xref: /optee_os/lib/libutee/include/tee_api_defines_extensions.h (revision 5a913ee74d3c71af2a2860ce8a4e7aeab2916f9b) 
1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*
3  * Copyright (c) 2014, Linaro Limited
4  */
5 
6 #ifndef TEE_API_DEFINES_EXTENSIONS_H
7 #define TEE_API_DEFINES_EXTENSIONS_H
8 
9 /*
10  * HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
11  */
12 
13 #define TEE_ALG_HKDF_MD5_DERIVE_KEY     0x800010C0
14 #define TEE_ALG_HKDF_SHA1_DERIVE_KEY    0x800020C0
15 #define TEE_ALG_HKDF_SHA224_DERIVE_KEY  0x800030C0
16 #define TEE_ALG_HKDF_SHA256_DERIVE_KEY  0x800040C0
17 #define TEE_ALG_HKDF_SHA384_DERIVE_KEY  0x800050C0
18 #define TEE_ALG_HKDF_SHA512_DERIVE_KEY  0x800060C0
19 
20 #define TEE_TYPE_HKDF_IKM               0xA10000C0
21 
22 #define TEE_ATTR_HKDF_IKM               0xC00001C0
23 #define TEE_ATTR_HKDF_SALT              0xD00002C0
24 #define TEE_ATTR_HKDF_INFO              0xD00003C0
25 #define TEE_ATTR_HKDF_OKM_LENGTH        0xF00004C0
26 
27 /*
28  * Concatenation Key Derivation Function (Concat KDF)
29  * NIST SP 800-56A section 5.8.1
30  */
31 
32 #define TEE_ALG_CONCAT_KDF_SHA1_DERIVE_KEY    0x800020C1
33 #define TEE_ALG_CONCAT_KDF_SHA224_DERIVE_KEY  0x800030C1
34 #define TEE_ALG_CONCAT_KDF_SHA256_DERIVE_KEY  0x800040C1
35 #define TEE_ALG_CONCAT_KDF_SHA384_DERIVE_KEY  0x800050C1
36 #define TEE_ALG_CONCAT_KDF_SHA512_DERIVE_KEY  0x800060C1
37 
38 #define TEE_TYPE_CONCAT_KDF_Z                 0xA10000C1
39 
40 #define TEE_ATTR_CONCAT_KDF_Z                 0xC00001C1
41 #define TEE_ATTR_CONCAT_KDF_OTHER_INFO        0xD00002C1
42 #define TEE_ATTR_CONCAT_KDF_DKM_LENGTH        0xF00003C1
43 
44 /*
45  * PKCS #5 v2.0 Key Derivation Function 2 (PBKDF2)
46  * RFC 2898 section 5.2
47  * https://www.ietf.org/rfc/rfc2898.txt
48  */
49 
50 #define TEE_ALG_PBKDF2_HMAC_SHA1_DERIVE_KEY 0x800020C2
51 
52 #define TEE_TYPE_PBKDF2_PASSWORD            0xA10000C2
53 
54 #define TEE_ATTR_PBKDF2_PASSWORD            0xC00001C2
55 #define TEE_ATTR_PBKDF2_SALT                0xD00002C2
56 #define TEE_ATTR_PBKDF2_ITERATION_COUNT     0xF00003C2
57 #define TEE_ATTR_PBKDF2_DKM_LENGTH          0xF00004C2
58 
59 /*
60  * PKCS#1 v1.5 RSASSA pre-hashed sign/verify
61  */
62 
63 #define TEE_ALG_RSASSA_PKCS1_V1_5	0xF0000830
64 
65 /*
66  * Implementation-specific object storage constants
67  */
68 
69 /* Storage is provided by the Rich Execution Environment (REE) */
70 #define TEE_STORAGE_PRIVATE_REE	 0x80000000
71 /* Storage is the Replay Protected Memory Block partition of an eMMC device */
72 #define TEE_STORAGE_PRIVATE_RPMB 0x80000100
73 /* Was TEE_STORAGE_PRIVATE_SQL, which isn't supported any longer */
74 #define TEE_STORAGE_PRIVATE_SQL_RESERVED  0x80000200
75 
76 /*
77  * Extension of "Memory Access Rights Constants"
78  * #define TEE_MEMORY_ACCESS_READ             0x00000001
79  * #define TEE_MEMORY_ACCESS_WRITE            0x00000002
80  * #define TEE_MEMORY_ACCESS_ANY_OWNER        0x00000004
81  *
82  * TEE_MEMORY_ACCESS_NONSECURE : if set TEE_CheckMemoryAccessRights()
83  * successfully returns only if target vmem range is mapped non-secure.
84  *
85  * TEE_MEMORY_ACCESS_SECURE : if set TEE_CheckMemoryAccessRights()
86  * successfully returns only if target vmem range is mapped secure.
87 
88  */
89 #define TEE_MEMORY_ACCESS_NONSECURE          0x10000000
90 #define TEE_MEMORY_ACCESS_SECURE             0x20000000
91 
92 #endif /* TEE_API_DEFINES_EXTENSIONS_H */
93