58),
3812 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3813 nist_186_2_ecdsa_testvector_59),
3814 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3815 nist_186_2_ecdsa_testvector_59),
3816 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_VERIFY,
3817 nist_186_2_ecdsa_testvector_60),
3818 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P384, TEE_MODE_SIGN,
3819 nist_186_2_ecdsa_testvector_60),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3820 /* [P-521] */
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]3821 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3822 nist_186_2_ecdsa_testvector_61),
3823 XTEST_AC_ECC_CASE(1, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3824 nist_186_2_ecdsa_testvector_61),
3825 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3826 nist_186_2_ecdsa_testvector_62),
3827 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3828 nist_186_2_ecdsa_testvector_62),
3829 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3830 nist_186_2_ecdsa_testvector_63),
3831 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3832 nist_186_2_ecdsa_testvector_63),
3833 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3834 nist_186_2_ecdsa_testvector_64),
3835 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3836 nist_186_2_ecdsa_testvector_64),
3837 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3838 nist_186_2_ecdsa_testvector_65),
3839 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3840 nist_186_2_ecdsa_testvector_65),
3841 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3842 nist_186_2_ecdsa_testvector_66),
3843 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3844 nist_186_2_ecdsa_testvector_66),
3845 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3846 nist_186_2_ecdsa_testvector_67),
3847 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3848 nist_186_2_ecdsa_testvector_67),
3849 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3850 nist_186_2_ecdsa_testvector_68),
3851 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3852 nist_186_2_ecdsa_testvector_68),
3853 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3854 nist_186_2_ecdsa_testvector_69),
3855 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3856 nist_186_2_ecdsa_testvector_69),
3857 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3858 nist_186_2_ecdsa_testvector_70),
3859 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3860 nist_186_2_ecdsa_testvector_70),
3861 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3862 nist_186_2_ecdsa_testvector_71),
3863 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3864 nist_186_2_ecdsa_testvector_71),
3865 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3866 nist_186_2_ecdsa_testvector_72),
3867 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3868 nist_186_2_ecdsa_testvector_72),
3869 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3870 nist_186_2_ecdsa_testvector_73),
3871 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3872 nist_186_2_ecdsa_testvector_73),
3873 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3874 nist_186_2_ecdsa_testvector_74),
3875 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3876 nist_186_2_ecdsa_testvector_74),
3877 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_VERIFY,
3878 nist_186_2_ecdsa_testvector_75),
3879 XTEST_AC_ECC_CASE(15, TEE_ALG_ECDSA_P521, TEE_MODE_SIGN,
3880 nist_186_2_ecdsa_testvector_75),
Cedric Chaumontc7654962015-09-09 14:56:36 +0200[diff] [blame]3881 /* [K-163] - GP NOT SUPPORTED */
3882 /* [K-233] - GP NOT SUPPORTED */
3883 /* [K-283] - GP NOT SUPPORTED */
3884 /* [K-409] - GP NOT SUPPORTED */
3885 /* [K-571] - GP NOT SUPPORTED */
3886 /* [B-163] - GP NOT SUPPORTED */
3887 /* [B-233] - GP NOT SUPPORTED */
3888 /* [B-283] - GP NOT SUPPORTED */
3889 /* [B-409] - GP NOT SUPPORTED */
3890 /* [B-571] - GP NOT SUPPORTED */
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3891
3892 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_ENCRYPT,
3893 gmt_0003_part5_c2_sm2_testvector),
3894 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_DECRYPT,
3895 gmt_0003_part5_c2_sm2_testvector),
3896 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_PKE, TEE_MODE_ENCRYPT,
3897 sm2_testvector2),
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]3898
3899 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_DSA_SM3, TEE_MODE_VERIFY,
3900 gmt_003_part5_a2),
3901 XTEST_AC_ECC_CASE(0, TEE_ALG_SM2_DSA_SM3, TEE_MODE_SIGN,
3902 gmt_003_part5_a2),
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3903};
3904
3905static bool create_key(ADBG_Case_t *c, TEEC_Session *s,
3906 uint32_t max_key_size, uint32_t key_type,
3907 TEE_Attribute *attrs, size_t num_attrs,
3908 TEE_ObjectHandle *handle)
3909{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3910 size_t n = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3911
3912 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3913 ta_crypt_cmd_allocate_transient_object(c, s, key_type,
3914 max_key_size, handle)))
3915 return false;
3916
3917 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3918 ta_crypt_cmd_populate_transient_object(c, s, *handle, attrs,
3919 num_attrs)))
3920 return false;
3921
3922 for (n = 0; n < num_attrs; n++) {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3923 uint8_t out[512] = { };
3924 size_t out_size = sizeof(out);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3925
3926 if (attrs[n].attributeID == TEE_ATTR_ECC_CURVE)
3927 continue;
3928
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3929 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3930 ta_crypt_cmd_get_object_buffer_attribute(c, s, *handle,
3931 attrs[n].attributeID, out, &out_size)))
3932 return false;
3933
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]3934 if (out_size < attrs[n].content.ref.length) {
3935 memmove(out + (attrs[n].content.ref.length - out_size),
3936 out,
3937 attrs[n].content.ref.length);
3938 memset(out, 0, attrs[n].content.ref.length - out_size);
3939 out_size = attrs[n].content.ref.length;
3940 }
3941
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3942 if (!ADBG_EXPECT_BUFFER(c, attrs[n].content.ref.buffer,
3943 attrs[n].content.ref.length, out, out_size))
3944 return false;
3945 }
3946
3947 return true;
3948}
3949
3950static void xtest_tee_test_4006(ADBG_Case_t *c)
3951{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3952 TEEC_Session session = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3953 TEE_OperationHandle op = TEE_HANDLE_NULL;
3954 TEE_ObjectHandle priv_key_handle = TEE_HANDLE_NULL;
3955 TEE_ObjectHandle pub_key_handle = TEE_HANDLE_NULL;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3956 TEE_Attribute key_attrs[8] = { };
3957 TEE_Attribute algo_params[1] = { };
3958 size_t num_algo_params = 0;
3959 uint8_t out[512] = { };
3960 size_t out_size = 0;
3961 uint8_t out_enc[512] = { };
3962 size_t out_enc_size = 0;
3963 uint8_t ptx_hash[TEE_MAX_HASH_SIZE] = { };
Etienne Carriere481c6602019-01-22 13:27:26 +0100[diff] [blame]3964 size_t ptx_hash_size = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3965 size_t max_key_size = 0;
3966 size_t num_key_attrs = 0;
3967 uint32_t ret_orig = 0;
3968 size_t n = 0;
3969 uint32_t curve = 0;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]3970 uint32_t pub_key_type = 0;
3971 uint32_t priv_key_type = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]3972 uint32_t hash_algo = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3973
3974 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
3975 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
3976 &ret_orig)))
3977 return;
3978
3979 for (n = 0; n < ARRAY_SIZE(xtest_ac_cases); n++) {
3980 const struct xtest_ac_case *tv = xtest_ac_cases + n;
3981
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]3982 if (tv->level > level)
3983 continue;
3984
Jerome Forissier4b03e282020-01-22 16:33:12 +0100[diff] [blame]3985 if ((tv->algo == TEE_ALG_SM2_PKE ||
3986 tv->algo == TEE_ALG_SM2_DSA_SM3) &&
3987 !ta_crypt_cmd_is_algo_supported(c, &session, tv->algo,
3988 TEE_ECC_CURVE_SM2)) {
3989 Do_ADBG_Log("SM2 not supported: skip subcase");
3990 continue;
3991 }
3992
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]3993 Do_ADBG_BeginSubCase(c, "Asym Crypto case %d algo 0x%x line %d",
3994 (int)n, (unsigned int)tv->algo,
3995 (int)tv->line);
3996
3997 /*
3998 * When signing or verifying we're working with the hash of
3999 * the payload.
