1 /* SPDX-License-Identifier: GPL-2.0 */
2 /*
3 * Copyright (c) 2014, STMicroelectronics International N.V.
4 * Copyright (c) 2020, Linaro Limited
5 */
6
7 #ifndef XML_CRYPTO_API_H_
8 #define XML_CRYPTO_API_H_
9
10 #include <assert.h>
11 #include <err.h>
12 #include <openssl/bn.h>
13 #include <openssl/dsa.h>
14 #include <openssl/ec.h>
15 #include <openssl/err.h>
16 #include <openssl/evp.h>
17 #include <openssl/obj_mac.h>
18 #include <openssl/rsa.h>
19 #include <pthread.h>
20 #include <stdio.h>
21 #include <stdlib.h>
22 #include <string.h>
23 #include <sys/types.h>
24 #include <tee_api_defines.h>
25 #include <tee_client_api.h>
26 #include <unistd.h>
27
28 #define CMD_DS_AllocateTransientObject 0x10000001
29 #define CMD_DS_StoreBuffer 0x1F0000CB
30 #define CMD_DS_InitRefAttribute 0x10000006
31 #define CMD_DS_GetObjectBufferAttribute 0x10000008
32 #define CMD_DS_FreeTransientObject 0x10000004
33 #define CMD_DS_RestrictObjectUsage1 0x10000003
34
35 #include "xml_common_api.h"
36 #include "xtest_helpers.h"
37 #include "xtest_test.h"
38
39 #define declare_local_vars \
40 uint32_t iHandleFlags1 __maybe_unused = 0; \
41 uint32_t iHandleFlags2 __maybe_unused = 0; \
42 uint32_t iAttributeList1 __maybe_unused = 0; \
43 uint32_t iObjectUsage1 __maybe_unused = 0; \
44 const uint32_t iAttributeListEmpty __maybe_unused = 0; \
45 const uint32_t iHandleFlagsNone __maybe_unused = 0;
46
47 #define set_flag(vector, flag) do { (vector) |= (flag); } while (0)
48 #define clear_flag(vector, flag) do { (vector) &= ~(flag); } while (0)
49
50 #define set_handle_flag(vector, flag) set_flag((vector), (flag))
51 #define clear_handle_flag(vector, flag) clear_flag((vector), (flag))
52 #define add_attribute(vector, id) set_flag((vector), 1ul << (id))
53 #define set_usage_flag(vector, flag) set_flag((vector), (flag))
54
55 #define BIT_CHANGE(a, b) ((a) ^= BIT((b)))
56
57 #define CRYPTO_INIT(b) \
58 b.buffer = NULL; \
59 b.size = 0;
60
61 #define CRYPTO_MALLOC(b, size) \
62 b.size = size; \
63 b.buffer = malloc(size);
64
65 #define CRYPTO_FREE(b) { \
66 if (b.buffer != NULL) { \
67 b.size = 0; \
68 free(b.buffer); \
69 b.buffer = NULL; \
70 } }
71
72 #define CMD_Crypto_InitObjectWithKeys 0x00010001
73 #define CMD_Crypto_FreeAllKeysAndOperations 0x00010002
74 #define CMD_Crypto_AllocateOperation 0x00010003
75 #define CMD_Crypto_FreeOperation 0x00010004
76 #define CMD_Crypto_ResetOperation 0x00010005
77 #define CMD_Crypto_SetOperationKey 0x00010006
78 #define CMD_Crypto_SetOperationKey2 0x00010007
79 #define CMD_Crypto_CopyOperation 0x00010008
80 #define CMD_Crypto_GetOperationInfo 0x00010009
81 #define CMD_Crypto_DigestUpdate 0x0001000A
82 #define CMD_Crypto_DigestDoFinal 0x0001000B
83 #define CMD_Crypto_CipherInit 0x0001000C
84 #define CMD_Crypto_CipherUpdate 0x0001000D
85 #define CMD_Crypto_CipherDoFinal 0x0001000E
86 #define CMD_Crypto_MACInit 0x0001000F
87 #define CMD_Crypto_MACUpdate 0x00010010
88 #define CMD_Crypto_MACComputeFinal 0x00010011
89 #define CMD_Crypto_MACCompareFinal 0x00010012
90 #define CMD_Crypto_AsymmetricEncrypt 0x00010013
91 #define CMD_Crypto_AsymmetricDecrypt 0x00010014
92 #define CMD_Crypto_AsymmetricSignDigest 0x00010015
93 #define CMD_Crypto_AsymmetricVerifyDigest 0x00010016
94 #define CMD_Crypto_AEInit 0x00010017
95 #define CMD_Crypto_AEUpdate 0x00010018
96 #define CMD_Crypto_AEUpdateAAD 0x00010019
97 #define CMD_Crypto_AEEncryptFinal 0x0001001A
98 #define CMD_Crypto_AEDecryptFinal 0x0001001B
99 #define CMD_Crypto_DeriveKey 0x0001001D
100 #define CMD_Crypto_GenerateRandom 0x0001001E
101 #define CMD_Crypto_GetOperationInfoMultiple 0x0001001F
102 #define CMD_Crypto_TTAEnsureIntermediateBufferSize 0x00010020
103 #define CMD_Crypto_InitObjectWithKeysExt 0x00010021
104
105 /*Missing TEE Error codes*/
106 #define TEE_ERROR_TOO_SHORT_BUFFER TEE_ERROR_SHORT_BUFFER
107
108 /*Other defines*/
109 #define TEE_USAGE_NONE 0
110
111 #define ATTRIBUTE_01 0
112 #define ATTRIBUTE_02 1
113 #define ATTRIBUTE_03 2
114 #define ATTRIBUTE_04 3
115 #define ATTRIBUTE_05 4
116 #define ATTRIBUTE_06 5
117 #define ATTRIBUTE_NONE 0xFFFFFFFF
118
119 #define BUFFER_01 0
120 #define BUFFER_02 1
121 #define BUFFER_03 2
122 #define BUFFER_04 3
123 #define BUFFER_05 4
124 #define BUFFER_06 5
125
126 #define BIG_SIZE 1024
127 #define DS_BIG_SIZE 16384
128
129 /*ALL_OBJECT_SIZES*/
130 #define KEY_SIZE_TOO_LARGE 4096
131 #define SIZE_AES_192 192
132 #define SIZE_AES_256 256
133 #define SIZE_DES3_128 128
134 #define SIZE_DES3_192 192
135 #define SIZE_DES_64 64
136 #define SIZE_DH_KEYPAIR_1024 1024
137 #define SIZE_DIGEST_MD5_16 16
138 #define SIZE_DIGEST_SHA1_20 20
139 #define SIZE_DIGEST_SHA224_28 28
140 #define SIZE_DIGEST_SHA256_32 32
141 #define SIZE_DIGEST_SHA384_48 48
142 #define SIZE_DIGEST_SHA512_64 64
143 #define SIZE_DSA_SHA1_KEYPAIR_768 768
144 #define SIZE_DSA_SHA1_PUBLIC_KEY_768 768
145 #define SIZE_DSA_SHA224_KEYPAIR_2048 2048
146 #define SIZE_DSA_SHA224_PUBLIC_KEY_2048 2048
147 #define SIZE_DSA_SHA256_KEYPAIR_2048 2048
148 #define SIZE_DSA_SHA256_KEYPAIR_3072 3072
149 #define SIZE_DSA_SHA256_PUBLIC_KEY_2048 2048
150 #define SIZE_DSA_SHA256_PUBLIC_KEY_3072 3072
151 #define SIZE_ECDH_P192 192
152 #define SIZE_ECDH_P224 224
153 #define SIZE_ECDH_P256 256
154 #define SIZE_ECDH_P384 384
155 #define SIZE_ECDH_P521 521
156 #define SIZE_ECDSA_P192 192
157 #define SIZE_ECDSA_P224 224
158 #define SIZE_ECDSA_P256 256
159 #define SIZE_ECDSA_P384 384
160 #define SIZE_ECDSA_P521 521
161 #define SIZE_GENERIC_SECRET_2048 2048
162 #define SIZE_HMAC_MD5_256 256
163 #define SIZE_HMAC_SHA1_256 256
164 #define SIZE_HMAC_SHA224_256 256
165 #define SIZE_HMAC_SHA256_512 512
166 #define SIZE_HMAC_SHA384_512 512
167 #define SIZE_HMAC_SHA512_512 512
168 #define SIZE_RSA_KEYPAIR_1024 1024
169 #define SIZE_RSA_KEYPAIR_2048 2048
170 #define SIZE_RSA_PUBLIC_KEY_2048 2048
171 #define SIZE_ZERO 0
172 #define WRONG_ECC_SIZE 10
173 #define WRONG_SIZE 5
174
175 /*ALL_TEE_TAG_LENGTH_FOR_AES*/
176 #define AES_104_bits 104
177 #define AES_112_bits 112
178 #define AES_120_bits 120
179 #define AES_128_bits 128
180 #define AES_32_bits 32
181 #define AES_48_bits 48
182 #define AES_64_bits 64
183 #define AES_80_bits 80
184 #define AES_96_bits 96
185
186 /*attribute not defined*/
187 #define TEE_ATTR_NONE 0
188
189 #define AE_TAG_BUFFER_SIZE_32 32
190 #define BIG_ATTRIBUTE_BUFFER_SIZE 512
191 #define BUFFER_BIG_SIZE BIG_SIZE
192
193 #define OBJECT_HANDLE_NULL 0
194 #define OBJECT_HANDLE_01 1
195 #define OBJECT_HANDLE_02 2
196 #define OBJECT_HANDLE_03 3
197 #define OBJECT_HANDLE_INVALID 4
198
199 #define OPERATION_HANDLE_NULL 0
200 #define OPERATION_HANDLE_01 1
201 #define OPERATION_HANDLE_02 2
202 #define OPERATION_HANDLE_INVALID 4
203
204 static TEEC_SharedMemory share_mem[6];
205 static TEEC_SharedMemory *SHARE_MEM01 = share_mem;
206 static TEEC_SharedMemory *SHARE_MEM02 = share_mem + 1;
207 static TEEC_SharedMemory *SHARE_MEM03 = share_mem + 2;
208 static TEEC_SharedMemory *SHARE_MEM04 = share_mem + 3;
209 static TEEC_SharedMemory *SHARE_MEM05 = share_mem + 4;
210 static TEEC_SharedMemory *SHARE_MEM06 = share_mem + 5;
211 static TEEC_Session session[2];
212 static TEEC_Session *SESSION01 = session;
213 static TEEC_Session *SESSION02 = session + 1;
214 static TEEC_Context context[2];
215 static TEEC_Context *CONTEXT01 = context;
216 static TEEC_Context *CONTEXT02 = context + 1;
217
218 /*ALL_ATTRIBUTE_VALUES*/
219 static const uint8_t TEE_ATTR_AES_256_VALUE01[] = {
220 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0,
221 0x85, 0x7d, 0x77, 0x81,
222 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3,
223 0x09, 0x14, 0xdf, 0xf4
224 };
225 static const uint8_t TEE_ATTR_DH_PRIME_VALUE01[] = {
226 0xe0, 0x01, 0xe8, 0x96, 0x7d, 0xb4, 0x93, 0x53, 0xe1, 0x6f, 0x8e, 0x89,
227 0x22, 0x0c, 0xce, 0xfc,
228 0x5c, 0x5f, 0x12, 0xe3, 0xdf, 0xf8, 0xf1, 0xd1, 0x49, 0x90, 0x12, 0xe6,
229 0xef, 0x53, 0xe3, 0x1f,
230 0x02, 0xea, 0xcc, 0x5a, 0xdd, 0xf3, 0x37, 0x89, 0x35, 0xc9, 0x5b, 0x21,
231 0xea, 0x3d, 0x6f, 0x1c,
232 0xd7, 0xce, 0x63, 0x75, 0x52, 0xec, 0x38, 0x6c, 0x0e, 0x34, 0xf7, 0x36,
233 0xad, 0x95, 0x17, 0xef,
234 0xfe, 0x5e, 0x4d, 0xa7, 0xa8, 0x6a, 0xf9, 0x0e, 0x2c, 0x22, 0x8f, 0xe4,
235 0xb9, 0xe6, 0xd8, 0xf8,
236 0xf0, 0x2d, 0x20, 0xaf, 0x78, 0xab, 0xb6, 0x92, 0xac, 0xbc, 0x4b, 0x23,
237 0xfa, 0xf2, 0xc5, 0xcc,
238 0xd4, 0x9a, 0x0c, 0x9a, 0x8b, 0xcd, 0x91, 0xac, 0x0c, 0x55, 0x92, 0x01,
239 0xe6, 0xc2, 0xfd, 0x1f,
240 0x47, 0xc2, 0xcb, 0x2a, 0x88, 0xa8, 0x3c, 0x21, 0x0f, 0xc0, 0x54, 0xdb,
241 0x29, 0x2d, 0xbc, 0x45
242 };
243 static const uint8_t TEE_ATTR_DH_BASE_VALUE01[] = {
244 0x1c, 0xe0, 0xf6, 0x69, 0x26, 0x46, 0x11, 0x97, 0xef, 0x45, 0xc4, 0x65,
245 0x8b, 0x83, 0xb8, 0xab,
246 0x04, 0xa9, 0x22, 0x42, 0x68, 0x50, 0x4d, 0x05, 0xb8, 0x19, 0x83, 0x99,
247 0xdd, 0x71, 0x37, 0x18,
248 0xcc, 0x1f, 0x24, 0x5d, 0x47, 0x6c, 0xcf, 0x61, 0xa2, 0xf9, 0x34, 0x93,
249 0xf4, 0x1f, 0x55, 0x52,
250 0x48, 0x65, 0x57, 0xe6, 0xd4, 0xca, 0xa8, 0x00, 0xd6, 0xd0, 0xdb, 0x3c,
251 0xbf, 0x5a, 0x95, 0x4b,
252 0x20, 0x8a, 0x4e, 0xba, 0xf7, 0xe6, 0x49, 0xfb, 0x61, 0x24, 0xd8, 0xa2,
253 0x1e, 0xf2, 0xf2, 0x2b,
254 0xaa, 0xae, 0x29, 0x21, 0x10, 0x19, 0x10, 0x51, 0x46, 0x47, 0x31, 0xb6,
255 0xcc, 0x3c, 0x93, 0xdc,
256 0x6e, 0x80, 0xba, 0x16, 0x0b, 0x66, 0x64, 0xa5, 0x6c, 0xfa, 0x96, 0xea,
257 0xf1, 0xb2, 0x83, 0x39,
258 0x8e, 0xb4, 0x61, 0x64, 0xe5, 0xe9, 0x43, 0x84, 0xee, 0x02, 0x24, 0xe7,
259 0x1f, 0x03, 0x7c, 0x23
260 };
261 static const uint8_t TEE_ATTR_HMAC_SHA256_512_VALUE01[] = {
262 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
263 0x0c, 0x0d, 0x0e, 0x0f,
264 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b,
265 0x1c, 0x1d, 0x1e, 0x1f,
266 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b,
267 0x2c, 0x2d, 0x2e, 0x2f,
268 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b,
269 0x3c, 0x3d, 0x3e, 0x3f
270 };
271 static const uint8_t TEE_ATTR_DH_PUBLIC_VALUE_VALUE01[] = {
272 0xbb, 0xe9, 0x18, 0xdd, 0x4b, 0x2b, 0x94, 0x1b, 0x10, 0x0e, 0x88, 0x35,
273 0x28, 0x68, 0xfc, 0x62,
274 0x04, 0x38, 0xa6, 0xdb, 0x32, 0xa6, 0x9e, 0xee, 0x6c, 0x6f, 0x45, 0x1c,
275 0xa3, 0xa6, 0xd5, 0x37,
276 0x77, 0x75, 0x5b, 0xc1, 0x37, 0x0a, 0xce, 0xfe, 0x2b, 0x8f, 0x13, 0xa9,
277 0x14, 0x2c, 0x5b, 0x44,
278 0x15, 0x78, 0x86, 0x30, 0xd6, 0x95, 0xb1, 0x92, 0x20, 0x63, 0xa3, 0xcf,
279 0x9d, 0xef, 0x65, 0x61,
280 0x27, 0x4d, 0x24, 0x01, 0xe7, 0xa1, 0x45, 0xf2, 0xd8, 0xb9, 0x3a, 0x45,
281 0x17, 0xf4, 0x19, 0xd0,
282 0x5e, 0xf8, 0xcb, 0x35, 0x59, 0x37, 0x9d, 0x04, 0x20, 0xa3, 0xbf, 0x02,
283 0xad, 0xfe, 0xa8, 0x60,
284 0xb2, 0xc3, 0xee, 0x85, 0x58, 0x90, 0xf3, 0xb5, 0x57, 0x2b, 0xb4, 0xef,
285 0xd7, 0x8f, 0x37, 0x68,
286 0x78, 0x7c, 0x71, 0x52, 0x9d, 0x5e, 0x0a, 0x61, 0x4f, 0x09, 0x89, 0x92,
287 0x39, 0xf7, 0x4b, 0x01
288 };
289 static const uint8_t TEE_ATTR_DH_PRIVATE_VALUE_VALUE01[] = {
290 0x53, 0x8d, 0x3d, 0x64, 0x27, 0x4a, 0x40, 0x05, 0x9b, 0x9c, 0x26, 0xe9,
291 0x13, 0xe6, 0x91, 0x53,
292 0x23, 0x7b, 0x55, 0x83
293 };
294 static const uint8_t TEE_ATTR_RSA_MODULUS_VALUE01[] = {
295 0xf0, 0x1a, 0x95, 0xcd, 0x5f, 0x9f, 0x1c, 0xbc, 0x5c, 0x2e, 0xc8, 0x00,
296 0x3b, 0xfa, 0xe0, 0xd5,
297 0x72, 0xea, 0xfc, 0x9e, 0x74, 0xe1, 0x02, 0x66, 0xa8, 0x13, 0x3f, 0x0c,
298 0xe6, 0x24, 0xcb, 0x1c,
299 0xa5, 0xdf, 0x64, 0xfb, 0x06, 0xd7, 0x13, 0xce, 0xaa, 0x6c, 0xee, 0x16,
300 0x7b, 0xf8, 0x92, 0xaf,
301 0xc4, 0x5b, 0x46, 0x18, 0xc6, 0x30, 0xb6, 0x04, 0x1c, 0x3a, 0x2e, 0xd7,
302 0xca, 0xb8, 0xb5, 0x00,
303 0x78, 0x89, 0xa0, 0x69, 0x37, 0x84, 0x59, 0x99, 0x0c, 0x2f, 0x00, 0xe5,
304 0x3b, 0xe1, 0x18, 0xe0,
305 0xb9, 0x2e, 0x77, 0x1d, 0x32, 0x7e, 0x5f, 0xf4, 0x18, 0xf3, 0x9f, 0x58,
306 0xc6, 0x83, 0xe2, 0x7a,
307 0xcb, 0x89, 0x18, 0xc2, 0x09, 0x84, 0x7e, 0x9d, 0x96, 0xe0, 0xb9, 0x49,
308 0x75, 0xef, 0xcf, 0xff,
309 0xf0, 0xb6, 0x18, 0xd3, 0x7a, 0xc1, 0x6f, 0x0c, 0x55, 0x33, 0xbe, 0x9d,
310 0x63, 0x06, 0xd6, 0x9f,
311 0xc1, 0xa5, 0xe9, 0xbd, 0xb1, 0xb2, 0x5d, 0x5c, 0xf9, 0xab, 0xa9, 0xb5,
312 0x6a, 0x4e, 0xa4, 0xfa,
313 0x44, 0x32, 0xd6, 0x71, 0x2e, 0x5f, 0xa6, 0x25, 0xf8, 0x40, 0x24, 0xc4,
314 0x5b, 0x61, 0x55, 0x1b,
315 0xac, 0xa3, 0x0a, 0x11, 0x8e, 0x65, 0x20, 0xda, 0x2c, 0x0d, 0xdf, 0xdb,
316 0x47, 0x6b, 0x61, 0x18,
317 0x4d, 0xfe, 0xfd, 0x2a, 0x7e, 0x77, 0x40, 0x44, 0x43, 0xc6, 0x33, 0x6c,
318 0xe5, 0x1b, 0x8d, 0x80,
319 0xf9, 0x97, 0xa2, 0xe4, 0xb9, 0x34, 0x3e, 0x28, 0x94, 0x9f, 0xbd, 0xa8,
320 0x2b, 0x0a, 0x4d, 0x1a,
321 0xa8, 0x06, 0xe5, 0x99, 0x4e, 0xb9, 0x13, 0x45, 0xc8, 0xf6, 0x0f, 0xd0,
322 0x4d, 0xbf, 0xe7, 0x8f,
323 0xed, 0xca, 0x8e, 0xf8, 0x8d, 0x87, 0x5f, 0xd4, 0xb4, 0x1a, 0x2c, 0xc9,
324 0xa7, 0x67, 0x7e, 0xb2,
325 0x1b, 0xc1, 0xce, 0xb6, 0x83, 0x7c, 0xce, 0xb4, 0x3d, 0x85, 0xc7, 0x53,
326 0x30, 0x7c, 0xfe, 0x85
327 };
328 static const uint8_t TEE_ATTR_RSA_PUBLIC_EXPONENT_VALUE01[] = {
329 0x01, 0x00, 0x01
330 };
331 static const uint8_t TEE_ATTR_DSA_PRIME_768_VALUE01[] = {
332 0xf6, 0xad, 0x20, 0x71, 0xe1, 0x5a, 0x4b, 0x9c, 0x2b, 0x7e, 0x53, 0x26,
333 0xda, 0x43, 0x9d, 0xc1,
334 0x47, 0x4c, 0x1a, 0xd1, 0x6f, 0x2f, 0x85, 0xe9, 0x2c, 0xea, 0x89, 0xfc,
335 0xdc, 0x74, 0x66, 0x11,
336 0xcf, 0x30, 0xdd, 0xc8, 0x5e, 0x33, 0xf5, 0x83, 0xc1, 0x9d, 0x10, 0xbc,
337 0x1a, 0xc3, 0x93, 0x22,
338 0x26, 0x24, 0x6f, 0xa7, 0xb9, 0xe0, 0xdd, 0x25, 0x77, 0xb5, 0xf4, 0x27,
339 0x59, 0x4c, 0x39, 0xfa,
340 0xeb, 0xfc, 0x59, 0x8a, 0x32, 0xe1, 0x74, 0xcb, 0x8a, 0x68, 0x03, 0x57,
341 0xf8, 0x62, 0xf2, 0x0b,
342 0x6e, 0x84, 0x32, 0xa5, 0x30, 0x65, 0x2f, 0x1c, 0x21, 0x39, 0xae, 0x1f,
343 0xaf, 0x76, 0x8b, 0x83
344 };
345 static const uint8_t TEE_ATTR_DSA_SUBPRIME_160_VALUE01[] = {
346 0x87, 0x44, 0xe4, 0xdd, 0xc6, 0xd0, 0x19, 0xa5, 0xea, 0xc2, 0xb1, 0x5a,
347 0x15, 0xd7, 0xe1, 0xc7,
348 0xf6, 0x63, 0x35, 0xf7
349 };
350 static const uint8_t TEE_ATTR_DSA_BASE_768_VALUE01[] = {
351 0x9a, 0x09, 0x32, 0xb3, 0x8c, 0xb2, 0x10, 0x5b, 0x93, 0x00, 0xdc, 0xb8,
352 0x66, 0xc0, 0x66, 0xd9,
353 0xce, 0xc6, 0x43, 0x19, 0x2f, 0xcb, 0x28, 0x34, 0xa1, 0x23, 0x9d, 0xba,
354 0x28, 0xbd, 0x09, 0xfe,
355 0x01, 0x00, 0x1e, 0x04, 0x51, 0xf9, 0xd6, 0x35, 0x1f, 0x6e, 0x56, 0x4a,
356 0xfb, 0xc8, 0xf8, 0xc3,
357 0x9b, 0x10, 0x59, 0x86, 0x3e, 0xbd, 0x09, 0x85, 0x09, 0x0b, 0xd5, 0x5c,
358 0x82, 0x8e, 0x9f, 0xc1,
359 0x57, 0xac, 0x7d, 0xa3, 0xcf, 0xc2, 0x89, 0x2a, 0x0e, 0xd9, 0xb9, 0x32,
360 0x39, 0x05, 0x82, 0xf2,
361 0x97, 0x1e, 0x4a, 0x0c, 0x48, 0x3e, 0x06, 0x22, 0xd7, 0x31, 0x66, 0xbf,
362 0x62, 0xa5, 0x9f, 0x26
363 };
364 static const uint8_t TEE_ATTR_DSA_PRIVATE_VALUE_160_VALUE01[] = {
365 0x70, 0x4a, 0x46, 0xc6, 0x25, 0x2a, 0x95, 0xa3, 0x9b, 0x40, 0xe0, 0x43,
366 0x5a, 0x69, 0x1b, 0xad,
367 0xae, 0x52, 0xa5, 0xc0
368 };
369 static const uint8_t TEE_ATTR_DSA_PUBLIC_VALUE_768_VALUE01[] = {
370 0x52, 0x9d, 0xed, 0x98, 0xa2, 0x32, 0x09, 0x85, 0xfc, 0x84, 0xb6, 0x5a,
371 0x9d, 0xc8, 0xd4, 0xfe,
372 0x41, 0xad, 0xa6, 0xe3, 0x59, 0x3d, 0x70, 0x4f, 0x08, 0x98, 0xc1, 0x4e,
373 0xc2, 0x46, 0x34, 0xdd,
374 0xf5, 0xf1, 0xdb, 0x47, 0xcc, 0x49, 0x15, 0xfc, 0xe1, 0xe2, 0x67, 0x4d,
375 0x2e, 0xcd, 0x98, 0xd5,
376 0x8b, 0x59, 0x8e, 0x8d, 0xdf, 0xaf, 0xf3, 0x0e, 0x88, 0x26, 0xf5, 0x0a,
377 0xab, 0x40, 0x27, 0xb5,
378 0xaa, 0xb8, 0x87, 0xc1, 0x9a, 0xd9, 0x6d, 0x7e, 0x57, 0xde, 0x53, 0x90,
379 0xad, 0x8e, 0x55, 0x57,
380 0xb4, 0x1a, 0x80, 0x19, 0xc9, 0x0d, 0x80, 0x60, 0x71, 0x79, 0xb5, 0x4e,
381 0xb0, 0xad, 0x4d, 0x23
382 };
383 static const uint8_t TEE_ATTR_DSA_PRIME_2048_VALUE01[] = {
384 0xaa, 0x81, 0x5c, 0x9d, 0xb1, 0xc4, 0xd3, 0xd2, 0x77, 0x3c, 0x7d, 0x0d, 0x4d, 0x1d, 0xa7, 0x5e,
385 0xcf, 0xc4, 0xa3, 0x9e, 0x97, 0xd5, 0xfa, 0x19, 0x1f, 0xfe, 0xc8, 0xb1, 0x49, 0x0a, 0x29, 0x0c,
386 0xe3, 0x35, 0xe5, 0xce, 0x87, 0xea, 0x62, 0x0a, 0x8a, 0x17, 0xde, 0x0b, 0xb6, 0x47, 0x14, 0xe2,
387 0xec, 0x84, 0x0b, 0xf0, 0x0e, 0x6e, 0xbd, 0xb4, 0xff, 0xb4, 0xe3, 0x24, 0xca, 0x07, 0xc3, 0xc8,
388 0x71, 0x73, 0x09, 0xaf, 0x14, 0x10, 0x36, 0x2a, 0x77, 0x2c, 0x9a, 0xdd, 0x83, 0x8b, 0x2b, 0x0c,
389 0xae, 0x1e, 0x90, 0xab, 0x44, 0x8a, 0xda, 0xbd, 0xac, 0xd2, 0xe5, 0xdf, 0x59, 0xc4, 0x18, 0x7a,
390 0x32, 0xa2, 0x37, 0x19, 0xd6, 0xc5, 0x7e, 0x94, 0x00, 0x88, 0x53, 0x83, 0xbf, 0x8f, 0x06, 0x6f,
391 0x23, 0xb9, 0x41, 0x92, 0x0d, 0x54, 0xc3, 0x5b, 0x4f, 0x7c, 0xc5, 0x04, 0x4f, 0x3b, 0x40, 0xf1,
392 0x70, 0x46, 0x95, 0x63, 0x07, 0xb7, 0x48, 0xe8, 0x40, 0x73, 0x28, 0x44, 0xd0, 0x0a, 0x9c, 0xe6,
393 0xec, 0x57, 0x14, 0x29, 0x3b, 0x62, 0x65, 0x14, 0x7f, 0x15, 0xc6, 0x7f, 0x4b, 0xe3, 0x8b, 0x08,
