/* SPDX-License-Identifier: BSD-2-Clause */
|
/*
|
* Copyright (c) 2014, STMicroelectronics International N.V.
|
* All rights reserved.
|
*/
|
|
#ifndef TA_CRYPT_H
|
#define TA_CRYPT_H
|
|
/* This UUID is generated with the ITU-T UUID generator at
|
http://www.itu.int/ITU-T/asn1/uuid.html */
|
#define TA_CRYPT_UUID { 0xcb3e5ba0, 0xadf1, 0x11e0, \
|
{ 0x99, 0x8b, 0x00, 0x02, 0xa5, 0xd5, 0xc5, 0x1b } }
|
|
#define TA_CRYPT_CMD_SHA224 1
|
#define TA_CRYPT_CMD_SHA256 2
|
#define TA_CRYPT_CMD_AES256ECB_ENC 3
|
#define TA_CRYPT_CMD_AES256ECB_DEC 4
|
|
/*
|
* TEE_Result TEE_AllocateOperation(TEE_OperationHandle *operation,
|
* uint32_t algorithm, uint32_t mode, uint32_t maxKeySize);
|
* in/out params[0].value.a = operation
|
* in/out params[0].value.b = algorithm
|
* in params[1].value.a = mode
|
* in params[2].value.b = maxKeySize
|
*/
|
#define TA_CRYPT_CMD_ALLOCATE_OPERATION 5
|
|
/*
|
* void TEE_FreeOperation(TEE_OperationHandle operation);
|
* in params[0].value.a = operation
|
*/
|
#define TA_CRYPT_CMD_FREE_OPERATION 6
|
|
/*
|
* void TEE_GetOperationInfo(TEE_OperationHandle operation,
|
* TEE_OperationInfo* operationInfo);
|
* in params[0].value.a = operation
|
* out params[1].memref = operationInfo
|
*/
|
#define TA_CRYPT_CMD_GET_OPERATION_INFO 7
|
|
/*
|
* void TEE_ResetOperation(TEE_OperationHandle operation);
|
* in params[0].value.a = operation
|
*/
|
#define TA_CRYPT_CMD_RESET_OPERATION 8
|
|
/*
|
* TEE_Result TEE_SetOperationKey(TEE_OperationHandle operation,
|
* TEE_ObjectHandle key);
|
* in params[0].value.a = operation
|
* in params[0].value.b = key
|
*/
|
#define TA_CRYPT_CMD_SET_OPERATION_KEY 9
|
|
/*
|
* TEE_Result TEE_SetOperationKey2(TEE_OperationHandle operation,
|
* TEE_ObjectHandle key1, TEE_ObjectHandle key2);
|
* in params[0].value.a = operation
|
* in params[0].value.b = key1
|
* in params[0].value.a = key2
|
*/
|
#define TA_CRYPT_CMD_SET_OPERATION_KEY2 10
|
|
/*
|
* void TEE_CopyOperation(TEE_OperationHandle dstOperation,
|
* TEE_OperationHandle srcOperation);
|
* in params[0].value.a = dstOperation
|
* in params[0].value.b = srcOperation
|
*/
|
#define TA_CRYPT_CMD_COPY_OPERATION 11
|
|
/*
|
* void TEE_DigestUpdate(TEE_OperationHandle operation,
|
* void *chunk, size_t chunkSize);
|
* in params[0].value.a = operation
|
* in params[1].memref = chunk
|
*/
|
#define TA_CRYPT_CMD_DIGEST_UPDATE 12
|
|
/*
|
* TEE_Result TEE_DigestDoFinal(TEE_OperationHandle operation,
|
* const void *chunk, size_t chunkLen,
|
* void *hash, size_t *hashLen);
|
* in params[0].value.a = operation
|
* in params[1].memref = chunk
|
* out params[2].memref = hash
|
*/
|
#define TA_CRYPT_CMD_DIGEST_DO_FINAL 13
|
|
/*
|
* void TEE_CipherInit(TEE_OperationHandle operation, const void *IV,
|