4000 */
4001 if (tv->mode == TEE_MODE_VERIFY || tv->mode == TEE_MODE_SIGN) {
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4002 if (TEE_ALG_GET_MAIN_ALG(tv->algo) == TEE_MAIN_ALGO_ECDSA)
4003 hash_algo = TEE_ALG_SHA1;
Gabor Szekely2ad190f2018-09-14 14:05:06 +0000[diff] [blame]4004#if defined(CFG_CRYPTO_RSASSA_NA1)
4005 else if (tv->algo == TEE_ALG_RSASSA_PKCS1_V1_5)
4006 hash_algo = TEE_ALG_SHA256;
4007#endif
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4008 else
4009 hash_algo = TEE_ALG_HASH_ALGO(
4010 TEE_ALG_GET_DIGEST_HASH(tv->algo));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4011
4012 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4013 ta_crypt_cmd_allocate_operation(c, &session,
4014 &op, hash_algo, TEE_MODE_DIGEST, 0)))
4015 goto out;
4016
4017 ptx_hash_size = sizeof(ptx_hash);
4018 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4019 ta_crypt_cmd_digest_do_final(c, & session, op,
4020 tv->ptx, tv->ptx_len, ptx_hash,
4021 &ptx_hash_size)))
4022 goto out;
4023
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]4024 /*
4025 * When we use DSA algorithms, the size of the hash we
4026 * consider equals the min between the size of the
4027 * "subprime" in the key and the size of the hash
4028 */
4029 if (TEE_ALG_GET_MAIN_ALG(tv->algo) ==
4030 TEE_MAIN_ALGO_DSA) {
4031 if (tv->params.dsa.sub_prime_len <=
4032 ptx_hash_size)
4033 ptx_hash_size =
4034 tv->params.dsa.sub_prime_len;
4035 }
4036
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4037 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4038 ta_crypt_cmd_free_operation(c, &session, op)))
4039 goto out;
4040 }
4041
4042 num_algo_params = 0;
4043 num_key_attrs = 0;
4044 switch (TEE_ALG_GET_MAIN_ALG(tv->algo)) {
4045 case TEE_MAIN_ALGO_RSA:
4046 if (tv->params.rsa.salt_len > 0) {
4047 algo_params[0].attributeID =
4048 TEE_ATTR_RSA_PSS_SALT_LENGTH;
4049 algo_params[0].content.value.a =
4050 tv->params.rsa.salt_len;
4051 algo_params[0].content.value.b = 0;
4052 num_algo_params = 1;
4053 }
4054
4055 max_key_size = tv->params.rsa.modulus_len * 8;
4056
4057 xtest_add_attr(&num_key_attrs, key_attrs,
4058 TEE_ATTR_RSA_MODULUS,
4059 tv->params.rsa.modulus,
4060 tv->params.rsa.modulus_len);
4061 xtest_add_attr(&num_key_attrs, key_attrs,
4062 TEE_ATTR_RSA_PUBLIC_EXPONENT,
4063 tv->params.rsa.pub_exp,
4064 tv->params.rsa.pub_exp_len);
4065
4066 if (!ADBG_EXPECT_TRUE(c,
4067 create_key(c, &session,
4068 max_key_size,
4069 TEE_TYPE_RSA_PUBLIC_KEY,
4070 key_attrs,
4071 num_key_attrs,
4072 &pub_key_handle)))
4073 goto out;
4074
4075 xtest_add_attr(&num_key_attrs, key_attrs,
4076 TEE_ATTR_RSA_PRIVATE_EXPONENT,
4077 tv->params.rsa.priv_exp,
4078 tv->params.rsa.priv_exp_len);
4079
4080 if (tv->params.rsa.prime1_len != 0) {
4081 xtest_add_attr(&num_key_attrs, key_attrs,
4082 TEE_ATTR_RSA_PRIME1,
4083 tv->params.rsa.prime1,
4084 tv->params.rsa.prime1_len);
4085 }
4086
4087 if (tv->params.rsa.prime2_len != 0) {
4088 xtest_add_attr(&num_key_attrs, key_attrs,
4089 TEE_ATTR_RSA_PRIME2,
4090 tv->params.rsa.prime2,
4091 tv->params.rsa.prime2_len);
4092 }
4093
4094 if (tv->params.rsa.exp1_len != 0) {
4095 xtest_add_attr(&num_key_attrs, key_attrs,
4096 TEE_ATTR_RSA_EXPONENT1,
4097 tv->params.rsa.exp1,
4098 tv->params.rsa.exp1_len);
4099 }
4100
4101 if (tv->params.rsa.exp2_len != 0) {
4102 xtest_add_attr(&num_key_attrs, key_attrs,
4103 TEE_ATTR_RSA_EXPONENT2,
4104 tv->params.rsa.exp2,
4105 tv->params.rsa.exp2_len);
4106 }
4107
4108 if (tv->params.rsa.coeff_len != 0) {
4109 xtest_add_attr(&num_key_attrs, key_attrs,
4110 TEE_ATTR_RSA_COEFFICIENT,
4111 tv->params.rsa.coeff,
4112 tv->params.rsa.coeff_len);
4113 }
4114
4115 if (!ADBG_EXPECT_TRUE(c,
4116 create_key(c, &session,
4117 max_key_size,
4118 TEE_TYPE_RSA_KEYPAIR,
4119 key_attrs,
4120 num_key_attrs,
4121 &priv_key_handle)))
4122 goto out;
4123 break;
4124
4125 case TEE_MAIN_ALGO_DSA:
4126 max_key_size = tv->params.dsa.prime_len * 8;
4127
4128 xtest_add_attr(&num_key_attrs, key_attrs,
4129 TEE_ATTR_DSA_PRIME,
4130 tv->params.dsa.prime,
4131 tv->params.dsa.prime_len);
4132 xtest_add_attr(&num_key_attrs, key_attrs,
4133 TEE_ATTR_DSA_SUBPRIME,
4134 tv->params.dsa.sub_prime,
4135 tv->params.dsa.sub_prime_len);
4136 xtest_add_attr(&num_key_attrs, key_attrs,
4137 TEE_ATTR_DSA_BASE,
4138 tv->params.dsa.base,
4139 tv->params.dsa.base_len);
4140 xtest_add_attr(&num_key_attrs, key_attrs,
4141 TEE_ATTR_DSA_PUBLIC_VALUE,
4142 tv->params.dsa.pub_val,
4143 tv->params.dsa.pub_val_len);
4144
4145 if (!ADBG_EXPECT_TRUE(c,
4146 create_key(c, &session, max_key_size,
4147 TEE_TYPE_DSA_PUBLIC_KEY, key_attrs,
4148 num_key_attrs, &pub_key_handle)))
4149 goto out;
4150
4151 xtest_add_attr(&num_key_attrs, key_attrs,
4152 TEE_ATTR_DSA_PRIVATE_VALUE,
4153 tv->params.dsa.priv_val,
4154 tv->params.dsa.priv_val_len);
4155
4156 if (!ADBG_EXPECT_TRUE(c,
4157 create_key(c, &session, max_key_size,
4158 TEE_TYPE_DSA_KEYPAIR, key_attrs,
4159 num_key_attrs, &priv_key_handle)))
4160 goto out;
4161 break;
4162
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4163 case TEE_MAIN_ALGO_ECDSA:
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4164 case TEE_MAIN_ALGO_SM2_PKE:
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]4165 case TEE_MAIN_ALGO_SM2_DSA_SM3:
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4166 switch (tv->algo) {
4167 case TEE_ALG_ECDSA_P192:
4168 curve = TEE_ECC_CURVE_NIST_P192;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4169 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
4170 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4171 break;
4172 case TEE_ALG_ECDSA_P224:
4173 curve = TEE_ECC_CURVE_NIST_P224;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4174 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
4175 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4176 break;
4177 case TEE_ALG_ECDSA_P256:
4178 curve = TEE_ECC_CURVE_NIST_P256;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4179 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
4180 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4181 break;
4182 case TEE_ALG_ECDSA_P384:
4183 curve = TEE_ECC_CURVE_NIST_P384;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4184 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
4185 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4186 break;
4187 case TEE_ALG_ECDSA_P521:
4188 curve = TEE_ECC_CURVE_NIST_P521;
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4189 pub_key_type = TEE_TYPE_ECDSA_PUBLIC_KEY;
4190 priv_key_type = TEE_TYPE_ECDSA_KEYPAIR;
4191 break;
4192 case TEE_ALG_SM2_PKE:
4193 curve = TEE_ECC_CURVE_SM2;
4194 pub_key_type = TEE_TYPE_SM2_PKE_PUBLIC_KEY;
4195 priv_key_type = TEE_TYPE_SM2_PKE_KEYPAIR;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4196 break;
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]4197 case TEE_ALG_SM2_DSA_SM3:
4198 curve = TEE_ECC_CURVE_SM2;
4199 pub_key_type = TEE_TYPE_SM2_DSA_PUBLIC_KEY;
4200 priv_key_type = TEE_TYPE_SM2_DSA_KEYPAIR;
4201 break;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4202 default:
4203 curve = 0xFF;
4204 break;
4205 }
4206
4207 if (tv->algo == TEE_ALG_ECDSA_P521)
4208 max_key_size = 521;
4209 else
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]4210 max_key_size = tv->params.ecc.private_len * 8;
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4211
4212 xtest_add_attr_value(&num_key_attrs, key_attrs,
4213 TEE_ATTR_ECC_CURVE, curve, 0);
4214 xtest_add_attr(&num_key_attrs, key_attrs,
4215 TEE_ATTR_ECC_PUBLIC_VALUE_X,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]4216 tv->params.ecc.public_x,
4217 tv->params.ecc.public_x_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4218 xtest_add_attr(&num_key_attrs, key_attrs,
4219 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]4220 tv->params.ecc.public_y,
4221 tv->params.ecc.public_y_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4222
4223 if (!ADBG_EXPECT_TRUE(c,
4224 create_key(c, &session, max_key_size,
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4225 pub_key_type, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4226 num_key_attrs, &pub_key_handle)))
4227 goto out;
4228
4229 xtest_add_attr(&num_key_attrs, key_attrs,
4230 TEE_ATTR_ECC_PRIVATE_VALUE,
Jerome Forissier3fbfd0d2019-12-17 16:44:01 +0100[diff] [blame]4231 tv->params.ecc.private,
4232 tv->params.ecc.private_len);
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4233
4234 if (!ADBG_EXPECT_TRUE(c,
4235 create_key(c, &session, max_key_size,
Jerome Forissierb6f5ac92019-12-19 16:37:14 +0100[diff] [blame]4236 priv_key_type, key_attrs,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4237 num_key_attrs, &priv_key_handle)))
4238 goto out;
4239 break;
4240
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4241 default:
4242 ADBG_EXPECT_TRUE(c, false);
4243 goto out;
4244 }
4245
4246 out_size = sizeof(out);
4247 memset(out, 0, sizeof(out));
4248 switch (tv->mode) {
4249 case TEE_MODE_ENCRYPT:
4250 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4251 ta_crypt_cmd_allocate_operation(c, &session,
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4252 &op, tv->algo, TEE_MODE_ENCRYPT,
4253 max_key_size)))
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4254 goto out;
4255
4256 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4257 ta_crypt_cmd_set_operation_key(c, &session, op,
4258 pub_key_handle)))
4259 goto out;
4260
4261 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4262 ta_crypt_cmd_free_transient_object(c, &session,
4263 pub_key_handle)))
4264 goto out;
4265 pub_key_handle = TEE_HANDLE_NULL;
4266
4267 out_enc_size = sizeof(out_enc);
4268 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4269 ta_crypt_cmd_asymmetric_encrypt(c, &session, op,
4270 NULL, 0, tv->ptx, tv->ptx_len, out_enc,
4271 &out_enc_size)))
4272 goto out;
4273
4274 /*
4275 * A PS which is random is added when formatting the
4276 * message internally of the algorithm so we can't
4277 * verify against precomputed values, instead we use the
4278 * decrypt operation to see that output is correct.