394 0x2b, 0x55, 0xfd, 0xea, 0xdb, 0x61, 0x24, 0x68, 0x9f, 0xb7, 0x6f, 0x9d, 0x25, 0xcc, 0x28, 0xb8,
395 0xea, 0xa9, 0x8b, 0x56, 0x2d, 0x5c, 0x10, 0x11, 0xe0, 0xdc, 0xf9, 0xb3, 0x99, 0x23, 0x24, 0x0d,
396 0x33, 0x2d, 0x89, 0xdc, 0x96, 0x03, 0xb7, 0xbd, 0xdd, 0x0c, 0x70, 0xb8, 0x3c, 0xaa, 0x29, 0x05,
397 0x63, 0x1b, 0x1c, 0x83, 0xca, 0xbb, 0xae, 0x6c, 0x0c, 0x0c, 0x2e, 0xfe, 0x8f, 0x58, 0x13, 0x1e,
398 0xd8, 0x35, 0x1b, 0xf9, 0x3e, 0x87, 0x5f, 0x6a, 0x73, 0xa9, 0x3c, 0xba, 0xd4, 0x70, 0x14, 0x1a,
399 0x26, 0x87, 0xfb, 0xac, 0xf2, 0xd7, 0x1c, 0x8d, 0xde, 0xe9, 0x71, 0xad, 0x66, 0x07, 0x29, 0xad,
400 };
401 static const uint8_t TEE_ATTR_DSA_SUBPRIME_224_VALUE01[] = {
402 0xea, 0x34, 0x7e, 0x90, 0xbe, 0x7c, 0x28, 0x75, 0xd1, 0xfe, 0x1d, 0xb6, 0x22, 0xb4,
403 0x76, 0x38, 0x37, 0xc5, 0xe2, 0x7a, 0x60, 0x37, 0x31, 0x03, 0x48, 0xc1, 0xaa, 0x11,
404 };
405 static const uint8_t TEE_ATTR_DSA_BASE_2048_VALUE01[] = {
406 0x20, 0x42, 0x09, 0x4c, 0xcb, 0xc8, 0xb8, 0x72, 0x3f, 0xc9, 0x28, 0xc1, 0x2f, 0xda, 0x67, 0x1b,
407 0x83, 0x29, 0x5e, 0x99, 0xc7, 0x43, 0x57, 0x6f, 0x44, 0x50, 0x4b, 0xe1, 0x18, 0x63, 0x23, 0x31,
408 0x9b, 0x50, 0x02, 0xd2, 0x4f, 0x17, 0x3d, 0xf9, 0x09, 0xea, 0x24, 0x1d, 0x6e, 0xa5, 0x28, 0x99,
409 0x04, 0xee, 0x46, 0x36, 0x20, 0x4b, 0x2f, 0xbe, 0x94, 0xb0, 0x68, 0xfe, 0x09, 0x3f, 0x79, 0x62,
410 0x57, 0x95, 0x49, 0x55, 0x1d, 0x3a, 0xf2, 0x19, 0xad, 0x8e, 0xd1, 0x99, 0x39, 0xef, 0xf8, 0x6b,
411 0xce, 0xc8, 0x34, 0xde, 0x2f, 0x2f, 0x78, 0x59, 0x6e, 0x89, 0xe7, 0xcb, 0x52, 0xc5, 0x24, 0xe1,
412 0x77, 0x09, 0x8a, 0x56, 0xc2, 0x32, 0xeb, 0x1f, 0x56, 0x3a, 0xa8, 0x4b, 0xc6, 0xb0, 0x26, 0xde,
413 0xee, 0x6f, 0xf5, 0x1c, 0xb4, 0x41, 0xe0, 0x80, 0xf2, 0xda, 0xfa, 0xea, 0x1c, 0xed, 0x86, 0x42,
414 0x7d, 0x1c, 0x34, 0x6b, 0xe5, 0x5c, 0x66, 0x80, 0x3d, 0x4b, 0x76, 0xd1, 0x33, 0xcd, 0x44, 0x5b,
415 0x4c, 0x34, 0x82, 0xfa, 0x41, 0x50, 0x23, 0x46, 0x3c, 0x9b, 0xf3, 0x0f, 0x2f, 0x78, 0x42, 0x23,
416 0xe2, 0x60, 0x57, 0xd3, 0xaa, 0x0d, 0x7f, 0xbb, 0x66, 0x06, 0x30, 0xc5, 0x2e, 0x49, 0xd4, 0xa0,
417 0x32, 0x5c, 0x73, 0x89, 0xe0, 0x72, 0xaa, 0x34, 0x9f, 0x13, 0xc9, 0x66, 0xe1, 0x59, 0x75, 0x2f,
418 0xbb, 0x71, 0xe9, 0x33, 0x68, 0x90, 0xf9, 0x32, 0x43, 0xfa, 0x6e, 0x72, 0xd2, 0x99, 0x36, 0x5e,
419 0xe5, 0xb3, 0xfe, 0x26, 0x6e, 0xbf, 0x11, 0x10, 0x56, 0x8f, 0xee, 0x44, 0x25, 0xc8, 0x47, 0xb5,
420 0x02, 0x10, 0xbd, 0x48, 0x4b, 0x97, 0x43, 0x1a, 0x42, 0x85, 0x6a, 0xdc, 0xa3, 0xe7, 0xd1, 0xa9,
421 0xc9, 0xc6, 0x75, 0xc7, 0xe2, 0x66, 0x91, 0x83, 0x20, 0xdd, 0x5a, 0x78, 0xa4, 0x8c, 0x48, 0xa9,
422 };
423 static const uint8_t TEE_ATTR_DSA_PRIVATE_VALUE_224_VALUE01[] = {
424 0x7b, 0x48, 0x90, 0x21, 0x57, 0x8e, 0x79, 0xe7, 0xbd, 0x3e, 0xe7, 0xab, 0x45, 0x6f,
425 0x65, 0x9f, 0x3d, 0xc0, 0x7c, 0x88, 0xf5, 0xc9, 0xa3, 0x9e, 0x4f, 0x8c, 0xee, 0x81,
426 };
427 static const uint8_t TEE_ATTR_DSA_PUBLIC_VALUE_2048_VALUE01[] = {
428 0x1a, 0xe1, 0x0c, 0x78, 0x6a, 0xd0, 0x90, 0x2c, 0x5c, 0x68, 0x5d, 0xae, 0x5c, 0x71, 0x21, 0x41,
429 0x8a, 0x37, 0x7b, 0x88, 0x8b, 0x5f, 0x2f, 0x2b, 0xc7, 0x66, 0x23, 0x57, 0x0f, 0xd6, 0x2b, 0xcb,
430 0x19, 0x0b, 0x47, 0x1a, 0xd5, 0x35, 0x9c, 0x5f, 0x06, 0x2f, 0x88, 0x19, 0x28, 0x9e, 0x95, 0x6d,
431 0x8a, 0xa6, 0xf9, 0x0d, 0x1f, 0x8c, 0xf1, 0xee, 0x72, 0xd3, 0xa1, 0xbd, 0xfd, 0x56, 0xc4, 0x78,
432 0xdc, 0x29, 0xa1, 0x9c, 0x45, 0x69, 0xb5, 0xa6, 0x0e, 0x3a, 0x8f, 0x34, 0xf6, 0x06, 0x56, 0xea,
433 0xc5, 0xb2, 0x5d, 0xde, 0x55, 0x14, 0xa5, 0xc6, 0x7b, 0x67, 0x54, 0x23, 0x20, 0x4f, 0x6c, 0xca,
434 0xf0, 0x99, 0x06, 0x17, 0xcc, 0x73, 0x55, 0xb9, 0xd3, 0xed, 0x86, 0x89, 0x78, 0xa2, 0x52, 0x02,
435 0x0a, 0x76, 0x9e, 0xd5, 0x9a, 0x6e, 0xda, 0xa6, 0xef, 0xe3, 0x37, 0x7e, 0xef, 0x45, 0xf3, 0xf6,
436 0xf3, 0xe6, 0x41, 0x79, 0xcc, 0x7d, 0xb8, 0xb1, 0x43, 0xfb, 0x83, 0x5c, 0x5d, 0x71, 0xbf, 0xcf,
437 0xa1, 0xe2, 0xa9, 0x04, 0x9b, 0xcc, 0xf7, 0xfe, 0x9a, 0xb5, 0x75, 0x46, 0x22, 0x0f, 0xe3, 0xf4,
438 0xb7, 0x52, 0x1c, 0x86, 0x17, 0x39, 0xd1, 0x38, 0x50, 0x7e, 0x81, 0xa4, 0x6a, 0x69, 0x93, 0x60,
439 0x54, 0x41, 0xdc, 0xb9, 0x0d, 0x6e, 0xe4, 0xaf, 0xbc, 0x42, 0xca, 0xbe, 0x90, 0xa2, 0x54, 0x44,
440 0x49, 0x68, 0x10, 0x9d, 0x7e, 0xdd, 0x96, 0x94, 0xa0, 0x23, 0x23, 0x9f, 0x1d, 0x56, 0x17, 0x5d,
441 0xd1, 0xfa, 0xc1, 0x15, 0x91, 0x5e, 0x24, 0xfa, 0xb5, 0x63, 0xf4, 0xfc, 0x3f, 0x26, 0x9b, 0xed,
442 0x2f, 0x30, 0x08, 0x32, 0xd1, 0x12, 0x59, 0x64, 0x85, 0xa7, 0x11, 0x41, 0x7a, 0xa7, 0x3b, 0xb4,
443 0xac, 0x72, 0xa6, 0x51, 0xa1, 0xfa, 0x5b, 0xae, 0xd3, 0x63, 0x6c, 0x72, 0x0d, 0x39, 0x70, 0x08,
444 };
445
446 static const uint8_t TEE_ATTR_DSA_PRIME_3072_VALUE01[] = {
447 0xc7, 0xb8, 0x6d, 0x70, 0x44, 0x21, 0x8e, 0x36, 0x74, 0x53, 0xd2, 0x10, 0xe7, 0x64, 0x33, 0xe4, 0xe2, 0x7a, 0x98, 0x3d, 0xb1, 0xc5, 0x60, 0xbb,
448 0x97, 0x55, 0xa8, 0xfb, 0x7d, 0x81, 0x99, 0x12, 0xc5, 0x6c, 0xfe, 0x00, 0x2a, 0xb1, 0xff, 0x3f, 0x72, 0x16, 0x5b, 0x94, 0x3c, 0x0b, 0x28, 0xed,
449 0x46, 0x03, 0x9a, 0x07, 0xde, 0x50, 0x7d, 0x7a, 0x29, 0xf7, 0x38, 0x60, 0x3d, 0xec, 0xd1, 0x27, 0x03, 0x80, 0xa4, 0x1f, 0x97, 0x1f, 0x25, 0x92,
450 0x66, 0x1a, 0x64, 0xba, 0x2f, 0x35, 0x1d, 0x9a, 0x69, 0xe5, 0x1a, 0x88, 0x8a, 0x05, 0x15, 0x6b, 0x7f, 0xe1, 0x56, 0x3c, 0x4b, 0x77, 0xee, 0x93,
451 0xa4, 0x49, 0x49, 0x13, 0x84, 0x38, 0xa2, 0xab, 0x8b, 0xdc, 0xfc, 0x49, 0xb4, 0xe7, 0x8d, 0x1c, 0xde, 0x76, 0x6e, 0x54, 0x98, 0x47, 0x60, 0x05,
452 0x7d, 0x76, 0xcd, 0x74, 0x0c, 0x94, 0xa4, 0xdd, 0x25, 0xa4, 0x6a, 0xa7, 0x7b, 0x18, 0xe9, 0xd7, 0x07, 0xd6, 0x73, 0x84, 0x97, 0xd4, 0xea, 0xc3,
453 0x64, 0xf4, 0x79, 0x2d, 0x97, 0x66, 0xa1, 0x6a, 0x0e, 0x23, 0x48, 0x07, 0xe9, 0x6b, 0x8c, 0x64, 0xd4, 0x04, 0xbb, 0xdb, 0x87, 0x6e, 0x39, 0xb5,
454 0x79, 0x9e, 0xf5, 0x3f, 0xe6, 0xcb, 0x9b, 0xab, 0x62, 0xef, 0x19, 0xfd, 0xcc, 0x2b, 0xdd, 0x90, 0x5b, 0xed, 0xa1, 0x3b, 0x9e, 0xf7, 0xac, 0x35,
455 0xf1, 0xf5, 0x57, 0xcb, 0x0d, 0xc4, 0x58, 0xc0, 0x19, 0xe2, 0xbc, 0x19, 0xa9, 0xf5, 0xdf, 0xc1, 0xe4, 0xec, 0xa9, 0xe6, 0xd4, 0x66, 0x56, 0x41,
456 0x24, 0x30, 0x4a, 0x31, 0xf0, 0x38, 0x60, 0x5a, 0x3e, 0x34, 0x2d, 0xa0, 0x1b, 0xe1, 0xc2, 0xb5, 0x45, 0x61, 0x0e, 0xdd, 0x2c, 0x13, 0x97, 0xa3,
457 0xc8, 0x39, 0x65, 0x88, 0xc6, 0x32, 0x9e, 0xfe, 0xb4, 0xe1, 0x65, 0xaf, 0x5b, 0x36, 0x8a, 0x39, 0xa8, 0x8e, 0x48, 0x88, 0xe3, 0x9f, 0x40, 0xbb,
458 0x3d, 0xe4, 0xeb, 0x14, 0x16, 0x67, 0x2f, 0x99, 0x9f, 0xea, 0xd3, 0x7a, 0xef, 0x1c, 0xa9, 0x64, 0x3f, 0xf3, 0x2c, 0xdb, 0xc0, 0xfc, 0xeb, 0xe6,
459 0x28, 0xd7, 0xe4, 0x6d, 0x28, 0x1a, 0x98, 0x9d, 0x43, 0xdd, 0x21, 0x43, 0x21, 0x51, 0xaf, 0x68, 0xbe, 0x3f, 0x6d, 0x56, 0xac, 0xfb, 0xdb, 0x6c,
460 0x97, 0xd8, 0x7f, 0xcb, 0x5e, 0x62, 0x91, 0xbf, 0x8b, 0x4e, 0xe1, 0x27, 0x5a, 0xe0, 0xeb, 0x43, 0x83, 0xcc, 0x75, 0x39, 0x03, 0xc8, 0xd2, 0x9f,
461 0x4a, 0xdb, 0x6a, 0x54, 0x7e, 0x40, 0x5d, 0xec, 0xdf, 0xf2, 0x88, 0xc5, 0xf6, 0xc7, 0xaa, 0x30, 0xdc, 0xb1, 0x2f, 0x84, 0xd3, 0x92, 0x49, 0x3a,
462 0x70, 0x93, 0x33, 0x17, 0xc0, 0xf5, 0xe6, 0x55, 0x26, 0x01, 0xfa, 0xe1, 0x8f, 0x17, 0xe6, 0xe5, 0xbb, 0x6b, 0xf3, 0x96, 0xd3, 0x2d, 0x8a, 0xb9,
463 };
464 static const uint8_t TEE_ATTR_DSA_SUBPRIME_256_VALUE01[] = {
465 0x87, 0x6f, 0xa0, 0x9e, 0x1d, 0xc6, 0x2b, 0x23, 0x6c, 0xe1, 0xc3, 0x15, 0x5b, 0xa4, 0x8b, 0x0c,
466 0xcf, 0xda, 0x29, 0xf3, 0xac, 0x5a, 0x97, 0xf7, 0xff, 0xa1, 0xbd, 0x87, 0xb6, 0x8d, 0x2a, 0x4b,
467 };
468 static const uint8_t TEE_ATTR_DSA_BASE_3072_VALUE01[] = {
469 0x11, 0x0a, 0xfe, 0xbb, 0x12, 0xc7, 0xf8, 0x62, 0xb6, 0xde, 0x03, 0xd4, 0x7f, 0xdb, 0xc3, 0x32, 0x6e, 0x0d, 0x4d, 0x31, 0xb1, 0x2a, 0x8c, 0xa9,
470 0x5b, 0x2d, 0xee, 0x21, 0x23, 0xbc, 0xc6, 0x67, 0xd4, 0xf7, 0x2c, 0x1e, 0x72, 0x09, 0x76, 0x7d, 0x27, 0x21, 0xf9, 0x5f, 0xbd, 0x9a, 0x4d, 0x03,
471 0x23, 0x6d, 0x54, 0x17, 0x4f, 0xbf, 0xaf, 0xf2, 0xc4, 0xff, 0x7d, 0xea, 0xe4, 0x73, 0x8b, 0x20, 0xd9, 0xf3, 0x7b, 0xf0, 0xa1, 0x13, 0x4c, 0x28,
472 0x8b, 0x42, 0x0a, 0xf0, 0xb5, 0x79, 0x2e, 0x47, 0xa9, 0x25, 0x13, 0xc0, 0x41, 0x3f, 0x34, 0x6a, 0x4e, 0xdb, 0xab, 0x2c, 0x45, 0xbd, 0xca, 0x13,
473 0xf5, 0x34, 0x1c, 0x2b, 0x55, 0xb8, 0xba, 0x54, 0x93, 0x2b, 0x92, 0x17, 0xb5, 0xa8, 0x59, 0xe5, 0x53, 0xf1, 0x4b, 0xb8, 0xc1, 0x20, 0xfb, 0xb9,
474 0xd9, 0x99, 0x09, 0xdf, 0xf5, 0xea, 0x68, 0xe1, 0x4b, 0x37, 0x99, 0x64, 0xfd, 0x3f, 0x38, 0x61, 0xe5, 0xba, 0x5c, 0xc9, 0x70, 0xc4, 0xa1, 0x80,
475 0xee, 0xf5, 0x44, 0x28, 0x70, 0x39, 0x61, 0x02, 0x1e, 0x7b, 0xd6, 0x8c, 0xb6, 0x37, 0x92, 0x7b, 0x8c, 0xbe, 0xe6, 0x80, 0x5f, 0xa2, 0x72, 0x85,
476 0xbf, 0xee, 0x4d, 0x1e, 0xf7, 0x0e, 0x02, 0xc1, 0xa1, 0x8a, 0x7c, 0xd7, 0x8b, 0xef, 0x1d, 0xd9, 0xcd, 0xad, 0x45, 0xdd, 0xe9, 0xcd, 0x69, 0x07,
477 0x55, 0x05, 0x0f, 0xc4, 0x66, 0x29, 0x37, 0xee, 0x1d, 0x6f, 0x4d, 0xb1, 0x28, 0x07, 0xcc, 0xc9, 0x5b, 0xc4, 0x35, 0xf1, 0x1b, 0x71, 0xe7, 0x08,
478 0x60, 0x48, 0xb1, 0xda, 0xb5, 0x91, 0x3c, 0x60, 0x55, 0x01, 0x2d, 0xe8, 0x2e, 0x43, 0xa4, 0xe5, 0x0c, 0xf9, 0x3f, 0xef, 0xf5, 0xdc, 0xab, 0x81,
479 0x4a, 0xbc, 0x22, 0x4c, 0x5e, 0x00, 0x25, 0xbd, 0x86, 0x8c, 0x3f, 0xc5, 0x92, 0x04, 0x1b, 0xba, 0x04, 0x74, 0x7c, 0x10, 0xaf, 0x51, 0x3f, 0xc3,
480 0x6e, 0x4d, 0x91, 0xc6, 0x3e, 0xe5, 0x25, 0x34, 0x22, 0xcf, 0x40, 0x63, 0x39, 0x8d, 0x77, 0xc5, 0x2f, 0xcb, 0x01, 0x14, 0x27, 0xcb, 0xfc, 0xfa,
481 0x67, 0xb1, 0xb2, 0xc2, 0xd1, 0xaa, 0x4a, 0x3d, 0xa7, 0x26, 0x45, 0xcb, 0x1c, 0x76, 0x70, 0x36, 0x05, 0x4e, 0x2f, 0x31, 0xf8, 0x86, 0x65, 0xa5,
482 0x44, 0x61, 0xc8, 0x85, 0xfb, 0x32, 0x19, 0xd5, 0xad, 0x87, 0x48, 0xa0, 0x11, 0x58, 0xf6, 0xc7, 0xc0, 0xdf, 0x5a, 0x8c, 0x90, 0x8b, 0xa8, 0xc3,
483 0xe5, 0x36, 0x82, 0x24, 0x28, 0x88, 0x6c, 0x7b, 0x50, 0x0b, 0xbc, 0x15, 0xb4, 0x9d, 0xf7, 0x46, 0xb9, 0xde, 0x5a, 0x78, 0xfe, 0x3b, 0x4f, 0x69,
484 0x91, 0xd0, 0x11, 0x0c, 0x3c, 0xbf, 0xf4, 0x58, 0x03, 0x9d, 0xc3, 0x62, 0x61, 0xcf, 0x46, 0xaf, 0x4b, 0xc2, 0x51, 0x53, 0x68, 0xf4, 0xab, 0xb7,
485 };
486 static const uint8_t TEE_ATTR_DSA_PRIVATE_VALUE_256_VALUE01[] = {
487 0x34, 0x70, 0x83, 0x20, 0x55, 0xda, 0xde, 0x94, 0xe1, 0x4c, 0xd8, 0x77, 0x71, 0x71, 0xd1, 0x8e,
488 0x5d, 0x06, 0xf6, 0x6a, 0xef, 0xf4, 0xc6, 0x14, 0x71, 0xe4, 0xeb, 0xa7, 0x4e, 0xe5, 0x61, 0x64,
489 };
490 static const uint8_t TEE_ATTR_DSA_PUBLIC_VALUE_3072_VALUE01[] = {
491 0x45, 0x6a, 0x10, 0x5c, 0x71, 0x35, 0x66, 0x23, 0x48, 0x38, 0xbc, 0x07, 0x0b, 0x8a, 0x75, 0x1a, 0x0b, 0x57, 0x76, 0x7c, 0xb7, 0x5e, 0x99, 0x11,
492 0x4a, 0x1a, 0x46, 0x64, 0x1e, 0x11, 0xda, 0x1f, 0xa9, 0xf2, 0x29, 0x14, 0xd8, 0x08, 0xad, 0x71, 0x48, 0x61, 0x2c, 0x1e, 0xa5, 0x5d, 0x25, 0x30,
493 0x17, 0x81, 0xe9, 0xae, 0x0c, 0x9a, 0xe3, 0x6a, 0x69, 0xd8, 0x7b, 0xa0, 0x39, 0xec, 0x7c, 0xd8, 0x64, 0xc3, 0xad, 0x09, 0x48, 0x73, 0xe6, 0xe5,
494 0x67, 0x09, 0xfd, 0x10, 0xd9, 0x66, 0x85, 0x3d, 0x61, 0x1b, 0x1c, 0xff, 0x15, 0xd3, 0x7f, 0xde, 0xe4, 0x24, 0x50, 0x6c, 0x18, 0x4d, 0x62, 0xc7,
495 0x03, 0x33, 0x58, 0xbe, 0x78, 0xc2, 0x25, 0x09, 0x43, 0xb6, 0xf6, 0xd0, 0x43, 0xd6, 0x3b, 0x31, 0x7d, 0xe5, 0x6e, 0x5a, 0xd8, 0xd1, 0xfd, 0x97,
496 0xdd, 0x35, 0x5a, 0xbe, 0x96, 0x45, 0x2f, 0x8e, 0x43, 0x54, 0x85, 0xfb, 0x3b, 0x90, 0x7b, 0x51, 0x90, 0x0a, 0xa3, 0xf2, 0x44, 0x18, 0xdf, 0x50,
497 0xb4, 0xfc, 0xda, 0xfb, 0xf6, 0x13, 0x75, 0x48, 0xc3, 0x93, 0x73, 0xb8, 0xbc, 0x4b, 0xa3, 0xda, 0xbb, 0x47, 0x46, 0xeb, 0xd1, 0x7b, 0x87, 0xfc,
498 0xd6, 0xa2, 0xf1, 0x97, 0xc1, 0x07, 0xb1, 0x8e, 0xc5, 0xb4, 0x65, 0xe6, 0xe4, 0xcb, 0x43, 0x0d, 0x9c, 0x0c, 0xe7, 0x8d, 0xa5, 0x98, 0x84, 0x41,
499 0x05, 0x4a, 0x37, 0x07, 0x92, 0xb7, 0x30, 0xda, 0x9a, 0xba, 0x41, 0xa3, 0x16, 0x9a, 0xf2, 0x61, 0x76, 0xf7, 0x4e, 0x6f, 0x7c, 0x0c, 0x9c, 0x9b,
500 0x55, 0xb6, 0x2b, 0xbe, 0x7c, 0xe3, 0x8d, 0x46, 0x95, 0xd4, 0x81, 0x57, 0xe6, 0x60, 0xc2, 0xac, 0xb6, 0x3f, 0x48, 0x2f, 0x55, 0x41, 0x81, 0x50,
501 0xe5, 0xfe, 0xe4, 0x3a, 0xce, 0x84, 0xc5, 0x40, 0xc3, 0xba, 0x76, 0x62, 0xae, 0x80, 0x83, 0x5c, 0x1a, 0x2d, 0x51, 0x89, 0x0e, 0xa9, 0x6b, 0xa2,
502 0x06, 0x42, 0x7c, 0x41, 0xef, 0x8c, 0x38, 0xaa, 0x07, 0xd2, 0xa3, 0x65, 0xe7, 0xe5, 0x83, 0x80, 0xd8, 0xf4, 0x78, 0x2e, 0x22, 0xac, 0x21, 0x01,
503 0xaf, 0x73, 0x2e, 0xe2, 0x27, 0x58, 0x33, 0x7b, 0x25, 0x36, 0x37, 0x83, 0x8e, 0x16, 0xf5, 0x0f, 0x56, 0xd3, 0x13, 0xd0, 0x79, 0x81, 0x88, 0x0d,
504 0x68, 0x55, 0x57, 0xf7, 0xd7, 0x9a, 0x6d, 0xb8, 0x23, 0xc6, 0x1f, 0x1b, 0xb3, 0xdb, 0xc5, 0xd5, 0x04, 0x21, 0xa4, 0x84, 0x3a, 0x6f, 0x29, 0x69,
505 0x0e, 0x78, 0xaa, 0x0f, 0x0c, 0xff, 0x30, 0x42, 0x31, 0x81, 0x8b, 0x81, 0xfc, 0x4a, 0x24, 0x3f, 0xc0, 0x0f, 0x09, 0xa5, 0x4c, 0x46, 0x6d, 0x6a,
506 0x8c, 0x73, 0xd3, 0x2a, 0x55, 0xe1, 0xab, 0xd5, 0xec, 0x8b, 0x4e, 0x1a, 0xfa, 0x32, 0xa7, 0x9b, 0x01, 0xdf, 0x85, 0xa8, 0x1f, 0x3f, 0x5c, 0xfe,
507 };
508
509 static const uint8_t TEE_ATTR_DES3_192_VALUE01[] = {
510 0xCD, 0xFE, 0x57, 0xB6, 0xB6, 0x2F, 0xAE, 0x6B, 0x04, 0x73, 0x40, 0xF1,
511 0x02, 0xD6, 0xA4, 0x8C,
512 0x89, 0x5D, 0xAD, 0xF2, 0x9D, 0x62, 0xEF, 0x25
513 };
514 static const uint8_t TEE_ATTR_RSA_PRIVATE_EXPONENT_VALUE01[] = {
515 0xa5, 0x0d, 0xe1, 0x84, 0xf9, 0x02, 0xec, 0x42, 0x20, 0x2c, 0x98, 0x98,
516 0x70, 0xa3, 0x1a, 0x04,
517 0x21, 0xa7, 0xa0, 0x59, 0x5d, 0x87, 0x80, 0x9b, 0x09, 0x57, 0x91, 0xb4,
518 0x50, 0x51, 0x62, 0xbf,
519 0x22, 0xd7, 0xdb, 0x17, 0x25, 0xb0, 0x9c, 0x91, 0x29, 0x5f, 0x10, 0x9c,
520 0xac, 0x44, 0x48, 0xb2,
521 0x43, 0x8d, 0x6b, 0x36, 0x84, 0xa7, 0xdf, 0xb8, 0x1b, 0x9f, 0x73, 0xac,
522 0x2c, 0x53, 0xa5, 0x39,
523 0xd9, 0xa2, 0xe2, 0x7e, 0xf2, 0x07, 0x2d, 0x80, 0xa4, 0x7b, 0x7b, 0x66,
524 0x1a, 0x2f, 0xb7, 0x66,
525 0x64, 0x66, 0xa8, 0xc3, 0x8d, 0x7e, 0x8a, 0x7f, 0xc6, 0xd7, 0x52, 0xe7,
526 0x38, 0x30, 0x59, 0x74,
527 0x88, 0x8e, 0x8a, 0x52, 0x79, 0x30, 0x77, 0xc9, 0xe5, 0x7a, 0x3e, 0x65,
528 0x5d, 0x89, 0xa9, 0xb7,
529 0x0b, 0xc6, 0x62, 0x72, 0x9e, 0xa4, 0x72, 0xae, 0x4b, 0xb3, 0xf2, 0x89,
530 0x47, 0x15, 0xe0, 0x5b,
531 0x45, 0x4d, 0x99, 0x5b, 0x13, 0x6c, 0x90, 0xbe, 0xe5, 0xb5, 0x98, 0xad,
532 0x87, 0x99, 0x1a, 0x57,
533 0xd4, 0x1f, 0xf1, 0x52, 0x71, 0x5b, 0x51, 0x40, 0xdc, 0x51, 0x35, 0xf6,
534 0x6c, 0xae, 0xa3, 0xf9,
535 0x0f, 0x3a, 0xed, 0x28, 0xfc, 0xa5, 0x60, 0x2f, 0x4b, 0x4f, 0x31, 0xac,
536 0x48, 0x3e, 0x5b, 0xba,
537 0xe4, 0x2b, 0x58, 0x79, 0xe6, 0xb4, 0x6b, 0x5e, 0x56, 0x0a, 0xb2, 0xdb,
538 0x68, 0xed, 0x24, 0xd8,
539 0x5e, 0x6f, 0x30, 0x59, 0x8d, 0x8c, 0xa3, 0x00, 0x68, 0xf5, 0x42, 0x95,
540 0x1a, 0x0b, 0xa8, 0x1c,
541 0xfb, 0xdf, 0x29, 0x81, 0x10, 0x32, 0x02, 0xcc, 0x51, 0xa4, 0x17, 0x14,
542 0x3e, 0xef, 0x89, 0x41,
543 0xde, 0xf8, 0x2d, 0x64, 0x69, 0x30, 0xe8, 0x8a, 0xad, 0x96, 0xf6, 0xf4,
544 0x82, 0x83, 0x9a, 0x77,
545 0xe7, 0xde, 0x12, 0x31, 0xf7, 0x15, 0xec, 0xce, 0xed, 0x83, 0x68, 0x88,
546 0x84, 0xe5, 0x64, 0x81
547 };
548 static const uint8_t TEE_ATTR_DES_64_VALUE01[] = {
549 0xCD, 0xFE, 0x57, 0xB6, 0xB6, 0x2F, 0xAE, 0x6B
550 };
551 static const uint8_t TEE_ATTR_HMAC_SHA1_256_VALUE01[] = {
552 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
553 0x0c, 0x0d, 0x0e, 0x0f,
554 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b,
555 0x1c, 0x1d, 0x1e, 0x1f
556 };
557 static const uint8_t TEE_ATTR_HMAC_MD5_256_VALUE01[] = {
558 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
559 0x0c, 0x0d, 0x0e, 0x0f,
560 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b,
561 0x1c, 0x1d, 0x1e, 0x1f
562 };
563 static const uint8_t TEE_ATTR_HMAC_SHA224_256_VALUE01[] = {
564 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
565 0x0c, 0x0d, 0x0e, 0x0f,
566 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b,
567 0x1c, 0x1d, 0x1e, 0x1f
568 };
569 static const uint8_t TEE_ATTR_HMAC_SHA384_512_VALUE01[] = {
570 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
571 0x0c, 0x0d, 0x0e, 0x0f,
572 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b,
573 0x1c, 0x1d, 0x1e, 0x1f,
574 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b,
575 0x2c, 0x2d, 0x2e, 0x2f,
576 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b,
577 0x3c, 0x3d, 0x3e, 0x3f
578 };
579 static const uint8_t TEE_ATTR_HMAC_SHA512_512_VALUE01[] = {
580 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
581 0x0c, 0x0d, 0x0e, 0x0f,
582 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b,
583 0x1c, 0x1d, 0x1e, 0x1f,
584 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b,
585 0x2c, 0x2d, 0x2e, 0x2f,
586 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b,
587 0x3c, 0x3d, 0x3e, 0x3f
588 };
589
590 #undef TEE_ECC_CURVE_NIST_P192
591 static const uint8_t TEE_ECC_CURVE_NIST_P192[] = { 0x00, 0x00, 0x00, 0x01 };
592 #undef TEE_ECC_CURVE_NIST_P224
593 static const uint8_t TEE_ECC_CURVE_NIST_P224[] = { 0x00, 0x00, 0x00, 0x02 };
594 #undef TEE_ECC_CURVE_NIST_P256
595 static const uint8_t TEE_ECC_CURVE_NIST_P256[] = { 0x00, 0x00, 0x00, 0x03 };
596 #undef TEE_ECC_CURVE_NIST_P384
597 static const uint8_t TEE_ECC_CURVE_NIST_P384[] = { 0x00, 0x00, 0x00, 0x04 };