* size_t IVLen);
|
* in params[0].value.a = operation
|
* in params[1].memref = IV
|
*/
|
#define TA_CRYPT_CMD_CIPHER_INIT 14
|
|
/*
|
* TEE_Result TEE_CipherUpdate(TEE_OperationHandle operation,
|
* const void *srcData, size_t srcLen,
|
* void *destData, size_t *destLen);
|
* in params[0].value.a = operation
|
* in params[1].memref = srcData
|
* out params[2].memref = dstData
|
*/
|
#define TA_CRYPT_CMD_CIPHER_UPDATE 15
|
|
/*
|
* TEE_Result TEE_CipherDoFinal(TEE_OperationHandle operation,
|
* const void *srcData, size_t srcLen,
|
* void *destData, size_t *destLen);
|
* in params[0].value.a = operation
|
* in params[1].memref = srcData
|
* out params[2].memref = destData
|
*/
|
#define TA_CRYPT_CMD_CIPHER_DO_FINAL 16
|
|
/*
|
* void TEE_MACInit(TEE_OperationHandle operation,
|
* const void *IV, size_t IVLen);
|
* in params[0].value.a = operation
|
* in params[1].memref = IV
|
*/
|
#define TA_CRYPT_CMD_MAC_INIT 17
|
|
/*
|
* void TEE_MACUpdate(TEE_OperationHandle operation,
|
* const void *chunk, size_t chunkSize);
|
* in params[0].value.a = operation
|
* in params[1].memref = chunk
|
*/
|
#define TA_CRYPT_CMD_MAC_UPDATE 18
|
|
/*
|
* TEE_Result TEE_MACFinalCompute(TEE_OperationHandle operation,
|
* const void *message, size_t messageLen,
|
* void *mac, size_t *macLen);
|
* in params[0].value.a = operation
|
* in params[1].memref = message
|
* out params[2].memref = mac
|
*/
|
#define TA_CRYPT_CMD_MAC_FINAL_COMPUTE 19
|
|
/*
|
* TEE_Result TEE_MACFinalCompare(TEE_OperationHandle operation,
|
* const void *message, size_t messageLen,
|
* const void *mac, size_t *macLen);
|
* in params[0].value.a = operation
|
* in params[1].memref = message
|
* in params[2].memref = mac
|
*/
|
#define TA_CRYPT_CMD_MAC_FINAL_COMPARE 20
|
|
/*
|
* TEE_Result TEE_AllocateTransientObject(TEE_ObjectType objectType,
|
* uint32_t maxObjectSize, TEE_ObjectHandle* object);
|
* in params[0].value.a = objectType
|
* in params[0].value.b = maxObjectSize
|
* out params[1].value.a = object;
|
*/
|
#define TA_CRYPT_CMD_ALLOCATE_TRANSIENT_OBJECT 21
|
|
/*
|
* void TEE_FreeTransientObject(TEE_ObjectHandle object);
|
* in params[0].value.a = object
|
*/
|
#define TA_CRYPT_CMD_FREE_TRANSIENT_OBJECT 22
|
|
/*
|
* void TEE_ResetTransientObject(TEE_ObjectHandle object);
|
* in params[0].value.a = object
|
*/
|
#define TA_CRYPT_CMD_RESET_TRANSIENT_OBJECT 23
|
|
/*
|
* TEE_Result TEE_PopulateTransientObject(TEE_ObjectHandle object,
|
* TEE_Attribute *attrs, uint32_t attrCount);
|
* in params[0].value.a = object
|
* in params[1].memref = attrs
|
*/
|
#define TA_CRYPT_CMD_POPULATE_TRANSIENT_OBJECT 24
|
|
/*
|
* void TEE_CopyObjectAttributes(TEE_ObjectHandle destObject,
|
* TEE_ObjectHandle srcObject);
|
* in params[0].value.a = destObject