4279 */
4280
4281 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4282 ta_crypt_cmd_free_operation(c, &session, op)))
4283 goto out;
4284
4285 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4286 ta_crypt_cmd_allocate_operation(c, &session,
4287 &op, tv->algo, TEE_MODE_DECRYPT,
4288 max_key_size)))
4289 goto out;
4290
4291 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4292 ta_crypt_cmd_set_operation_key(c, &session, op,
4293 priv_key_handle)))
4294 goto out;
4295
4296 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4297 ta_crypt_cmd_free_transient_object(c, &session,
4298 priv_key_handle)))
4299 goto out;
4300
4301 priv_key_handle = TEE_HANDLE_NULL;
4302
4303 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4304 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
4305 NULL, 0, out_enc, out_enc_size, out,
4306 &out_size)))
4307 goto out;
4308
4309 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
4310 out_size);
4311 break;
4312
4313 case TEE_MODE_DECRYPT:
4314 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4315 ta_crypt_cmd_allocate_operation(c, &session,
4316 &op, tv->algo, TEE_MODE_DECRYPT,
4317 max_key_size)))
4318 goto out;
4319
4320 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4321 ta_crypt_cmd_set_operation_key(c, &session, op,
4322 priv_key_handle)))
4323 goto out;
4324
4325 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4326 ta_crypt_cmd_free_transient_object(c, &session,
4327 priv_key_handle)))
4328 goto out;
4329
4330 priv_key_handle = TEE_HANDLE_NULL;
4331
4332 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4333 ta_crypt_cmd_asymmetric_decrypt(c, &session, op,
4334 NULL, 0, tv->ctx, tv->ctx_len, out,
4335 &out_size)))
4336 goto out;
4337
4338 (void)ADBG_EXPECT_BUFFER(c, tv->ptx, tv->ptx_len, out,
4339 out_size);
4340 break;
4341
4342 case TEE_MODE_VERIFY:
4343 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4344 ta_crypt_cmd_allocate_operation(c, &session,
4345 &op, tv->algo, TEE_MODE_VERIFY,
4346 max_key_size)))
4347 goto out;
4348
4349 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4350 ta_crypt_cmd_set_operation_key(c, &session, op,
4351 pub_key_handle)))
4352 goto out;
4353
4354 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4355 ta_crypt_cmd_free_transient_object(c, &session,
4356 pub_key_handle)))
4357 goto out;
4358
4359 pub_key_handle = TEE_HANDLE_NULL;
4360
4361 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4362 ta_crypt_cmd_asymmetric_verify(c, &session, op,
4363 algo_params, num_algo_params, ptx_hash,
4364 ptx_hash_size, tv->ctx, tv->ctx_len)))
4365 goto out;
4366 break;
4367
4368 case TEE_MODE_SIGN:
4369 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4370 ta_crypt_cmd_allocate_operation(c, &session,
4371 &op, tv->algo, TEE_MODE_SIGN,
4372 max_key_size)))
4373 goto out;
4374
4375 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4376 ta_crypt_cmd_set_operation_key(c, &session, op,
4377 priv_key_handle)))
4378 goto out;
4379
4380 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4381 ta_crypt_cmd_free_transient_object(c, &session,
4382 priv_key_handle)))
4383 goto out;
4384
4385 priv_key_handle = TEE_HANDLE_NULL;
4386
4387 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4388 ta_crypt_cmd_asymmetric_sign(c, &session, op,
4389 algo_params, num_algo_params, ptx_hash,
4390 ptx_hash_size, out, &out_size)))
4391 goto out;
4392
4393 if (TEE_ALG_GET_CHAIN_MODE(tv->algo) ==
4394 TEE_CHAIN_MODE_PKCS1_PSS_MGF1 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4395 tv->algo == TEE_ALG_DSA_SHA1 ||
Cedric Chaumontb2ba8782015-09-03 13:23:05 +0200[diff] [blame]4396 tv->algo == TEE_ALG_DSA_SHA224 ||
4397 tv->algo == TEE_ALG_DSA_SHA256 ||
Pascal Brand3e143ee2015-07-15 17:17:16 +0200[diff] [blame]4398 TEE_ALG_GET_MAIN_ALG(tv->algo) ==
Jerome Forissier849b57e2019-12-19 16:37:14 +0100[diff] [blame]4399 TEE_MAIN_ALGO_ECDSA ||
4400 tv->algo == TEE_ALG_SM2_DSA_SM3) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4401 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4402 ta_crypt_cmd_free_operation(c, &session,
4403 op)))
4404 goto out;
4405 /*
4406 * The salt or K is random so we can't verify
4407 * signing against precomputed values, instead
4408 * we use the verify operation to see that
4409 * output is correct.
4410 */
4411 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4412 ta_crypt_cmd_allocate_operation(c,
4413 &session, &op, tv->algo,
4414 TEE_MODE_VERIFY, max_key_size)))
4415 goto out;
4416
4417 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4418 ta_crypt_cmd_set_operation_key(c,
4419 &session, op, pub_key_handle)))
4420 goto out;
4421
4422 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4423 ta_crypt_cmd_free_transient_object(c,
4424 &session, pub_key_handle)))
4425 goto out;
4426
4427 pub_key_handle = TEE_HANDLE_NULL;
4428
4429 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4430 ta_crypt_cmd_asymmetric_verify(c,
4431 &session, op, algo_params,
4432 num_algo_params, ptx_hash,
4433 ptx_hash_size, out, out_size)))
4434 goto out;
4435 } else {
4436 (void)ADBG_EXPECT_BUFFER(c, tv->ctx,
4437 tv->ctx_len, out,
4438 out_size);
4439 }
4440 break;
4441
4442 default:
4443 break;
4444 }
4445
4446 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4447 ta_crypt_cmd_free_operation(c, &session, op)))
4448 goto out;
4449
4450 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4451 ta_crypt_cmd_free_transient_object(c, &session,
4452 pub_key_handle)))
4453 goto out;
4454 pub_key_handle = TEE_HANDLE_NULL;
4455
4456 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4457 ta_crypt_cmd_free_transient_object(c, &session,
4458 priv_key_handle)))
4459 goto out;
4460
4461 priv_key_handle = TEE_HANDLE_NULL;
4462
4463 Do_ADBG_EndSubCase(c, NULL);
4464 }
4465out:
4466 TEEC_CloseSession(&session);
4467}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]4468ADBG_CASE_DEFINE(regression, 4006, xtest_tee_test_4006,
4469 "Test TEE Internal API Asymmetric Cipher operations");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4470
4471#define KEY_ATTR(x, y) { #x, (x), y }
4472
4473struct key_attrs {
4474 const char *name;
4475 uint32_t attr;
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4476 /*
4477 * When keysize_check != 0: size of attribute is checked
4478 * Expected value is key_size bits except for DH in which case it is
4479 * the value of keysize_check.
4480 */
4481 uint32_t keysize_check;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4482};
4483
4484static bool test_keygen_attributes(ADBG_Case_t *c, TEEC_Session *s,
4485 TEE_ObjectHandle key, uint32_t key_size,
4486 struct key_attrs *attrs, size_t num_attrs)
4487{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4488 uint8_t out[2048] = { };
4489 size_t out_size = 0;
4490 size_t n = 0;
4491 size_t m = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4492
4493 for (m = 0; m < num_attrs; m++) {
4494 if ((attrs[m].attr & TEE_ATTR_BIT_VALUE) == 0) {
4495 out_size = sizeof(out);
4496 memset(out, 0, sizeof(out));
4497 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4498 ta_crypt_cmd_get_object_buffer_attribute(c, s,
4499 key, attrs[m].attr, out, &out_size)))
4500 return false;
4501
4502 if (attrs[m].keysize_check)
Jerome Forissierfe94e562020-11-17 17:22:40 +0100[diff] [blame^]4503 ADBG_EXPECT_COMPARE_UNSIGNED(c, out_size, <=,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4504 key_size / 8);
4505
4506 if (out_size > 0) {
4507 /* Check that buffer isn't all zeroes */
4508 for (n = 0; n < out_size; n++)
4509 if (out[n] != 0)
4510 break;
4511 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <,
4512 out_size))
4513 return false;
4514 }
4515 } else {
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4516 uint32_t a = 0;
4517 uint32_t b = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4518
4519 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4520 ta_crypt_cmd_get_object_value_attribute(c, s, key,
4521 attrs[m].attr, &a, &b)))
4522 return false;
4523 }
4524 }
4525 return true;
4526}
4527
4528static bool test_secret_value(ADBG_Case_t *c, TEEC_Session *s,
4529 TEE_ObjectHandle key, uint32_t key_size)
4530{
4531 const struct key_attrs attrs[] = {
4532 KEY_ATTR(TEE_ATTR_SECRET_VALUE, true),
4533 };
4534
4535 return test_keygen_attributes(c, s, key, key_size,
4536 (struct key_attrs *)&attrs,
4537 ARRAY_SIZE(attrs));
4538}
4539
4540
4541static bool test_rsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4542 TEE_ObjectHandle key, uint32_t key_size)
4543{
4544 const struct key_attrs attrs[] = {
4545 KEY_ATTR(TEE_ATTR_RSA_MODULUS, true),
4546 KEY_ATTR(TEE_ATTR_RSA_PUBLIC_EXPONENT, false),
4547 KEY_ATTR(TEE_ATTR_RSA_PRIVATE_EXPONENT, false),
4548 KEY_ATTR(TEE_ATTR_RSA_PRIME1, false),
4549 KEY_ATTR(TEE_ATTR_RSA_PRIME2, false),
4550 KEY_ATTR(TEE_ATTR_RSA_EXPONENT1, false),
4551 KEY_ATTR(TEE_ATTR_RSA_EXPONENT2, false),
4552 KEY_ATTR(TEE_ATTR_RSA_COEFFICIENT, false),
4553 };
4554
4555 return test_keygen_attributes(c, s, key, key_size,
4556 (struct key_attrs *)&attrs,
4557 ARRAY_SIZE(attrs));