598 #undef TEE_ECC_CURVE_NIST_P521
599 static const uint8_t TEE_ECC_CURVE_NIST_P521[] = { 0x00, 0x00, 0x00, 0x05 };
600
601 static const uint8_t TEE_ATTR_ECC_PRIVATE_VALUE_ECDSA_P192_VALUE01[] = {
602 0xe1, 0x4f, 0x37, 0xb3, 0xd1, 0x37, 0x4f, 0xf8, 0xb0, 0x3f, 0x41, 0xb9, 0xb3, 0xfd, 0xd2, 0xf0, 0xeb, 0xcc, 0xf2, 0x75, 0xd6, 0x60, 0xd7, 0xf3,
603 };
604 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDSA_P192_VALUE01[] = {
605 0x07, 0x00, 0x8e, 0xa4, 0x0b, 0x08, 0xdb, 0xe7, 0x64, 0x32, 0x09, 0x6e, 0x80, 0xa2, 0x49, 0x4c, 0x94, 0x98, 0x2d, 0x2d, 0x5b, 0xcf, 0x98, 0xe6,
606 };
607 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDSA_P192_VALUE01[] = {
608 0x76, 0xfa, 0xb6, 0x81, 0xd0, 0x0b, 0x41, 0x4e, 0xa6, 0x36, 0xba, 0x21, 0x5d, 0xe2, 0x6d, 0x98, 0xc4, 0x1b, 0xd7, 0xf2, 0xe4, 0xd6, 0x54, 0x77,
609 };
610
611 static const uint8_t TEE_ATTR_ECC_PRIVATE_VALUE_ECDSA_P224_VALUE01[] = {
612 0x97, 0xc4, 0xb7, 0x96, 0xe1, 0x63, 0x9d, 0xd1, 0x03, 0x5b, 0x70, 0x8f, 0xc0, 0x0d, 0xc7, 0xba, 0x16, 0x82, 0xce, 0xc4, 0x4a, 0x10, 0x02, 0xa1, 0xa8, 0x20, 0x61, 0x9f,
613 };
614 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDSA_P224_VALUE01[] = {
615 0x8a, 0x4d, 0xca, 0x35, 0x13, 0x6c, 0x4b, 0x70, 0xe5, 0x88, 0xe2, 0x35, 0x54, 0x63, 0x7a, 0xe2, 0x51, 0x07, 0x7d, 0x13, 0x65, 0xa6, 0xba, 0x5d, 0xb9, 0x58, 0x5d, 0xe7,
616 };
617 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDSA_P224_VALUE01[] = {
618 0xad, 0x3d, 0xee, 0x06, 0xde, 0x0b, 0xe8, 0x27, 0x9d, 0x4a, 0xf4, 0x35, 0xd7, 0x24, 0x5f, 0x14, 0xf3, 0xb4, 0xf8, 0x2e, 0xb5, 0x78, 0xe5, 0x19, 0xee, 0x00, 0x57, 0xb1,
619 };
620 static const uint8_t TEE_ATTR_ECC_PRIVATE_VALUE_ECDSA_P256_VALUE01[] = {
621 0xbe, 0x34, 0xba, 0xa8, 0xd0, 0x40, 0xa3, 0xb9, 0x91, 0xf9, 0x07, 0x5b, 0x56, 0xba, 0x29, 0x2f,
622 0x75, 0x5b, 0x90, 0xe4, 0xb6, 0xdc, 0x10, 0xda, 0xd3, 0x67, 0x15, 0xc3, 0x3c, 0xfd, 0xac, 0x25,
623 };
624 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDSA_P256_VALUE01[] = {
625 0xfa, 0x27, 0x37, 0xfb, 0x93, 0x48, 0x8d, 0x19, 0xca, 0xef, 0x11, 0xae, 0x7f, 0xaf, 0x6b, 0x7f,
626 0x4b, 0xcd, 0x67, 0xb2, 0x86, 0xe3, 0xfc, 0x54, 0xe8, 0xa6, 0x5c, 0x2b, 0x74, 0xae, 0xcc, 0xb0,
627 };
628 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDSA_P256_VALUE01[] = {
629 0xd4, 0xcc, 0xd6, 0xda, 0xe6, 0x98, 0x20, 0x8a, 0xa8, 0xc3, 0xa6, 0xf3, 0x9e, 0x45, 0x51, 0x0d,
630 0x03, 0xbe, 0x09, 0xb2, 0xf1, 0x24, 0xbf, 0xc0, 0x67, 0x85, 0x6c, 0x32, 0x4f, 0x9b, 0x4d, 0x09,
631 };
632 static const uint8_t TEE_ATTR_ECC_PRIVATE_VALUE_ECDSA_P384_VALUE01[] = {
633 0xa4, 0x92, 0xce, 0x8f, 0xa9, 0x00, 0x84, 0xc2, 0x27, 0xe1, 0xa3, 0x2f, 0x79, 0x74, 0xd3, 0x9e, 0x9f, 0xf6, 0x7a, 0x7e, 0x87, 0x05, 0xec, 0x34,
634 0x19, 0xb3, 0x5f, 0xb6, 0x07, 0x58, 0x2b, 0xeb, 0xd4, 0x61, 0xe0, 0xb1, 0x52, 0x0a, 0xc7, 0x6e, 0xc2, 0xdd, 0x4e, 0x9b, 0x63, 0xeb, 0xae, 0x71,
635 };
636 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDSA_P384_VALUE01[] = {
637 0xe5, 0x5f, 0xee, 0x6c, 0x49, 0xd8, 0xd5, 0x23, 0xf5, 0xce, 0x7b, 0xf9, 0xc0, 0x42, 0x5c, 0xe4, 0xff, 0x65, 0x07, 0x08, 0xb7, 0xde, 0x5c, 0xfb,
638 0x09, 0x59, 0x01, 0x52, 0x39, 0x79, 0xa7, 0xf0, 0x42, 0x60, 0x2d, 0xb3, 0x08, 0x54, 0x73, 0x53, 0x69, 0x81, 0x3b, 0x5c, 0x3f, 0x5e, 0xf8, 0x68,
639 };
640 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDSA_P384_VALUE01[] = {
641 0x28, 0xf5, 0x9c, 0xc5, 0xdc, 0x50, 0x98, 0x92, 0xa9, 0x88, 0xd3, 0x8a, 0x8e, 0x25, 0x19, 0xde, 0x3d, 0x0c, 0x4f, 0xd0, 0xfb, 0xdb, 0x09, 0x93,
642 0xe3, 0x8f, 0x18, 0x50, 0x6c, 0x17, 0x60, 0x6c, 0x5e, 0x24, 0x24, 0x92, 0x46, 0xf1, 0xce, 0x94, 0x98, 0x3a, 0x53, 0x61, 0xc5, 0xbe, 0x98, 0x3e,
643 };
644 static const uint8_t TEE_ATTR_ECC_PRIVATE_VALUE_ECDSA_P521_VALUE01[] = {
645 0x01, 0xbd, 0x56, 0xbd, 0x10, 0x61, 0x18, 0xed, 0xa2, 0x46, 0x15, 0x5b, 0xd4, 0x3b, 0x42, 0xb8, 0xe1,
646 0x3f, 0x0a, 0x6e, 0x25, 0xdd, 0x3b, 0xb3, 0x76, 0x02, 0x6f, 0xab, 0x4d, 0xc9, 0x2b, 0x61, 0x57, 0xbc,
647 0x6d, 0xfe, 0xc2, 0xd1, 0x5d, 0xd3, 0xd0, 0xcf, 0x2a, 0x39, 0xaa, 0x68, 0x49, 0x40, 0x42, 0xaf, 0x48,
648 0xba, 0x96, 0x01, 0x11, 0x8d, 0xa8, 0x2c, 0x6f, 0x21, 0x08, 0xa3, 0xa2, 0x03, 0xad, 0x74,
649 };
650 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDSA_P521_VALUE01[] = {
651 0x01, 0x2f, 0xbc, 0xae, 0xff, 0xa6, 0xa5, 0x1f, 0x3e, 0xe4, 0xd3, 0xd2, 0xb5, 0x1c, 0x5d, 0xec, 0x6d,
652 0x7c, 0x72, 0x6c, 0xa3, 0x53, 0xfc, 0x01, 0x4e, 0xa2, 0xbf, 0x7c, 0xfb, 0xb9, 0xb9, 0x10, 0xd3, 0x2c,
653 0xbf, 0xa6, 0xa0, 0x0f, 0xe3, 0x9b, 0x6c, 0xdb, 0x89, 0x46, 0xf2, 0x27, 0x75, 0x39, 0x8b, 0x2e, 0x23,
654 0x3c, 0x0c, 0xf1, 0x44, 0xd7, 0x8c, 0x8a, 0x77, 0x42, 0xb5, 0xc7, 0xa3, 0xbb, 0x5d, 0x23,
655 };
656 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDSA_P521_VALUE01[] = {
657 0x00, 0x9c, 0xde, 0xf8, 0x23, 0xdd, 0x7b, 0xf9, 0xa7, 0x9e, 0x8c, 0xce, 0xac, 0xd2, 0xe4, 0x52, 0x7c,
658 0x23, 0x1d, 0x0a, 0xe5, 0x96, 0x7a, 0xf0, 0x95, 0x8e, 0x93, 0x1d, 0x7d, 0xdc, 0xcf, 0x28, 0x05, 0xa3,
659 0xe6, 0x18, 0xdc, 0x30, 0x39, 0xfe, 0xc9, 0xfe, 0xbb, 0xd3, 0x30, 0x52, 0xfe, 0x4c, 0x0f, 0xee, 0x98,
660 0xf0, 0x33, 0x10, 0x60, 0x64, 0x98, 0x2d, 0x88, 0xf4, 0xe0, 0x35, 0x49, 0xd4, 0xa6, 0x4d,
661 };
662 static const uint8_t TEE_ATTR_ECC_PRIVATE_VALUE_ECDH_P192_VALUE01[] = {
663 0xf1, 0x7d, 0x3f, 0xea, 0x36, 0x7b, 0x74, 0xd3, 0x40, 0x85, 0x1c, 0xa4, 0x27, 0x0d, 0xcb, 0x24, 0xc2, 0x71, 0xf4, 0x45, 0xbe, 0xd9, 0xd5, 0x27,
664 };
665 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDH_P192_VALUE01[] = {
666 0xb1, 0x50, 0x53, 0x40, 0x1f, 0x57, 0x28, 0x56, 0x37, 0xec, 0x32, 0x4c, 0x1c, 0xd2, 0x13, 0x9e, 0x3a, 0x67, 0xde, 0x37, 0x39, 0x23, 0x4b, 0x37,
667 };
668 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDH_P192_VALUE01[] = {
669 0xf2, 0x69, 0xc1, 0x58, 0x63, 0x74, 0x82, 0xaa, 0xd6, 0x44, 0xcd, 0x69, 0x2d, 0xd1, 0xd3, 0xef, 0x2c, 0x8a, 0x7c, 0x49, 0xe3, 0x89, 0xf7, 0xf6,
670 };
671 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDH_P192_VALUE02[] = {
672 0xdf, 0xbe, 0x5d, 0x7c, 0x61, 0xfa, 0xc8, 0x8b, 0x11, 0x81, 0x1b, 0xde, 0x32, 0x8e, 0x8a, 0x0d, 0x12, 0xbf, 0x01, 0xa9, 0xd2, 0x04, 0xb5, 0x23,
673 };
674 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDH_P192_VALUE02[] = {
675 0x42, 0xea, 0x6d, 0xd9, 0x96, 0x9d, 0xd2, 0xa6, 0x1f, 0xea, 0x1a, 0xac, 0x7f, 0x8e, 0x98, 0xed, 0xcc, 0x89, 0x6c, 0x6e, 0x55, 0x85, 0x7c, 0xc0,
676 };
677 static const uint8_t TEE_ATTR_ECC_PRIVATE_VALUE_ECDH_P224_VALUE01[] = {
678 0x83, 0x46, 0xa6, 0x0f, 0xc6, 0xf2, 0x93, 0xca, 0x5a, 0x0d, 0x2a, 0xf6, 0x8b, 0xa7, 0x1d, 0x1d, 0xd3, 0x89, 0xe5, 0xe4, 0x08, 0x37, 0x94, 0x2d, 0xf3, 0xe4, 0x3c, 0xbd,
679 };
680 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDH_P224_VALUE01[] = {
681 0x8d, 0xe2, 0xe2, 0x6a, 0xdf, 0x72, 0xc5, 0x82, 0xd6, 0x56, 0x8e, 0xf6, 0x38, 0xc4, 0xfd, 0x59, 0xb1, 0x8d, 0xa1, 0x71, 0xbd, 0xf5, 0x01, 0xf1, 0xd9, 0x29, 0xe0, 0x48,
682 };
683 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDH_P224_VALUE01[] = {
684 0x4a, 0x68, 0xa1, 0xc2, 0xb0, 0xfb, 0x22, 0x93, 0x0d, 0x12, 0x05, 0x55, 0xc1, 0xec, 0xe5, 0x0e, 0xa9, 0x8d, 0xea, 0x84, 0x07, 0xf7, 0x1b, 0xe3, 0x6e, 0xfa, 0xc0, 0xde,
685 };
686 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDH_P224_VALUE02[] = {
687 0x88, 0x20, 0x92, 0xcc, 0xbb, 0xa7, 0x93, 0x0f, 0x41, 0x9a, 0x8a, 0x4f, 0x9b, 0xb1, 0x69, 0x78, 0xbb, 0xc3, 0x83, 0x87, 0x29, 0x99, 0x25, 0x59, 0xa6, 0xf2, 0xe2, 0xd7,
688 };
689 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDH_P224_VALUE02[] = {
690 0xaf, 0x33, 0xcd, 0x06, 0x29, 0xbc, 0x7e, 0x99, 0x63, 0x20, 0xa3, 0xf4, 0x03, 0x68, 0xf7, 0x4d, 0xe8, 0x70, 0x4f, 0xa3, 0x7b, 0x8f, 0xab, 0x69, 0xab, 0xaa, 0xe2, 0x80,
691 };
692 static const uint8_t TEE_ATTR_ECC_PRIVATE_VALUE_ECDH_P256_VALUE01[] = {
693 0x7d, 0x7d, 0xc5, 0xf7, 0x1e, 0xb2, 0x9d, 0xda, 0xf8, 0x0d, 0x62, 0x14, 0x63, 0x2e, 0xea, 0xe0,
694 0x3d, 0x90, 0x58, 0xaf, 0x1f, 0xb6, 0xd2, 0x2e, 0xd8, 0x0b, 0xad, 0xb6, 0x2b, 0xc1, 0xa5, 0x34,
695 };
696 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDH_P256_VALUE01[] = {
697 0xea, 0xd2, 0x18, 0x59, 0x01, 0x19, 0xe8, 0x87, 0x6b, 0x29, 0x14, 0x6f, 0xf8, 0x9c, 0xa6, 0x17,
698 0x70, 0xc4, 0xed, 0xbb, 0xf9, 0x7d, 0x38, 0xce, 0x38, 0x5e, 0xd2, 0x81, 0xd8, 0xa6, 0xb2, 0x30,
699 };
700 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDH_P256_VALUE01[] = {
701 0x28, 0xaf, 0x61, 0x28, 0x1f, 0xd3, 0x5e, 0x2f, 0xa7, 0x00, 0x25, 0x23, 0xac, 0xc8, 0x5a, 0x42,
702 0x9c, 0xb0, 0x6e, 0xe6, 0x64, 0x83, 0x25, 0x38, 0x9f, 0x59, 0xed, 0xfc, 0xe1, 0x40, 0x51, 0x41,
703 };
704 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDH_P256_VALUE02[] = {
705 0xdb, 0x71, 0xe5, 0x09, 0xe3, 0xfd, 0x9b, 0x06, 0x0d, 0xdb, 0x20, 0xba, 0x5c, 0x51, 0xdc, 0xc5,
706 0x94, 0x8d, 0x46, 0xfb, 0xf6, 0x40, 0xdf, 0xe0, 0x44, 0x17, 0x82, 0xca, 0xb8, 0x5f, 0xa4, 0xac,
707 };
708 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDH_P256_VALUE02[] = {
709 0x70, 0x0c, 0x48, 0xf7, 0x7f, 0x56, 0x58, 0x4c, 0x5c, 0xc6, 0x32, 0xca, 0x65, 0x64, 0x0d, 0xb9,
710 0x1b, 0x6b, 0xac, 0xce, 0x3a, 0x4d, 0xf6, 0xb4, 0x2c, 0xe7, 0xcc, 0x83, 0x88, 0x33, 0xd2, 0x87,
711 };
712 static const uint8_t TEE_ATTR_ECC_PRIVATE_VALUE_ECDH_P384_VALUE01[] = {
713 0x3c, 0xc3, 0x12, 0x2a, 0x68, 0xf0, 0xd9, 0x50, 0x27, 0xad, 0x38, 0xc0, 0x67, 0x91, 0x6b, 0xa0, 0xeb, 0x8c, 0x38, 0x89, 0x4d, 0x22, 0xe1, 0xb1,
714 0x56, 0x18, 0xb6, 0x81, 0x8a, 0x66, 0x17, 0x74, 0xad, 0x46, 0x3b, 0x20, 0x5d, 0xa8, 0x8c, 0xf6, 0x99, 0xab, 0x4d, 0x43, 0xc9, 0xcf, 0x98, 0xa1,
715 };
716 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDH_P384_VALUE01[] = {
717 0x98, 0x03, 0x80, 0x7f, 0x2f, 0x6d, 0x2f, 0xd9, 0x66, 0xcd, 0xd0, 0x29, 0x0b, 0xd4, 0x10, 0xc0, 0x19, 0x03, 0x52, 0xfb, 0xec, 0x7f, 0xf6, 0x24,
718 0x7d, 0xe1, 0x30, 0x2d, 0xf8, 0x6f, 0x25, 0xd3, 0x4f, 0xe4, 0xa9, 0x7b, 0xef, 0x60, 0xcf, 0xf5, 0x48, 0x35, 0x5c, 0x01, 0x5d, 0xbb, 0x3e, 0x5f,
719 };
720 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDH_P384_VALUE01[] = {
721 0xba, 0x26, 0xca, 0x69, 0xec, 0x2f, 0x5b, 0x5d, 0x9d, 0xad, 0x20, 0xcc, 0x9d, 0xa7, 0x11, 0x38, 0x3a, 0x9d, 0xbe, 0x34, 0xea, 0x3f, 0xa5, 0xa2,
722 0xaf, 0x75, 0xb4, 0x65, 0x02, 0x62, 0x9a, 0xd5, 0x4d, 0xd8, 0xb7, 0xd7, 0x3a, 0x8a, 0xbb, 0x06, 0xa3, 0xa3, 0xbe, 0x47, 0xd6, 0x50, 0xcc, 0x99,
723 };
724 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDH_P384_VALUE02[] = {
725 0xac, 0x68, 0xf1, 0x9f, 0x2e, 0x1c, 0xb8, 0x79, 0xae, 0xd4, 0x3a, 0x99, 0x69, 0xb9, 0x1a, 0x08,
726 0x39, 0xc4, 0xc3, 0x8a, 0x49, 0x74, 0x9b, 0x66, 0x1e, 0xfe, 0xdf, 0x24, 0x34, 0x51, 0x91, 0x5e,
727 0xd0, 0x90, 0x5a, 0x32, 0xb0, 0x60, 0x99, 0x2b, 0x46, 0x8c, 0x64, 0x76, 0x6f, 0xc8, 0x43, 0x7a,
728 };
729 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDH_P384_VALUE02[] = {
730 0xa7, 0xc7, 0x6b, 0x97, 0x0c, 0x3b, 0x5f, 0xe8, 0xb0, 0x5d, 0x28, 0x38, 0xae, 0x04, 0xab, 0x47,
731 0x69, 0x7b, 0x9e, 0xaf, 0x52, 0xe7, 0x64, 0x59, 0x2e, 0xfd, 0xa2, 0x7f, 0xe7, 0x51, 0x32, 0x72,
732 0x73, 0x44, 0x66, 0xb4, 0x00, 0x09, 0x1a, 0xdb, 0xf2, 0xd6, 0x8c, 0x58, 0xe0, 0xc5, 0x00, 0x66,
733 };
734 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDH_P521_VALUE01[] = {
735 0x00, 0x00, 0x01, 0xb7, 0xc8, 0x5f, 0x26, 0xf5, 0xd4, 0xb2, 0xd7, 0x35, 0x5c, 0xf6, 0xb0, 0x21, 0x17,
736 0x65, 0x99, 0x43, 0x76, 0x2b, 0x6d, 0x1d, 0xb5, 0xab, 0x4f, 0x1d, 0xbc, 0x44, 0xce, 0x7b, 0x29, 0x46,
737 0xeb, 0x6c, 0x7d, 0xe3, 0x42, 0x96, 0x28, 0x93, 0xfd, 0x38, 0x7d, 0x1b, 0x73, 0xd7, 0xa8, 0x67, 0x2d,
738 0x1f, 0x23, 0x69, 0x61, 0x17, 0x0b, 0x7e, 0xb3, 0x57, 0x99, 0x53, 0xee, 0x5c, 0xdc, 0x88, 0xcd, 0x2d,
739 };
740 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDH_P521_VALUE02[] = {
741 0x00, 0x00, 0x01, 0xba, 0x52, 0xc5, 0x6f, 0xc8, 0x77, 0x6d, 0x9e, 0x8f, 0x5d, 0xb4, 0xf0, 0xcc,
742 0x27, 0x63, 0x6d, 0x0b, 0x74, 0x1b, 0xbe, 0x05, 0x40, 0x06, 0x97, 0x94, 0x2e, 0x80, 0xb7, 0x39,
743 0x88, 0x4a, 0x83, 0xbd, 0xe9, 0x9e, 0x0f, 0x67, 0x16, 0x93, 0x9e, 0x63, 0x2b, 0xc8, 0x98, 0x6f,
744 0xa1, 0x8d, 0xcc, 0xd4, 0x43, 0xa3, 0x48, 0xb6, 0xc3, 0xe5, 0x22, 0x49, 0x79, 0x55, 0xa4, 0xf3,
745 0xc3, 0x02, 0xf6, 0x76,
746 };
747 static const uint8_t TEE_ATTR_ECC_PRIVATE_VALUE_ECDH_P521_VALUE01[] = {
748 0x00, 0x00, 0x01, 0x7e, 0xec, 0xc0, 0x7a, 0xb4, 0xb3, 0x29, 0x06, 0x8f, 0xba, 0x65, 0xe5, 0x6a, 0x1f,
749 0x88, 0x90, 0xaa, 0x93, 0x5e, 0x57, 0x13, 0x4a, 0xe0, 0xff, 0xcc, 0xe8, 0x02, 0x73, 0x51, 0x51, 0xf4,
750 0xea, 0xc6, 0x56, 0x4f, 0x6e, 0xe9, 0x97, 0x4c, 0x5e, 0x68, 0x87, 0xa1, 0xfe, 0xfe, 0xe5, 0x74, 0x3a,
751 0xe2, 0x24, 0x1b, 0xfe, 0xb9, 0x5d, 0x5c, 0xe3, 0x1d, 0xdc, 0xb6, 0xf9, 0xed, 0xb4, 0xd6, 0xfc, 0x47,
752 };
753 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDH_P521_VALUE01[] = {
754 0x00, 0x00, 0x00, 0x60, 0x2f, 0x9d, 0x0c, 0xf9, 0xe5, 0x26, 0xb2, 0x9e, 0x22, 0x38, 0x1c, 0x20, 0x3c,
755 0x48, 0xa8, 0x86, 0xc2, 0xb0, 0x67, 0x30, 0x33, 0x36, 0x63, 0x14, 0xf1, 0xff, 0xbc, 0xba, 0x24, 0x0b,
756 0xa4, 0x2f, 0x4e, 0xf3, 0x8a, 0x76, 0x17, 0x46, 0x35, 0xf9, 0x1e, 0x6b, 0x4e, 0xd3, 0x42, 0x75, 0xeb,
757 0x01, 0xc8, 0x46, 0x7d, 0x05, 0xca, 0x80, 0x31, 0x5b, 0xf1, 0xa7, 0xbb, 0xd9, 0x45, 0xf5, 0x50, 0xa5,
758 };
759 static const uint8_t TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDH_P521_VALUE02[] = {
760 0x00, 0x00, 0x00, 0x68, 0x5a, 0x48, 0xe8, 0x6c, 0x79, 0xf0, 0xf0, 0x87, 0x5f, 0x7b, 0xc1, 0x8d,
761 0x25, 0xeb, 0x5f, 0xc8, 0xc0, 0xb0, 0x7e, 0x5d, 0xa4, 0xf4, 0x37, 0x0f, 0x3a, 0x94, 0x90, 0x34,
762 0x08, 0x54, 0x33, 0x4b, 0x1e, 0x1b, 0x87, 0xfa, 0x39, 0x54, 0x64, 0xc6, 0x06, 0x26, 0x12, 0x4a,
763 0x4e, 0x70, 0xd0, 0xf7, 0x85, 0x60, 0x1d, 0x37, 0xc0, 0x98, 0x70, 0xeb, 0xf1, 0x76, 0x66, 0x68,
764 0x77, 0xa2, 0x04, 0x6d,
765 };
766
767 static const uint8_t TEE_ATTR_DH_PUBLIC_VALUE_VALUE02[] = {
768 0xa3, 0xf5, 0x7d, 0xbe, 0x9e, 0x2f, 0x0a, 0xda, 0xa9, 0x4e, 0x4e, 0x6a, 0xf0, 0xe0, 0x71, 0x47,
769 0x0e, 0x2e, 0x41, 0x2e, 0xde, 0x73, 0x2a, 0x62, 0x14, 0xc3, 0x7c, 0x26, 0xd4, 0xe9, 0x9a, 0x54,
770 0xba, 0x3d, 0xe7, 0x49, 0x85, 0x95, 0x0e, 0xe9, 0x14, 0xb2, 0x90, 0x22, 0x91, 0xdc, 0xff, 0x61,
771 0xb2, 0xfc, 0xd1, 0xd0, 0x1b, 0x11, 0x14, 0xb6, 0x02, 0x64, 0x2b, 0x26, 0x5d, 0x88, 0xea, 0x8d,
772 0xbb, 0xe2, 0x07, 0x0b, 0x48, 0xfb, 0x01, 0x53, 0x55, 0x1e, 0x59, 0x51, 0x36, 0xf2, 0xf9, 0xd1,
773 0x97, 0xfb, 0x66, 0x12, 0x84, 0x5d, 0xed, 0xb8, 0x9b, 0x2d, 0x3e, 0x2b, 0x8c, 0xeb, 0x2a, 0x72,
774 0x40, 0x9d, 0x55, 0x4c, 0xed, 0xeb, 0x55, 0x02, 0xff, 0x8c, 0xb0, 0x2e, 0x03, 0x65, 0x3f, 0x41,
775 0xb1, 0xac, 0xa3, 0x30, 0x6b, 0xff, 0x6d, 0xf4, 0x6d, 0xe6, 0xe1, 0x0f, 0x86, 0x7c, 0x43, 0x64,
776 };
777
778
779 /*ALL_CRYPTO_AAD_VALUES*/
780 static const uint8_t AAD1_VALUE[] = {
781 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
782 };
783
784 /*ALL_CRYPTO_AAD_LENGTHS*/
785 #define AAD1_LENGTH 8
786 #define NULL_LENGTH 0
787
788 /*ALL_TEE_CRYPTO_INITIALISATION_VECTOR_VALUES*/
789 static const uint8_t NONCE2_VALUE_AES_GCM[] = {
790 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88
791 };
792 static const uint8_t NONCE1_VALUE_AES_CCM[] = {
793 0x00, 0x8D, 0x49, 0x3B, 0x30, 0xAE, 0x8B, 0x3C, 0x96, 0x96, 0x76, 0x6C,
794 0xFA
795 };
796
797 /*ALL_TEE_CRYPTO_INITIALISATION_VECTOR_LENGTHS*/
798 #define NONCE2_LENGTH_AES_GCM 12
799 #define NONCE1_LENGTH_AES_CCM 13
800
801 /*ALL_CRYPTO_DATA_VALUE*/
802 static const uint8_t DATA_ALL_ZEROES[4096];
803 static const uint8_t DATA_FOR_CRYPTO1[] = {
804 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B,
805 0x0C, 0x0D, 0x0E, 0x0F,
806 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05,
807 0x06, 0x07, 0x08, 0x09,
808 0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x07, 0x06, 0x05, 0x04,
809 0x03, 0x02, 0x01, 0x00,
810 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B,
811 0x0C, 0x0D, 0x0E, 0x0F,
812 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05,
813 0x06, 0x07, 0x08, 0x09,
814 0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x07, 0x06, 0x05, 0x04,
815 0x03, 0x02, 0x01, 0x00
816 };
817 static const uint8_t DATA_FOR_CRYPTO1_PART1[] = {
818 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B,
819 0x0C, 0x0D, 0x0E, 0x0F,
820 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05,
821 0x06, 0x07, 0x08, 0x09
822 };
823 static const uint8_t DATA_FOR_CRYPTO1_PART2[] = {
824 0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x07, 0x06, 0x05, 0x04,
825 0x03, 0x02, 0x01, 0x00,
826 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B,
827 0x0C, 0x0D, 0x0E, 0x0F
828 };
829 static const uint8_t DATA_FOR_CRYPTO1_PART3[] = {
830 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05,
