1 /* 2 * Copyright (C) 2022 Huawei Technologies Co., Ltd. 3 * Licensed under the Mulan PSL v2. 4 * You can use this software according to the terms and conditions of the Mulan PSL v2. 5 * You may obtain a copy of Mulan PSL v2 at: 6 * http://license.coscl.org.cn/MulanPSL2 7 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR 8 * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR 9 * PURPOSE. 10 * See the Mulan PSL v2 for more details. 11 */ 12 13 #ifndef TEE_CRYPTO_API_H 14 #define TEE_CRYPTO_API_H 15 16 #include <pthread.h> /* pthread_mutex_t */ 17 #include <tee_defines.h> 18 #include <tee_mem_mgmt_api.h> 19 20 #ifndef NULL 21 #define NULL ((void *)0) 22 #endif 23 24 #define TEE_MAX_KEY_SIZE_IN_BITS (1024 * 8) 25 #define SW_RSA_KEYLEN 1024 26 #define TEE_DH_MAX_SIZE_OF_OTHER_INFO 64 /* bytes */ 27 #define TEE_PARAM_COUNT_MAX 9 28 29 enum __TEE_Operation_Constants { 30 TEE_OPERATION_CIPHER = 0x1, 31 TEE_OPERATION_MAC = 3, 32 TEE_OPERATION_AE = 4, 33 TEE_OPERATION_DIGEST = 5, 34 TEE_OPERATION_ASYMMETRIC_CIPHER = 6, 35 TEE_OPERATION_ASYMMETRIC_SIGNATURE = 7, 36 TEE_OPERATION_KEY_DERIVATION = 8, 37 }; 38 39 enum __tee_crypto_algorithm_id { 40 TEE_ALG_INVALID = 0x0, 41 TEE_ALG_AES_ECB_NOPAD = 0x10000010, 42 TEE_ALG_AES_CBC_NOPAD = 0x10000110, 43 TEE_ALG_AES_CTR = 0x10000210, 44 TEE_ALG_AES_CTS = 0x10000310, 45 TEE_ALG_AES_XTS = 0x10000410, 46 TEE_ALG_AES_CBC_MAC_NOPAD = 0x30000110, 47 TEE_ALG_AES_CBC_MAC_PKCS5 = 0x30000510, 48 TEE_ALG_AES_CMAC = 0x30000610, 49 TEE_ALG_AES_GMAC = 0x30000810, 50 TEE_ALG_AES_CCM = 0x40000710, 51 TEE_ALG_AES_GCM = 0x40000810, 52 TEE_ALG_DES_ECB_NOPAD = 0x10000011, 53 TEE_ALG_DES_CBC_NOPAD = 0x10000111, 54 TEE_ALG_DES_CBC_MAC_NOPAD = 0x30000111, 55 TEE_ALG_DES_CBC_MAC_PKCS5 = 0x30000511, 56 TEE_ALG_DES3_ECB_NOPAD = 0x10000013, 57 TEE_ALG_DES3_CBC_NOPAD = 0x10000113, 58 TEE_ALG_DES3_CBC_MAC_NOPAD = 0x30000113, 59 TEE_ALG_DES3_CBC_MAC_PKCS5 = 0x30000513, 60 TEE_ALG_RSASSA_PKCS1_V1_5_MD5 = 0x70001830, 61 TEE_ALG_RSASSA_PKCS1_V1_5_SHA1 = 0x70002830, 62 TEE_ALG_RSASSA_PKCS1_V1_5_SHA224 = 0x70003830, 63 TEE_ALG_RSASSA_PKCS1_V1_5_SHA256 = 0x70004830, 64 TEE_ALG_RSASSA_PKCS1_V1_5_SHA384 = 0x70005830, 65 TEE_ALG_RSASSA_PKCS1_V1_5_SHA512 = 0x70006830, 66 TEE_ALG_RSASSA_PKCS1_PSS_MGF1_MD5 = 0x70111930, 67 TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1 = 0x70212930, 68 TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224 = 0x70313930, 69 TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256 = 0x70414930, 70 TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384 = 0x70515930, 71 TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512 = 0x70616930, 72 TEE_ALG_RSAES_PKCS1_V1_5 = 0x60000130, 73 TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1 = 0x60210230, 74 #ifdef GP_SUPPORT 75 TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224 = 0x60310230, 76 TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256 = 0x60410230, 77 TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384 = 0x60510230, 78 TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512 = 0x60610230, 79 #else 80 TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224 = 0x60211230, 81 TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256 = 0x60212230, 82 TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384 = 0x60213230, 83 TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512 = 0x60214230, 84 #endif 85 TEE_ALG_RSA_NOPAD = 0x60000030, 86 TEE_ALG_DSA_SHA1 = 0x70002131, 87 TEE_ALG_DSA_SHA224 = 0x70003131, 88 TEE_ALG_DSA_SHA256 = 0x70004131, 89 TEE_ALG_DH_DERIVE_SHARED_SECRET = 0x80000032, 90 TEE_ALG_MD5 = 0x50000001, 91 TEE_ALG_SHA1 = 0x50000002, 92 TEE_ALG_SHA224 = 0x50000003, 93 TEE_ALG_SHA256 = 0x50000004, 94 TEE_ALG_SHA384 = 0x50000005, 95 TEE_ALG_SHA512 = 0x50000006, 96 TEE_ALG_HMAC_MD5 = 0x30000001, 97 TEE_ALG_HMAC_SHA1 = 0x30000002, 98 TEE_ALG_HMAC_SHA224 = 0x30000003, 99 TEE_ALG_HMAC_SHA256 = 0x30000004, 100 TEE_ALG_HMAC_SHA384 = 0x30000005, 101 TEE_ALG_HMAC_SHA512 = 0x30000006, 102 TEE_ALG_HMAC_SM3 = 0x30000007, 103 TEE_ALG_AES_ECB_PKCS5 = 0x10000020, 104 TEE_ALG_AES_CBC_PKCS5 = 0x10000220, 105 TEE_ALG_ECDSA_SHA1 = 0x70001042, 106 TEE_ALG_ECDSA_SHA224 = 0x70002042, 107 TEE_ALG_ECDSA_SHA256 = 0x70003042, 108 TEE_ALG_ECDSA_SHA384 = 0x70004042, 109 TEE_ALG_ECDSA_SHA512 = 0x70005042, 110 TEE_ALG_ED25519 = 0x70005043, 111 TEE_ALG_ECDH_DERIVE_SHARED_SECRET = 0x80000042, 112 TEE_ALG_X25519 = 0x80000044, 113 TEE_ALG_ECC = 0x80000001, 114 TEE_ALG_ECDSA_P192 = 0x70001042, 115 TEE_ALG_ECDSA_P224 = 0x70002042, 116 TEE_ALG_ECDSA_P256 = 0x70003042, 117 TEE_ALG_ECDSA_P384 = 0x70004042, 118 TEE_ALG_ECDSA_P521 = 0x70005042, 119 TEE_ALG_ECDH_P192 = 0x80001042, 120 TEE_ALG_ECDH_P224 = 0x80002042, 121 TEE_ALG_ECDH_P256 = 0x80003042, 122 TEE_ALG_ECDH_P384 = 0x80004042, 123 TEE_ALG_ECDH_P521 = 0x80005042, 124 TEE_ALG_SIP_HASH = 0xF0000002, 125 TEE_ALG_SM2_DSA_SM3 = 0x70006045, 126 TEE_ALG_SM2_PKE = 0x80000045, 127 TEE_ALG_SM3 = 0x50000007, 128 TEE_ALG_SM4_ECB_NOPAD = 0x10000014, 129 TEE_ALG_SM4_CBC_NOPAD = 0x10000114, 130 TEE_ALG_SM4_CBC_PKCS7 = 0xF0000003, 131 TEE_ALG_SM4_CTR = 0x10000214, 132 TEE_ALG_SM4_CFB128 = 0xF0000000, 133 TEE_ALG_SM4_XTS = 0x10000414, 134 TEE_ALG_SM4_OFB = 0x10000514, 135 TEE_ALG_AES_OFB = 0x10000510, 136 TEE_ALG_SM4_GCM = 0xF0000005, 137 }; 138 139 typedef enum __tee_crypto_algorithm_id tee_crypto_algorithm_id; 140 141 #define TEE_OPTIONAL_ELEMENT_NONE 0x00000000 142 143 typedef enum { 144 TEE_ECC_CURVE_NIST_P192 = 0x00000001, 145 TEE_ECC_CURVE_NIST_P224 = 0x00000002, 146 TEE_ECC_CURVE_NIST_P256 = 0x00000003, 147 TEE_ECC_CURVE_NIST_P384 = 0x00000004, 148 TEE_ECC_CURVE_NIST_P521 = 0x00000005, 149 TEE_ECC_CURVE_SM2 = 0x00000300, /* CURVE_SM2 256 bits */ 150 TEE_ECC_CURVE_25519 = 0x00000200, /* CURVE_25519 256 bits */ 151 } TEE_ECC_CURVE; 152 153 typedef enum { 154 TEE_DH_HASH_SHA1_mode = 0, 155 TEE_DH_HASH_SHA224_mode = 1, 156 TEE_DH_HASH_SHA256_mode = 2, 157 TEE_DH_HASH_SHA384_mode = 3, 158 TEE_DH_HASH_SHA512_mode = 4, 159 TEE_DH_HASH_NumOfModes, 160 } TEE_DH_HASH_Mode; 161 162 typedef enum { 163 TEE_DH_PKCS3_mode = 0, /* PKCS3 */ 164 TEE_DH_ANSI_X942_mode = 1, /* X942 */ 165 TEE_DH_NumOfModes, /* num of modes */ 166 } TEE_DH_OpMode_t; 167 168 typedef enum { 169 TEE_DH_ASN1_DerivMode = 0, /* ASN1_DerivMode */ 170 