4558}
4559
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4560static bool test_ecc_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4561 TEE_ObjectHandle key, uint32_t key_size)
4562{
4563 const struct key_attrs attrs[] = {
4564 KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE, false),
4565 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X , false),
4566 KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y , false),
4567 /* KEY_ATTR(TEE_ATTR_ECC_CURVE, false), - do not test */
4568 };
4569
4570 return test_keygen_attributes(c, s, key, key_size,
4571 (struct key_attrs *)&attrs,
4572 ARRAY_SIZE(attrs));
4573}
4574
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4575static bool test_dh_key_pair(ADBG_Case_t *c, TEEC_Session *s,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4576 TEE_ObjectHandle key, uint32_t check_keysize)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4577{
4578 const struct key_attrs attrs[] = {
4579 KEY_ATTR(TEE_ATTR_DH_PRIME, false),
4580 KEY_ATTR(TEE_ATTR_DH_BASE, false),
4581 KEY_ATTR(TEE_ATTR_DH_PUBLIC_VALUE, false),
4582 KEY_ATTR(TEE_ATTR_DH_PRIVATE_VALUE, check_keysize),
4583 KEY_ATTR(TEE_ATTR_DH_X_BITS, false),
4584 };
4585
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4586 return test_keygen_attributes(c, s, key, check_keysize,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4587 (struct key_attrs *)&attrs,
4588 ARRAY_SIZE(attrs));
4589}
4590
4591static bool test_dsa_key_pair(ADBG_Case_t *c, TEEC_Session *s,
4592 TEE_ObjectHandle key, uint32_t key_size)
4593{
4594 const struct key_attrs attrs[] = {
4595 KEY_ATTR(TEE_ATTR_DSA_PRIME, true),
4596 KEY_ATTR(TEE_ATTR_DSA_SUBPRIME, false),
4597 KEY_ATTR(TEE_ATTR_DSA_BASE, false),
4598 KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE, false),
4599 KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE, false),
4600 };
4601
4602 return test_keygen_attributes(c, s, key, key_size,
4603 (struct key_attrs *)&attrs,
4604 ARRAY_SIZE(attrs));
4605}
4606
4607static bool generate_and_test_key(ADBG_Case_t *c, TEEC_Session *s,
4608 uint32_t key_type, uint32_t check_keysize,
4609 uint32_t key_size,
4610 TEE_Attribute *params, size_t param_count)
4611{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4612 TEE_ObjectHandle key = TEE_HANDLE_NULL;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4613 bool ret_val = true;
4614
4615 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4616 ta_crypt_cmd_allocate_transient_object(c, s, key_type, key_size,
4617 &key)))
4618 return false;
4619
4620 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4621 ta_crypt_cmd_generate_key(c, s, key, key_size, params,
4622 param_count)))
4623 return false;
4624
4625 switch (key_type) {
4626 case TEE_TYPE_DES:
4627 case TEE_TYPE_DES3:
4628 ret_val = ADBG_EXPECT_TRUE(c,
4629 test_secret_value(c, s, key,
4630 key_size + key_size / 7));
4631 break;
4632 case TEE_TYPE_AES:
4633 case TEE_TYPE_HMAC_MD5:
4634 case TEE_TYPE_HMAC_SHA1:
4635 case TEE_TYPE_HMAC_SHA224:
4636 case TEE_TYPE_HMAC_SHA256:
4637 case TEE_TYPE_HMAC_SHA384:
4638 case TEE_TYPE_HMAC_SHA512:
4639 case TEE_TYPE_GENERIC_SECRET:
4640 ret_val = ADBG_EXPECT_TRUE(c,
4641 test_secret_value(c, s, key, key_size));
4642 break;
4643
4644 case TEE_TYPE_RSA_KEYPAIR:
4645 ret_val = ADBG_EXPECT_TRUE(c,
4646 test_rsa_key_pair(c, s, key, key_size));
4647 break;
4648
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4649 case TEE_TYPE_ECDSA_KEYPAIR:
4650 case TEE_TYPE_ECDH_KEYPAIR:
4651 ret_val = ADBG_EXPECT_TRUE(c,
4652 test_ecc_key_pair(c, s, key, key_size));
4653 break;
4654
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4655 case TEE_TYPE_DH_KEYPAIR:
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4656 ret_val = ADBG_EXPECT_TRUE(c,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4657 test_dh_key_pair(c, s, key, check_keysize));
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4658 break;
4659
4660 case TEE_TYPE_DSA_KEYPAIR:
4661 ret_val = ADBG_EXPECT_TRUE(c,
4662 test_dsa_key_pair(c, s, key, key_size));
4663 break;
4664
4665 default:
4666 ret_val = false;
4667 break;
4668 }
4669
4670 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4671 ta_crypt_cmd_free_transient_object(c, s, key)))
4672 return false;
4673
4674 return ret_val;
4675}
4676
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4677struct key_types_noparam {
4678 unsigned level;
4679 const char *name;
4680 uint32_t key_type;
4681 uint32_t quanta;
4682 uint32_t min_size;
4683 uint32_t max_size;
4684};
4685
4686static void keygen_noparams(ADBG_Case_t *c, TEEC_Session *session,
4687 const struct key_types_noparam *key_types,
4688 size_t num_key_types)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4689{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4690 size_t n = 0;
4691 uint32_t key_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4692
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4693 for (n = 0; n < num_key_types; n++) {
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4694 uint32_t min_size = key_types[n].min_size;
4695 uint32_t max_size = key_types[n].max_size;
4696 uint32_t quanta = key_types[n].quanta;
4697
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4698 if (key_types[n].level > level)
4699 continue;
4700
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4701 Do_ADBG_BeginSubCase(c, "Generate %s key", key_types[n].name);
4702
4703 for (key_size = min_size; key_size <= max_size;
4704 key_size += quanta) {
4705 if (!ADBG_EXPECT_TRUE(c,
4706 generate_and_test_key(c, session, key_types
4707 [n].key_type, 1, key_size, NULL, 0)))
4708 break;
4709 }
4710
4711 Do_ADBG_EndSubCase(c, "Generate %s key", key_types[n].name);
4712 }
4713}
4714
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4715static void xtest_tee_test_4007_symmetric(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4716{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4717 TEEC_Session session = { };
4718 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4719 static const struct key_types_noparam key_types[] = {
4720 { 0, "AES", TEE_TYPE_AES, 64, 128,
4721 256 /* valid sizes 128, 192, 256 */ },
4722 { 0, "DES", TEE_TYPE_DES, 56, 56, 56 /* valid size 56 */ },
4723 { 0, "DES3", TEE_TYPE_DES3, 56, 112,
4724 168 /* valid sizes 112, 168 */ },
4725 { 0, "HMAC-MD5", TEE_TYPE_HMAC_MD5, 8, 64, 512 },
4726 { 0, "HMAC-SHA1", TEE_TYPE_HMAC_SHA1, 8, 80, 512 },
4727 { 0, "HMAC-SHA224", TEE_TYPE_HMAC_SHA224, 8, 112, 512 },
4728 { 0, "HMAC-SHA256", TEE_TYPE_HMAC_SHA256, 8, 192, 1024 },
4729 { 0, "HMAC-SHA384", TEE_TYPE_HMAC_SHA384, 8, 256, 1024 },
4730 { 0, "HMAC-SHA512", TEE_TYPE_HMAC_SHA512, 8, 256, 1024 },
4731 { 0, "Generic secret", TEE_TYPE_GENERIC_SECRET, 8, 128, 4096 },
4732 };
4733
4734 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4735 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4736 &ret_orig)))
4737 return;
4738
4739 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4740
4741 TEEC_CloseSession(&session);
4742}
4743ADBG_CASE_DEFINE(regression, 4007_symmetric, xtest_tee_test_4007_symmetric,
4744 "Test TEE Internal API Generate Symmetric key");
4745
4746static void xtest_tee_test_4007_rsa(ADBG_Case_t *c)
4747{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4748 TEEC_Session session = { };
4749 uint32_t ret_orig = 0;
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4750 static const struct key_types_noparam key_types[] = {
4751 { 0, "RSA-256", TEE_TYPE_RSA_KEYPAIR, 1, 256, 256 },
4752 { 1, "RSA-384", TEE_TYPE_RSA_KEYPAIR, 1, 384, 384 },
4753 { 1, "RSA-512", TEE_TYPE_RSA_KEYPAIR, 1, 512, 512 },
4754 { 1, "RSA-640", TEE_TYPE_RSA_KEYPAIR, 1, 640, 640 },
4755 { 1, "RSA-768", TEE_TYPE_RSA_KEYPAIR, 1, 768, 768 },
4756 { 1, "RSA-896", TEE_TYPE_RSA_KEYPAIR, 1, 896, 896 },
4757 { 1, "RSA-1024", TEE_TYPE_RSA_KEYPAIR, 1, 1024, 1024 },
4758 { 1, "RSA-2048", TEE_TYPE_RSA_KEYPAIR, 1, 2048, 2048 },
4759 { 1, "RSA-3072", TEE_TYPE_RSA_KEYPAIR, 1, 3072, 3072 },
4760 { 1, "RSA-4096", TEE_TYPE_RSA_KEYPAIR, 1, 4096, 4096 },
4761 };
4762
4763 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4764 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4765 &ret_orig)))
4766 return;
4767
4768 keygen_noparams(c, &session, key_types, ARRAY_SIZE(key_types));
4769
4770 TEEC_CloseSession(&session);
4771}
4772ADBG_CASE_DEFINE(regression, 4007_rsa, xtest_tee_test_4007_rsa,
4773 "Test TEE Internal API Generate RSA key");
4774
4775static void xtest_tee_test_4007_dh(ADBG_Case_t *c)
4776{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4777 TEEC_Session session = { };
4778 uint32_t ret_orig = 0;
4779 size_t n = 0;
4780 size_t param_count = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4781 /*
4782 * Note that the key size parameter is not used when creating the keys
4783 * but specifying these sizes make it possible to test the expected size
4784 * of the private value. This also means that the keysize must match the
4785 * size of p or what is specified in private_bits or the equvivalent
4786 * size of the subprime parameter.