831 0x06, 0x07, 0x08, 0x09,
832 0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x07, 0x06, 0x05, 0x04,
833 0x03, 0x02, 0x01, 0x00
834 };
835 static const uint8_t DATA_FOR_CRYPTO2_LENGTH_NOT_MULTIPLE_OF_128_BITS[] = {
836 0x00, 0x01, 0x02, 0x03,
837 };
838 static const uint8_t DATA_FOR_CRYPTO3_LENGTH_NOT_MULTIPLE_OF_64_BITS[] = {
839 0x00, 0x01, 0x02, 0x03,
840 };
841
842 /*ALL_CRYPTO_DATA_LENGTH*/
843 #define LENGTH_DATA_FOR_CRYPTO1 96
844 #define LENGTH_DATA_FOR_CRYPTO1_PART1 32
845 #define LENGTH_DATA_FOR_CRYPTO1_PART2 32
846 #define LENGTH_DATA_FOR_CRYPTO1_PART3 32
847 #define LENGTH_DATA_FOR_CRYPTO2 4
848 #define LENGTH_DATA_FOR_CRYPTO3 4
849 #define RSAES_PKCS1_OAEP_MGF1_SHA1_ENC_INVALID_LENGTH_MOD_2048 215
850 #define RSAES_PKCS1_OAEP_MGF1_SHA224_ENC_INVALID_LENGTH_MOD_2048 199
851 #define RSAES_PKCS1_OAEP_MGF1_SHA256_ENC_INVALID_LENGTH_MOD_2048 191
852 #define RSAES_PKCS1_OAEP_MGF1_SHA384_ENC_INVALID_LENGTH_MOD_2048 159
853 #define RSAES_PKCS1_OAEP_MGF1_SHA512_ENC_INVALID_LENGTH_MOD_2048 127
854 #define RSAES_PKCS1_V1_5_ENC_INVALID_LENGTH_MOD_2048 246
855
856 /*ALL_TEE_CRYPTO_INITIALISATION_VECTOR_VALUES*/
857 static const uint8_t IV1_VALUE_64bits_DES_DES3[] = {
858 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef
859 };
860 static const uint8_t IV2_VALUE_128bits_AES[] = {
861 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef, 0x12, 0x34, 0x56, 0x78,
862 0x90, 0xab, 0xcd, 0xef
863 };
864 static const uint8_t IV_INVALID_LENGTH_VALUE[] = {
865 0x01, 0x02, 0x03, 0x04, 0x05
866 };
867
868 /*ALL_TEE_CRYPTO_INITIALISATION_VECTOR_LENGTHS*/
869 #define IV_LENGTH_NULL 0
870 #define IV_INVALID_LENGTH 5
871 #define IV1_LENGTH_64bits_DES_DES3 8
872 #define IV2_LENGTH_128bits_AES 16
873
874 static const uint8_t *TEE_ATTR_VALUE_NONE;
875
876 /*ALL_TEE_BUFFER_CASES*/
877 #define INPUT_BUFFER_NORMAL 5
878 #define INPUT_BUFFER_TOO_SHORT 4
879 #define OUTPUT_BUFFER_NORMAL 1
880 #define OUTPUT_BUFFER_TOO_SHORT 2
881 #define TAG_BUFFER_TOO_SHORT 3
882
883 enum signature_validity {
884 INVALID_SIGNATURE = 0,
885 VALID_SIGNATURE
886 };
887
888 enum mac_validity {
889 INVALID_MAC = 0,
890 VALID_MAC
891 };
892
893 struct crypto_buffer {
894 uint8_t *buffer;
895 uint32_t size;
896 };
897
898 /*Saved in Invoke_Crypto_AllocateOperation*/
899 struct crypto_op {
900 uint32_t algo;
901 uint32_t mode;
902 uint32_t obj_size;
903 };
904 struct crypto_op saved_alloc;
905
906 /*Saved in Invoke_Crypto_InitObjectWithKeys*/
907 struct key_val {
908 uint32_t obh;
909 uint32_t obj_type;
910 uint32_t obj_size;
911 struct crypto_buffer key;
912 };
913 struct key_val saved_key_vals;
914
915 /*Saved in Invoke_Crypto_SetOperationKey*/
916 struct obh_val {
917 uint32_t oph;
918 uint32_t obh;
919 };
920 struct obh_val saved_obh1;
921
922 /*Saved in Invoke_Crypto_SetOperationKey2*/
923 struct obh_val2 {
924 uint32_t oph;
925 uint32_t obh1;
926 uint32_t obh2;
927 };
928 struct obh_val2 saved_obh;
929
930 /*saved by Invoke_Crypto_AEUpdateAAD*/
931 struct crypto_buffer saved_aad_value;
932
933 /*Saved in Invoke_Crypto_AEEncryptFinal*/
934 struct crypto_buffer ae_encrypt_tag;
935
936 /*Saved in Invoke_Crypto_AEUpdate_for_encryption*/
937 struct crypto_buffer buffer_encrypted_chunks[4];
938
939 /*Saved in Invoke_Crypto_AEUpdate_for_Decryption*/
940 struct crypto_buffer buffer_decrypted_chunks[4];
941
942 /*filled with data in Invoke_Crypto_AsymmetricEncrypt*/
943 struct crypto_buffer buffer_asym_encrypted;
944
945 /*saved by Invoke_Crypto_AEInit*/
946 struct crypto_buffer saved_in_nonce;
947
948 /*Saved in Invoke_Crypto_DeriveKey*/
949 struct obh_val saved_derive;
950
951 /*Saved in Invoke_Crypto_GenerateRandom*/
952 struct crypto_buffer saved_random;
953
954 /*Saved in Invoke_Crypto_DigestDoFinal*/
955 struct crypto_buffer saved_digest;
956
957 /*Saved in Invoke_Crypto_MACInit*/
958 struct crypto_buffer saved_mac_iv;
959
960 /*Saved in Invoke_Crypto_CipherInit*/
961 struct crypto_buffer saved_cipher_iv;
962
963 /*Saved in Invoke_Crypto_CipherUpdate*/
964 struct crypto_buffer saved_cipher_update;
965
966 static const void *saved_key_pub_attr[3];
967
968 static TEE_OperationInfo saved_op_info;
969 static uint32_t s_saved_op_mult_info[64 / sizeof(uint32_t)];
970 static TEE_OperationInfoMultiple *saved_op_mult_info =
971 (TEE_OperationInfoMultiple *)s_saved_op_mult_info;
972
973
974 TEEC_UUID UUID_TTA_testingInternalAPI_crypto = {
975 0x534D4152, 0x5443, 0x534C,
976 { 0x54, 0x43, 0x52, 0x59, 0x50, 0x54, 0x4F, 0x31 }
977 };
978
crypto_reset(void)979 static void crypto_reset(void)
980 {
981 saved_obh.oph = 0;
982 saved_obh.obh1 = 0;
983 saved_obh.obh2 = 0;
984 saved_alloc.algo = 0;
985 saved_alloc.mode = 0;
986 saved_alloc.obj_size = 0;
987 saved_key_vals.obh = 0;
988 saved_key_vals.obj_size = 0;
989 saved_key_vals.obj_type = 0;
990 CRYPTO_FREE(saved_key_vals.key);
991
992 CRYPTO_FREE(saved_aad_value);
993 CRYPTO_FREE(ae_encrypt_tag);
994 /*4 chunks*/
995 CRYPTO_FREE(buffer_encrypted_chunks[0]);
996 CRYPTO_FREE(buffer_encrypted_chunks[1]);
997 CRYPTO_FREE(buffer_encrypted_chunks[2]);
998 CRYPTO_FREE(buffer_encrypted_chunks[3]);
999 /*4 chunks*/
1000 CRYPTO_FREE(buffer_decrypted_chunks[0]);
1001 CRYPTO_FREE(buffer_decrypted_chunks[1]);
1002 CRYPTO_FREE(buffer_decrypted_chunks[2]);
1003 CRYPTO_FREE(buffer_decrypted_chunks[3]);
1004 CRYPTO_FREE(buffer_asym_encrypted);
1005 CRYPTO_FREE(saved_in_nonce);
1006 CRYPTO_FREE(saved_random);
1007 CRYPTO_FREE(saved_digest);
1008 CRYPTO_FREE(saved_cipher_iv);
1009 CRYPTO_FREE(saved_cipher_update);
1010
1011 memset(&saved_op_info, 0, sizeof(saved_op_info));
1012 memset(s_saved_op_mult_info, 0, sizeof(s_saved_op_mult_info));
1013 }
1014
1015 static TEEC_Result calculate_digest(ADBG_Case_t *c, const void *data,
1016 size_t data_length,
1017 struct crypto_buffer *digest);
1018
1019 static TEEC_Result sign_digest(ADBG_Case_t *c,
1020 const struct crypto_buffer *in_dgst,
1021 struct crypto_buffer *out_dgst);
1022
1023 static bool verify_digest(ADBG_Case_t *c, const struct crypto_buffer *in_sdgst);
1024
1025 static TEEC_Result mac_compute_final(ADBG_Case_t *c, TEEC_Session *s,
1026 const void *full_data,
1027 size_t fdata_length,
1028 struct crypto_buffer *mac);
1029
1030 static TEEC_Result cipher_do_final(ADBG_Case_t *c, TEEC_Session *s,
1031 const void *full_data,
1032 size_t fdata_length,
1033 struct crypto_buffer *cipher);
1034
collapse_crypto_buffers(struct crypto_buffer * in_buffer,struct crypto_buffer * out_buffer)1035 static void collapse_crypto_buffers(struct crypto_buffer *in_buffer,
1036 struct crypto_buffer *out_buffer)
1037 {
1038 int id;
1039 uint8_t *tmp;
1040
1041 out_buffer->size = 0;
1042
1043 for (id = 0; id < 4; id++)
1044 out_buffer->size += in_buffer[id].size;
1045
1046 out_buffer->buffer = malloc(out_buffer->size);
1047 tmp = out_buffer->buffer;
1048
1049 for (id = 0; id < 4; id++) {
1050 if (in_buffer[id].buffer) {
1051 memcpy(tmp, in_buffer[id].buffer, in_buffer[id].size);
1052 tmp += in_buffer[id].size;
1053 }
1054 }
1055 }
1056
Invoke_Crypto_AllocateOperation(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t algo,uint32_t mode,size_t obj_size1,size_t obj_size2,uint32_t op_handle)1057 static TEEC_Result Invoke_Crypto_AllocateOperation(ADBG_Case_t *c,
1058 TEEC_Session *s,
1059 uint32_t cmd, uint32_t algo,
1060 uint32_t mode,
1061 size_t obj_size1,
1062 size_t obj_size2,
1063 uint32_t op_handle)
1064 {
1065 TEEC_Result res = TEEC_SUCCESS;
1066 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
1067 uint32_t ret_orig;
1068
1069 op.params[0].value.a = algo;
1070 op.params[0].value.b = mode;
1071 if (obj_size1 > obj_size2)
1072 op.params[1].value.a = obj_size1;
1073 else
1074 op.params[1].value.a = obj_size2;
1075 op.params[3].value.a = op_handle;
1076
1077 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, TEEC_VALUE_INPUT,
1078 TEEC_NONE, TEEC_VALUE_INPUT);
1079
1080 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
1081
1082 if (!res) {
1083 saved_alloc.algo = algo;
1084 saved_alloc.mode = mode;
1085 saved_alloc.obj_size = op.params[1].value.a;
1086 }
1087
1088 return res;
1089 }
1090
Invoke_Crypto_GetOperationInfo(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle)1091 static TEEC_Result Invoke_Crypto_GetOperationInfo(ADBG_Case_t *c ,
1092 TEEC_Session *s,
1093 uint32_t cmd,
1094 uint32_t op_handle)
1095 {
1096 TEEC_Result res = TEEC_SUCCESS;
1097 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
1098 uint32_t ret_orig = 0;
1099
1100 op.params[0].value.a = op_handle;
1101 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INOUT, TEEC_VALUE_OUTPUT,
1102 TEEC_VALUE_OUTPUT, TEEC_VALUE_OUTPUT);
1103
1104 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
1105
1106 if (!res)
1107 saved_op_info = (TEE_OperationInfo){
1108 .algorithm = op.params[0].value.a,
1109 .operationClass = op.params[0].value.b,
1110 .mode = op.params[1].value.a,
1111 .digestLength = op.params[1].value.b,
1112 .maxKeySize = op.params[2].value.a,
1113 .keySize = op.params[2].value.b,
1114 .requiredKeyUsage = op.params[3].value.a,
1115 .handleState = op.params[3].value.b,
1116 };
1117
1118 return res;
1119 }
1120
get_be32(const uint8_t * b)1121 static uint32_t get_be32(const uint8_t *b)
1122 {
1123 return ((uint32_t)b[0] << 24) | ((uint32_t)b[1] << 16) |
1124 ((uint32_t)b[2] << 8) | b[3];
1125 }
1126
Invoke_Crypto_GetOperationInfoMultiple(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle,uint32_t max_num_keys)1127 static TEEC_Result Invoke_Crypto_GetOperationInfoMultiple(ADBG_Case_t *c,
1128 TEEC_Session *s,
1129 uint32_t cmd,
1130 uint32_t op_handle,
1131 uint32_t max_num_keys)
1132 {
1133 TEEC_Result res = TEEC_SUCCESS;
1134 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
1135 uint32_t org = 0;
1136 TEEC_SharedMemory shm = {
1137 .size = 64,
1138 .flags = TEEC_MEM_OUTPUT,
1139 };
1140
1141 if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, max_num_keys, <=, 2))
1142 return TEEC_ERROR_BAD_PARAMETERS;
1143
1144 res = TEEC_AllocateSharedMemory(s->ctx, &shm);
1145 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
1146 return res;
1147
1148 op.params[0].value.a = op_handle;
1149 op.params[0].value.b = max_num_keys;
1150 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, &shm, shm.size);
1151 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
1152 TEEC_MEMREF_PARTIAL_OUTPUT,
1153 TEEC_NONE, TEEC_NONE);
1154 res = TEEC_InvokeCommand(s, cmd, &op, &org);
1155
1156 if (!res) {
1157 uint8_t *b = shm.buffer;
1158 TEE_OperationInfoMultiple *d = saved_op_mult_info;
1159 size_t n = 0;
1160
1161 memset(s_saved_op_mult_info, 0, sizeof(s_saved_op_mult_info));
1162 d->algorithm = get_be32(b);
1163 d->operationClass = get_be32(b + 4);
1164 d->mode = get_be32(b + 8);
1165 d->digestLength = get_be32(b + 12);
1166 d->maxKeySize = get_be32(b + 16);
1167 d->handleState = get_be32(b + 20);
1168 d->operationState = get_be32(b + 24);
1169 d->numberOfKeys = get_be32(b + 28);
1170
1171 for (n = 0; n < d->numberOfKeys; n++) {
1172 d->keyInformation[n].keySize = get_be32(b + 32 + n * 8);
1173 d->keyInformation[n].requiredKeyUsage =
1174 get_be32(b + 36 + n * 8);
1175 }
1176 }
1177 TEEC_ReleaseSharedMemory(&shm);
1178
1179 return res;
1180 }
1181
1182 #define Check_0_OperationInfoMultiple(c, _algorithm, _operationClass, _mode, \
1183 _digestLength, _maxKeySize_object1, \
1184 _maxKeySize_object2, _handleState, \
1185 _operationState, _numberOfKeys) \
1186 do { \
1187 ADBG_EXPECT(c, _algorithm, saved_op_mult_info->algorithm); \
1188 ADBG_EXPECT(c, _operationClass, \
1189 saved_op_mult_info->operationClass); \
1190 ADBG_EXPECT(c, _mode, saved_op_mult_info->mode); \
1191 ADBG_EXPECT(c, _digestLength, \
1192 saved_op_mult_info->digestLength); \
1193 ADBG_EXPECT(c, MAX(_maxKeySize_object1, _maxKeySize_object2), \
1194 saved_op_mult_info->maxKeySize); \
1195 ADBG_EXPECT(c, _handleState, saved_op_mult_info->handleState); \
1196 ADBG_EXPECT(c, _operationState, \
1197 saved_op_mult_info->operationState); \
1198 ADBG_EXPECT(c, _numberOfKeys, \
1199 saved_op_mult_info->numberOfKeys); \
1200 } while (0)
1201
1202 #define Check_1_OperationInfoKey(c, _keyIndex, _keySize, _requiredKeyUsage) \
1203 do { \
1204 if (ADBG_EXPECT_COMPARE_UNSIGNED(c, _keyIndex, <, saved_op_mult_info->numberOfKeys)) { \
1205 ADBG_EXPECT(c, _keySize, saved_op_mult_info->keyInformation[_keyIndex].keySize); \
1206 ADBG_EXPECT(c, _requiredKeyUsage, saved_op_mult_info->keyInformation[_keyIndex].requiredKeyUsage); \
1207 } \
1208 } while (0)
1209
1210 #define Check_OperationInfo(c, _algorithm, _operationClass, _mode, \
1211 _digestLength, _maxKeySize_object1, \
1212 _maxKeySize_object2, _keySize, _requiredKeyUsage, \
1213 _handleFlags) \
1214 do { \
1215 ADBG_EXPECT(c, _algorithm, saved_op_info.algorithm); \
1216 ADBG_EXPECT(c, _operationClass, saved_op_info.operationClass); \
1217 ADBG_EXPECT(c, _mode, saved_op_info.mode); \
1218 ADBG_EXPECT(c, _digestLength, saved_op_info.digestLength); \
1219 ADBG_EXPECT(c, MAX(_maxKeySize_object1, _maxKeySize_object2), \
1220 saved_op_info.maxKeySize); \
1221 ADBG_EXPECT(c, _keySize, saved_op_info.keySize); \
1222 ADBG_EXPECT(c, _requiredKeyUsage, \
1223 saved_op_info.requiredKeyUsage); \
1224 ADBG_EXPECT(c, _handleFlags, saved_op_info.handleState); \
1225 ADBG_EXPECT(c, _algorithm, saved_op_info.algorithm); \
1226 } while (0)
1227
Invoke_Crypto_ResetOperation(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle)1228 static TEEC_Result Invoke_Crypto_ResetOperation(ADBG_Case_t *c, TEEC_Session *s,
1229 uint32_t cmd,
1230 uint32_t op_handle)
1231 {
1232 return Invoke_Simple_Function_v1(c, s, cmd, op_handle, 0);
1233 }
1234
Invoke_Crypto_FreeAllKeysAndOperations(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle)1235 static TEEC_Result Invoke_Crypto_FreeAllKeysAndOperations(ADBG_Case_t *c,
1236 TEEC_Session *s,
1237 uint32_t cmd,
1238 uint32_t op_handle)
1239 {
1240 return Invoke_Simple_Function_v1(c, s, cmd, op_handle, 0);
1241 }
1242
add_be32(uint32_t v,TEEC_SharedMemory * shm,size_t * offs)1243 static TEEC_Result add_be32(uint32_t v, TEEC_SharedMemory *shm, size_t *offs)
1244 {
1245 uint8_t *d = (uint8_t *)shm->buffer + *offs;
1246 size_t n = sizeof(uint32_t);
1247
1248 if (*offs + n > shm->size)
1249 return TEEC_ERROR_EXCESS_DATA;
1250
1251 (*offs) += n;
1252 while (n) {
1253 n--;
1254 d[n] = v;
1255 v >>= 8;
1256 }
1257
1258 return TEEC_SUCCESS;
1259 }
1260
add_attr(uint32_t id,const void * v,uint32_t sz,TEEC_SharedMemory * shm1,size_t * offs_1,TEEC_SharedMemory * shm2,size_t * offs_2)1261 static TEEC_Result add_attr(uint32_t id, const void *v, uint32_t sz,
1262 TEEC_SharedMemory *shm1, size_t *offs_1,
1263 TEEC_SharedMemory *shm2, size_t *offs_2)
1264 {
1265 TEEC_Result res = TEEC_SUCCESS;
1266 uint32_t vid = 0;
1267 uint32_t voffs = 0;
1268 uint32_t vsz = 0;
1269
1270 if (id == TEE_ATTR_NONE)
1271 goto out;
1272 vid = id;
1273 voffs = *offs_2;
1274 vsz = sz;
1275
1276 if (*offs_2 + sz > shm2->size)
1277 return TEEC_ERROR_EXCESS_DATA;
1278 memcpy((uint8_t *)shm2->buffer + *offs_2, v, sz);
1279 (*offs_2) += sz;
1280
1281 out:
1282 res = add_be32(vid, shm1, offs_1);
1283 if (res)
1284 return res;
1285 res = add_be32(voffs, shm1, offs_1);
1286 if (res)
1287 return res;
1288 return add_be32(vsz, shm1, offs_1);
1289 }
1290
1291 static TEEC_Result
Invoke_Crypto_InitObjectWithKeys(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t obj_type,uint32_t obj_size,uint32_t id1,const void * v1,uint32_t sz1,uint32_t id2,const void * v2,uint32_t sz2,uint32_t id3,const void * v3,uint32_t sz3,uint32_t id4,const void * v4,uint32_t sz4,uint32_t id5,const void * v5,uint32_t sz5,uint32_t obj_handle)1292 Invoke_Crypto_InitObjectWithKeys(ADBG_Case_t *c, TEEC_Session *s, uint32_t cmd,
1293 uint32_t obj_type, uint32_t obj_size,
1294 uint32_t id1, const void *v1, uint32_t sz1,
1295 uint32_t id2, const void *v2, uint32_t sz2,
1296 uint32_t id3, const void *v3, uint32_t sz3,
1297 uint32_t id4, const void *v4, uint32_t sz4,
1298 uint32_t id5, const void *v5, uint32_t sz5,
1299 uint32_t obj_handle)
1300 {
1301 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
1302 TEEC_Result res = TEEC_SUCCESS;
1303 uint32_t org = 0;
1304 size_t offs1 = 0;
1305 size_t offs2 = 0;
1306 TEEC_SharedMemory shm1 = {
1307 .size = BIG_SIZE,
1308 .flags = TEEC_MEM_INPUT,
1309 };
1310 TEEC_SharedMemory shm2 = {
1311 .size = DS_BIG_SIZE,
1312 .flags = TEEC_MEM_INPUT,
