xref: /optee_os/lib/libutee/include/tee_api_defines_extensions.h (revision 696f56ac2bdf1382921cc3e08a25f0e18d5f08fc) 
11bb92983SJerome Forissier /* SPDX-License-Identifier: BSD-2-Clause */
28854d3c6SJerome Forissier /*
3492c8e9aSEtienne Carriere  * Copyright (c) 2014-2021, Linaro Limited
4eee637e7SAlexander Zakharov  * Copyright (c) 2021, SumUp Services GmbH
58854d3c6SJerome Forissier  */
68854d3c6SJerome Forissier 
78854d3c6SJerome Forissier #ifndef TEE_API_DEFINES_EXTENSIONS_H
88854d3c6SJerome Forissier #define TEE_API_DEFINES_EXTENSIONS_H
98854d3c6SJerome Forissier 
108854d3c6SJerome Forissier /*
11492c8e9aSEtienne Carriere  * API extended result codes as per TEE_Result IDs defined in GPD TEE
12492c8e9aSEtienne Carriere  * Internal Core API specification v1.1:
13492c8e9aSEtienne Carriere  *
14492c8e9aSEtienne Carriere  * 0x70000000 - 0x7FFFFFFF: Reserved for implementation-specific return
15492c8e9aSEtienne Carriere  *			    code providing non-error information
16492c8e9aSEtienne Carriere  * 0x80000000 - 0x8FFFFFFF: Reserved for implementation-specific errors
17492c8e9aSEtienne Carriere  *
18492c8e9aSEtienne Carriere  * TEE_ERROR_DEFER_DRIVER_INIT - Device driver failed to initialize because
19492c8e9aSEtienne Carriere  * the driver depends on a device not yet initialized.
20492c8e9aSEtienne Carriere  */
21492c8e9aSEtienne Carriere #define TEE_ERROR_DEFER_DRIVER_INIT	0x80000000
22492c8e9aSEtienne Carriere 
23492c8e9aSEtienne Carriere /*
2452199c35SVesa Jääskeläinen  * TEE_ERROR_NODE_DISABLED - Device driver failed to initialize because it is
2552199c35SVesa Jääskeläinen  * not allocated for TEE environment.
2652199c35SVesa Jääskeläinen  */
2752199c35SVesa Jääskeläinen #define TEE_ERROR_NODE_DISABLED		0x80000001
2852199c35SVesa Jääskeläinen 
2952199c35SVesa Jääskeläinen /*
30cdb198a7SJerome Forissier  * HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
31cdb198a7SJerome Forissier  */
32cdb198a7SJerome Forissier 
33cdb198a7SJerome Forissier #define TEE_ALG_HKDF_MD5_DERIVE_KEY     0x800010C0
34cdb198a7SJerome Forissier #define TEE_ALG_HKDF_SHA1_DERIVE_KEY    0x800020C0
35cdb198a7SJerome Forissier #define TEE_ALG_HKDF_SHA224_DERIVE_KEY  0x800030C0
36cdb198a7SJerome Forissier #define TEE_ALG_HKDF_SHA256_DERIVE_KEY  0x800040C0
37cdb198a7SJerome Forissier #define TEE_ALG_HKDF_SHA384_DERIVE_KEY  0x800050C0
38cdb198a7SJerome Forissier #define TEE_ALG_HKDF_SHA512_DERIVE_KEY  0x800060C0
39cdb198a7SJerome Forissier 
40cdb198a7SJerome Forissier #define TEE_TYPE_HKDF_IKM               0xA10000C0
41cdb198a7SJerome Forissier 
42cdb198a7SJerome Forissier #define TEE_ATTR_HKDF_IKM               0xC00001C0
43cdb198a7SJerome Forissier #define TEE_ATTR_HKDF_SALT              0xD00002C0
44cdb198a7SJerome Forissier #define TEE_ATTR_HKDF_INFO              0xD00003C0
45cdb198a7SJerome Forissier #define TEE_ATTR_HKDF_OKM_LENGTH        0xF00004C0
46cdb198a7SJerome Forissier 
47cdb198a7SJerome Forissier /*
488854d3c6SJerome Forissier  * Concatenation Key Derivation Function (Concat KDF)
498854d3c6SJerome Forissier  * NIST SP 800-56A section 5.8.1
508854d3c6SJerome Forissier  */
518854d3c6SJerome Forissier 
528854d3c6SJerome Forissier #define TEE_ALG_CONCAT_KDF_SHA1_DERIVE_KEY    0x800020C1
538854d3c6SJerome Forissier #define TEE_ALG_CONCAT_KDF_SHA224_DERIVE_KEY  0x800030C1
548854d3c6SJerome Forissier #define TEE_ALG_CONCAT_KDF_SHA256_DERIVE_KEY  0x800040C1
558854d3c6SJerome Forissier #define TEE_ALG_CONCAT_KDF_SHA384_DERIVE_KEY  0x800050C1
568854d3c6SJerome Forissier #define TEE_ALG_CONCAT_KDF_SHA512_DERIVE_KEY  0x800060C1
578854d3c6SJerome Forissier 
588854d3c6SJerome Forissier #define TEE_TYPE_CONCAT_KDF_Z                 0xA10000C1
598854d3c6SJerome Forissier 
608854d3c6SJerome Forissier #define TEE_ATTR_CONCAT_KDF_Z                 0xC00001C1
618854d3c6SJerome Forissier #define TEE_ATTR_CONCAT_KDF_OTHER_INFO        0xD00002C1