4787 */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4788 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4789
4790#define XTEST_DH_GK_DATA(vect) \
4791 ARRAY(vect ## _p), \
4792 ARRAY(vect ## _g), \
4793 &vect ## _private_bits, \
4794 0, 0
4795#define XTEST_DH_GK_DATA_SUBPRIME(vect) \
4796 ARRAY(vect ## _p), \
4797 ARRAY(vect ## _g), \
4798 &vect ## _private_bits, \
4799 ARRAY(vect ## _subprime)
4800 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4801 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4802 uint32_t key_size;
4803 const uint8_t *p;
4804 size_t p_len;
4805 const uint8_t *g;
4806 size_t g_len;
4807 const uint32_t *private_bits;
4808 const uint8_t *subprime;
4809 size_t subprime_len;
4810 } key_types[] = {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4811 { 0, 256, XTEST_DH_GK_DATA(keygen_dh256) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4812 { 0, 320, XTEST_DH_GK_DATA(keygen_dh320) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4813 { 1, 384, XTEST_DH_GK_DATA(keygen_dh384) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4814 { 1, 448, XTEST_DH_GK_DATA(keygen_dh448) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4815 { 1, 512, XTEST_DH_GK_DATA(keygen_dh512) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4816 { 1, 576, XTEST_DH_GK_DATA(keygen_dh576) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4817 { 1, 640, XTEST_DH_GK_DATA(keygen_dh640) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4818 { 1, 704, XTEST_DH_GK_DATA(keygen_dh704) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4819 { 1, 768, XTEST_DH_GK_DATA(keygen_dh768) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4820 { 1, 832, XTEST_DH_GK_DATA(keygen_dh832) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4821 { 1, 896, XTEST_DH_GK_DATA(keygen_dh896) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4822 { 1, 960, XTEST_DH_GK_DATA(keygen_dh960) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4823 { 1, 1024, XTEST_DH_GK_DATA(keygen_dh1024) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4824 { 1, 1088, XTEST_DH_GK_DATA(keygen_dh1088) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4825 { 1, 1152, XTEST_DH_GK_DATA(keygen_dh1152) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4826 { 1, 1216, XTEST_DH_GK_DATA(keygen_dh1216) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4827 { 1, 1280, XTEST_DH_GK_DATA(keygen_dh1280) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4828 { 1, 1344, XTEST_DH_GK_DATA(keygen_dh1344) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4829 { 1, 1408, XTEST_DH_GK_DATA(keygen_dh1408) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4830 { 1, 1472, XTEST_DH_GK_DATA(keygen_dh1472) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4831 { 1, 1536, XTEST_DH_GK_DATA(keygen_dh1536) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4832 { 1, 1600, XTEST_DH_GK_DATA(keygen_dh1600) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4833 { 1, 1664, XTEST_DH_GK_DATA(keygen_dh1664) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4834 { 1, 1728, XTEST_DH_GK_DATA(keygen_dh1728) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4835 { 1, 1792, XTEST_DH_GK_DATA(keygen_dh1792) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4836 { 1, 1856, XTEST_DH_GK_DATA(keygen_dh1856) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4837 { 1, 1920, XTEST_DH_GK_DATA(keygen_dh1920) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4838 { 1, 1984, XTEST_DH_GK_DATA(keygen_dh1984) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4839 { 1, 2048, XTEST_DH_GK_DATA(keygen_dh2048) },
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4840 { 1, 2048, XTEST_DH_GK_DATA_SUBPRIME(keygen_dh2048_subprime) }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4841 };
4842
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4843 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4844 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4845 &ret_orig)))
4846 return;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4847
4848 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4849 if (key_types[n].level > level)
4850 continue;
4851
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4852 Do_ADBG_BeginSubCase(c,
4853 "Generate DH key %d bits - Private bits = %d",
4854 key_types[n].key_size,
4855 *key_types[n].private_bits);
4856 param_count = 0;
4857
4858 xtest_add_attr(&param_count, params,
4859 TEE_ATTR_DH_PRIME,
4860 key_types[n].p, key_types[n].p_len);
4861
4862 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
4863 key_types[n].g, key_types[n].g_len);
4864
4865 if (key_types[n].private_bits != 0) {
4866 params[param_count].attributeID = TEE_ATTR_DH_X_BITS;
4867
4868 params[param_count].content.value.a =
4869 *key_types[n].private_bits;
4870
4871 params[param_count].content.value.b = 0;
4872 param_count++;
4873 }
4874
4875 if (key_types[n].subprime != 0) {
4876 xtest_add_attr(&param_count, params,
4877 TEE_ATTR_DH_SUBPRIME,
4878 key_types[n].subprime,
4879 key_types[n].subprime_len);
4880 }
4881
4882 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4883 generate_and_test_key(c, &session, TEE_TYPE_DH_KEYPAIR,
Jerome Forissier4032c8c2016-05-31 13:25:08 +0200[diff] [blame]4884 *key_types[n].private_bits,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4885 key_types[n]. key_size, params, param_count)))
4886 break;
4887
4888 Do_ADBG_EndSubCase(c,
4889 "Generate DH key %d bits - Private bits = %d",
4890 key_types[n].key_size,
4891 *key_types[n].private_bits);
4892 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4893
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4894 TEEC_CloseSession(&session);
4895}
4896ADBG_CASE_DEFINE(regression, 4007_dh, xtest_tee_test_4007_dh,
4897 "Test TEE Internal API Generate DH key");
4898
4899static void xtest_tee_test_4007_dsa(ADBG_Case_t *c)
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4900{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4901 TEEC_Session session = { };
4902 uint32_t ret_orig = 0;
4903 size_t n = 0;
4904 size_t param_count = 0;
4905 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4906
4907#define XTEST_DSA_GK_DATA(vect) \
4908 ARRAY(vect ## _p), \
4909 ARRAY(vect ## _g), \
4910 ARRAY(vect ## _q)
4911 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4912 unsigned level;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4913 uint32_t key_size;
4914 const uint8_t *prime;
4915 size_t prime_len;
4916 const uint8_t *base;
4917 size_t base_len;
4918 const uint8_t *sub_prime;
4919 size_t sub_prime_len;
4920 } key_types[] = {
Jerome Forissiereed7e652020-04-15 15:42:38 +0200[diff] [blame]4921 { 0, 1024, XTEST_DSA_GK_DATA(keygen_dsa_test1) },
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4922 { 0, 512, XTEST_DSA_GK_DATA(keygen_dsa512) },
Jerome Forissiereed7e652020-04-15 15:42:38 +0200[diff] [blame]4923 { 0, 576, XTEST_DSA_GK_DATA(keygen_dsa576) },
4924 { 0, 640, XTEST_DSA_GK_DATA(keygen_dsa640) },
4925 { 0, 704, XTEST_DSA_GK_DATA(keygen_dsa704) },
4926 { 0, 768, XTEST_DSA_GK_DATA(keygen_dsa768) },
4927 { 0, 832, XTEST_DSA_GK_DATA(keygen_dsa832) },
4928 { 0, 896, XTEST_DSA_GK_DATA(keygen_dsa896) },
4929 { 0, 960, XTEST_DSA_GK_DATA(keygen_dsa960) },
4930 { 0, 1024, XTEST_DSA_GK_DATA(keygen_dsa1024) },
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4931 };
4932
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4933 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
4934 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
4935 &ret_orig)))
4936 return;
4937
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4938 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4939 if (key_types[n].level > level)
4940 continue;
4941
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4942 Do_ADBG_BeginSubCase(c, "Generate DSA key %d bits",
4943 key_types[n].key_size);
4944 param_count = 0;
4945
4946
4947 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_PRIME,
4948 key_types[n].prime, key_types[n].prime_len);
4949
4950 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_SUBPRIME,
4951 key_types[n].sub_prime,
4952 key_types[n].sub_prime_len);
4953
4954 xtest_add_attr(&param_count, params, TEE_ATTR_DSA_BASE,
4955 key_types[n].base, key_types[n].base_len);
4956
4957 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4958 generate_and_test_key(c, &session, TEE_TYPE_DSA_KEYPAIR,
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4959 1, key_types[n]. key_size, params,
4960 param_count)))
4961 break;
4962
4963 Do_ADBG_EndSubCase(c, "Generate DSA key %d bits",
4964 key_types[n].key_size);
4965 }
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]4966
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]4967 TEEC_CloseSession(&session);
4968}
4969ADBG_CASE_DEFINE(regression, 4007_dsa, xtest_tee_test_4007_dsa,
4970 "Test TEE Internal API Generate DSA key");
4971
4972static void xtest_tee_test_4007_ecc(ADBG_Case_t *c)
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4973{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]4974 TEEC_Session session = { };
4975 uint32_t ret_orig = 0;
4976 size_t n = 0;
4977 size_t param_count = 0;
4978 TEE_Attribute params[4] = { };
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4979
4980 static const struct {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4981 unsigned level;
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4982 const char *name;
4983 uint32_t algo;
4984 uint32_t curve;
4985 uint32_t key_size;
4986 } key_types[] = {
4987 /* ECDSA */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]4988 { 0, "ECDSA-192", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
4989 192 },
4990 { 1, "ECDSA-224", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
4991 224 },
4992 { 1, "ECDSA-256", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
4993 256 },
4994 { 1, "ECDSA-384", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
4995 384 },
4996 { 1, "ECDSA-521", TEE_TYPE_ECDSA_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
4997 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]4998
4999 /* ECDH */
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]5000 { 0, "ECDH-192", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P192,
5001 192 },
5002 { 1, "ECDH-224", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P224,
5003 224 },
5004 { 1, "ECDH-256", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P256,
5005 256 },
5006 { 1, "ECDH-384", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P384,
5007 384 },
5008 { 1, "ECDH-521", TEE_TYPE_ECDH_KEYPAIR, TEE_ECC_CURVE_NIST_P521,
5009 521 },
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]5010 };
5011
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]5012 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5013 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5014 &ret_orig)))
5015 return;
5016
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]5017 for (n = 0; n < ARRAY_SIZE(key_types); n++) {
Jens Wiklander6a9d15a2016-02-01 10:29:42 +0100[diff] [blame]5018 if (key_types[n].level > level)
5019 continue;
5020
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]5021 Do_ADBG_BeginSubCase(c, "Generate %s", key_types[n].name);
5022 param_count = 0;
5023
5024 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5025 key_types[n].curve, 0);
5026
5027 if (!ADBG_EXPECT_TRUE(c,
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]5028 generate_and_test_key(c, &session, key_types[n].algo,
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]5029 0, key_types[n].key_size, params,
5030 param_count)))
5031 break;
5032
5033 Do_ADBG_EndSubCase(c, "Generate %s", key_types[n].name);
5034 }
Pascal Brande61133f2015-07-08 15:38:37 +0200[diff] [blame]5035
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5036 TEEC_CloseSession(&session);
5037}
Jens Wiklandera8c8f872018-12-14 11:41:36 +0100[diff] [blame]5038ADBG_CASE_DEFINE(regression, 4007_ecc, xtest_tee_test_4007_ecc,
5039 "Test TEE Internal API Generate ECC key");
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5040
5041static void xtest_tee_test_4008(ADBG_Case_t *c)
5042{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5043 TEEC_Session session = { };
5044 uint32_t ret_orig = 0;
5045 TEE_OperationHandle op = TEE_HANDLE_NULL;
5046 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
5047 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5048 TEE_Attribute params[4] = { };
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5049 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5050 uint8_t out[2048] = { };
5051 size_t out_size = 0;
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5052