1313 };
1314
1315 res = TEEC_AllocateSharedMemory(s->ctx, &shm1);
1316 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
1317 return res;
1318
1319 res = TEEC_AllocateSharedMemory(s->ctx, &shm2);
1320 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
1321 goto out_free_shm1;
1322
1323 res = add_attr(id1, v1, sz1, &shm1, &offs1, &shm2, &offs2);
1324 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
1325 goto out_free_shm2;
1326 res = add_attr(id2, v2, sz2, &shm1, &offs1, &shm2, &offs2);
1327 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
1328 goto out_free_shm2;
1329 res = add_attr(id3, v3, sz3, &shm1, &offs1, &shm2, &offs2);
1330 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
1331 goto out_free_shm2;
1332 res = add_attr(id4, v4, sz4, &shm1, &offs1, &shm2, &offs2);
1333 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
1334 goto out_free_shm2;
1335 res = add_attr(id5, v5, sz5, &shm1, &offs1, &shm2, &offs2);
1336 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
1337 goto out_free_shm2;
1338
1339 op.params[0].value.a = obj_type;
1340 op.params[0].value.b = obj_size;
1341 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, &shm1, offs1);
1342 SET_SHARED_MEMORY_OPERATION_PARAMETER(2, 0, &shm2, offs2);
1343 op.params[3].value.a = obj_handle;
1344 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
1345 TEEC_MEMREF_PARTIAL_INPUT,
1346 TEEC_MEMREF_PARTIAL_INPUT,
1347 TEEC_VALUE_INPUT);
1348
1349 res = TEEC_InvokeCommand(s, cmd, &op, &org);
1350
1351 if (!res)
1352 saved_key_pub_attr[obj_handle] = v1;
1353
1354 out_free_shm2:
1355 TEEC_ReleaseSharedMemory(&shm2);
1356 out_free_shm1:
1357 TEEC_ReleaseSharedMemory(&shm1);
1358
1359 return res;
1360 }
1361
1362 static TEEC_Result
Invoke_Crypto_InitObjectWithKeysExt(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t obj_type,uint32_t obj_size,uint32_t id1,const void * v1,uint32_t sz1,uint32_t id2,const void * v2,uint32_t sz2,uint32_t id3,const void * v3,uint32_t sz3,uint32_t id4,const void * v4,uint32_t sz4,uint32_t id5,const void * v5,uint32_t sz5,uint32_t obj_handle)1363 Invoke_Crypto_InitObjectWithKeysExt(ADBG_Case_t *c, TEEC_Session *s,
1364 uint32_t cmd, uint32_t obj_type,
1365 uint32_t obj_size,
1366 uint32_t id1, const void *v1, uint32_t sz1,
1367 uint32_t id2, const void *v2, uint32_t sz2,
1368 uint32_t id3, const void *v3, uint32_t sz3,
1369 uint32_t id4, const void *v4, uint32_t sz4,
1370 uint32_t id5, const void *v5, uint32_t sz5,
1371 uint32_t obj_handle)
1372 {
1373 return Invoke_Crypto_InitObjectWithKeys(c, s, cmd, obj_type, obj_size,
1374 id1, v1, sz1, id2, v2, sz2,
1375 id3, v3, sz3, id4, v4, sz4,
1376 id5, v5, sz5, obj_handle);
1377 }
1378
1379
1380
Invoke_Crypto_SetOperationKey(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle,uint32_t obj_handle)1381 static TEEC_Result Invoke_Crypto_SetOperationKey(ADBG_Case_t *c,
1382 TEEC_Session *s, uint32_t cmd,
1383 uint32_t op_handle,
1384 uint32_t obj_handle)
1385 {
1386 TEEC_Result res = Invoke_Simple_Function_v1(c, s, cmd, op_handle,
1387 obj_handle);
1388
1389 if (!res) {
1390 saved_obh.oph = op_handle;
1391 saved_obh.obh1 = obj_handle;
1392 saved_obh.obh2 = TEE_HANDLE_NULL;
1393 }
1394
1395 return res;
1396 }
1397
Invoke_Crypto_SetOperationKey2(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle,uint32_t obj_handle1,uint32_t obj_handle2)1398 static TEEC_Result Invoke_Crypto_SetOperationKey2(ADBG_Case_t *c,
1399 TEEC_Session *s,
1400 uint32_t cmd,
1401 uint32_t op_handle,
1402 uint32_t obj_handle1,
1403 uint32_t obj_handle2)
1404 {
1405 TEEC_Result res = Invoke_Simple_Function_v2(c, s, cmd, op_handle,
1406 obj_handle1, obj_handle2,
1407 0);
1408 if (!res) {
1409 saved_obh.oph = op_handle;
1410 saved_obh.obh1 = obj_handle1;
1411 saved_obh.obh2 = obj_handle2;
1412 }
1413
1414 return res;
1415 }
1416
Invoke_Crypto_DeriveKey(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle,uint32_t attribute_list,uint32_t obj_handle)1417 static TEEC_Result Invoke_Crypto_DeriveKey(ADBG_Case_t *c, TEEC_Session *s,
1418 uint32_t cmd, uint32_t op_handle,
1419 uint32_t attribute_list,
1420 uint32_t obj_handle)
1421 {
1422 uint32_t attr1 = ATTRIBUTE_NONE;
1423 uint32_t attr2 = ATTRIBUTE_NONE;
1424 uint32_t n = 0;
1425
1426 for (n = 0; n <= ATTRIBUTE_06 && attr2 == ATTRIBUTE_NONE; n++) {
1427 if (BIT(n) & attribute_list) {
1428 if (attr1 == ATTRIBUTE_NONE)
1429 attr1 = n;
1430 else
1431 attr2 = n;
1432 }
1433 }
1434
1435 return Invoke_Simple_Function_v2(c, s, cmd, op_handle, obj_handle,
1436 attr1, attr2);
1437 }
1438
Invoke_Crypto_AEInit(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle,const void * nonce_val,size_t nonce_length,uint32_t tag_len,uint32_t aad_len,uint32_t payload_len)1439 static TEEC_Result Invoke_Crypto_AEInit(ADBG_Case_t *c, TEEC_Session *s,
1440 uint32_t cmd, uint32_t op_handle,
1441 const void *nonce_val,
1442 size_t nonce_length, uint32_t tag_len,
1443 uint32_t aad_len, uint32_t payload_len)
1444 {
1445 TEEC_Result res = TEEC_SUCCESS;
1446 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
1447 uint32_t org = 0;
1448 TEEC_SharedMemory shm = {
1449 .size = nonce_length,
1450 .flags = TEEC_MEM_INPUT,
1451 };
1452
1453
1454 res = TEEC_AllocateSharedMemory(s->ctx, &shm);
1455 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
1456 return res;
1457 memcpy(shm.buffer, nonce_val, nonce_length);
1458
1459 op.params[0].value.a = op_handle;
1460 op.params[0].value.b = tag_len;
1461 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, &shm, nonce_length);
1462 op.params[2].value.a = aad_len;
1463 op.params[2].value.b = payload_len;
1464 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
1465 TEEC_MEMREF_PARTIAL_INPUT,
1466 TEEC_VALUE_INPUT, TEEC_NONE);
1467
1468 res = TEEC_InvokeCommand(s, cmd, &op, &org);
1469 TEEC_ReleaseSharedMemory(&shm);
1470 return res;
1471 }
1472
Invoke_Crypto_AEUpdate_for_encryption(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle,const void * part_data,uint32_t partd_length,uint32_t case_buf,uint32_t chunk_id)1473 static TEEC_Result Invoke_Crypto_AEUpdate_for_encryption(ADBG_Case_t *c,
1474 TEEC_Session *s,
1475 uint32_t cmd,
1476 uint32_t op_handle,
1477 const void *part_data,
1478 uint32_t partd_length,
1479 uint32_t case_buf,
1480 uint32_t chunk_id)
1481 {
1482 TEEC_Result res = TEEC_SUCCESS;
1483 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
1484 uint32_t org = 0;
1485 size_t initial_size;
1486
1487 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01, partd_length,
1488 TEEC_MEM_INPUT, partd_length,
1489 part_data, mem01_exit)
1490 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM02, DS_BIG_SIZE,
1491 TEEC_MEM_OUTPUT, mem02_exit)
1492
1493 op.params[0].value.a = op_handle;
1494 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01,
1495 SHARE_MEM01->size)
1496 /*if $IN_caseBuffer$ = OUTPUT_BUFFER_TOO_SHORT(2)
1497 then Param[3].memref.size=1 */
1498 if (case_buf == OUTPUT_BUFFER_TOO_SHORT) {
1499 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02, 1)
1500 } else {
1501 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02,
1502 SHARE_MEM02->size)
1503 }
1504
1505 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
1506 TEEC_MEMREF_PARTIAL_INPUT,
1507 TEEC_NONE, TEEC_MEMREF_PARTIAL_OUTPUT);
1508 initial_size = op.params[3].memref.size;
1509
1510 res = TEEC_InvokeCommand(s, cmd, &op, &org);
1511
1512 /* Store the buffer from "shm2" in
1513 * "buffer_encrypted_chunks[$IN_chunkNumber$]"
1514 * which will be reused for the
1515 * Invoke_Crypto_TEE_AEUpdate_for_decryption function
1516 */
1517 if (res == TEEC_SUCCESS) {
1518 buffer_encrypted_chunks[chunk_id].size =
1519 op.params[3].memref.size;
1520 buffer_encrypted_chunks[chunk_id].buffer = malloc(
1521 buffer_encrypted_chunks[chunk_id].size);
1522 memcpy(buffer_encrypted_chunks[chunk_id].buffer,
1523 SHARE_MEM02->buffer,
1524 buffer_encrypted_chunks[chunk_id].size);
1525 } else if (res == TEEC_ERROR_SHORT_BUFFER) {
1526 ADBG_EXPECT_COMPARE_UNSIGNED(c, initial_size, <,
1527 op.params[3].memref.size);
1528 }
1529
1530 TEEC_ReleaseSharedMemory(SHARE_MEM02);
1531 mem02_exit:
1532 TEEC_ReleaseSharedMemory(SHARE_MEM01);
1533 mem01_exit:
1534 return res;
1535 }
1536
Invoke_Crypto_AEUpdate_for_decryption(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle,const void * part_data,size_t partd_length,uint32_t case_buf,uint32_t chunk_id)1537 static TEEC_Result Invoke_Crypto_AEUpdate_for_decryption(ADBG_Case_t *c,
1538 TEEC_Session *s,
1539 uint32_t cmd,
1540 uint32_t op_handle,
1541 const void *part_data,
1542 size_t partd_length,
1543 uint32_t case_buf,
1544 uint32_t chunk_id)
1545 {
1546 TEEC_Result res;
1547 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
1548 uint32_t ret_orig;
1549
1550 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01,
1551 buffer_encrypted_chunks[chunk_id].size,
1552 TEEC_MEM_INPUT,
1553 buffer_encrypted_chunks[chunk_id].size,
1554 buffer_encrypted_chunks[chunk_id].
1555 buffer, mem01_exit)
1556 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM02, partd_length,
1557 TEEC_MEM_OUTPUT, mem02_exit)
1558
1559 op.params[0].value.a = op_handle;
1560 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01, partd_length)
1561 /*if $IN_caseBuffer$ = OUTPUT_BUFFER_TOO_SHORT(2)
1562 then Param[3].memref.size=1*/
1563 if (case_buf == OUTPUT_BUFFER_TOO_SHORT) {
1564 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02, 1)
1565 } else {
1566 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02,
1567 SHARE_MEM02->size)
1568 }
1569
1570 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
1571 TEEC_MEMREF_PARTIAL_INPUT,
1572 TEEC_NONE, TEEC_MEMREF_PARTIAL_OUTPUT);
1573
1574 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
1575
1576 /* Save the buffer from "SharedMem2" into
1577 * "buffer_decrypted_chunks[$IN_chunkNumber$]"
1578 * in order to collapse all buffers returned for
1579 * AEUpdate_for_decryption,
1580 * which will be used in AEDecryptFinal
1581 */
1582 if (res == TEEC_SUCCESS) {
1583 if (!ADBG_EXPECT_BUFFER(c, part_data, partd_length,
1584 SHARE_MEM02->buffer,
1585 op.params[3].memref.size))
1586 res = TEEC_ERROR_GENERIC;
1587
1588 buffer_decrypted_chunks[chunk_id].size =
1589 op.params[3].memref.size;
1590 buffer_decrypted_chunks[chunk_id].buffer = malloc(
1591 buffer_decrypted_chunks[chunk_id].size);
1592 memcpy(buffer_decrypted_chunks[chunk_id].buffer,
1593 SHARE_MEM02->buffer,
1594 buffer_decrypted_chunks[chunk_id].size);
1595 }
1596
1597 TEEC_ReleaseSharedMemory(SHARE_MEM02);
1598 mem02_exit:
1599 TEEC_ReleaseSharedMemory(SHARE_MEM01);
1600 mem01_exit:
1601 return res;
1602 }
1603
Invoke_Crypto_AEUpdateAAD(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle,const void * aad_data,size_t aad_length)1604 static TEEC_Result Invoke_Crypto_AEUpdateAAD(ADBG_Case_t *c, TEEC_Session *s,
1605 uint32_t cmd,
1606 uint32_t op_handle,
1607 const void *aad_data,
1608 size_t aad_length)
1609 {
1610 TEEC_Result res;
1611 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
1612 uint32_t ret_orig;
1613
1614 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01, aad_length,
1615 TEEC_MEM_INPUT, aad_length,
1616 aad_data, mem01_exit)
1617
1618 op.params[0].value.a = op_handle;
1619 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01,
1620 SHARE_MEM01->size)
1621
1622 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
1623 TEEC_MEMREF_PARTIAL_INPUT,
1624 TEEC_NONE, TEEC_NONE);
1625
1626 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
1627
1628 /* Save the $IN_AAD_Value$ for AAD for later cryptographic computation
1629 */
1630 if (res == TEEC_SUCCESS) {
1631 saved_aad_value.buffer = malloc(aad_length);
1632 saved_aad_value.size = aad_length;
1633 memcpy(saved_aad_value.buffer, aad_data, aad_length);
1634 }
1635
1636 TEEC_ReleaseSharedMemory(SHARE_MEM01);
1637 mem01_exit:
1638 return res;
1639 }
1640
Invoke_Crypto_AEEncryptFinal(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle,const void * part_data,size_t partd_length,const void * full_data,size_t fdata_length,uint32_t case_buf,uint32_t chunk_id)1641 static TEEC_Result Invoke_Crypto_AEEncryptFinal(ADBG_Case_t *c, TEEC_Session *s,
1642 uint32_t cmd,
1643 uint32_t op_handle,
1644 const void *part_data,
1645 size_t partd_length,
1646 const void *full_data,
1647 size_t fdata_length,
1648 uint32_t case_buf,
1649 uint32_t chunk_id)
1650 {
1651 TEEC_Result res;
1652 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
1653 uint32_t ret_orig;
1654 size_t initial_partd_size, initial_fdata_size;
1655
1656 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01, partd_length,
1657 TEEC_MEM_INPUT, partd_length,
1658 part_data, mem01_exit)
1659 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM02, partd_length,
1660 TEEC_MEM_OUTPUT, mem02_exit)
1661 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM03, partd_length,
1662 TEEC_MEM_OUTPUT, mem03_exit)
1663
1664 op.params[0].value.a = op_handle;
1665 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01,
1666 SHARE_MEM01->size)
1667 switch (case_buf) {
1668 case OUTPUT_BUFFER_TOO_SHORT:
1669 /*if $IN_caseBuffer$ =
1670 OUTPUT_BUFFER_TOO_SHORT(2) then Param[3].memref.size=1*/
1671 SET_SHARED_MEMORY_OPERATION_PARAMETER(2, 0, SHARE_MEM03,
1672 SHARE_MEM03->size)
1673 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02, 1)
1674 break;
1675 case TAG_BUFFER_TOO_SHORT:
1676 SET_SHARED_MEMORY_OPERATION_PARAMETER(2, 0, SHARE_MEM03, 1)
1677 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02,
1678 SHARE_MEM02->size)
1679 break;
1680 case OUTPUT_BUFFER_NORMAL:
1681 default:
1682 SET_SHARED_MEMORY_OPERATION_PARAMETER(2, 0, SHARE_MEM03,
1683 SHARE_MEM03->size)
1684 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02,
1685 SHARE_MEM02->size)
1686 break;
1687 }
1688 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
1689 TEEC_MEMREF_PARTIAL_INPUT,
1690 TEEC_MEMREF_PARTIAL_OUTPUT,
1691 TEEC_MEMREF_PARTIAL_OUTPUT);
1692 initial_partd_size = op.params[2].memref.size;
1693 initial_fdata_size = op.params[3].memref.size;
1694
1695 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
1696
1697 if (res == TEEC_SUCCESS) {
1698 /* Store the buffer from "shm2" in
1699 * "buffer_encrypted_chunks[$IN_chunkNumber$]"
1700 * which will be reused for
1701 * the Invoke_Crypto_TEE_AEDecryptFinal function
1702 */
1703 buffer_encrypted_chunks[chunk_id].size =
1704 op.params[3].memref.size;
1705 buffer_encrypted_chunks[chunk_id].buffer = malloc(
1706 buffer_encrypted_chunks[chunk_id].size);
1707 memcpy(buffer_encrypted_chunks[chunk_id].buffer,
1708 SHARE_MEM02->buffer,
1709 buffer_encrypted_chunks[chunk_id].size);
1710
1711 /* Store the tag from "SharedMem3" which will be reused for the
1712 * Invoke_Crypto_TEE_AEDecryptFinal function
1713 */
1714 ae_encrypt_tag.size = op.params[2].memref.size;
1715 ae_encrypt_tag.buffer = malloc(ae_encrypt_tag.size);
1716 memcpy(ae_encrypt_tag.buffer, SHARE_MEM03->buffer,
1717 ae_encrypt_tag.size);
1718 } else if (res == TEEC_ERROR_SHORT_BUFFER) {
1719 if (initial_partd_size == op.params[2].memref.size)
1720 ADBG_EXPECT_COMPARE_UNSIGNED(c, initial_fdata_size, <,
1721 op.params[3].memref.size);
1722 else
1723 ADBG_EXPECT_COMPARE_UNSIGNED(c, initial_partd_size, <,
1724 op.params[2].memref.size);
1725 }
1726
1727 TEEC_ReleaseSharedMemory(SHARE_MEM03);
1728 mem03_exit:
1729 TEEC_ReleaseSharedMemory(SHARE_MEM02);
1730 mem02_exit:
1731 TEEC_ReleaseSharedMemory(SHARE_MEM01);
1732 mem01_exit:
1733 return res;
1734 }
1735
Invoke_Crypto_AEDecryptFinal(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle,const void * part_data,size_t partd_length,const void * full_data,size_t fdata_length,uint32_t case_buf,enum mac_validity mac_case,uint32_t chunk_id)1736 static TEEC_Result Invoke_Crypto_AEDecryptFinal(ADBG_Case_t *c, TEEC_Session *s,
1737 uint32_t cmd,
1738 uint32_t op_handle,
1739 const void *part_data,
1740 size_t partd_length,
1741 const void *full_data,
1742 size_t fdata_length,
1743 uint32_t case_buf,
1744 enum mac_validity mac_case,
1745 uint32_t chunk_id)
1746 {
1747 TEEC_Result res;
1748 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
1749 uint32_t ret_orig;
1750 size_t initial_size;
1751
1752 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01,
1753 buffer_encrypted_chunks[chunk_id].size,
1754 TEEC_MEM_INPUT,
1755 buffer_encrypted_chunks[chunk_id].size,
1756 buffer_encrypted_chunks[chunk_id].