TEE_DH_ConcatDerivMode = 1, /* ConcatDerivMode */ 171 TEE_DH_X963_DerivMode = TEE_DH_ConcatDerivMode, /* X963_DerivMode */ 172 TEE_DH_OMADRM_DerivMode = 2, /* OMADRM_DerivMode */ 173 TEE_DH_ISO18033_KDF1_DerivMode = 3, /* ISO18033_KDF1_DerivMode */ 174 TEE_DH_ISO18033_KDF2_DerivMode = 4, /* ISO18033_KDF2_DerivMode */ 175 TEE_DH_DerivFunc_NumOfModes, /* num of modes */ 176 } TEE_DH_DerivFuncMode; 177 178 enum __TEE_DK_ObjectAttribute { 179 TEE_DK_SECRECT = 0, /* A pointer to shared secret value */ 180 TEE_DK_OTHER, /* A pointer to structure containing other data */ 181 TEE_DK_HASH_MODE, /* The enumerator ID of the HASH function to be used */ 182 TEE_DK_DERIVATION_MODE /* The enumerator ID of the derivation function mode */ 183 }; 184 185 typedef enum __TEE_DK_ObjectAttribute tee_dk_objectattribute; 186 187 enum __TEE_OperationMode { 188 TEE_MODE_ENCRYPT = 0x0, 189 TEE_MODE_DECRYPT, 190 TEE_MODE_SIGN, 191 TEE_MODE_VERIFY, 192 TEE_MODE_MAC, 193 TEE_MODE_DIGEST, 194 TEE_MODE_DERIVE 195 }; 196 197 enum tee_operation_state { 198 TEE_OPERATION_STATE_INITIAL = 0x00000000, 199 TEE_OPERATION_STATE_ACTIVE = 0x00000001, 200 }; 201 202 typedef uint32_t TEE_OperationMode; 203 204 typedef struct { 205 uint8_t algorithm_id[TEE_DH_MAX_SIZE_OF_OTHER_INFO]; /* object ID(OID) */ 206 uint32_t size_of_algorithm_id; /* length of AlgorithmID */ 207 uint8_t party_u_info[TEE_DH_MAX_SIZE_OF_OTHER_INFO]; /* public info of sender */ 208 uint32_t size_of_party_u_info; /* length of PartyUInfo */ 209 uint8_t party_v_info[TEE_DH_MAX_SIZE_OF_OTHER_INFO]; /* public info of receiver */ 210 uint32_t size_of_party_v_info; /* length of PartyVInfo */ 211 uint8_t supp_priv_info[TEE_DH_MAX_SIZE_OF_OTHER_INFO]; /* shared private info */ 212 uint32_t size_of_supp_priv_info; /* length of SuppPrivInfo */ 213 uint8_t supp_pub_info[TEE_DH_MAX_SIZE_OF_OTHER_INFO]; /* shared public info */ 214 uint32_t size_of_supp_pub_info; /* length of SuppPubInfo */ 215 } TEE_DH_OtherInfo; 216 217 struct __TEE_OperationInfo { 218 uint32_t algorithm; /* #__TEE_CRYPTO_ALGORITHM_ID */ 219 uint32_t operationClass; /* #__TEE_Operation_Constants */ 220 uint32_t mode; /* #__TEE_OperationMode */ 221 uint32_t digestLength; 222 uint32_t maxKeySize; 223 uint32_t keySize; 224 uint32_t requiredKeyUsage; 225 uint32_t handleState; 226 void *keyValue; 227 }; 228 229 typedef struct __TEE_OperationInfo TEE_OperationInfo; 230 231 typedef struct { 232 uint32_t keySize; 233 uint32_t requiredKeyUsage; 234 } TEE_OperationInfoKey; 235 236 typedef struct { 237 uint32_t algorithm; 238 uint32_t operationClass; 239 uint32_t mode; 240 uint32_t digestLength; 241 uint32_t maxKeySize; 242 uint32_t handleState; 243 uint32_t operationState; 244 uint32_t numberOfKeys; 245 TEE_OperationInfoKey keyInformation[]; 246 } TEE_OperationInfoMultiple; 247 248 struct __TEE_OperationHandle { 249 uint32_t algorithm; /* #__TEE_CRYPTO_ALGORITHM_ID */ 250 uint32_t operationClass; /* #__TEE_Operation_Constants */ 251 uint32_t mode; /* #__TEE_OperationMode */ 252 uint32_t digestLength; 253 uint32_t maxKeySize; 254 uint32_t keySize; 255 uint32_t keySize2; 256 uint32_t requiredKeyUsage; 257 uint32_t