|
* in params[0].value.b = srcObject
|
*/
|
#define TA_CRYPT_CMD_COPY_OBJECT_ATTRIBUTES 25
|
|
/*
|
* TEE_Result TEE_GenerateKey(TEE_ObjectHandle object, uint32_t keySize,
|
* TEE_Attribute *params, uint32_t paramCount);
|
* in params[0].value.a = object
|
* in params[0].value.b = keySize
|
* in params[1].memref = params
|
*/
|
#define TA_CRYPT_CMD_GENERATE_KEY 26
|
|
/*
|
* TEE_Result TEE_AsymmetricEncrypt(TEE_OperationHandle operation,
|
* const TEE_Attribute *params, uint32_t paramCount,
|
* const void *srcData, size_t srcLen, void *destData,
|
* size_t *destLen);
|
* in params[0].value.a = operation
|
* in params[1].memref = params
|
* in params[2].memref = srcData
|
* out params[3].memref = destData
|
*/
|
#define TA_CRYPT_CMD_ASYMMETRIC_ENCRYPT 27
|
|
/*
|
* TEE_Result TEE_AsymmetricDecrypt(TEE_OperationHandle operation,
|
* const TEE_Attribute *params, uint32_t paramCount,
|
* const void *srcData, size_t srcLen, void *destData,
|
* size_t *destLen)
|
* in params[0].value.a = operation
|
* in params[1].memref = params
|
* in params[2].memref = srcData
|
* out params[3].memref = destData
|
*/
|
#define TA_CRYPT_CMD_ASYMMETRIC_DECRYPT 28
|
|
/*
|
* TEE_Result TEE_AsymmetricSignDigest(TEE_OperationHandle operation,
|
* const TEE_Attribute *params, uint32_t paramCount,
|
* const void *digest, size_t digestLen, void *signature,
|
* size_t *signatureLen)
|
* in params[0].value.a = operation
|
* in params[1].memref = params
|
* in params[2].memref = digest
|
* out params[3].memref = signature
|
*/
|
#define TA_CRYPT_CMD_ASYMMETRIC_SIGN_DIGEST 29
|
|
/*
|
* TEE_Result TEE_AsymmetricVerifyDigest(TEE_OperationHandle operation,
|
* const TEE_Attribute *params, uint32_t paramCount,
|
* const void *digest, size_t digestLen, const void *signature,
|
* size_t signatureLen)
|
* in params[0].value.a = operation
|
* in params[1].memref = params
|
* in params[2].memref = digest
|
* in params[3].memref = signature
|
*/
|
#define TA_CRYPT_CMD_ASYMMETRIC_VERIFY_DIGEST 30
|
|
/*
|
* void TEE_DeriveKey(TEE_OperationHandle operation,
|
* const TEE_Attribute *params, uint32_t paramCount,
|
* TEE_ObjectHandle derivedKey)
|
* in params[0].value.a = operation
|
* in params[1].memref = params
|
* in params[0].value.b = derivedKey
|
*/
|
#define TA_CRYPT_CMD_DERIVE_KEY 31
|
|
/*
|
* void TEE_RandomNumberGenerate(void *randomBuffer, size_t randomBufferLen);
|
* out params[0].memref = randomBuffer
|
*/
|
#define TA_CRYPT_CMD_RANDOM_NUMBER_GENERATE 32
|
|
/*
|
* TEE_Result TEE_AEInit(TEE_OperationHandle operation,
|
* const void* nonce, size_t nonceLen,
|
* uint32_t tagLen, uint32_t AADLen, uint32_t payloadLen);
|
* in params[0].value.a = operation
|
* in params[1].memref = nonce
|
* in params[0].value.b = tagLen