1757 buffer, mem01_exit)
1758 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM02, partd_length,
1759 TEEC_MEM_OUTPUT, mem02_exit)
1760 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM03, ae_encrypt_tag.size,
1761 TEEC_MEM_INPUT, mem03_exit)
1762 /* Fill "SharedMem3" with the tag previously
1763 * saved in Invoke_Crypto_AEEncryptFinal
1764 * (with an error (one bit changed) if $IN_caseMac$ = INVALID_MAC)
1765 */
1766 if (ae_encrypt_tag.buffer != NULL) {
1767 memcpy(SHARE_MEM03->buffer, ae_encrypt_tag.buffer,
1768 ae_encrypt_tag.size);
1769
1770 if (mac_case == INVALID_MAC)
1771 BIT_CHANGE(*(uint32_t *)SHARE_MEM03->buffer, 4);
1772 }
1773
1774 op.params[0].value.a = op_handle;
1775 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01,
1776 SHARE_MEM01->size)
1777 SET_SHARED_MEMORY_OPERATION_PARAMETER(2, 0, SHARE_MEM03,
1778 SHARE_MEM03->size)
1779 /*if $IN_caseBuffer$ = OUTPUT_BUFFER_TOO_SHORT(2)
1780 then Param[3].memref.size=1*/
1781 if (case_buf == OUTPUT_BUFFER_TOO_SHORT) {
1782 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02, 1)
1783 } else {
1784 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02,
1785 SHARE_MEM02->size)
1786 }
1787
1788 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
1789 TEEC_MEMREF_PARTIAL_INPUT,
1790 TEEC_MEMREF_PARTIAL_INPUT,
1791 TEEC_MEMREF_PARTIAL_OUTPUT);
1792 initial_size = op.params[3].memref.size;
1793
1794 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
1795
1796 if (res == TEEC_SUCCESS) {
1797 /* Save the buffer from "SharedMem2" to
1798 * "buffer_decrypted_chunks[$IN_chunkNumber$]"
1799 */
1800 buffer_decrypted_chunks[chunk_id].size =
1801 op.params[3].memref.size;
1802 buffer_decrypted_chunks[chunk_id].buffer = malloc(
1803 buffer_decrypted_chunks[chunk_id].size);
1804 memcpy(buffer_decrypted_chunks[chunk_id].buffer,
1805 SHARE_MEM02->buffer,
1806 buffer_decrypted_chunks[chunk_id].size);
1807
1808 /* Compare the data in clear $IN_fullDataValue$ and with
1809 * collapsed buffers from table
1810 * "buffer_decrypted_chunks" and check they are equals
1811 */
1812 struct crypto_buffer collapsed;
1813 CRYPTO_INIT(collapsed);
1814 collapse_crypto_buffers(buffer_decrypted_chunks, &collapsed);
1815 ADBG_EXPECT_BUFFER(c, full_data, fdata_length, collapsed.buffer,
1816 collapsed.size);
1817 CRYPTO_FREE(collapsed);
1818 } else if (res == TEEC_ERROR_SHORT_BUFFER) {
1819 ADBG_EXPECT_COMPARE_UNSIGNED(c, initial_size, <,
1820 op.params[3].memref.size);
1821 }
1822
1823 TEEC_ReleaseSharedMemory(SHARE_MEM03);
1824 mem03_exit:
1825 TEEC_ReleaseSharedMemory(SHARE_MEM02);
1826 mem02_exit:
1827 TEEC_ReleaseSharedMemory(SHARE_MEM01);
1828 mem01_exit:
1829 return res;
1830 }
1831
Invoke_Crypto_GenerateRandom(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd)1832 static TEEC_Result Invoke_Crypto_GenerateRandom(ADBG_Case_t *c, TEEC_Session *s,
1833 uint32_t cmd)
1834 {
1835 TEEC_Result res;
1836 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
1837 uint32_t ret_orig;
1838
1839 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM01, BIG_SIZE,
1840 TEEC_MEM_OUTPUT, mem01_exit)
1841
1842 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM01,
1843 SHARE_MEM01->size)
1844
1845 op.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, TEEC_NONE, TEEC_NONE,
1846 TEEC_MEMREF_PARTIAL_OUTPUT);
1847
1848 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
1849
1850 /* Check that the buffer shm1 is not empty
1851 * + Check that this random value is
1852 * different of a previous call of this command
1853 */
1854 if (res == TEEC_SUCCESS) {
1855 if (ADBG_EXPECT_COMPARE_SIGNED(c, 0, !=,
1856 op.params[3].memref.size)) {
1857 if (saved_random.buffer != NULL) {
1858 (void)ADBG_EXPECT_COMPARE_SIGNED(c, 0, !=,
1859 memcmp(
1860 SHARE_MEM01
1861 ->
1862 buffer,
1863 saved_random
1864 .
1865 buffer,
1866 op.
1867 params[3].
1868 memref.
1869 size));
1870 free(saved_random.buffer);
1871 saved_random.size = 0;
1872 }
1873
1874 saved_random.size = op.params[3].memref.size;
1875 saved_random.buffer = malloc(saved_random.size);
1876 memcpy(saved_random.buffer, SHARE_MEM01->buffer,
1877 saved_random.size);
1878 }
1879 }
1880
1881 TEEC_ReleaseSharedMemory(SHARE_MEM01);
1882 mem01_exit:
1883 return res;
1884 }
1885
Invoke_Crypto_DigestUpdate(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle,const void * part_data,size_t partd_length)1886 static TEEC_Result Invoke_Crypto_DigestUpdate(ADBG_Case_t *c, TEEC_Session *s,
1887 uint32_t cmd, uint32_t op_handle,
1888 const void *part_data,
1889 size_t partd_length)
1890 {
1891 TEEC_Result res;
1892 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
1893 uint32_t ret_orig;
1894
1895 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01, partd_length,
1896 TEEC_MEM_INPUT, partd_length,
1897 part_data, mem01_exit)
1898
1899 op.params[0].value.a = op_handle;
1900 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01,
1901 SHARE_MEM01->size)
1902
1903 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
1904 TEEC_MEMREF_PARTIAL_INPUT, TEEC_NONE,
1905 TEEC_NONE);
1906
1907 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
1908
1909 TEEC_ReleaseSharedMemory(SHARE_MEM01);
1910 mem01_exit:
1911 return res;
1912 }
1913
Invoke_Crypto_DigestDoFinal(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle,const void * part_data,size_t partd_length,const void * full_data,size_t fdata_length,uint32_t case_buf)1914 static TEEC_Result Invoke_Crypto_DigestDoFinal(ADBG_Case_t *c, TEEC_Session *s,
1915 uint32_t cmd, uint32_t op_handle,
1916 const void *part_data,
1917 size_t partd_length,
1918 const void *full_data,
1919 size_t fdata_length,
1920 uint32_t case_buf)
1921 {
1922 TEEC_Result res;
1923 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
1924 uint32_t ret_orig;
1925 size_t initial_size;
1926
1927 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01, partd_length,
1928 TEEC_MEM_INPUT, partd_length,
1929 part_data, mem01_exit)
1930 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM02, fdata_length,
1931 TEEC_MEM_OUTPUT, mem02_exit)
1932
1933 op.params[0].value.a = op_handle;
1934 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01,
1935 SHARE_MEM01->size)
1936 if (case_buf == OUTPUT_BUFFER_TOO_SHORT) {
1937 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02, 1)
1938 } else {
1939 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02,
1940 SHARE_MEM02->size)
1941 }
1942
1943 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
1944 TEEC_MEMREF_PARTIAL_INPUT, TEEC_NONE,
1945 TEEC_MEMREF_PARTIAL_OUTPUT);
1946 initial_size = op.params[3].memref.size;
1947
1948 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
1949
1950 if (res == TEEC_SUCCESS) {
1951 /* Compute the hash of $IN_fullDataValue$
1952 * and compare it to "shm2"
1953 */
1954 struct crypto_buffer tmp_dgst;
1955 CRYPTO_INIT(tmp_dgst);
1956 ADBG_EXPECT_TEEC_SUCCESS(c, res = calculate_digest(c, full_data,
1957 fdata_length,
1958 &tmp_dgst));
1959 ADBG_EXPECT_BUFFER(c, tmp_dgst.buffer, tmp_dgst.size,
1960 SHARE_MEM02->buffer, tmp_dgst.size);
1961
1962 /* Store the Digest value which can be reused for a next call to
1963 * TEE_AsymmetricSignDigest or TEE_AsymmetricVerifyDigest
1964 */
1965 CRYPTO_FREE(saved_digest);
1966 saved_digest.size = op.params[3].memref.size;
1967 saved_digest.buffer = malloc(saved_digest.size);
1968 memcpy(saved_digest.buffer, SHARE_MEM02->buffer,
1969 saved_digest.size);
1970 CRYPTO_FREE(tmp_dgst);
1971 } else if (res == TEEC_ERROR_SHORT_BUFFER) {
1972 ADBG_EXPECT_COMPARE_UNSIGNED(c, initial_size, <,
1973 op.params[3].memref.size);
1974 }
1975
1976 TEEC_ReleaseSharedMemory(SHARE_MEM02);
1977 mem02_exit:
1978 TEEC_ReleaseSharedMemory(SHARE_MEM01);
1979 mem01_exit:
1980 return res;
1981 }
1982
1983 static TEEC_Result
Invoke_Crypto_AsymmetricSignDigest(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t oph,const void * full_data,size_t fdata_length,uint32_t case_buf)1984 Invoke_Crypto_AsymmetricSignDigest(ADBG_Case_t *c, TEEC_Session *s,
1985 uint32_t cmd, uint32_t oph,
1986 const void *full_data,
1987 size_t fdata_length,
1988 uint32_t case_buf)
1989 {
1990 TEEC_Result res;
1991 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
1992 uint32_t ret_orig;
1993 size_t initial_size;
1994 size_t sz;
1995
1996 /* Fill SharedMem1 with the previously stored Digest
1997 value after TEE_DigestDoFinal */
1998 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01,
1999 saved_digest.size,
2000 TEEC_MEM_INPUT, saved_digest.size,
2001 saved_digest.buffer, mem01_exit)
2002 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM02, 512,
2003 TEEC_MEM_OUTPUT, mem02_exit)
2004
2005 op.params[0].value.a = oph;
2006
2007 sz = SHARE_MEM01->size;
2008 if (case_buf == INPUT_BUFFER_TOO_SHORT)
2009 sz--;
2010 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01, sz)
2011
2012 if (case_buf == OUTPUT_BUFFER_TOO_SHORT)
2013 sz = 1;
2014 else
2015 sz = SHARE_MEM02->size;
2016 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02, sz)
2017
2018 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
2019 TEEC_MEMREF_PARTIAL_INPUT,
2020 TEEC_NONE, TEEC_MEMREF_PARTIAL_OUTPUT);
2021 initial_size = op.params[3].memref.size;
2022
2023 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
2024
2025 if (res == TEEC_SUCCESS) {
2026 /* Compute a Verify_Signature of the signature
2027 * store under "SharedMem2"
2028 */
2029 struct crypto_buffer s_dgst;
2030 CRYPTO_INIT(s_dgst);
2031 s_dgst.size = op.params[3].memref.size;
2032 s_dgst.buffer = malloc(s_dgst.size);
2033 memcpy(s_dgst.buffer, SHARE_MEM02->buffer, s_dgst.size);
2034 ADBG_EXPECT(c, true, verify_digest(c, &s_dgst));
2035 CRYPTO_FREE(s_dgst);
2036 } else if (res == TEEC_ERROR_SHORT_BUFFER) {
2037 ADBG_EXPECT_COMPARE_UNSIGNED(c, initial_size, <,
2038 op.params[3].memref.size);
2039 }
2040
2041 TEEC_ReleaseSharedMemory(SHARE_MEM02);
2042 mem02_exit:
2043 TEEC_ReleaseSharedMemory(SHARE_MEM01);
2044 mem01_exit:
2045 return res;
2046 }
2047
2048 static TEEC_Result
Invoke_Crypto_AsymmetricVerifyDigest(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t oph,const void * full_data,size_t fdata_length,uint32_t buffer_case,uint32_t valid_sig)2049 Invoke_Crypto_AsymmetricVerifyDigest(ADBG_Case_t *c, TEEC_Session *s,
2050 uint32_t cmd, uint32_t oph,
2051 const void *full_data,
2052 size_t fdata_length, uint32_t buffer_case,
2053 uint32_t valid_sig)
2054 {
2055 TEEC_Result res;
2056 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
2057 uint32_t ret_orig;
2058 uint32_t dec_input = 0;
2059
2060 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01, fdata_length,
2061 TEEC_MEM_INPUT,
2062 saved_digest.size, saved_digest.buffer, mem01_exit)
2063 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM02, 512,
2064 TEEC_MEM_INPUT, mem02_exit)
2065
2066 struct crypto_buffer signed_dgst;
2067 CRYPTO_INIT(signed_dgst);
2068 res = sign_digest(c, &saved_digest, &signed_dgst);
2069
2070 /* Fill "SharedMem2" with the valid computed signature based on
2071 * the previously stored Digest value after TEE_DigestDoFinal
2072 */
2073 if (signed_dgst.buffer != NULL) {
2074 memcpy(SHARE_MEM02->buffer, signed_dgst.buffer,
2075 signed_dgst.size);
2076
2077 if (valid_sig != VALID_SIGNATURE) {
2078 /*make it invalid*/
2079 BIT_CHANGE(*(uint32_t *)SHARE_MEM02->buffer, 4);
2080 }
2081 }
2082
2083 if (buffer_case == INPUT_BUFFER_TOO_SHORT)
2084 dec_input = 1;
2085
2086 op.params[0].value.a = oph;
2087 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01,
2088 saved_digest.size - dec_input)
2089 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02,
2090 signed_dgst.size)
2091
2092 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
2093 TEEC_MEMREF_PARTIAL_INPUT, TEEC_NONE,
2094 TEEC_MEMREF_PARTIAL_INPUT);
2095
2096 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
2097
2098 CRYPTO_FREE(signed_dgst);
2099
2100 TEEC_ReleaseSharedMemory(SHARE_MEM02);
2101 mem02_exit:
2102 TEEC_ReleaseSharedMemory(SHARE_MEM01);
2103 mem01_exit:
2104 return res;
2105 }
2106
Invoke_Crypto_AsymmetricEncrypt(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t oph,const void * full_data,size_t fdata_length,uint32_t case_buf)2107 static TEEC_Result Invoke_Crypto_AsymmetricEncrypt(ADBG_Case_t *c,
2108 TEEC_Session *s,
2109 uint32_t cmd,
2110 uint32_t oph,
2111 const void *full_data,
2112 size_t fdata_length,
2113 uint32_t case_buf)
2114 {
2115 TEEC_Result res;
2116 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
2117 uint32_t ret_orig;
2118 size_t initial_size;
2119
2120 /* Fill SharedMem1 with full_data */
2121 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01, fdata_length,
2122 TEEC_MEM_INPUT, fdata_length,
2123 full_data, mem01_exit)
2124
2125
2126 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM02, 512,
2127 TEEC_MEM_OUTPUT, mem02_exit)
2128
2129 op.params[0].value.a = oph;
2130 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01,
2131 SHARE_MEM01->size)
2132 /*if $IN_caseBuffer$ = OUTPUT_BUFFER_TOO_SHORT(2)
2133 then Param[3].memref.size=1*/
2134 if (case_buf == OUTPUT_BUFFER_TOO_SHORT) {
2135 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02, 1)
2136 } else {
2137 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02,
2138 SHARE_MEM02->size)
2139 }
2140
2141 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
2142 TEEC_MEMREF_PARTIAL_INPUT,
2143 TEEC_NONE, TEEC_MEMREF_PARTIAL_OUTPUT);
2144 initial_size = op.params[3].memref.size;
2145
2146 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
2147
2148 if (res == TEEC_SUCCESS) {
2149 /* Check that "SharedMem2" is not empty
2150 * Store the value from "SharedMem2" to a
2151 * "buffer_asym_encrypted",
2152 * which will be reused in Invoke_Crypto_AsymmetricDecrypt
2153 */
2154 if (ADBG_EXPECT_COMPARE_SIGNED(c, 0, !=,
2155 op.params[3].memref.size)) {
2156 buffer_asym_encrypted.size = op.params[3].memref.size;
2157 buffer_asym_encrypted.buffer = malloc(
2158 buffer_asym_encrypted.size);
2159 memcpy(buffer_asym_encrypted.buffer,
2160 SHARE_MEM02->buffer, buffer_asym_encrypted.size);
2161 }
2162 } else if (res == TEEC_ERROR_SHORT_BUFFER) {
2163 ADBG_EXPECT_COMPARE_UNSIGNED(c, initial_size, <,
2164 op.params[3].memref.size);
2165 }
2166
2167 TEEC_ReleaseSharedMemory(SHARE_MEM02);
2168 mem02_exit:
2169 TEEC_ReleaseSharedMemory(SHARE_MEM01);
2170 mem01_exit:
2171 return res;
2172 }
2173
Invoke_Crypto_AsymmetricDecrypt(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t op_handle,const void * full_data,size_t fdata_length,uint32_t case_buf)2174 static TEEC_Result Invoke_Crypto_AsymmetricDecrypt(ADBG_Case_t *c,
2175 TEEC_Session *s,
2176 uint32_t cmd,
2177 uint32_t op_handle,
2178 const void *full_data,
2179 size_t fdata_length,
2180 uint32_t case_buf)
2181 {
2182 TEEC_Result res;
2183 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
2184 uint32_t ret_orig;
2185 size_t initial_size;
2186 const char *expected_res;
2187 size_t expected_size;
2188 size_t sz;
2189
2190 /* Fill SharedMem1 with buffer_asym_encrypted */
2191 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01,
2192 buffer_asym_encrypted.size,
2193 TEEC_MEM_INPUT,
2194 buffer_asym_encrypted.size,
2195 buffer_asym_encrypted.buffer, mem01_exit)
2196 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM02, 512,
2197 TEEC_MEM_OUTPUT, mem02_exit)
2198
2199 op.params[0].value.a = op_handle;
2200
2201 sz = buffer_asym_encrypted.size;
2202 if (case_buf == INPUT_BUFFER_TOO_SHORT)
2203 sz--;
2204 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01, sz);
2205
2206 if (case_buf == OUTPUT_BUFFER_TOO_SHORT)
2207 sz = 1;
2208 else
2209 sz = SHARE_MEM02->size;
2210 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02, sz);
2211
2212 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
2213 TEEC_MEMREF_PARTIAL_INPUT,
2214 TEEC_NONE, TEEC_MEMREF_PARTIAL_OUTPUT);
2215 initial_size = op.params[3].memref.size;
2216
2217 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
2218
2219 expected_res = full_data;
2220 expected_size = fdata_length;
2221 if (saved_alloc.algo == TEE_ALG_RSA_NOPAD) {
2222 /*
2223 * According to GP 1.1, no pad encrypting TEE_ALG_RSA_NOPAD
2224 * follows "PKCS #1 (RSA primitive)", as stated in
2225 * ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf
2226 * Page 10, it is stated that RSA primitives RSAEP and RSADP
2227 * outputs "an integer between 0 and n-1". Hence the
2228 * leading 0s must not be taken into account when checking
2229 * the reference
2230 */
2231 while (expected_size && expected_res[0] == 0) {
2232 expected_size--;
2233 expected_res++;
2234 }
2235 }
2236
2237 if (res == TEEC_SUCCESS) {
2238 /* Compare the clear data in
2239 * $IN_fullDataValue$ with "SharedMem2"
2240 * and check they are equal
2241 */
2242 ADBG_EXPECT_BUFFER(c, expected_res, expected_size,
2243 SHARE_MEM02->buffer,
2244 op.params[3].memref.size);
2245 } else if (res == TEEC_ERROR_SHORT_BUFFER) {
2246 ADBG_EXPECT_COMPARE_UNSIGNED(c, initial_size, <,
2247 op.params[3].memref.size);
2248 }
2249
2250 TEEC_ReleaseSharedMemory(SHARE_MEM02);
2251 mem02_exit:
2252 TEEC_ReleaseSharedMemory(SHARE_MEM01);
2253 mem01_exit:
2254 return res;
2255 }
2256
Invoke_Crypto_CopyOperation(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t dst_oph,uint32_t src_oph)2257 static TEEC_Result Invoke_Crypto_CopyOperation(ADBG_Case_t *c, TEEC_Session *s,
2258 uint32_t cmd, uint32_t dst_oph,
2259 uint32_t src_oph)
2260 {
2261 return Invoke_Simple_Function_v1(c, s, cmd, dst_oph, src_oph);
2262 }
2263
Invoke_Crypto_MACInit(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t oph,const void * iv,size_t iv_len)2264 static TEEC_Result Invoke_Crypto_MACInit(
2265 ADBG_Case_t *c, TEEC_Session *s,
2266 uint32_t cmd, uint32_t oph,
2267 const void *iv, size_t iv_len)
2268 {
2269 TEEC_Result res;
2270 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
2271 uint32_t ret_orig;
2272
2273 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM06, iv_len,
2274 TEEC_MEM_INPUT, iv_len, iv, mem06_exit)
2275
2276 op.params[0].value.a = oph;
2277 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM06, iv_len)
2278
2279 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
2280 TEEC_MEMREF_PARTIAL_INPUT, TEEC_NONE,
2281 TEEC_NONE);
2282
2283 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
2284
2285 /* save the $IN_InitialisationVector$ for
2286 * later computation of encryptedData
2287 */
2288 if (iv_len != 0) {
2289 CRYPTO_FREE(saved_mac_iv);
2290 saved_mac_iv.size = iv_len;
2291 saved_mac_iv.buffer = malloc(iv_len);
2292 memcpy(saved_mac_iv.buffer, iv, iv_len);
2293 }
2294
2295 TEEC_ReleaseSharedMemory(SHARE_MEM06);
2296 mem06_exit:
2297 return res;
2298 }
2299
2300 /*CMD_MACUpdate*/
Invoke_Crypto_MACUpdate(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t oph,const void * part_data,size_t partd_length)2301 static TEEC_Result Invoke_Crypto_MACUpdate(
2302 ADBG_Case_t *c, TEEC_Session *s,
2303 uint32_t cmd, uint32_t oph,
2304 const void *part_data, size_t partd_length)
2305 {
2306 TEEC_Result res;
2307 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
2308 uint32_t ret_orig;
2309
2310 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01, partd_length,
2311 TEEC_MEM_INPUT, partd_length,
2312 part_data, mem01_exit)
2313
2314 op.params[0].value.a = oph;
2315 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01,
2316 SHARE_MEM01->size)
2317
2318 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
2319 TEEC_MEMREF_PARTIAL_INPUT,
2320 TEEC_NONE, TEEC_NONE);
2321
2322 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
2323
2324 TEEC_ReleaseSharedMemory(SHARE_MEM01);
2325 mem01_exit:
2326 return res;
2327 }
2328
2329 /*CMD_MACCompareFinal*/
Invoke_Crypto_MACCompareFinal(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t oph,const void * part_data,size_t partd_length,const void * full_data,size_t fdata_length,enum mac_validity mac_case)2330 static TEEC_Result Invoke_Crypto_MACCompareFinal(
2331 ADBG_Case_t *c, TEEC_Session *s,
2332 uint32_t cmd, uint32_t oph,
2333 const void *part_data, size_t partd_length,
2334 const void *full_data, size_t fdata_length,
2335 enum mac_validity mac_case)
2336 {
2337 TEEC_Result res;
2338 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
2339 uint32_t ret_orig;
2340
2341 /* Fill SharedMem1 with part_data */
2342 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01, partd_length,
2343 TEEC_MEM_INPUT, partd_length,
2344 part_data, mem01_exit)