handleState; 258 void *keyValue; 259 void *keyValue2; 260 void *crypto_ctxt; 261 void *hmac_rest_ctext; 262 void *IV; 263 void *publicKey; 264 uint32_t publicKeyLen; 265 void *privateKey; 266 uint32_t privateKeyLen; 267 uint32_t IVLen; 268 /* start of DH */ 269 TEE_DH_OtherInfo *dh_otherinfo; /* #TEE_DH_OtherInfo */ 270 uint32_t dh_hash_mode; /* #TEE_DH_HASH_Mode */ 271 uint32_t dh_derive_func; /* #TEE_DH_DerivFuncMode */ 272 uint32_t dh_op_mode; /* #TEE_DH_OpMode_t */ 273 /* end of DH */ 274 pthread_mutex_t operation_lock; 275 void *hal_info; 276 }; 277 typedef struct { 278 uint32_t src; 279 uint32_t dest; 280 } crypto_uint2uint; 281 282 #define RSA_PUBKEY_MAXSIZE sizeof(CRYS_RSAUserPubKey_t) 283 284 #define RSA_PRIVKEY_MAXSIZE sizeof(CRYS_RSAUserPrivKey_t) 285 286 typedef struct { 287 void *src_data; 288 size_t src_len; 289 void *dest_data; 290 size_t *dest_len; 291 } operation_src_dest; 292 293 typedef struct { 294 void *nonce; 295 size_t nonce_len; 296 uint32_t tag_len; 297 size_t aad_len; 298 size_t payload_len; 299 } operation_ae_init; 300 301 typedef struct __TEE_OperationHandle *TEE_OperationHandle; 302 303 typedef struct __TEE_OperationHandle TEE_OperationHandleVar; 304 305 typedef struct __TEE_ObjectHandle TEE_ObjectHandleVar; 306 307 /* 308 * alloc operation handle 309 * 310 * @param operation [IN/OUT] #TEE_OperationHandle 311 * @param algorithm [IN] #TEE_CRYPTO_ALGORITHM_ID 312 * @param mode [IN] #TEE_OperationMode 313 * @param maxKeySize [IN] The max key size 314 * 315 * @return TEE_SUCCESS succss 316 * @return TEE_ERROR_OUT_OF_MEMORY #TEE_OperationHandle malloc failed 317 * @return TEE_ERROR_NOT_SUPPORTE #TEE_CRYPTO_ALGORITHM_ID not support 318 * @return TEE_ERROR_GENERIC other failed 319 */ 320 TEE_Result TEE_AllocateOperation(TEE_OperationHandle *operation, uint32_t algorithm, uint32_t mode, 321 uint32_t maxKeySize); 322 /* 323 * free Operation handle 324 * 325 * @param operation [IN/OUT] operation handle 326 * 327 * @return void 328 */ 329 void TEE_FreeOperation(TEE_OperationHandle operation); 330 331 /* 332 * get Operation Info 333 * 334 * @param operation [IN/OUT] #TEE_OperationHandle 335 * @param operationInfo [IN/OUT] #TEE_OperationInfo 336 * 337 * @return void 338 */ 339 void TEE_GetOperationInfo(const TEE_OperationHandle operation, TEE_OperationInfo *operationInfo); 340 341 /* 342 * reset operation handle 343 * 344 * @param operation [IN/OUT] #TEE_OperationHandle 345 * 346 * @return void 347 */ 348 void TEE_ResetOperation(TEE_OperationHandle operation); 349 350 /* 351 * set operation key 352 * 353 * @param operation [IN/OUT] #TEE_OperationHandle 354 * @param key [IN/OUT] #TEE_ObjectHandle 355 * 356 * @return TEE_SUCCESS succss 357 * @return TEE_ERROR_BAD_PARAMETERS the params is invalid 358 * @return TEE_ERROR_OUT_OF_MEMORY malloc key buffer failed 359 */ 360 TEE_Result TEE_SetOperationKey(TEE_OperationHandle operation, const TEE_ObjectHandle key); 361 362 /* 363 * set operation key1 and key2 364 * 365 * @param operation [IN/OUT] #TEE_OperationHandle 366 * @param key1 [IN/OUT] #TEE_ObjectHandle 367 * @param key2 [IN/OUT] #TEE_ObjectHandle 368 * 369 * @return