|
* in params[2].value.a = AADLen
|
* in params[2].value.b = payloadLen
|
*/
|
#define TA_CRYPT_CMD_AE_INIT 33
|
|
/*
|
* void TEE_AEUpdateAAD(TEE_OperationHandle operation,
|
* void* AADdata, size_t AADdataLen);
|
* in params[0].value.a = operation
|
* in params[1].memref = AADdata
|
*/
|
#define TA_CRYPT_CMD_AE_UPDATE_AAD 34
|
|
/*
|
* TEE_Result TEE_AEUpdate(TEE_OperationHandle operation,
|
* const void* srcData, size_t srcLen,
|
* void* destData, size_t *destLen);
|
* in params[0].value.a = operation
|
* in params[1].memref = srcData
|
* out params[2].memref = destData
|
*/
|
#define TA_CRYPT_CMD_AE_UPDATE 35
|
|
/*
|
* TEE_Result TEE_AEEncryptFinal(TEE_OperationHandle operation,
|
* const void* srcData, size_t srcLen,
|
* void* destData, size_t* destLen,
|
* void* tag, size_t* tagLen);
|
* in params[0].value[0].a = operation
|
* in params[1].memref = srcData
|
* out params[2].memref = destData
|
* out params[3].memref = tag
|
*/
|
#define TA_CRYPT_CMD_AE_ENCRYPT_FINAL 36
|
|
/*
|
* TEE_Result TEE_AEDecryptFinal(TEE_OperationHandle operation,
|
* const void* srcData, size_t srcLen,
|
* void* destData, size_t *destLen,
|
* const void* tag, size_t tagLen);
|
* in params[0].value.a = operation
|
* in params[1].memref = srcData
|
* out params[2].memref = destData
|
* in params[3].memref = tag
|
*/
|
#define TA_CRYPT_CMD_AE_DECRYPT_FINAL 37
|
|
/*
|
* TEE_Result TEE_GetObjectBufferAttribute(TEE_ObjectHandle object,
|
* uint32_t attributeID, void* buffer, size_t* size);
|
* in params[0].value.a = object
|
* in params[0].value.b = attributeID
|
* out params[1].memrefs = buffer
|
*/
|
#define TA_CRYPT_CMD_GET_OBJECT_BUFFER_ATTRIBUTE 38
|
|
/*
|
* TEE_Result TEE_GetObjectValueAttribute(TEE_ObjectHandle object,
|
* uint32_t attributeID, void* buffer, size_t* size);
|
* in params[0].value.a = object
|
* in params[0].value.b = attributeID
|
* out params[1].value.a = value a
|
* out params[1].value.b = value b
|
*/
|
#define TA_CRYPT_CMD_GET_OBJECT_VALUE_ATTRIBUTE 39
|
|
/* To set or get a global value */
|
#define TA_CRYPT_CMD_SETGLOBAL 40
|
#define TA_CRYPT_CMD_GETGLOBAL 41
|
|
/* If mbedtls is compiled with MBEDTLS_SELF_TEST, run the self tests */
|
#define TA_CRYPT_CMD_MBEDTLS_SELF_TESTS 42
|
|
/*
|
* in params[0].memref = cert-chain
|
* in params[1].memref = trust-anchor-cert
|
*/
|
#define TA_CRYPT_CMD_MBEDTLS_CHECK_CERT 43
|
|
/*
|
* in params[0].memref = Certificate request in PKCS#10 format
|
* out params[1].memref = Signed certificate in X.509 format
|
* out params[2].memref = Certificate chain
|
*/
|
#define TA_CRYPT_CMD_MBEDTLS_SIGN_CERT 44
|
|
/*
|
* system pTA is used for adding entropy to RNG pool */
|
#define TA_CRYPT_CMD_SEED_RNG_POOL 45
|
|
/*
|
* Testing arithmetical interface.