5053 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5054 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5055 &ret_orig)))
5056 return;
5057
5058 Do_ADBG_BeginSubCase(c, "Derive DH key success");
5059
5060 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5061 ta_crypt_cmd_allocate_operation(c, &session, &op,
5062 TEE_ALG_DH_DERIVE_SHARED_SECRET, TEE_MODE_DERIVE,
5063 derive_key_max_keysize)))
5064 goto out;
5065
5066 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5067 ta_crypt_cmd_allocate_transient_object(c, & session,
5068 TEE_TYPE_DH_KEYPAIR, derive_key_max_keysize,
5069 &key_handle)))
5070 goto out;
5071
5072 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIME,
5073 ARRAY(derive_key_dh_prime));
5074
5075 xtest_add_attr(&param_count, params, TEE_ATTR_DH_BASE,
5076 ARRAY(derive_key_dh_base));
5077
5078 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
5079 ARRAY(derive_key_dh_public_value));
5080
5081 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PRIVATE_VALUE,
5082 ARRAY(derive_key_dh_private_value));
5083
5084 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5085 ta_crypt_cmd_populate_transient_object(c, &session, key_handle,
5086 params, param_count)))
5087 goto out;
5088
5089 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5090 ta_crypt_cmd_set_operation_key(c, &session, op, key_handle)))
5091 goto out;
5092
5093 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5094 ta_crypt_cmd_free_transient_object(c, & session, key_handle)))
5095 goto out;
5096
5097 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5098 ta_crypt_cmd_allocate_transient_object(c, &session,
5099 TEE_TYPE_GENERIC_SECRET, derive_key_max_keysize,
5100 &sv_handle)))
5101 goto out;
5102
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5103 /* reuse but reset params and param-count */
Pascal Brandc639ac82015-07-02 08:53:34 +0200[diff] [blame]5104 param_count = 0;
5105
5106 xtest_add_attr(&param_count, params, TEE_ATTR_DH_PUBLIC_VALUE,
5107 ARRAY(derive_key_dh_public_value_2));
5108
5109 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5110 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5111 param_count)))
5112 goto out;
5113
5114 out_size = sizeof(out);
5115 memset(out, 0, sizeof(out));
5116 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5117 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5118 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5119 goto out;
5120
5121 if (!ADBG_EXPECT_BUFFER(c, derive_key_dh_shared_secret,
5122 sizeof(derive_key_dh_shared_secret), out,
5123 out_size))
5124 goto out;
5125
5126 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5127 ta_crypt_cmd_free_operation(c, &session, op)))
5128 goto out;
5129
5130 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5131 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
5132 goto out;
5133out:
5134 Do_ADBG_EndSubCase(c, "Derive DH key success");
5135 TEEC_CloseSession(&session);
5136}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5137ADBG_CASE_DEFINE(regression, 4008, xtest_tee_test_4008,
5138 "Test TEE Internal API Derive key");
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5139
5140static void xtest_tee_test_4009(ADBG_Case_t *c)
5141{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5142 TEEC_Session session = { };
5143 uint32_t ret_orig = 0;
5144 TEE_OperationHandle op = TEE_HANDLE_NULL;
5145 TEE_ObjectHandle key_handle = TEE_HANDLE_NULL;
5146 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5147 TEE_Attribute params[4] = { };
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5148 size_t param_count = 0;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5149 uint8_t out[2048] = { };
5150 size_t out_size = 0;
5151 uint32_t size_bytes = 0;
5152 uint32_t i = 0;
5153 struct derive_key_ecdh_t *pt = NULL;
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5154
5155 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5156 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5157 &ret_orig)))
5158 return;
5159
5160 for (i = 0; i < ARRAY_SIZE(derive_key_ecdh); i++) {
5161 pt = &derive_key_ecdh[i];
5162
Cedric Chaumontc3b6c282015-09-25 03:05:18 +0200[diff] [blame]5163 if (pt->level > level)
5164 continue;
5165
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5166 Do_ADBG_BeginSubCase(c, "Derive ECDH key - algo = 0x%x",
5167 pt->algo);
5168 size_bytes = (pt->keysize + 7) / 8;
5169 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5170 ta_crypt_cmd_allocate_operation(c, &session, &op,
5171 pt->algo,
5172 TEE_MODE_DERIVE, pt->keysize)))
5173 goto out;
5174
5175 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5176 ta_crypt_cmd_allocate_transient_object(c, & session,
5177 TEE_TYPE_ECDH_KEYPAIR, pt->keysize,
5178 &key_handle)))
5179 goto out;
5180
5181 param_count = 0;
5182 xtest_add_attr_value(&param_count, params,
5183 TEE_ATTR_ECC_CURVE, pt->curve, 0);
5184 xtest_add_attr(&param_count, params,
5185 TEE_ATTR_ECC_PRIVATE_VALUE,
5186 pt->private, size_bytes);
5187 /*
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]5188 * The public value is not used, but we should provide a valid
5189 * one to avoid rejection in case TEE_PopulateTransientObject()
5190 * checks for key validity.
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5191 */
5192 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]5193 TEE_ATTR_ECC_PUBLIC_VALUE_X,
5194 pt->public_x, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5195 xtest_add_attr(&param_count, params,
Cedric Auger719047c2019-09-11 12:08:14 +0200[diff] [blame]5196 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5197 pt->public_y, size_bytes);
Pascal Brand2b92b642015-07-16 13:29:42 +0200[diff] [blame]5198
5199 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5200 ta_crypt_cmd_populate_transient_object(c,
5201 &session,
5202 key_handle, params, param_count)))
5203 goto out;
5204
5205 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5206 ta_crypt_cmd_set_operation_key(c, &session, op,
5207 key_handle)))
5208 goto out;
5209
5210 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5211 ta_crypt_cmd_free_transient_object(c, & session,
5212 key_handle)))
5213 goto out;
5214
5215 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5216 ta_crypt_cmd_allocate_transient_object(c, &session,
5217 TEE_TYPE_GENERIC_SECRET, size_bytes * 8,
5218 &sv_handle)))
5219 goto out;
5220
5221 /* reuse but reset params and param-count */
5222 param_count = 0;
5223
5224 xtest_add_attr(&param_count, params,
5225 TEE_ATTR_ECC_PUBLIC_VALUE_X,
5226 pt->public_x, size_bytes);
5227 xtest_add_attr(&param_count, params,
5228 TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5229 pt->public_y, size_bytes);
5230
5231 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5232 ta_crypt_cmd_derive_key(c, &session, op, sv_handle,
5233 params, param_count)))
5234 goto out;
5235
5236 out_size = sizeof(out);
5237 memset(out, 0, sizeof(out));
5238 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5239 ta_crypt_cmd_get_object_buffer_attribute(c, &session,
5240 sv_handle,
5241 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5242 goto out;
5243
5244 if (!ADBG_EXPECT_BUFFER(c, pt->out, size_bytes,
5245 out, out_size))
5246 goto out;
5247
5248 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5249 ta_crypt_cmd_free_operation(c, &session, op)))
5250 goto out;
5251
5252 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5253 ta_crypt_cmd_free_transient_object(c, &session,
5254 sv_handle)))
5255 goto out;
5256
5257 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x",
5258 pt->algo);
5259 }
5260
5261 goto noerror;
5262
5263out:
5264 Do_ADBG_EndSubCase(c, "Derive ECDH key - algo = 0x%x", pt->algo);
5265
5266noerror:
5267 TEEC_CloseSession(&session);
5268}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5269ADBG_CASE_DEFINE(regression, 4009, xtest_tee_test_4009,
5270 "Test TEE Internal API Derive key ECDH");
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]5271
5272static void xtest_tee_test_4010(ADBG_Case_t *c)
5273{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5274 TEEC_Session session = { };
5275 uint32_t ret_orig = 0;
5276 TEE_ObjectHandle o = TEE_HANDLE_NULL;
Jens Wiklander70a0b2c2016-05-18 08:39:35 +0200[diff] [blame]5277 static const uint8_t large_key[1024] = { 1, 2, 3, 4, 5, 6 };
5278 static const TEE_Attribute attr = {
5279 .attributeID = TEE_ATTR_SECRET_VALUE,
5280 .content.ref.buffer = (void *)large_key,
5281 .content.ref.length = sizeof(large_key),
5282 };
5283
5284 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5285 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5286 &ret_orig)))
5287 return;
5288
5289 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5290 ta_crypt_cmd_allocate_transient_object(c, &session,
5291 TEE_TYPE_HMAC_SHA256, 1024, &o)))
5292 goto out;
5293
5294 ADBG_EXPECT_TEEC_RESULT(c, TEEC_ERROR_TARGET_DEAD,
5295 ta_crypt_cmd_populate_transient_object(c, &session, o,
5296 &attr, 1));
5297
5298out:
5299 TEEC_CloseSession(&session);
5300}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5301ADBG_CASE_DEFINE(regression, 4010, xtest_tee_test_4010,
5302 "Test TEE Internal API create transient object (negative)");
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5303
5304static void xtest_tee_test_4011(ADBG_Case_t *c)
5305{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5306 TEEC_Session s = { };
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5307 size_t key_size = 512;
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5308 TEE_ObjectHandle key = TEE_HANDLE_NULL;
5309 TEE_OperationHandle ops = TEE_HANDLE_NULL;
5310 TEE_OperationHandle opv = TEE_HANDLE_NULL;
5311 TEE_OperationHandle ope = TEE_HANDLE_NULL;
5312 TEE_OperationHandle opd = TEE_HANDLE_NULL;
5313 uint32_t ret_orig = 0;
5314 uint8_t in[TEE_SHA1_HASH_SIZE] = { };
5315 uint8_t out[1024] = { };
5316 uint8_t tmp[1024] = { };
5317 size_t out_size = 0;
5318 size_t tmp_size = 0;
5319 size_t n = 0;
5320 size_t m = 0;
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5321 size_t i = 0;
5322
5323 /* Setup session, initialize message to sign, create a keypair */
5324 if (!ADBG_EXPECT_TEEC_SUCCESS(c, xtest_teec_open_session(&s,
5325 &crypt_user_ta_uuid, NULL, &ret_orig)))
5326 return;
5327 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_random_number_generate(c,
5328 &s, in, sizeof(in))))
5329 goto out;
5330 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_transient_object(
5331 c, &s, TEE_TYPE_RSA_KEYPAIR, key_size, &key)))
5332 goto out;
5333 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_generate_key(c, &s,
5334 key, key_size, NULL, 0)))
5335 goto out;
5336
5337 /* Allocate operations for sign, verify, encrypt and decrypt */
5338 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5339 &ops, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_SIGN,
5340 key_size)))
5341 goto out;
5342 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5343 &opv, TEE_ALG_RSASSA_PKCS1_V1_5_SHA1, TEE_MODE_VERIFY,
5344 key_size)))
5345 goto out;
5346 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5347 &ope, TEE_ALG_RSA_NOPAD, TEE_MODE_ENCRYPT, key_size)))
5348 goto out;
5349 if (!ADBG_EXPECT_TEEC_SUCCESS(c, ta_crypt_cmd_allocate_operation(c, &s,
5350 &opd, TEE_ALG_RSA_NOPAD, TEE_MODE_DECRYPT, key_size)))
5351 goto out;
5352
5353 /* Assign the keypair to all operations */
5354 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5355 ta_crypt_cmd_set_operation_key(c, &s, ops, key)))
5356 goto out;
5357 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5358 ta_crypt_cmd_set_operation_key(c, &s, opv, key)))
5359 goto out;
5360 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5361 ta_crypt_cmd_set_operation_key(c, &s, ope, key)))
5362 goto out;
5363 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5364 ta_crypt_cmd_set_operation_key(c, &s, opd, key)))
5365 goto out;
5366
5367 /*
5368 * The core of the test case is inspired by the one in libtomcrypt:
5369 * https://github.com/libtom/libtomcrypt/blob/6ad52252688bb34f90b5e79da4830a927e87b81f/testprof/rsa_test.c#L398
5370 *
5371 * Testcase for Bleichenbacher attack
5372 *
5373 * (1) Create a valid signature
5374 * (2) Check that it can be verified
5375 * (3) Transform the package to fetch plain text (using the encrypt
5376 * operation in GP TEE Internal API)
5377 * (4) Forge the structure of PKCS#1-EMSA encoded data
5378 * (4.1) Search for start and end of the padding string
5379 * (4.2) Move the signature to the front of the padding string
5380 * (4.3) Zero the message until the end
5381 * (5) Transform the package back (using the decrypt operation in
5382 * GP TEE Internal API)
5383 * (6) The result should not be valid if the implementation is robust.