TEE_SUCCESS succss 370 * @return TEE_ERROR_BAD_PARAMETERS the params is invalid 371 */ 372 TEE_Result TEE_SetOperationKey2(TEE_OperationHandle operation, const TEE_ObjectHandle key1, 373 const TEE_ObjectHandle key2); 374 /* 375 * copy src operation to dest operation 376 * 377 * @param dstOperation [IN/OUT] #TEE_OperationHandle 378 * @param srcOperation [IN/OUT] #TEE_OperationHandle 379 * 380 * @return void 381 */ 382 void TEE_CopyOperation(TEE_OperationHandle dstOperation, const TEE_OperationHandle srcOperation); 383 384 /* 385 * init cipher context 386 * 387 * @param operation [IN/OUT] #TEE_OperationHandle 388 * @param IV [IN] the iv buffer, set NULL if not use 389 * @param IVLen [IN] the length of iv buffer 390 * 391 * @return void 392 */ 393 void TEE_CipherInit(TEE_OperationHandle operation, const void *IV, size_t IVLen); 394 395 /* 396 * do cipher update 397 * 398 * @param operation [IN/OUT] #TEE_OperationHandle 399 * @param srcData [IN] the src data 400 * @param srcLen [IN] the length of src data 401 * @param destData [OUT] the dest data 402 * @param destLen [OUT] the length of dest data 403 * 404 * @return TEE_SUCCESS succss 405 * @return TEE_ERROR_BAD_PARAMETERS the params is invalid 406 * @return TEE_ERROR_GENERIC other error 407 */ 408 TEE_Result TEE_CipherUpdate(TEE_OperationHandle operation, const void *srcData, size_t srcLen, void *destData, 409 size_t *destLen); 410 /* 411 * do cipher finish 412 * 413 * @param operation [IN/OUT] #TEE_OperationHandle 414 * @param srcData [IN] the src data 415 * @param srcLen [IN] the length of src data 416 * @param destData [OUT] the dest data 417 * @param destLen [OUT] the length of dest data 418 * 419 * @return TEE_SUCCESS succss 420 * @return TEE_ERROR_BAD_PARAMETERS the params is invalid 421 * @return TEE_ERROR_GENERIC other error 422 */ 423 TEE_Result TEE_CipherDoFinal(TEE_OperationHandle operation, const void *srcData, size_t srcLen, void *destData, 424 size_t *destLen); 425 /* 426 * do digest update 427 * 428 * @param operation [IN/OUT] #TEE_OperationHandle 429 * @param chunk [IN] the chunk buffer 430 * @param chunkSize [IN] the length of chunk buffer 431 * 432 * @return TEE_SUCCESS succss 433 * @return TEE_ERROR_GENERIC other error 434 */ 435 #ifndef GP_SUPPORT 436 437 #if defined(API_LEVEL) && (API_LEVEL >= 2) 438 void TEE_DigestUpdate(TEE_OperationHandle operation, const void *chunk, size_t chunkSize); 439 #else 440 TEE_Result TEE_DigestUpdate(TEE_OperationHandle operation, const void *chunk, size_t chunkSize); 441 #endif /* API_LEVEL */ 442 443 #else 444 void TEE_DigestUpdate(TEE_OperationHandle operation, const void *chunk, size_t chunkSize); 445 #endif 446 447 /* 448 * do digest finish 449 * 450 * @param operation [IN/OUT] #TEE_OperationHandle 451 * @param chunk [IN] the chunk buffer 452 * @param chunkSize [IN] the length of chunk buffer 453 * @param hash [OUT] the hash buffer 454 * @param hashLen [OUT] the length of hash buffer 455 * 456 * @return #TEE_SUCCESS success 457 * @return #TEE_ERROR_GENERIC other error 458 */ 459 TEE_Result TEE_DigestDoFinal(TEE_OperationHandle operation, const void *chunk, size_t chunkLen, void *hash, 460 size_t *hashLen); 461 462 /* 463 * do mac init 464 * 465 * @param operation [IN/OUT] #TEE_OperationHandle 466 * @param IV [IN] the iv buffer, set NULL if not use 467 * @param IVLen [IN] the length of iv buffer 468 * 469 * @return void 470 */ 471 void TEE_MACInit(TEE_OperationHandle operation, void *IV, size_t IVLen); 472 473 /* 474 * do mac update 475 * 476 * @param operation [IN/OUT] #TEE_OperationHandle 477 * @param chunk [IN] the chunk buffer 478 * @param chunkSize [IN] the length of chunk buffer 479 * 480 * @return void 481 */ 482 void TEE_MACUpdate(TEE_OperationHandle operation, const void *chunk, size_t chunkSize); 483 484 /* 485 * do mac finish 486 * 487 * @param operation [IN/OUT] #TEE_OperationHandle 488 * @param message [IN] the message buffer 489 * @param messageLen [IN] the length of message buffer 490 * @param mac [OUT] the mac buffer 491 * @param macLen [OUT] the length of mac buffer 492 * 493 * @return #TEE_SUCCESS success 494 * @return #TEE_ERROR_GENERIC other error 495 */ 496 TEE_Result TEE_MACComputeFinal(TEE_OperationHandle operation, const void *message, size_t messageLen, void *mac, 497 size_t *macLen); 498 /* 499 * do mac finish and compare 500 * 501 * @param operation [IN/OUT] #TEE_OperationHandle 502 * @param message [IN] the message buffer 503 * @param messageLen [IN] the length of message buffer 504 * @param mac [OUT] the mac buffer 505 * @param macLen [OUT] the length of mac buffer 506 * 507 * @return #TEE_SUCCESS success 508 * @return #TEE_ERROR_GENERIC other error 509 * @return #TEE_ERROR_MAC_INVALID compare failed 510 */ 511 #ifndef GP_SUPPORT 512 513 #if defined(API_LEVEL) && (API_LEVEL >= 2) 514 TEE_Result TEE_MACCompareFinal(TEE_OperationHandle operation, const void *message, size_t messageLen, const void *mac, 515 const size_t macLen); 516 #else 517 TEE_Result TEE_MACCompareFinal(TEE_OperationHandle operation, const void *message, size_t messageLen, const void *mac, 518 const size_t *macLen); 519 #endif /* API_LEVEL */ 520 521 #else 522 TEE_Result TEE_MACCompareFinal(TEE_OperationHandle operation, const void *message, size_t messageLen, const void *mac, 523 const size_t macLen); 524 #endif 525 526 /* 527 * do derive key 528 * 529 * @param operation [IN/OUT] #TEE_OperationHandle 530 * @param params [IN] #TEE_Attribute 531 * @param paramCount [IN] the count of param 532 * @param derivedKey [OUT] #TEE_ObjectHandle 533 * 534 * @return void 535 */ 536 void TEE_DeriveKey(TEE_OperationHandle operation, const TEE_Attribute *params, uint32_t paramCount, 537 TEE_ObjectHandle derivedKey); 538 /* 539 * generate random data 540 * 541 * @param randomBuffer [IN/OUT] the random buffer 542 * @param randomBufferLen [IN] the length of random buffer 543 * 544 * @return void 545 */ 546 void TEE_GenerateRandom(void *randomBuffer, size_t randomBufferLen); 547 548 /* 549 * do ae init 550 * 551 * @param operation [IN/OUT] #TEE_OperationHandle 552 * @param nonce [IN] the nounce buffer 553 * @param nonceLen [IN] the length of nounce 554 * @param tagLen [IN] the length of tag 555 * @param AADLen [IN] the length of aad 556 * @param payloadLen [IN] the length of payload 