2345 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM02, fdata_length,
2346 TEEC_MEM_INPUT, mem02_exit)
2347
2348 /* Fill SharedMem2 with valid computed MAC of full_data */
2349 struct crypto_buffer mac;
2350 CRYPTO_INIT(mac);
2351 res = mac_compute_final(c, s, full_data, fdata_length, &mac);
2352
2353 if (mac.buffer != NULL) {
2354 memcpy(SHARE_MEM02->buffer, mac.buffer, mac.size);
2355
2356 if (mac_case != VALID_MAC) {
2357 /* change one bit from the valid
2358 MAC to make it invalid. */
2359 BIT_CHANGE(*(uint32_t *)SHARE_MEM02->buffer, 4);
2360 }
2361 }
2362
2363 op.params[0].value.a = oph;
2364 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01,
2365 SHARE_MEM01->size)
2366 SET_SHARED_MEMORY_OPERATION_PARAMETER(2, 0, SHARE_MEM02, mac.size)
2367
2368 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
2369 TEEC_MEMREF_PARTIAL_INPUT,
2370 TEEC_MEMREF_PARTIAL_INPUT, TEEC_NONE);
2371
2372 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
2373
2374 CRYPTO_FREE(mac);
2375
2376 TEEC_ReleaseSharedMemory(SHARE_MEM02);
2377 mem02_exit:
2378 TEEC_ReleaseSharedMemory(SHARE_MEM01);
2379 mem01_exit:
2380 return res;
2381 }
2382
2383 /*CMD_MACComputeFinal*/
Invoke_Crypto_MACComputeFinal(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t oph,const void * part_data,size_t partd_length,const void * full_data,size_t fdata_length,uint32_t case_buf)2384 static TEEC_Result Invoke_Crypto_MACComputeFinal(
2385 ADBG_Case_t *c, TEEC_Session *s,
2386 uint32_t cmd, uint32_t oph,
2387 const void *part_data, size_t partd_length,
2388 const void *full_data, size_t fdata_length, uint32_t case_buf)
2389 {
2390 TEEC_Result res;
2391 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
2392 uint32_t ret_orig;
2393 size_t initial_size;
2394
2395 /* Fill SharedMem1 with part_data */
2396 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01, partd_length,
2397 TEEC_MEM_INPUT, partd_length,
2398 part_data, mem01_exit)
2399 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM02, fdata_length,
2400 TEEC_MEM_OUTPUT, mem02_exit)
2401
2402 op.params[0].value.a = oph;
2403 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01,
2404 SHARE_MEM01->size)
2405 if (case_buf == OUTPUT_BUFFER_TOO_SHORT) {
2406 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02, 1)
2407 } else {
2408 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02,
2409 SHARE_MEM02->size)
2410 }
2411
2412 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
2413 TEEC_MEMREF_PARTIAL_INPUT,
2414 TEEC_NONE, TEEC_MEMREF_PARTIAL_OUTPUT);
2415 initial_size = op.params[3].memref.size;
2416
2417 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
2418
2419 /* Compute the MAC of $IN_fullDataValue$ and
2420 compare it to "SharedMem2" */
2421 if (res == TEEC_SUCCESS) {
2422 struct crypto_buffer tmp_mac;
2423 CRYPTO_INIT(tmp_mac);
2424 ADBG_EXPECT_TEEC_SUCCESS(c, res =
2425 mac_compute_final(c, s,
2426 full_data,
2427 fdata_length,
2428 &tmp_mac));
2429
2430 if (res != TEEC_SUCCESS)
2431 goto exit;
2432
2433 ADBG_EXPECT_COMPARE_SIGNED(c, 0, ==,
2434 memcmp(SHARE_MEM02->buffer,
2435 tmp_mac.buffer,
2436 op.params[3].memref.size));
2437 CRYPTO_FREE(tmp_mac);
2438 } else if (res == TEEC_ERROR_SHORT_BUFFER) {
2439 ADBG_EXPECT_COMPARE_UNSIGNED(c, initial_size, <,
2440 op.params[3].memref.size);
2441 }
2442
2443 exit:
2444 TEEC_ReleaseSharedMemory(SHARE_MEM02);
2445 mem02_exit:
2446 TEEC_ReleaseSharedMemory(SHARE_MEM01);
2447 mem01_exit:
2448 return res;
2449 }
2450
2451 /*CMD_CipherInit*/
Invoke_Crypto_CipherInit(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t oph,const void * iv,size_t iv_len)2452 static TEEC_Result Invoke_Crypto_CipherInit(
2453 ADBG_Case_t *c, TEEC_Session *s,
2454 uint32_t cmd, uint32_t oph,
2455 const void *iv, size_t iv_len)
2456 {
2457 TEEC_Result res;
2458 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
2459 uint32_t ret_orig;
2460
2461 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01, iv_len,
2462 TEEC_MEM_INPUT, iv_len, iv, mem01_exit)
2463
2464 op.params[0].value.a = oph;
2465 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01,
2466 SHARE_MEM01->size)
2467
2468 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
2469 TEEC_MEMREF_PARTIAL_INPUT, TEEC_NONE,
2470 TEEC_NONE);
2471
2472 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
2473
2474 if (res == TEEC_SUCCESS) {
2475 /* Save the $IN_InitialisationVector$ for later
2476 * computation of encryptedData
2477 */
2478 if (iv != NULL) {
2479 CRYPTO_FREE(saved_cipher_iv);
2480 saved_cipher_iv.size = iv_len;
2481 saved_cipher_iv.buffer = malloc(iv_len);
2482 memcpy(saved_cipher_iv.buffer, iv, iv_len);
2483 }
2484 }
2485
2486 TEEC_ReleaseSharedMemory(SHARE_MEM01);
2487 mem01_exit:
2488 CRYPTO_FREE(saved_cipher_update);
2489 return res;
2490 }
2491 /*CMD_CipherUpdate*/
Invoke_Crypto_CipherUpdate(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t oph,const void * part_data,uint32_t partd_length,uint32_t case_buf)2492 static TEEC_Result Invoke_Crypto_CipherUpdate(
2493 ADBG_Case_t *c, TEEC_Session *s,
2494 uint32_t cmd, uint32_t oph,
2495 const void *part_data, uint32_t partd_length,
2496 uint32_t case_buf)
2497 {
2498 TEEC_Result res;
2499 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
2500 uint32_t ret_orig;
2501 size_t initial_size;
2502
2503 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01, partd_length,
2504 TEEC_MEM_INPUT, partd_length,
2505 part_data, mem01_exit)
2506 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM02, partd_length,
2507 TEEC_MEM_OUTPUT, mem02_exit)
2508
2509 op.params[0].value.a = oph;
2510 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01,
2511 SHARE_MEM01->size)
2512 /*if $IN_caseBuffer$ = OUTPUT_BUFFER_TOO_SHORT(2)
2513 then Param[3].memref.size=1*/
2514 if (case_buf == OUTPUT_BUFFER_TOO_SHORT) {
2515 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02, 1)
2516 } else {
2517 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02,
2518 SHARE_MEM02->size)
2519 }
2520
2521 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
2522 TEEC_MEMREF_PARTIAL_INPUT,
2523 TEEC_NONE, TEEC_MEMREF_PARTIAL_OUTPUT);
2524 initial_size = op.params[3].memref.size;
2525
2526 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
2527
2528 if (res == TEEC_SUCCESS) {
2529 /* Save the buffer returned in "SharedMem2" in order
2530 * to collapse all buffers returned for CipherUpdate,
2531 * which will be used in CipherDoFinal
2532 */
2533 if (op.params[3].memref.size != 0) {
2534 void *tmp = realloc(saved_cipher_update.buffer,
2535 saved_cipher_update.size +
2536 op.params[3].memref.size);
2537 saved_cipher_update.buffer = tmp;
2538 memcpy(
2539 saved_cipher_update.buffer +
2540 saved_cipher_update.size, SHARE_MEM02->buffer,
2541 op.params[3].memref.size);
2542 saved_cipher_update.size += op.params[3].memref.size;
2543 }
2544 } else if (res == TEEC_ERROR_SHORT_BUFFER) {
2545 ADBG_EXPECT_COMPARE_UNSIGNED(c, initial_size, <,
2546 op.params[3].memref.size);
2547 }
2548
2549 TEEC_ReleaseSharedMemory(SHARE_MEM02);
2550 mem02_exit:
2551 TEEC_ReleaseSharedMemory(SHARE_MEM01);
2552 mem01_exit:
2553 return res;
2554 }
2555
2556 /*CMD_CipherDoFinal*/
Invoke_Crypto_CipherDoFinal(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t oph,const void * part_data,size_t partd_length,const void * full_data,size_t fulld_length,uint32_t case_buf)2557 static TEEC_Result Invoke_Crypto_CipherDoFinal(
2558 ADBG_Case_t *c, TEEC_Session *s,
2559 uint32_t cmd, uint32_t oph,
2560 const void *part_data, size_t partd_length,
2561 const void *full_data, size_t fulld_length, uint32_t case_buf)
2562 {
2563 TEEC_Result res;
2564 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
2565 uint32_t ret_orig;
2566 size_t initial_size;
2567
2568 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM01, partd_length,
2569 TEEC_MEM_INPUT, partd_length,
2570 part_data, mem01_exit)
2571 /* used fulld_length instead of partd_length as
2572 described in the Adaptation layer specification.*/
2573 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM02, fulld_length,
2574 TEEC_MEM_OUTPUT, mem02_exit)
2575
2576 op.params[0].value.a = oph;
2577 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM01,
2578 SHARE_MEM01->size)
2579 /*if $IN_caseBuffer$ = OUTPUT_BUFFER_TOO_SHORT(2)
2580 then Param[3].memref.size=1*/
2581 if (case_buf == OUTPUT_BUFFER_TOO_SHORT) {
2582 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02, 1)
2583 } else {
2584 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM02,
2585 SHARE_MEM02->size)
2586 }
2587
2588 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
2589 TEEC_MEMREF_PARTIAL_INPUT,
2590 TEEC_NONE, TEEC_MEMREF_PARTIAL_OUTPUT);
2591 initial_size = op.params[3].memref.size;
2592
2593 res = TEEC_InvokeCommand(s, cmd, &op, &ret_orig);
2594
2595 if (res == TEEC_SUCCESS) {
2596 /* Append the buffer returned in "SharedMem2"
2597 * to the previously buffers
2598 * returned for CipherUpdate => "collapsed_buffers"
2599 */
2600 if (op.params[3].memref.size != 0) {
2601 void *tmp = realloc(saved_cipher_update.buffer,
2602 saved_cipher_update.size +
2603 op.params[3].memref.size);
2604 saved_cipher_update.buffer = tmp;
2605 memcpy(
2606 saved_cipher_update.buffer +
2607 saved_cipher_update.size, SHARE_MEM02->buffer,
2608 op.params[3].memref.size);
2609 saved_cipher_update.size += op.params[3].memref.size;
2610 }
2611
2612 /* Compute the ciphered data of
2613 * $IN_fullDataValue$ and compare it
2614 * to "collapsed_buffers"
2615 */
2616 struct crypto_buffer full_ciphered_data;
2617 CRYPTO_INIT(full_ciphered_data);
2618 ADBG_EXPECT_TEEC_SUCCESS(c, res =
2619 cipher_do_final(c, s,
2620 full_data,
2621 fulld_length,
2622 &
2623 full_ciphered_data));
2624
2625 if (res == TEEC_SUCCESS) {
2626 ADBG_EXPECT_BUFFER(c, full_ciphered_data.buffer,
2627 full_ciphered_data.size,
2628 saved_cipher_update.buffer,
2629 saved_cipher_update.size);
2630 } else if (res == TEEC_ERROR_SHORT_BUFFER) {
2631 ADBG_EXPECT_COMPARE_UNSIGNED(c, initial_size, <,
2632 op.params[3].memref.size);
2633 }
2634
2635 CRYPTO_FREE(full_ciphered_data);
2636 CRYPTO_FREE(saved_cipher_update);
2637 }
2638
2639 TEEC_ReleaseSharedMemory(SHARE_MEM02);
2640 mem02_exit:
2641 TEEC_ReleaseSharedMemory(SHARE_MEM01);
2642 mem01_exit:
2643 return res;
2644 }
2645
Invoke_Crypto_FreeOperation(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t oph)2646 static TEEC_Result Invoke_Crypto_FreeOperation(ADBG_Case_t *c, TEEC_Session *s,
2647 uint32_t cmd, uint32_t oph)
2648 {
2649 return Invoke_Simple_Function_v1(c, s, cmd, oph, 0);
2650 }
2651
2652
hash_algo_to_md(uint32_t algo)2653 static const EVP_MD *hash_algo_to_md(uint32_t algo)
2654 {
2655 switch (algo) {
2656 case TEE_ALG_MD5:
2657 return EVP_md5();
2658 case TEE_ALG_SHA1:
2659 return EVP_sha1();
2660 case TEE_ALG_SHA224:
2661 return EVP_sha224();
2662 case TEE_ALG_SHA256:
2663 return EVP_sha256();
2664 case TEE_ALG_SHA384:
2665 return EVP_sha384();
2666 case TEE_ALG_SHA512:
2667 return EVP_sha512();
2668 default:
2669 return NULL;
2670 }
2671 }
2672
2673
calculate_digest(ADBG_Case_t * c,const void * data,size_t data_length,struct crypto_buffer * digest)2674 static TEEC_Result calculate_digest(ADBG_Case_t *c, const void *data,
2675 size_t data_length,
2676 struct crypto_buffer *digest)
2677 {
2678 const EVP_MD *md = hash_algo_to_md(saved_alloc.algo);
2679 void *buf = NULL;
2680 unsigned int sz = 0;
2681
2682 if (!ADBG_EXPECT_NOT_NULL(c, md))
2683 return TEEC_ERROR_NOT_SUPPORTED;
2684 sz = EVP_MD_size(md);
2685 buf = calloc(1, sz);
2686 if (!buf)
2687 return TEEC_ERROR_OUT_OF_MEMORY;
2688
2689 if (EVP_Digest(data, data_length, buf, &sz, md, NULL)) {
2690 digest->size = sz;
2691 digest->buffer = buf;
2692 return TEEC_SUCCESS;
2693 } else {
2694 free(buf);
2695 return TEEC_ERROR_GENERIC;
2696 }
2697 }
2698
2699 struct key_attr {
2700 const void *val;
2701 size_t len;
2702 };
2703
2704 #define KEY_ATTR(val_array) { .val = val_array, .len = sizeof(val_array) }
2705
2706 struct dsa_key_vals {
2707 struct key_attr priv;
2708 struct key_attr pub;
2709 struct key_attr prime;
2710 struct key_attr subprime;
2711 struct key_attr base;
2712 };
2713
2714 static const struct dsa_key_vals dsa_key_vals[] = { {
2715 .prime = KEY_ATTR(TEE_ATTR_DSA_PRIME_768_VALUE01),
2716 .subprime = KEY_ATTR(TEE_ATTR_DSA_SUBPRIME_160_VALUE01),
2717 .base = KEY_ATTR(TEE_ATTR_DSA_BASE_768_VALUE01),
2718 .priv = KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE_160_VALUE01),
2719 .pub = KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE_768_VALUE01),
2720 }, {
2721 .prime = KEY_ATTR(TEE_ATTR_DSA_PRIME_2048_VALUE01),
2722 .subprime = KEY_ATTR(TEE_ATTR_DSA_SUBPRIME_224_VALUE01),
2723 .base = KEY_ATTR(TEE_ATTR_DSA_BASE_2048_VALUE01),
2724 .priv = KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE_224_VALUE01),
2725 .pub = KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE_2048_VALUE01),
2726 }, {
2727 .prime = KEY_ATTR(TEE_ATTR_DSA_PRIME_3072_VALUE01),
2728 .subprime = KEY_ATTR(TEE_ATTR_DSA_SUBPRIME_256_VALUE01),
2729 .base = KEY_ATTR(TEE_ATTR_DSA_BASE_3072_VALUE01),
2730 .priv = KEY_ATTR(TEE_ATTR_DSA_PRIVATE_VALUE_256_VALUE01),
2731 .pub = KEY_ATTR(TEE_ATTR_DSA_PUBLIC_VALUE_3072_VALUE01),
2732 },
2733 };
2734
2735
2736 struct ecdsa_key_vals {
2737 struct key_attr priv;
2738 struct key_attr x;
2739 struct key_attr y;
2740 uint32_t curve;
2741 uint32_t key_size_bytes;
2742 };
2743 static const struct ecdsa_key_vals ecdsa_key_vals[] = { {
2744 .priv = KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE_ECDSA_P192_VALUE01),
2745 .x = KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDSA_P192_VALUE01),
2746 .y = KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDSA_P192_VALUE01),
2747 .curve = 1, /* TEE_ECC_CURVE_NIST_P192 */
2748 .key_size_bytes = 24,
2749 }, {
2750 .priv = KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE_ECDSA_P224_VALUE01),
2751 .x = KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDSA_P224_VALUE01),
2752 .y = KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDSA_P224_VALUE01),
2753 .curve = 2 /* TEE_ECC_CURVE_NIST_P224 */,
2754 .key_size_bytes = 28,
2755 }, {
2756 .priv = KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE_ECDSA_P256_VALUE01),
2757 .x = KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDSA_P256_VALUE01),
2758 .y = KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDSA_P256_VALUE01),
2759 .curve = 3 /* TEE_ECC_CURVE_NIST_P256 */,
2760 .key_size_bytes = 32,
2761 }, {
2762 .priv = KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE_ECDSA_P384_VALUE01),
2763 .x = KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDSA_P384_VALUE01),
2764 .y = KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDSA_P384_VALUE01),
2765 .curve = 4 /* TEE_ECC_CURVE_NIST_P384 */,
2766 .key_size_bytes = 48,
2767 }, {
2768 .priv = KEY_ATTR(TEE_ATTR_ECC_PRIVATE_VALUE_ECDSA_P521_VALUE01),
2769 .x = KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_X_ECDSA_P521_VALUE01),
2770 .y = KEY_ATTR(TEE_ATTR_ECC_PUBLIC_VALUE_Y_ECDSA_P521_VALUE01),
2771 .curve = 5 /* TEE_ECC_CURVE_NIST_P521 */,
2772 .key_size_bytes = 66,
2773 },
2774 };
2775
2776 struct rsa_key_vals {
2777 struct key_attr mod;
2778 struct key_attr pub;
2779 struct key_attr priv;
2780 };
2781
2782 static const struct rsa_key_vals rsa_key_vals[] = { {
2783 .mod = KEY_ATTR(TEE_ATTR_RSA_MODULUS_VALUE01),
2784 .pub = KEY_ATTR(TEE_ATTR_RSA_PUBLIC_EXPONENT_VALUE01),
2785 .priv = KEY_ATTR(TEE_ATTR_RSA_PRIVATE_EXPONENT_VALUE01),
2786 },
2787 };
2788
get_dsa_key_vals(const void * attr)2789 static const void *get_dsa_key_vals(const void *attr)
2790 {
2791 const size_t nelem = sizeof(dsa_key_vals) / sizeof(dsa_key_vals[0]);
2792 size_t n;
2793
2794 for (n = 0; n < nelem; n++) {
2795 if (attr == dsa_key_vals[n].priv.val ||
2796 attr == dsa_key_vals[n].pub.val ||
2797 attr == dsa_key_vals[n].prime.val ||
2798 attr == dsa_key_vals[n].subprime.val ||
2799 attr == dsa_key_vals[n].base.val) {
2800 return dsa_key_vals + n;
2801 }
2802 }
2803
2804 return NULL;
2805 }
2806
get_ecdsa_key_vals(const void * attr)2807 static const void *get_ecdsa_key_vals(const void *attr)
2808 {
2809 const size_t nelem = sizeof(ecdsa_key_vals) / sizeof(ecdsa_key_vals[0]);
2810 size_t n;
2811
2812 for (n = 0; n < nelem; n++) {
2813 if (attr == ecdsa_key_vals[n].priv.val ||
2814 attr == ecdsa_key_vals[n].x.val ||
2815 attr == ecdsa_key_vals[n].y.val)
2816 return ecdsa_key_vals + n;
2817 }
2818
2819 return NULL;
2820 }
2821
get_rsa_key_vals(const void * attr)2822 static const void *get_rsa_key_vals(const void *attr)
2823 {
2824 const size_t nelem = sizeof(rsa_key_vals) / sizeof(rsa_key_vals[0]);
2825 size_t n;
2826
2827 for (n = 0; n < nelem; n++) {
2828 if (attr == rsa_key_vals[n].priv.val ||
2829 attr == rsa_key_vals[n].mod.val ||
2830 attr == rsa_key_vals[n].pub.val)
2831 return rsa_key_vals + n;
2832 }
2833
2834 return NULL;
2835 }
2836
bn_from_key_attr(const struct key_attr * ka)2837 static BIGNUM *bn_from_key_attr(const struct key_attr *ka)
2838 {
2839 return BN_bin2bn(ka->val, ka->len, NULL);
2840 }
2841
dsa_from_key_vals(const struct dsa_key_vals * dkv)2842 static DSA *dsa_from_key_vals(const struct dsa_key_vals *dkv)
2843 {
2844 BIGNUM *priv_key = bn_from_key_attr(&dkv->priv);
2845 BIGNUM *pub_key = bn_from_key_attr(&dkv->pub);
2846 BIGNUM *q = bn_from_key_attr(&dkv->subprime);
2847 BIGNUM *p = bn_from_key_attr(&dkv->prime);
2848 BIGNUM *g = bn_from_key_attr(&dkv->base);
2849 DSA *dsa = DSA_new();
2850
2851 if (!dsa || !priv_key || !pub_key || !p || !q || !g)
2852 goto err_free_all;
2853
2854 if (!DSA_set0_pqg(dsa, p, q, g))
2855 goto err_free_all;
2856
2857 if (!DSA_set0_key(dsa, pub_key, priv_key))
2858 goto err_free_priv_pub;
2859
2860 return dsa;
2861
2862 err_free_all:
2863 BN_free(p);
2864 BN_free(q);
2865 BN_free(g);
2866 err_free_priv_pub:
2867 BN_free(priv_key);
2868 BN_free(pub_key);
2869 DSA_free(dsa);
2870
2871 return NULL;
2872 }
2873
dsa_sign_digest(ADBG_Case_t * c,const struct dsa_key_vals * dkv,const struct crypto_buffer * in_dgst,struct crypto_buffer * out_dgst)2874 static TEEC_Result dsa_sign_digest(ADBG_Case_t *c,
2875 const struct dsa_key_vals *dkv,
2876 const struct crypto_buffer *in_dgst,
2877 struct crypto_buffer *out_dgst)
2878 {
2879 TEEC_Result res = TEEC_SUCCESS;
2880 DSA *dsa = dsa_from_key_vals(dkv);
2881 const BIGNUM *r = NULL;
2882 const BIGNUM *s = NULL;
2883 DSA_SIG *sig = NULL;
2884
2885 if (!dsa) {
2886 res = TEEC_ERROR_OUT_OF_MEMORY;
2887 ADBG_EXPECT_TEEC_SUCCESS(c, res);
2888 return res;
2889 }
2890
2891 sig = DSA_do_sign(in_dgst->buffer, in_dgst->size, dsa);
2892 if (!sig) {
2893 res = TEEC_ERROR_OUT_OF_MEMORY;
2894 ADBG_EXPECT_TEEC_SUCCESS(c, res);
2895 goto out;
2896 }
2897
2898 out_dgst->size = 2 * dkv->subprime.len; /* q */
2899 out_dgst->buffer = calloc(1, out_dgst->size);
2900 if (!out_dgst->buffer) {
2901 res = TEEC_ERROR_OUT_OF_MEMORY;
2902 ADBG_EXPECT_TEEC_SUCCESS(c, res);
2903 goto out;
2904 }
2905
2906 DSA_SIG_get0(sig, &r, &s);
2907 BN_bn2bin(r, out_dgst->buffer + out_dgst->size / 2 - BN_num_bytes(r));
2908 BN_bn2bin(s, out_dgst->buffer + out_dgst->size - BN_num_bytes(s));
2909 res = TEEC_SUCCESS;
2910
2911 out:
2912 DSA_free(dsa);
2913 DSA_SIG_free(sig);
2914
2915 return res;
2916 }
2917
dsa_verify_digest(ADBG_Case_t * c,const struct dsa_key_vals * dkv,const void * digest,size_t digest_len,const struct crypto_buffer * in_sdgst)2918 static bool dsa_verify_digest(ADBG_Case_t *c, const struct dsa_key_vals *dkv,
2919 const void *digest, size_t digest_len,
2920 const struct crypto_buffer *in_sdgst)
2921 {
2922 DSA *dsa = dsa_from_key_vals(dkv);
2923 DSA_SIG *sig = NULL;
2924 BIGNUM *r = NULL;
2925 BIGNUM *s = NULL;
2926 bool res = false;
2927
2928 if (!ADBG_EXPECT_NOT_NULL(c, dsa))
2929 return false;
2930
2931 sig = DSA_SIG_new();
2932 if (!ADBG_EXPECT_NOT_NULL(c, sig))
2933 goto out;
2934
2935 r = BN_bin2bn(in_sdgst->buffer, in_sdgst->size / 2, NULL);
2936 if (!ADBG_EXPECT_NOT_NULL(c, r))
2937 goto out;
2938 s = BN_bin2bn(in_sdgst->buffer + in_sdgst->size / 2,
2939 in_sdgst->size / 2, NULL);
2940 if (!ADBG_EXPECT_NOT_NULL(c, s)) {
2941 BN_free(r);
2942 goto out;
2943 }
2944 DSA_SIG_set0(sig, r, s);
2945
2946 res = DSA_do_verify(digest, digest_len, sig, dsa);
2947 out:
2948 DSA_free(dsa);
2949 DSA_SIG_free(sig);
2950
2951 return res;
2952 }
2953
curve_to_nid(uint32_t curve)2954 static int curve_to_nid(uint32_t curve)
2955 {
2956 switch (curve) {
2957 case 1 /* TEE_ECC_CURVE_NIST_P192 */:
2958 return NID_X9_62_prime192v1;
2959 case 2 /* TEE_ECC_CURVE_NIST_P224 */:
2960 return NID_secp224r1;
2961 case 3 /* TEE_ECC_CURVE_NIST_P256 */:
2962 return NID_X9_62_prime256v1;
2963 case 4 /* TEE_ECC_CURVE_NIST_P384 */:
2964 return NID_secp384r1;
2965 case 5 /* TEE_ECC_CURVE_NIST_P521 */:
2966 return NID_secp521r1;
2967 default:
2968 return -1;
2969 }
2970 }
2971
ecdsa_from_key_vals(const struct ecdsa_key_vals * kv)2972 static EC_KEY *ecdsa_from_key_vals(const struct ecdsa_key_vals *kv)
2973 {
2974 EC_KEY *key = EC_KEY_new_by_curve_name(curve_to_nid(kv->curve));
2975 BIGNUM *priv_key = bn_from_key_attr(&kv->priv);
2976 BIGNUM *x = bn_from_key_attr(&kv->x);
2977 BIGNUM *y = bn_from_key_attr(&kv->y);
2978
2979 if (!key || !priv_key || !x || !y)
2980 goto err_free_all;
2981
2982 if (!EC_KEY_set_private_key(key, priv_key))
2983 goto err_free_all;
2984
2985 if (!EC_KEY_set_public_key_affine_coordinates(key, x, y))
2986 goto err_free_xy;
2987
2988 return key;
2989
2990 err_free_all:
2991 BN_free(priv_key);
2992 err_free_xy:
2993 BN_free(x);
2994 BN_free(y);
2995 EC_KEY_free(key);
2996
2997 return NULL;
2998 }
2999
3000
ecdsa_sign_digest(ADBG_Case_t * c,const struct ecdsa_key_vals * kv,const struct crypto_buffer * in_dgst,struct crypto_buffer * out_dgst)3001 static TEEC_Result ecdsa_sign_digest(ADBG_Case_t *c,
3002 const struct ecdsa_key_vals *kv,
3003 const struct crypto_buffer *in_dgst,
3004 struct crypto_buffer *out_dgst)
3005 {
3006 TEEC_Result res = TEEC_ERROR_OUT_OF_MEMORY;
3007 EC_KEY *key = ecdsa_from_key_vals(kv);
3008 const BIGNUM *r = NULL;
3009 const BIGNUM *s = NULL;
3010 ECDSA_SIG *sig = NULL;
3011
3012 if (!ADBG_EXPECT_NOT_NULL(c, key))
3013 return TEEC_ERROR_OUT_OF_MEMORY;
3014
3015 sig = ECDSA_do_sign(in_dgst->buffer, in_dgst->size, key);
3016 if (!ADBG_EXPECT_NOT_NULL(c, sig))
3017 goto out;
3018
3019 out_dgst->size = 2 * kv->key_size_bytes;
3020 out_dgst->buffer = calloc(1, out_dgst->size);
3021 if (!ADBG_EXPECT_NOT_NULL(c, out_dgst->buffer))
3022 goto out;
3023
3024 ECDSA_SIG_get0(sig, &r, &s);
3025 BN_bn2bin(r, out_dgst->buffer + out_dgst->size / 2 - BN_num_bytes(r));
3026 BN_bn2bin(s, out_dgst->buffer + out_dgst->size - BN_num_bytes(s));
3027 res = TEEC_SUCCESS;
3028 out:
3029 EC_KEY_free(key);
3030 ECDSA_SIG_free(sig);
3031
3032 return res;
3033 }
3034
ecdsa_verify_digest(ADBG_Case_t * c,const struct ecdsa_key_vals * kv,const void * digest,size_t digest_len,const struct crypto_buffer * in_sdgst)3035 static bool ecdsa_verify_digest(ADBG_Case_t *c,
3036 const struct ecdsa_key_vals *kv,
3037 const void *digest, size_t digest_len,
3038 const struct crypto_buffer *in_sdgst)
3039 {
3040 EC_KEY *key = ecdsa_from_key_vals(kv);
3041 ECDSA_SIG *sig = NULL;
3042 BIGNUM *r = NULL;
3043 BIGNUM *s = NULL;
3044 bool res = false;
3045
3046 if (!ADBG_EXPECT_NOT_NULL(c, key))
3047 return false;
3048
3049 sig = ECDSA_SIG_new();
3050 if (!ADBG_EXPECT_NOT_NULL(c, sig))
3051 goto out;
3052
3053 r = BN_bin2bn(in_sdgst->buffer, in_sdgst->size / 2, NULL);
3054 if (!ADBG_EXPECT_NOT_NULL(c, r))
3055 goto out;
3056 s = BN_bin2bn(in_sdgst->buffer + in_sdgst->size / 2,
3057 in_sdgst->size / 2, NULL);
3058 if (!ADBG_EXPECT_NOT_NULL(c, s)) {
3059 BN_free(r);
3060 goto out;
3061 }
3062 ECDSA_SIG_set0(sig, r, s);
3063
3064 res = ECDSA_do_verify(digest, digest_len, sig, key);
3065 out:
3066 EC_KEY_free(key);
3067 ECDSA_SIG_free(sig);
3068
3069 return res;
3070 }
3071
rsa_from_key_vals(const struct rsa_key_vals * kv)3072 static RSA *rsa_from_key_vals(const struct rsa_key_vals *kv)
3073 {
3074 BIGNUM *priv = bn_from_key_attr(&kv->priv);
3075 BIGNUM *pub = bn_from_key_attr(&kv->pub);
3076 BIGNUM *mod = bn_from_key_attr(&kv->mod);
3077 RSA *key = RSA_new();
3078
3079 if (!key || !priv || !pub || !mod)
3080 goto err_free_all;
3081
3082 if (!RSA_set0_key(key, mod, pub, priv))
3083 goto err_free_all;
3084
3085 return key;
3086
3087 err_free_all:
3088 BN_free(priv);
3089 BN_free(pub);
3090 BN_free(mod);
3091 RSA_free(key);
3092
3093 return NULL;
3094 }
3095
algo_to_md(uint32_t algo)3096 static const EVP_MD *algo_to_md(uint32_t algo)
3097 {
3098 switch (algo) {
3099 case TEE_ALG_RSASSA_PKCS1_V1_5_MD5:
3100 return EVP_md5();
3101 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1:
3102 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1:
3103 return EVP_sha1();
3104 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224:
3105 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224:
3106 return EVP_sha224();
3107 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256:
3108 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256:
3109 return EVP_sha256();
3110 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384:
3111 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384:
3112 return EVP_sha384();
3113 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512:
3114 case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512:
3115 return EVP_sha512();
3116 default:
3117 return NULL;
3118 }
3119 }
3120
padding_is_pkcs1_v1_5(uint32_t algo)3121 static bool padding_is_pkcs1_v1_5(uint32_t algo)
3122 {
3123 switch (algo) {
3124 case TEE_ALG_RSASSA_PKCS1_V1_5_MD5:
3125 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1:
3126 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224:
3127 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256:
3128 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384:
3129 case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512:
3130 return true;
3131 default:
3132 return false;
3133 }
3134 }
3135
ossl_err_cb(const char * str,size_t len,void * u)3136 static int ossl_err_cb(const char *str, size_t len, void *u)
3137 {
3138 warnx("%*s", (int)len, str);
3139 return 0;
3140 }
3141
print_ossl_errors(const char * func)3142 static void print_ossl_errors(const char *func)
3143 {
3144 warnx("%s failed", func);
3145 ERR_print_errors_cb(ossl_err_cb, NULL);
3146 }
3147
3148
rsa_sign_digest(ADBG_Case_t * c,const struct rsa_key_vals * kv,uint32_t algo,const struct crypto_buffer * in_dgst,struct crypto_buffer * out_dgst)3149 static TEEC_Result rsa_sign_digest(ADBG_Case_t *c,
3150 const struct rsa_key_vals *kv,
3151 uint32_t algo,
3152 const struct crypto_buffer *in_dgst,
3153 struct crypto_buffer *out_dgst)
3154 {
3155 TEEC_Result res = TEEC_SUCCESS;
3156 const EVP_MD *md = algo_to_md(algo);
3157 RSA *key = NULL;
3158 unsigned int sz = 0;
3159 void *buf = NULL;
3160
3161 if (!ADBG_EXPECT_NOT_NULL(c, md))
3162 return TEEC_ERROR_GENERIC;
3163
3164 key = rsa_from_key_vals(kv);
3165 if (!ADBG_EXPECT_NOT_NULL(c, key))
3166 return TEEC_ERROR_OUT_OF_MEMORY;
3167
3168 sz = RSA_size(key);
3169 buf = calloc(1, sz);
3170 if (!ADBG_EXPECT_NOT_NULL(c, buf)) {
3171 res = TEEC_ERROR_OUT_OF_MEMORY;
3172 goto out;
3173 }
3174
3175 if (padding_is_pkcs1_v1_5(algo)) {
3176 if (!RSA_sign(EVP_MD_nid(md), in_dgst->buffer, in_dgst->size,
3177 buf, &sz, key)) {
3178 print_ossl_errors("RSA_sign");
3179 res = TEEC_ERROR_GENERIC;
3180 }
3181 } else {
3182 /*
3183 * Important to use RSA_PSS_SALTLEN_DIGEST since the
3184 * implementation may expect the size of the hash since the
3185 * salt length isn't supplied as a paramter to
3186 * TEE_AsymmetricVerifyDigest().
3187 */
3188 if (!RSA_padding_add_PKCS1_PSS_mgf1(key, buf, in_dgst->buffer,
3189 md, md,
3190 RSA_PSS_SALTLEN_DIGEST)) {
3191 print_ossl_errors("RSA_padding_add_PKCS1_PSS_mgf1");
3192 res = TEEC_ERROR_GENERIC;
3193 } else if (!RSA_private_encrypt(sz, buf, buf, key,
3194 RSA_NO_PADDING)) {
3195 print_ossl_errors("RSA_padding_add_PKCS1_PSS_mgf1");
3196 res = TEEC_ERROR_GENERIC;
3197 }
3198 }
3199
3200 if (!res) {
3201 out_dgst->buffer = buf;
3202 out_dgst->size = sz;
3203 } else {
3204 free(buf);
3205 }
3206
3207 out:
3208 RSA_free(key);
3209 return res;
3210
3211 }
3212
rsa_verify_pss_digest(ADBG_Case_t * c,const EVP_MD * md,RSA * key,const void * digest,const struct crypto_buffer * in_sdgst)3213 static bool rsa_verify_pss_digest(ADBG_Case_t *c, const EVP_MD *md, RSA *key,
3214 const void *digest,
3215 const struct crypto_buffer *in_sdgst)
3216 {
3217 bool res = false;
3218 void *buf;
3219 int mlen;
3220
3221 buf = calloc(1, RSA_size(key));
3222 if (!ADBG_EXPECT_NOT_NULL(c, buf))
3223 return false;
3224
3225 mlen = RSA_public_decrypt(in_sdgst->size, in_sdgst->buffer,
3226 buf, key, RSA_NO_PADDING);
3227 if (mlen < 0) {
3228 print_ossl_errors("RSA_public_decrypt");
3229 goto out;
3230 }
3231 res = RSA_verify_PKCS1_PSS_mgf1(key, digest, md, md, buf, -2);
3232 if (!res)
3233 print_ossl_errors("RSA_verify_PKCS1_PSS_mgf1");
3234
3235 out:
3236 free(buf);
3237 return res;
3238
3239 }
3240
rsa_verify_digest(ADBG_Case_t * c,const struct rsa_key_vals * kv,uint32_t algo,const void * digest,size_t digest_len,const struct crypto_buffer * in_sdgst)3241 static bool rsa_verify_digest(ADBG_Case_t *c, const struct rsa_key_vals *kv,
3242 uint32_t algo,
3243 const void *digest, size_t digest_len,
3244 const struct crypto_buffer *in_sdgst)
3245 {
3246 const EVP_MD *md = algo_to_md(algo);
3247 RSA *key = NULL;
3248 bool res;
3249
3250 if (!ADBG_EXPECT_NOT_NULL(c, md))
3251 return false;
3252
3253 key = rsa_from_key_vals(kv);
3254 if (!ADBG_EXPECT_NOT_NULL(c, key))
3255 return false;
3256
3257 if (padding_is_pkcs1_v1_5(algo)) {
3258 res = RSA_verify(EVP_MD_nid(md), digest, digest_len,
3259 in_sdgst->buffer, in_sdgst->size, key);
3260 if (!res)
3261 print_ossl_errors("RSA_verify");
3262 } else {
3263 res = rsa_verify_pss_digest(c, md, key, digest, in_sdgst);
3264 }
3265
3266 RSA_free(key);
3267 return res;
3268 }
3269
sign_digest(ADBG_Case_t * c,const struct crypto_buffer * in_dgst,struct crypto_buffer * out_dgst)3270 static TEEC_Result sign_digest(ADBG_Case_t *c,
3271 const struct crypto_buffer *in_dgst,
3272 struct crypto_buffer *out_dgst)
3273 {
3274 const void *kv = NULL;
3275 TEEC_Result res = TEEC_SUCCESS;
3276
3277 if (!ADBG_EXPECT(c, TEE_HANDLE_NULL, saved_obh.obh2))
3278 return TEEC_ERROR_GENERIC;
3279
3280 if (!ADBG_EXPECT_NOT(c, TEE_HANDLE_NULL, saved_obh.obh1))
3281 return TEEC_ERROR_GENERIC;
3282
3283 kv = get_dsa_key_vals(saved_key_pub_attr[saved_obh.obh1]);
3284 if (kv) {
3285 res = dsa_sign_digest(c, kv, in_dgst, out_dgst);
3286 goto out;
3287 }
3288
3289 kv = get_ecdsa_key_vals(saved_key_pub_attr[saved_obh.obh1]);
3290 if (kv) {
3291 res = ecdsa_sign_digest(c, kv, in_dgst, out_dgst);
3292 goto out;
3293 }
3294
3295 kv = get_rsa_key_vals(saved_key_pub_attr[saved_obh.obh1]);
3296 if (kv) {
3297 res = rsa_sign_digest(c, kv, saved_alloc.algo,
3298 in_dgst, out_dgst);
3299 goto out;
3300 }
3301
3302 res = TEEC_ERROR_GENERIC;
3303 out:
3304 ADBG_EXPECT_TEEC_SUCCESS(c, res);
3305 return res;
3306 }
3307
verify_digest(ADBG_Case_t * c,const struct crypto_buffer * in_sdgst)3308 static bool verify_digest(ADBG_Case_t *c, const struct crypto_buffer *in_sdgst)
3309 {
3310 const void *kv = NULL;
3311
3312 if (!ADBG_EXPECT(c, TEE_HANDLE_NULL, saved_obh.obh2))
3313 return false;
3314
3315 if (!ADBG_EXPECT_NOT(c, TEE_HANDLE_NULL, saved_obh.obh1))
3316 return false;
3317
3318 kv = get_dsa_key_vals(saved_key_pub_attr[saved_obh.obh1]);
3319 if (kv)
3320 return dsa_verify_digest(c, kv, saved_digest.buffer,
3321 saved_digest.size, in_sdgst);
3322 kv = get_ecdsa_key_vals(saved_key_pub_attr[saved_obh.obh1]);
3323 if (kv)
3324 return ecdsa_verify_digest(c, kv, saved_digest.buffer,
3325 saved_digest.size, in_sdgst);
3326 kv = get_rsa_key_vals(saved_key_pub_attr[saved_obh.obh1]);
3327 if (kv)
3328 return rsa_verify_digest(c, kv, saved_alloc.algo,
3329 saved_digest.buffer,
3330 saved_digest.size, in_sdgst);
3331
3332 return ADBG_EXPECT_TRUE(c, false);
3333 }
3334
mac_compute_final(ADBG_Case_t * c,TEEC_Session * s,const void * full_data,size_t fdata_length,struct crypto_buffer * mac)3335 static TEEC_Result mac_compute_final(
3336 ADBG_Case_t *c, TEEC_Session *s,
3337 const void *full_data, size_t fdata_length,
3338 struct crypto_buffer *mac)
3339 {
3340 TEEC_Result res = TEEC_ERROR_GENERIC;
3341 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
3342 uint32_t op1 = 3;
3343 uint32_t ret_orig;
3344
3345 res = Invoke_Crypto_AllocateOperation(c, s, CMD_Crypto_AllocateOperation,
3346 saved_alloc.algo, TEE_MODE_MAC,
3347 saved_alloc.obj_size, 0, op1);
3348
3349 if (res != TEEC_SUCCESS)
3350 goto exit;
3351
3352 if (saved_obh.obh2 != TEE_HANDLE_NULL) {
3353 res = Invoke_Crypto_SetOperationKey2(c, s, CMD_Crypto_SetOperationKey2,
3354 op1, saved_obh.obh1,
3355 saved_obh.obh2);
3356
3357 if (res != TEEC_SUCCESS)
3358 goto exit;
3359
3360 } else if (saved_obh.obh1 != TEE_HANDLE_NULL) {
3361 res = Invoke_Crypto_SetOperationKey(c, s, CMD_Crypto_SetOperationKey,
3362 op1, saved_obh.obh1);
3363
3364 if (res != TEEC_SUCCESS)
3365 goto exit;
3366 }
3367
3368 res = Invoke_Crypto_MACInit(c, s, CMD_Crypto_MACInit, op1,
3369 saved_mac_iv.buffer, saved_mac_iv.size);
3370
3371 if (res != TEEC_SUCCESS)
3372 goto exit;
3373
3374 /* CMD_MACComputeFinal */
3375 /* Fill SharedMem1 with full_data */
3376 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM04, fdata_length,
3377 TEEC_MEM_INPUT, fdata_length,
3378 full_data, mem04_exit)
3379 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM05, fdata_length,
3380 TEEC_MEM_OUTPUT, mem05_exit)
3381
3382 op.params[0].value.a = (uint32_t)op1;
3383 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM04,
3384 SHARE_MEM04->size)
3385 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM05,
3386 SHARE_MEM05->size)
3387
3388 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
3389 TEEC_MEMREF_PARTIAL_INPUT,
3390 TEEC_NONE, TEEC_MEMREF_PARTIAL_OUTPUT);
3391
3392 res = TEEC_InvokeCommand(s, CMD_Crypto_MACComputeFinal, &op, &ret_orig);
3393
3394 if (res == TEEC_SUCCESS) {
3395 mac->size = op.params[3].memref.size;
3396 mac->buffer = malloc(mac->size);
3397 memcpy(mac->buffer, SHARE_MEM05->buffer, mac->size);
3398 }
3399
3400 TEEC_ReleaseSharedMemory(SHARE_MEM05);
3401 mem05_exit:
3402 TEEC_ReleaseSharedMemory(SHARE_MEM04);
3403 mem04_exit:
3404 Invoke_Crypto_FreeOperation(c, s, CMD_Crypto_FreeOperation, op1);
3405 exit:
3406 return res;
3407 }
3408
cipher_do_final(ADBG_Case_t * c,TEEC_Session * s,const void * full_data,size_t fdata_length,struct crypto_buffer * cipher)3409 static TEEC_Result cipher_do_final(
3410 ADBG_Case_t *c, TEEC_Session *s,
3411 const void *full_data, size_t fdata_length,
3412 struct crypto_buffer *cipher)
3413 {
3414 TEEC_Result res = TEEC_ERROR_GENERIC;
3415 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
3416 uint32_t op1 = 3;
3417 uint32_t ret_orig;
3418
3419 res = Invoke_Crypto_AllocateOperation(c, s, CMD_Crypto_AllocateOperation,
3420 saved_alloc.algo,
3421 TEE_MODE_ENCRYPT,
3422 saved_alloc.obj_size, 0, op1);
3423
3424 if (res != TEEC_SUCCESS)
3425 goto crypto_alloc;
3426
3427 if (saved_obh.obh2 != TEE_HANDLE_NULL) {
3428 res = Invoke_Crypto_SetOperationKey2(c, s, CMD_Crypto_SetOperationKey2,
3429 op1, saved_obh.obh1,
3430 saved_obh.obh2);
3431
3432 if (res != TEEC_SUCCESS)
3433 goto exit;
3434
3435 } else if (saved_obh.obh1 != TEE_HANDLE_NULL) {
3436 res = Invoke_Crypto_SetOperationKey(c, s, CMD_Crypto_SetOperationKey,
3437 op1, saved_obh.obh1);
3438
3439 if (res != TEEC_SUCCESS)
3440 goto exit;
3441
3442 }
3443
3444 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM04, fdata_length,
3445 TEEC_MEM_INPUT,
3446 saved_cipher_iv.size,
3447 saved_cipher_iv.buffer,
3448 mem04_exit)
3449
3450 op.params[0].value.a = (uint32_t)op1;
3451 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM04,
3452 saved_cipher_iv.size)
3453
3454 op.params[1].memref.offset = 0;
3455 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
3456 TEEC_MEMREF_PARTIAL_INPUT, TEEC_NONE,
3457 TEEC_NONE);
3458
3459 res = TEEC_InvokeCommand(s, CMD_Crypto_CipherInit, &op, &ret_orig);
3460
3461 if (res != TEEC_SUCCESS)
3462 goto mem05_exit;
3463
3464 TEEC_ReleaseSharedMemory(SHARE_MEM04);
3465
3466 /* CMD_CipherDoFinal */
3467 /* Fill SharedMem1 with full_data */
3468 ALLOCATE_AND_FILL_SHARED_MEMORY(s->ctx, SHARE_MEM04, fdata_length,
3469 TEEC_MEM_INPUT, fdata_length,
3470 full_data, mem04_exit)
3471 ALLOCATE_SHARED_MEMORY(s->ctx, SHARE_MEM05, fdata_length,
3472 TEEC_MEM_OUTPUT, mem05_exit)
3473
3474 op.params[0].value.a = (uint32_t)op1;
3475 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, SHARE_MEM04,
3476 SHARE_MEM04->size)
3477 SET_SHARED_MEMORY_OPERATION_PARAMETER(3, 0, SHARE_MEM05,
3478 SHARE_MEM05->size)
3479
3480 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
3481 TEEC_MEMREF_PARTIAL_INPUT,
3482 TEEC_NONE, TEEC_MEMREF_PARTIAL_OUTPUT);
3483
3484 res = TEEC_InvokeCommand(s, CMD_Crypto_CipherDoFinal, &op, &ret_orig);
3485
3486 if (res == TEEC_SUCCESS) {
3487 cipher->size = op.params[3].memref.size;
3488 cipher->buffer = malloc(cipher->size);
3489 memcpy(cipher->buffer, SHARE_MEM05->buffer, cipher->size);
3490 }
3491
3492 TEEC_ReleaseSharedMemory(SHARE_MEM05);
3493 mem05_exit:
3494 TEEC_ReleaseSharedMemory(SHARE_MEM04);
3495 mem04_exit:
3496 exit:
3497 Invoke_Crypto_FreeOperation(c, s, CMD_Crypto_FreeOperation, op1);
3498 crypto_alloc:
3499 return res;
3500 }
3501
Invoke_Crypto_EnsureIntermediateBufferSize(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t oph)3502 static TEEC_Result Invoke_Crypto_EnsureIntermediateBufferSize(ADBG_Case_t *c,
3503 TEEC_Session *s,
3504 uint32_t cmd,
3505 uint32_t oph)
3506 {
3507 return Invoke_Simple_Function_v1(c, s, cmd, oph, 0);
3508 }
3509
Invoke_AllocateTransientObject(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t obj_type,uint32_t max_key_size,uint32_t oph)3510 static TEEC_Result Invoke_AllocateTransientObject(ADBG_Case_t *c,
3511 TEEC_Session *s, uint32_t cmd,
3512 uint32_t obj_type,
3513 uint32_t max_key_size,
3514 uint32_t oph)
3515 {
3516 return Invoke_Simple_Function_v2(c, s, cmd, oph, 0, obj_type,
3517 max_key_size);
3518 }
3519
Invoke_RestrictObjectUsage1(ADBG_Case_t * c,TEEC_Session * s,uint32_t cmd,uint32_t obj_handle,uint32_t obj_usage)3520 static TEEC_Result Invoke_RestrictObjectUsage1(ADBG_Case_t *c, TEEC_Session *s,
3521 uint32_t cmd,
3522 uint32_t obj_handle,
3523 uint32_t obj_usage)
3524 {
3525 return Invoke_Simple_Function_v1(c, s, cmd, obj_handle, obj_usage);
3526 }
3527
Invoke_StoreAttributeBuffer(ADBG_Case_t * c,TEEC_Session * sess,uint32_t cmd,uint32_t buffer,const void * value_bufptr,size_t value_size)3528 static TEEC_Result Invoke_StoreAttributeBuffer(ADBG_Case_t *c,
3529 TEEC_Session *sess,
3530 uint32_t cmd, uint32_t buffer,
3531 const void *value_bufptr,
3532 size_t value_size)
3533 {
3534 TEEC_Operation op = TEEC_OPERATION_INITIALIZER;
3535 TEEC_Result res = TEE_SUCCESS;
3536 uint32_t org = 0;
3537 static TEEC_SharedMemory shm = { };
3538
3539 shm.size = value_size;
3540 shm.flags = TEEC_MEM_INPUT;
3541 res = TEEC_AllocateSharedMemory(sess->ctx, &shm);
3542 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
3543 return res;
3544 memcpy(shm.buffer, value_bufptr, shm.size);
3545
3546 op.params[0].value.a = buffer;
3547 SET_SHARED_MEMORY_OPERATION_PARAMETER(1, 0, &shm, shm.size);
3548
3549 op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
3550 TEEC_MEMREF_PARTIAL_INPUT,
3551 TEEC_NONE, TEEC_NONE);
3552
3553 res = TEEC_InvokeCommand(sess, cmd, &op, &org);
3554
3555 TEEC_ReleaseSharedMemory(&shm);
3556
3557 return res;
3558 }
3559
Invoke_InitRefAttribute(ADBG_Case_t * c,TEEC_Session * sess,uint32_t cmd,uint32_t attr,uint32_t attr_id,uint32_t buffer)3560 static TEEC_Result Invoke_InitRefAttribute(ADBG_Case_t *c, TEEC_Session *sess,
3561 uint32_t cmd, uint32_t attr,
3562 uint32_t attr_id, uint32_t buffer)
3563 {
3564 return Invoke_Simple_Function_v2(c, sess, cmd, attr, attr_id,
3565 buffer, 0);
3566 }
3567
3568 static TEEC_Result
Macro_StoreRefAttribute(ADBG_Case_t * c,TEEC_Session * sess,uint32_t attr,uint32_t buffer,uint32_t attr_id,const void * value_bufptr,size_t value_size)3569 Macro_StoreRefAttribute(ADBG_Case_t *c, TEEC_Session *sess, uint32_t attr,
3570 uint32_t buffer, uint32_t attr_id,
3571 const void *value_bufptr, size_t value_size)
3572 {
3573 TEEC_Result res = TEE_SUCCESS;
3574
3575 res = Invoke_StoreAttributeBuffer(c, sess, CMD_DS_StoreBuffer,
3576 buffer, value_bufptr, value_size);
3577 if (!ADBG_EXPECT_TEEC_SUCCESS(c, res))
3578 return res;
3579
3580 res = Invoke_InitRefAttribute(c, sess, CMD_DS_InitRefAttribute,
3581 attr, attr_id, buffer);
3582 ADBG_EXPECT_TEEC_SUCCESS(c, res);
3583 return res;
3584 }
3585
3586 #endif /* XML_CRYPTO_API_H_ */
3587