|
*
|
* Coding of signed 32-bit values:
|
* a int32_t with its bit pattern stored in a 32-bit value
|
*/
|
|
#define TA_CRYPT_ARITH_INVALID_HANDLE 0xffffffff
|
|
/*
|
* in params[0].value.a: Number of bits
|
* out params[1].value.b: Handle to bignum variable
|
*/
|
#define TA_CRYPT_CMD_ARITH_NEW_VAR 46
|
|
/*
|
* in params[0].value.a: Number of bits
|
* in params[0].value.b: Handle to bignum variable modulus
|
* out params[1].value.a: Handle to FMM context
|
*/
|
#define TA_CRYPT_CMD_ARITH_NEW_FMM_CTX 47
|
|
/*
|
* in params[0].value.a: Number of bits
|
* out params[1].value.a: Handle to FMM variable
|
*/
|
#define TA_CRYPT_CMD_ARITH_NEW_FMM_VAR 48
|
|
/*
|
* in params[0].value.a: Handle to bignum variable, FMM context, or
|
* FMM variable
|
*/
|
#define TA_CRYPT_CMD_ARITH_FREE_HANDLE 49
|
|
|
/*
|
* in params[0].value.a: Handle to bignum variable
|
* in params[0].value.b: S32 representing the sign of the value
|
* in params[1].memref: octet string representing the value
|
*/
|
#define TA_CRYPT_CMD_ARITH_FROM_OCTET_STRING 50
|
|
/*
|
* in params[0].value.a: Handle to bignum variable
|
* in params[0].value.b: S32 representing the value
|
*/
|
#define TA_CRYPT_CMD_ARITH_FROM_S32 51
|
|
/*
|
* in params[0].value.a: Handle to bignum variable
|
* out params[1].value.a: S32 representing the sign of the value
|
* out params[2].memref: octet string representing the value
|
*/
|
#define TA_CRYPT_CMD_ARITH_GET_VALUE 52
|
|
/*
|
* in params[0].value.a: Handle to bignum variable
|
* out params[1].value.a: S32 the value
|
*/
|
#define TA_CRYPT_CMD_ARITH_GET_VALUE_S32 53
|
|
/*
|
* in params[0].value.a: Handle to bignum variable
|
* in params[0].value.b: Bit number
|
* out params[1].value.a: Bit value
|
*/
|
#define TA_CRYPT_CMD_ARITH_GET_BIT 54
|
|
/*
|
* in params[0].value.a: Handle to bignum variable
|
* out params[1].value.a: Bit count
|
*/
|
#define TA_CRYPT_CMD_ARITH_GET_BIT_COUNT 55
|
|
/*
|
* in params[0].value.a: handle op
|
* in params[0].value.b: number of bits
|
* in params[1].value.a: handle result
|
*/
|
#define TA_CRYPT_CMD_ARITH_SHIFT_RIGHT 56
|
|
/*
|
* in params[0].value.a: handle op1
|
* in params[0].value.b: handle op2
|
* out params[1].value.a: result
|
*/
|
#define TA_CRYPT_CMD_ARITH_CMP 57
|
|
/*
|
* in params[0].value.a: handle op
|
* in params[0].value.b: S32 shortVal
|
* out params[1].value.a: result
|
*/
|
#define TA_CRYPT_CMD_ARITH_CMP_S32 58
|
|
/*
|
* in params[0].value.a: handle a
|
* in params[0].value.b: handle b
|
* in params[1].value.a: handle result
|
*/
|
#define TA_CRYPT_CMD_ARITH_ADD 59
|
|
/*
|
* in params[0].value.a: handle a
|
* in params[0].value.b: handle b
|
* in params[1].value.a: handle result
|
*/
|
#define TA_CRYPT_CMD_ARITH_SUB 60
|
|
/*
|
* in params[0].value.a: handle a
|
* in params[0].value.b: handle b
|
* in params[1].value.a: handle result
|
*/
|
#define TA_CRYPT_CMD_ARITH_MUL 61
|
|
/*
|
* in params[0].value.a: handle a
|
* in params[0].value.b: handle result
|
*/
|
#define TA_CRYPT_CMD_ARITH_NEG 62
|
|
/*
|
* in params[0].value.a: handle a
|
* in params[0].value.b: handle result
|
*/
|
#define TA_CRYPT_CMD_ARITH_SQR 63
|
|
/*
|
* in params[0].value.a: handle op1
|
* in params[0].value.b: handle op2
|
* in params[1].value.a: handle result Q
|
* in params[1].value.b: handle result R
|
*/
|
#define TA_CRYPT_CMD_ARITH_DIV 64
|
|
/*
|