557 * 558 * @return #TEE_SUCCESS success 559 * @return #TEE_ERROR_GENERIC other error 560 */ 561 TEE_Result TEE_AEInit(TEE_OperationHandle operation, void *nonce, size_t nonceLen, uint32_t tagLen, size_t AADLen, 562 size_t payloadLen); 563 /* 564 * update ae aad 565 * 566 * @param operation [IN/OUT] #TEE_OperationHandle 567 * @param AADdata [IN] the aad buffer 568 * @param AADdataLen [IN] the length of aad buffer 569 * 570 * @return void 571 */ 572 void TEE_AEUpdateAAD(TEE_OperationHandle operation, const void *AADdata, size_t AADdataLen); 573 574 /* 575 * do ae update 576 * 577 * @param operation [IN/OUT] #TEE_OperationHandle 578 * @param srcData [IN] the src data 579 * @param srcLen [IN] the length of src data 580 * @param destData [OUT] the dest data 581 * @param destLen [OUT] the length of dest data 582 * 583 * @return TEE_SUCCESS succss 584 * @return TEE_ERROR_GENERIC other error 585 */ 586 TEE_Result TEE_AEUpdate(TEE_OperationHandle operation, void *srcData, size_t srcLen, void *destData, size_t *destLen); 587 588 /* 589 * do ae encrypt 590 * 591 * @param operation [IN/OUT] #TEE_OperationHandle 592 * @param srcData [IN] the src data 593 * @param srcLen [IN] the length of src data 594 * @param destData [OUT] the dest data 595 * @param destLen [OUT] the length of dest data 596 * @param tag [OUT] the tag buffer 597 * @param tagLen [OUT] the length of tag buffer 598 * 599 * @return TEE_SUCCESS succss 600 * @return TEE_ERROR_GENERIC other error 601 */ 602 TEE_Result TEE_AEEncryptFinal(TEE_OperationHandle operation, void *srcData, size_t srcLen, void *destData, 603 size_t *destLen, void *tag, size_t *tagLen); 604 /* 605 * do ae decrypt 606 * 607 * @param operation [IN/OUT] #TEE_OperationHandle 608 * @param srcData [IN] the src data 609 * @param srcLen [IN] the length of src data 610 * @param destData [OUT] the dest data 611 * @param destLen [OUT] the length of dest data 612 * @param tag [OUT] the tag buffer 613 * @param tagLen [OUT] the length of tag buffer 614 * 615 * @return TEE_SUCCESS succss 616 * @return TEE_ERROR_MAC_INVALID the tag is invalid 617 */ 618 TEE_Result TEE_AEDecryptFinal(TEE_OperationHandle operation, void *srcData, size_t srcLen, void *destData, 619 size_t *destLen, void *tag, size_t tagLen); 620 621 /* 622 * do asymmetric encrypt 623 * 624 * @param operation [IN/OUT] #TEE_OperationHandle 625 * @param params [IN] #TEE_Attribute 626 * @param paramCount [IN] the count of params 627 * @param srcData [IN] the src data 628 * @param srcLen [IN] the length of src data 629 * @param destData [OUT] the dest data 630 * @param destLen [OUT] the length of dest data 631 * 632 * @return TEE_SUCCESS succss 633 * @return TEE_ERROR_BAD_PARAMETERS the params is invalid 634 * @return TEE_ERROR_GENERIC other error 635 */ 636 TEE_Result TEE_AsymmetricEncrypt(TEE_OperationHandle operation, const TEE_Attribute *params, uint32_t paramCount, 637 void *srcData, size_t srcLen, void *destData, size_t *destLen); 638 639 /* 640 * do asymmetric decrypt 641 * 642 * @param operation [IN/OUT] #TEE_OperationHandle 643 * @param params [IN] #TEE_Attribute 644 * @param paramCount [IN] the count