628854d3c6SJerome Forissier #define TEE_ATTR_CONCAT_KDF_DKM_LENGTH        0xF00003C1
638854d3c6SJerome Forissier 
640f2293b7SJerome Forissier /*
650f2293b7SJerome Forissier  * PKCS #5 v2.0 Key Derivation Function 2 (PBKDF2)
660f2293b7SJerome Forissier  * RFC 2898 section 5.2
670f2293b7SJerome Forissier  * https://www.ietf.org/rfc/rfc2898.txt
680f2293b7SJerome Forissier  */
690f2293b7SJerome Forissier 
700f2293b7SJerome Forissier #define TEE_ALG_PBKDF2_HMAC_SHA1_DERIVE_KEY 0x800020C2
710f2293b7SJerome Forissier 
720f2293b7SJerome Forissier #define TEE_TYPE_PBKDF2_PASSWORD            0xA10000C2
730f2293b7SJerome Forissier 
740f2293b7SJerome Forissier #define TEE_ATTR_PBKDF2_PASSWORD            0xC00001C2
750f2293b7SJerome Forissier #define TEE_ATTR_PBKDF2_SALT                0xD00002C2
760f2293b7SJerome Forissier #define TEE_ATTR_PBKDF2_ITERATION_COUNT     0xF00003C2
770f2293b7SJerome Forissier #define TEE_ATTR_PBKDF2_DKM_LENGTH          0xF00004C2
780f2293b7SJerome Forissier 
79b44708c1SJerome Forissier /*
806a2e0a9fSGabor Szekely  * PKCS#1 v1.5 RSASSA pre-hashed sign/verify
816a2e0a9fSGabor Szekely  */
826a2e0a9fSGabor Szekely 
836a2e0a9fSGabor Szekely #define TEE_ALG_RSASSA_PKCS1_V1_5	0xF0000830
846a2e0a9fSGabor Szekely 
856a2e0a9fSGabor Szekely /*
86eee637e7SAlexander Zakharov  *  TDEA CMAC (NIST SP800-38B)
87eee637e7SAlexander Zakharov  */
88eee637e7SAlexander Zakharov #define TEE_ALG_DES3_CMAC	0xF0000613
89eee637e7SAlexander Zakharov 
90eee637e7SAlexander Zakharov /*
91*696f56acSPingan Xie  *  SM4-XTS
92*696f56acSPingan Xie  */
93*696f56acSPingan Xie #define TEE_ALG_SM4_XTS 0xF0000414
94*696f56acSPingan Xie 
95*696f56acSPingan Xie /*
96b44708c1SJerome Forissier  * Implementation-specific object storage constants
97b44708c1SJerome Forissier  */
98b44708c1SJerome Forissier 
99b44708c1SJerome Forissier /* Storage is provided by the Rich Execution Environment (REE) */
100b44708c1SJerome Forissier #define TEE_STORAGE_PRIVATE_REE	 0x80000000
101b44708c1SJerome Forissier /* Storage is the Replay Protected Memory Block partition of an eMMC device */
102b44708c1SJerome Forissier #define TEE_STORAGE_PRIVATE_RPMB 0x80000100
103455856d4SJens Wiklander /* Was TEE_STORAGE_PRIVATE_SQL, which isn't supported any longer */
104455856d4SJens Wiklander #define TEE_STORAGE_PRIVATE_SQL_RESERVED  0x80000200
105b44708c1SJerome Forissier 
106dd3247beSEtienne Carriere /*
107dd3247beSEtienne Carriere  * Extension of "Memory Access Rights Constants"
108dd3247beSEtienne Carriere  * #define TEE_MEMORY_ACCESS_READ             0x00000001
109dd3247beSEtienne Carriere  * #define TEE_MEMORY_ACCESS_WRITE            0x00000002
110dd3247beSEtienne Carriere  * #define TEE_MEMORY_ACCESS_ANY_OWNER        0x00000004
111dd3247beSEtienne Carriere  *
112dd3247beSEtienne Carriere  * TEE_MEMORY_ACCESS_NONSECURE : if set TEE_CheckMemoryAccessRights()
113dd3247beSEtienne Carriere  * successfully returns only if target vmem range is mapped non-secure.
114dd3247beSEtienne Carriere  *
115dd3247beSEtienne Carriere  * TEE_MEMORY_ACCESS_SECURE : if set TEE_CheckMemoryAccessRights()
116dd3247beSEtienne Carriere  * successfully returns only if target vmem range is mapped secure.
117dd3247beSEtienne Carriere 
118dd3247beSEtienne Carriere  */
119dd3247beSEtienne Carriere #define TEE_MEMORY_ACCESS_NONSECURE          0x10000000
120dd3247beSEtienne Carriere #define TEE_MEMORY_ACCESS_SECURE             0x20000000
121dd3247beSEtienne Carriere 
12278f462f6SSumit Garg /*
12378f462f6SSumit Garg  * Implementation-specific login types
12478f462f6SSumit Garg  */
12578f462f6SSumit Garg 
12678f462f6SSumit Garg /* Private login method for REE kernel clients */
12778f462f6SSumit Garg #define TEE_LOGIN_REE_KERNEL		0x80000000
12878f462f6SSumit Garg 
1298854d3c6SJerome Forissier #endif /* TEE_API_DEFINES_EXTENSIONS_H */
130