* in params[0].value.a: handle op
|
* in params[0].value.b: handle n
|
* in params[1].value.a: handle result
|
*/
|
#define TA_CRYPT_CMD_ARITH_MOD 65
|
|
/*
|
* in params[0].value.a: handle op1
|
* in params[0].value.b: handle op2
|
* in params[1].value.a: handle n
|
* in params[1].value.b: handle result
|
*/
|
#define TA_CRYPT_CMD_ARITH_ADDMOD 66
|
|
/*
|
* in params[0].value.a: handle op1
|
* in params[0].value.b: handle op2
|
* in params[1].value.a: handle n
|
* in params[1].value.b: handle result
|
*/
|
#define TA_CRYPT_CMD_ARITH_SUBMOD 67
|
|
/*
|
* in params[0].value.a: handle op1
|
* in params[0].value.b: handle op2
|
* in params[1].value.a: handle n
|
* in params[1].value.b: handle result
|
*/
|
#define TA_CRYPT_CMD_ARITH_MULMOD 68
|
|
/*
|
* in params[0].value.a: handle op
|
* in params[0].value.b: handle n
|
* in params[1].value.a: handle result
|
*/
|
#define TA_CRYPT_CMD_ARITH_SQRMOD 69
|
|
/*
|
* in params[0].value.a: handle op
|
* in params[0].value.b: handle n
|
* in params[1].value.a: handle result
|
*/
|
#define TA_CRYPT_CMD_ARITH_INVMOD 70
|
|
/*
|
* in params[0].value.a: handle op
|
* in params[0].value.b: handle n
|
* in params[1].value.a: bool result
|
*/
|
#define TA_CRYPT_CMD_ARITH_IS_RELATIVE_PRIME 71
|
|
/*
|
* in params[0].value.a: handle op1
|
* in params[0].value.b: handle op2
|
* in params[1].value.a: handle result u
|
* in params[1].value.b: handle result v
|
* in params[2].value.a: handle result gcd
|
*/
|
#define TA_CRYPT_CMD_ARITH_COMPUTE_EGCD 72
|
|
/*
|
* in params[0].value.a: handle op
|
* in params[0].value.b: confidence level
|
* out params[1].value.a: S32 result
|
*/
|
#define TA_CRYPT_CMD_ARITH_IS_PRIME 73
|
|
/*
|
* in params[0].value.a: handle src
|
* in params[0].value.b: handle n
|
* in params[1].value.a: handle FMM context
|
* in params[1].value.b: handle result FMM variable
|
*/
|
#define TA_CRYPT_CMD_ARITH_TO_FMM 74
|
|
/*
|
* in params[0].value.a: handle FMM src
|
* in params[0].value.b: handle bigint n
|
* in params[1].value.a: handle FMM context
|
* in params[1].value.b: handle result bigint
|
*/
|
#define TA_CRYPT_CMD_ARITH_FROM_FMM 75
|
|
/*
|
* in params[0].value.a: handle FMM op1
|
* in params[0].value.b: handle FMM op2
|
* in params[1].value.a: handle bigint n
|
* in params[1].value.b: handle FMM context
|
* in params[2].value.a: handle FMM result
|
*/
|
#define TA_CRYPT_CMD_ARITH_COMPUTE_FMM 76
|
|
/*
|
* system PTA is used for deriving device and TA unique keys. This function in
|
* the "crypt" TA is testing the key derivation.
|
*/
|
#define TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY 77
|
|
/*
|
* system PTA is used for deriving device and TA unique keys. This function in
|
* the "crypt" TA is testing the key derivation. This function tries to derive
|
* keys by using shared memory buffers (something that shall fail).
|
*
|
* in params[0].memref.buffer Buffer for extra data
|
* in params[0].memref.size Size of extra data
|
* out params[1].memref.buffer Buffer for the derived key
|
* out params[1].memref.size Size of the derived key
|
*/
|
#define TA_CRYPT_CMD_DERIVE_TA_UNIQUE_KEY_SHM 78
|
|
/*
|
* in params[0].value.a: algorithm
|
* in params[0].value.b: element
|
* out params[1].value.a: TEE_IsAlgorithmSupported() return status
|
*/
|
#define TA_CRYPT_CMD_IS_ALGO_SUPPORTED 79
|
#endif /*TA_CRYPT_H */
|