5384 */
5385
5386
5387 for (i = 0; i < 9; i++) {
5388 Do_ADBG_Log("Iteration %zu", i);
5389
5390 /* 1 */
5391 out_size = sizeof(out);
5392 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5393 ta_crypt_cmd_asymmetric_sign(c, &s, ops, NULL, 0,
5394 in, sizeof(in), out, &out_size)))
5395 goto out;
5396
5397 /* 2 */
5398 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5399 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5400 in, sizeof(in), out, out_size)))
5401 goto out;
5402
5403 /* 3 */
5404 tmp_size = sizeof(tmp);
5405 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5406 ta_crypt_cmd_asymmetric_encrypt(c, &s, ope, NULL, 0,
5407 out, out_size, tmp, &tmp_size)))
5408 goto out;
5409
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5410 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, tmp_size, <=, sizeof(tmp)))
5411 goto out;
5412
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5413 /* 4.1 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5414 for (n = 0; n < tmp_size - i; n++)
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5415 if (tmp[n] == 0xff)
5416 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5417
5418 /* Shall find at least a padding start before buffer end */
5419 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <, tmp_size - i - 1))
5420 goto out;
5421
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5422 for (m = n + 1; m < tmp_size; m++)
5423 if (tmp[m] != 0xff)
5424 break;
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5425
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5426 /* 4.2 */
5427 memmove(tmp + n + i, tmp + m, tmp_size - m);
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5428
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5429 /* 4.3 */
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5430 n = n + i + tmp_size - m;
Etienne Carriereacb81c42020-04-24 14:58:58 +0200[diff] [blame]5431
5432 /* Prevent overrun when zeroing buffer end */
5433 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, n, <=, tmp_size))
5434 goto out;
5435
Etienne Carriere0953bf02018-12-21 15:36:25 +0100[diff] [blame]5436 memset(tmp + n, 0, tmp_size - n);
Jens Wiklanderb58916e2016-07-07 15:29:32 +0200[diff] [blame]5437
5438 /* 5 */
5439 out_size = sizeof(out);
5440 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5441 ta_crypt_cmd_asymmetric_decrypt(c, &s, opd, NULL, 0,
5442 tmp, tmp_size, out, &out_size)))
5443 goto out;
5444
5445 /* 6 */
5446 if (!ADBG_EXPECT_TEEC_RESULT(c, TEE_ERROR_SIGNATURE_INVALID,
5447 ta_crypt_cmd_asymmetric_verify(c, &s, opv, NULL, 0,
5448 in, sizeof(in), out, out_size)))
5449 goto out;
5450 }
5451
5452out:
5453 TEEC_CloseSession(&s);
5454}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5455ADBG_CASE_DEFINE(regression, 4011, xtest_tee_test_4011,
5456 "Test TEE Internal API Bleichenbacher attack (negative)");
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5457
5458#ifdef CFG_SYSTEM_PTA
5459static void xtest_tee_test_4012(ADBG_Case_t *c)
5460{
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5461 TEEC_Session session = { };
5462 uint32_t ret_orig = 0;
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5463 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5464 /* Fortuna PRNG requires seed <= 32 bytes */
Etienne Carrieree4ec9e42019-03-28 13:30:21 +0100[diff] [blame]5465 uint8_t pool_input[32] = { };
5466 time_t t = 0;
5467 struct tm tm_local = { };
Igor Opaniuk7ddaa782018-05-25 15:14:05 +0300[diff] [blame]5468
5469 t = time(NULL);
5470 tm_local = *localtime(&t);
5471
5472 memcpy((void *)pool_input, (void *)&tm_local,
5473 sizeof(pool_input) < sizeof(tm_local) ?
5474 sizeof(pool_input) : sizeof(tm_local));
5475
5476
5477 op.params[0].tmpref.buffer = pool_input;
5478 op.params[0].tmpref.size = sizeof(pool_input);
5479 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5480 TEEC_NONE,
5481 TEEC_NONE,
5482 TEEC_NONE);
5483 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5484 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5485 &ret_orig)))
5486 return;
5487
5488 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5489 TEEC_InvokeCommand(&session,
5490 TA_CRYPT_CMD_SEED_RNG_POOL,
5491 &op,
5492 &ret_orig));
5493 TEEC_CloseSession(&session);
5494}
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5495ADBG_CASE_DEFINE(regression, 4012, xtest_tee_test_4012,
5496 "Test seeding RNG entropy");
Joakim Bech83a30ca2019-05-29 11:22:27 +0200[diff] [blame]5497
5498static void xtest_tee_test_4013(ADBG_Case_t *c)
5499{
5500 TEEC_Session session = { };
5501 uint32_t ret_orig = 0;
5502 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
5503 uint8_t key[32] = { };
5504 uint8_t extra_data[32] = { };
5505
5506 op.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE,
5507 TEEC_NONE,
5508 TEEC_NONE,
5509 TEEC_NONE);
5510 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5511 xtest_teec_open_session(&session, &crypt_user_ta_uuid,
5512 NULL, &ret_orig)))
5513 return;
5514
5515 (void)ADBG_EXPECT_TEEC_SUCCESS(c,
5516 TEEC_InvokeCommand(&session,
5517 TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY,
5518 &op,
5519 &ret_orig));
5520
5521 /* Negative test using non-secure memory */
5522 memset(&op, 0, sizeof(op));
5523 op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
5524 TEEC_MEMREF_TEMP_OUTPUT,
5525 TEEC_NONE,
5526 TEEC_NONE);
5527
5528 op.params[0].tmpref.buffer = extra_data;
5529 op.params[0].tmpref.size = sizeof(extra_data);
5530 op.params[1].tmpref.buffer = key;
5531 op.params[1].tmpref.size = sizeof(key);
5532 (void)ADBG_EXPECT_TEEC_RESULT(c,
5533 TEEC_ERROR_SECURITY,
5534 TEEC_InvokeCommand(&session,
5535 TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY_SHM,
5536 &op,
5537 &ret_orig));
5538
5539 TEEC_CloseSession(&session);
5540}
5541ADBG_CASE_DEFINE(regression, 4013, xtest_tee_test_4013,
5542 "Test generation of device unique TA keys");
Jerome Forissierf0cf5182020-01-09 17:04:18 +0100[diff] [blame]5543
5544static void xtest_tee_test_4014(ADBG_Case_t *c)
5545{
5546 TEEC_Session session = { };
5547 uint32_t ret_orig = 0;
5548 TEE_OperationHandle op = TEE_HANDLE_NULL;
5549 TEE_ObjectHandle keyA = TEE_HANDLE_NULL;
5550 TEE_ObjectHandle eph_keyA = TEE_HANDLE_NULL;
5551 TEE_ObjectHandle keyB = TEE_HANDLE_NULL;
5552 TEE_ObjectHandle eph_keyB = TEE_HANDLE_NULL;
5553 TEE_ObjectHandle sv_handle = TEE_HANDLE_NULL;
5554 TEE_Attribute params[9] = { };
5555 size_t param_count = 0;
5556 uint8_t out[128] = { };
5557 size_t out_size = 0;
5558 uint8_t conf_A[32] = { };
5559 uint8_t conf_B[32] = { };
5560
5561 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5562 xtest_teec_open_session(&session, &crypt_user_ta_uuid, NULL,
5563 &ret_orig)))
5564 return;
5565
5566 if (!ta_crypt_cmd_is_algo_supported(c, &session, TEE_ALG_SM2_KEP,
5567 TEE_ECC_CURVE_SM2)) {
5568 Do_ADBG_Log("SM2 KEP not supported: skip subcase");
5569 goto out;
5570 }
5571
5572 Do_ADBG_BeginSubCase(c, "Initiator side");
5573
5574 /*
5575 * Key exchange protocol running on user A's side. A is initiator.