of params 645 * @param srcData [IN] the src data 646 * @param srcLen [IN] the length of src data 647 * @param destData [OUT] the dest data 648 * @param destLen [OUT] the length of dest data 649 * 650 * @return TEE_SUCCESS succss 651 * @return TEE_ERROR_BAD_PARAMETERS the params is invalid 652 * @return TEE_ERROR_GENERIC other error 653 * 654 */ 655 TEE_Result TEE_AsymmetricDecrypt(TEE_OperationHandle operation, const TEE_Attribute *params, uint32_t paramCount, 656 void *srcData, size_t srcLen, void *destData, size_t *destLen); 657 658 /* 659 * do asymmetric sign 660 * 661 * @param operation [IN/OUT] #TEE_OperationHandle 662 * @param params [IN] #TEE_Attribute 663 * @param paramCount [IN] the count of params 664 * @param digest [IN] the digest data 665 * @param digestLen [IN] the length of digest data 666 * @param signature [OUT] the signature data 667 * @param signatureLen [OUT] the length of signature data 668 * 669 * @return TEE_SUCCESS succss 670 * @return TEE_ERROR_BAD_PARAMETERS the params is invalid 671 * @return TEE_ERROR_GENERIC other error 672 */ 673 TEE_Result TEE_AsymmetricSignDigest(TEE_OperationHandle operation, const TEE_Attribute *params, uint32_t paramCount, 674 void *digest, size_t digestLen, void *signature, size_t *signatureLen); 675 676 /* 677 * do asymmetric verify 678 * 679 * @param operation [IN/OUT] #TEE_OperationHandle 680 * @param params [IN] #TEE_Attribute 681 * @param paramCount [IN] the count of params 682 * @param digest [IN] the digest data 683 * @param digestLen [IN] the length of digest data 684 * @param signature [OUT] the signature data 685 * @param signatureLen [OUT] the length of signature data 686 * 687 * @return TEE_SUCCESS succss 688 * @return TEE_ERROR_BAD_PARAMETERS the params is invalid 689 * @return TEE_ERROR_GENERIC other error 690 */ 691 TEE_Result TEE_AsymmetricVerifyDigest(TEE_OperationHandle operation, const TEE_Attribute *params, uint32_t paramCount, 692 void *digest, size_t digestLen, void *signature, size_t signatureLen); 693 694 #if defined(API_LEVEL) && (API_LEVEL >= 2) 695 696 /* 697 * Get Operation Info multiple 698 * 699 * @param operation [IN/OUT] #TEE_OperationHandle 700 * @param operationInfoMultiple [IN/OUT] #TEE_OperationInfoMultiple 701 * @param operationSize [IN/OUT] the size of operation handle 702 * 703 * @return TEE_SUCCESS succss 704 * @return TEE_ERROR_BAD_PARAMETERS the params is invalid 705 * @return TEE_ERROR_SHORT_BUFFER the buffer is not large enough 706 */ 707 TEE_Result TEE_GetOperationInfoMultiple(TEE_OperationHandle operation, TEE_OperationInfoMultiple *operationInfoMultiple, 708 const size_t *operationSize); 709 #endif /* API_LEVEL */ 710 711 #if defined(API_LEVEL) && (API_LEVEL >= 2) 712 713 /* 714 * check whether the algorithm is sopported 715 * 716 * @param algId [IN] the algorithm 717 * @param element [IN] the element 718 * 719 * @return TEE_SUCCESS support 720 * @return TEE_ERROR_NOT_SUPPORTED not support 721 */ 722 TEE_Result TEE_IsAlgorithmSupported(uint32_t algId, uint32_t element); 723 724 TEE_Result TEE_IsHardWareSupportAlgorithm(uint32_t alg_type); 725 #endif /* API_LEVEL */ 726 727 #endif 728