5576 */
5577
5578 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5579 ta_crypt_cmd_allocate_operation(c, &session, &op,
5580 TEE_ALG_SM2_KEP, TEE_MODE_DERIVE, 512)))
5581 goto out;
5582
5583 /* Allocate and initialize keypair of user A */
5584
5585 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5586 ta_crypt_cmd_allocate_transient_object(c, &session,
5587 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &keyA)))
5588 goto out;
5589
5590 param_count = 0;
5591
5592 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5593 TEE_ECC_CURVE_SM2, 0);
5594
5595 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5596 ARRAY(gmt_003_part5_b2_public_xA));
5597
5598 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5599 ARRAY(gmt_003_part5_b2_public_yA));
5600
5601 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5602 ARRAY(gmt_003_part5_b2_private_A));
5603
5604 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5605 ta_crypt_cmd_populate_transient_object(c, &session, keyA,
5606 params, param_count)))
5607 goto out;
5608
5609 /*
5610 * Allocate and set ephemeral key of user A. Note: it is a regular ECC
5611 * key -- we don't use the *_EPHEMERAL_* attributes flags which are
5612 * reserved for use in TEE_DeriveKey() to pass the ephermeral key of
5613 * user B.
5614 */
5615
5616 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5617 ta_crypt_cmd_allocate_transient_object(c, &session,
5618 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &eph_keyA)))
5619 goto out;
5620
5621 param_count = 0;
5622
5623 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5624 TEE_ECC_CURVE_SM2, 0);
5625
5626 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5627 ARRAY(gmt_003_part5_b2_eph_public_xA));
5628
5629 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5630 ARRAY(gmt_003_part5_b2_eph_public_yA));
5631
5632 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5633 ARRAY(gmt_003_part5_b2_eph_private_A));
5634
5635 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5636 ta_crypt_cmd_populate_transient_object(c, &session, eph_keyA,
5637 params, param_count)))
5638 goto out;
5639
5640 /* Associate user A keys with operation */
5641
5642 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5643 ta_crypt_cmd_set_operation_key2(c, &session, op, keyA,
5644 eph_keyA)))
5645 goto out;
5646
5647 /* Keys have been set, free key objects */
5648
5649 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5650 ta_crypt_cmd_free_transient_object(c, &session, keyA)))
5651 goto out;
5652
5653 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5654 ta_crypt_cmd_free_transient_object(c, &session, eph_keyA)))
5655 goto out;
5656
5657 /* Allocate output object */
5658
5659 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5660 ta_crypt_cmd_allocate_transient_object(c, &session,
5661 TEE_TYPE_GENERIC_SECRET,
5662 sizeof(gmt_003_part5_b2_shared_secret),
5663 &sv_handle)))
5664 goto out;
5665
5666 /* Set key derivation parameters: user A role, user B information */
5667
5668 params[0].attributeID = TEE_ATTR_SM2_KEP_USER;
5669 params[0].content.value.a = 0; /* Initiator role */
5670 params[0].content.value.b = 0; /* Not used */
5671 param_count = 1;
5672
5673 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5674 ARRAY(gmt_003_part5_b2_public_xB));
5675
5676 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5677 ARRAY(gmt_003_part5_b2_public_yB));
5678
5679 xtest_add_attr(&param_count, params,
5680 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X,
5681 ARRAY(gmt_003_part5_b2_eph_public_xB));
5682
5683 xtest_add_attr(&param_count, params,
5684 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y,
5685 ARRAY(gmt_003_part5_b2_eph_public_yB));
5686
5687 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_INITIATOR,
5688 ARRAY(gmt_003_part5_b2_id_A));
5689
5690 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_RESPONDER,
5691 ARRAY(gmt_003_part5_b2_id_B));
5692
5693 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_IN,
5694 ARRAY(gmt_003_part5_b2_conf_B));
5695
5696 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_OUT,
5697 ARRAY(conf_A));
5698
5699 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5700 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5701 param_count)))
5702 goto out;
5703
5704 out_size = sizeof(out);
5705 memset(out, 0, sizeof(out));
5706 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5707 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5708 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5709 goto out;
5710
5711 /* Check derived key */
5712 if (!ADBG_EXPECT_BUFFER(c, gmt_003_part5_b2_shared_secret,
5713 sizeof(gmt_003_part5_b2_shared_secret), out,
5714 out_size))
5715 goto out;
5716
5717 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5718 ta_crypt_cmd_free_operation(c, &session, op)))
5719 goto out;
5720
5721 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5722 ta_crypt_cmd_free_transient_object(c, &session, sv_handle)))
5723 goto out;
5724
5725 Do_ADBG_EndSubCase(c, "Initiator side");
5726
5727 Do_ADBG_BeginSubCase(c, "Responder side");
5728
5729 /*
5730 * Key derivation on user B's side
5731 */
5732
5733 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5734 ta_crypt_cmd_allocate_operation(c, &session, &op,
5735 TEE_ALG_SM2_KEP, TEE_MODE_DERIVE, 512)))
5736 goto out;
5737
5738 /* Allocate and initialize keypair of user B */
5739
5740 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5741 ta_crypt_cmd_allocate_transient_object(c, &session,
5742 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &keyB)))
5743 goto out;
5744
5745 param_count = 0;
5746
5747 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5748 TEE_ECC_CURVE_SM2, 0);
5749
5750 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5751 ARRAY(gmt_003_part5_b2_public_xB));
5752
5753 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5754 ARRAY(gmt_003_part5_b2_public_yB));
5755
5756 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5757 ARRAY(gmt_003_part5_b2_private_B));
5758
5759 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5760 ta_crypt_cmd_populate_transient_object(c, &session, keyB,
5761 params, param_count)))
5762 goto out;
5763
5764 /* Allocate and set ephemeral key of user B */
5765
5766 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5767 ta_crypt_cmd_allocate_transient_object(c, &session,
5768 TEE_TYPE_SM2_KEP_KEYPAIR, 256, &eph_keyB)))
5769 goto out;
5770
5771 param_count = 0;
5772
5773 xtest_add_attr_value(&param_count, params, TEE_ATTR_ECC_CURVE,
5774 TEE_ECC_CURVE_SM2, 0);
5775
5776 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5777 ARRAY(gmt_003_part5_b2_eph_public_xB));
5778
5779 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5780 ARRAY(gmt_003_part5_b2_eph_public_yB));
5781
5782 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PRIVATE_VALUE,
5783 ARRAY(gmt_003_part5_b2_eph_private_B));
5784
5785 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5786 ta_crypt_cmd_populate_transient_object(c, &session, eph_keyB,
5787 params, param_count)))
5788 goto out;
5789
5790 /* Associate user B keys with operation */
5791
5792 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5793 ta_crypt_cmd_set_operation_key2(c, &session, op, keyB,
5794 eph_keyB)))
5795 goto out;
5796
5797 /* Keys have been set, free key objects */
5798
5799 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5800 ta_crypt_cmd_free_transient_object(c, &session, keyB)))
5801 goto out;
5802
5803 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5804 ta_crypt_cmd_free_transient_object(c, &session, eph_keyB)))
5805 goto out;
5806
5807 /* Allocate output object */
5808
5809 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5810 ta_crypt_cmd_allocate_transient_object(c, &session,
5811 TEE_TYPE_GENERIC_SECRET,
5812 sizeof(gmt_003_part5_b2_shared_secret),
5813 &sv_handle)))
5814 goto out;
5815
5816 /* Set key derivation parameters: user B role, user A information */
5817
5818 params[0].attributeID = TEE_ATTR_SM2_KEP_USER;
5819 params[0].content.value.a = 1; /* Responder role */
5820 params[0].content.value.b = 0; /* Not used */
5821 param_count = 1;
5822
5823 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_X,
5824 ARRAY(gmt_003_part5_b2_public_xA));
5825
5826 xtest_add_attr(&param_count, params, TEE_ATTR_ECC_PUBLIC_VALUE_Y,
5827 ARRAY(gmt_003_part5_b2_public_yA));
5828
5829 xtest_add_attr(&param_count, params,
5830 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X,
5831 ARRAY(gmt_003_part5_b2_eph_public_xA));
5832
5833 xtest_add_attr(&param_count, params,
5834 TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y,
5835 ARRAY(gmt_003_part5_b2_eph_public_yA));
5836
5837 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_INITIATOR,
5838 ARRAY(gmt_003_part5_b2_id_A));
5839
5840 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_ID_RESPONDER,
5841 ARRAY(gmt_003_part5_b2_id_B));
5842
5843 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_IN,
5844 ARRAY(gmt_003_part5_b2_conf_A));
5845
5846 xtest_add_attr(&param_count, params, TEE_ATTR_SM2_KEP_CONFIRMATION_OUT,
5847 ARRAY(conf_B));
5848
5849 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5850 ta_crypt_cmd_derive_key(c, &session, op, sv_handle, params,
5851 param_count)))
5852 goto out;
5853
5854 out_size = sizeof(out);
5855 memset(out, 0, sizeof(out));
5856 if (!ADBG_EXPECT_TEEC_SUCCESS(c,
5857 ta_crypt_cmd_get_object_buffer_attribute(c, &session, sv_handle,
5858 TEE_ATTR_SECRET_VALUE, out, &out_size)))
5859 goto out;
5860
5861 /* Check derived key */
5862 if (!ADBG_EXPECT_BUFFER(c, gmt_003_part5_b2_shared_secret,
5863 sizeof(gmt_003_part5_b2_shared_secret), out,
5864 out_size))
5865 goto out;
5866
5867 Do_ADBG_EndSubCase(c, "Responder side");
5868
5869out:
5870 TEEC_CloseSession(&session);
5871}
5872ADBG_CASE_DEFINE(regression, 4014, xtest_tee_test_4014,
5873 "Test SM2 KEP (key derivation)");
Jens Wiklander14f48872018-06-29 15:30:13 +0200[diff] [blame]5874#endif /*CFG_SYSTEM_PTA*/