1 /* 2 * Copyright (c) 2025 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"), 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 /** 17 * @addtogroup TeeTrusted 18 * @{ 19 * 20 * @brief TEE(Trusted Excution Environment) API. 21 * Provides security capability APIs such as trusted storage, encryption and decryption, 22 * and trusted time for trusted application development. 23 * 24 * @since 20 25 */ 26 27 /** 28 * @file tee_ext_api.h 29 * 30 * @brief Provides extended interfaces. 31 * 32 * @library NA 33 * @kit TEEKit 34 * @syscap SystemCapability.Tee.TeeClient 35 * @since 20 36 * @version 1.0 37 */ 38 39 #ifndef TEE_EXT_API_H 40 #define TEE_EXT_API_H 41 42 #include "tee_defines.h" 43 44 #ifdef __cplusplus 45 extern "C" { 46 #endif 47 48 #define TEE_RETURN_AGENT_BUFFER 0x99 49 #define TEE_INVALID_AGENT 0x66 50 #define TEE_AGENT_LOCK 0x33 51 #define TEE_GET_REEINFO_SUCCESS 0 52 #define TEE_GET_REEINFO_FAILED 1 53 54 /** 55 * @brief Defines the value of invalid user ID. 56 * 57 * @since 20 58 */ 59 #define INVALID_USERID 0xFFFFFFFFU 60 61 /** 62 * @brief Defines the SMC from user mode. 63 * 64 * @since 20 65 */ 66 #define TEE_SMC_FROM_USR 0 67 68 /** 69 * @brief Defines the SMC from kernel mode. 70 * 71 * @since 20 72 */ 73 #define TEE_SMC_FROM_KERNEL 1 74 75 /** 76 * @brief Defines the szie of reserved buffer. 77 * 78 * @since 20 79 */ 80 #define RESERVED_BUF_SIZE 32 81 82 /** 83 * @brief Defines the caller information. 84 * 85 * @since 20 86 */ 87 typedef struct ta_caller_info { 88 /** The session type. */ 89 uint32_t session_type; 90 union { 91 struct { 92 /** The caller's UUID. */ 93 TEE_UUID caller_uuid; 94 /** The caller's group ID. */ 95 uint32_t group_id; 96 }; 97 /** The buffer used to store CA information. */ 98 uint8_t ca_info[RESERVED_BUF_SIZE]; 99 } caller_identity; 100 /** Indicates whether the SMC is sent from kernel mode. */ 101 uint8_t smc_from_kernel_mode; 102 /** Reserved buffer. */ 103 uint8_t reserved[RESERVED_BUF_SIZE - 1]; 104 } caller_info; 105 106 /** 107 * @brief Get caller info of current session, refer caller_info struct for more details. 108 * 109 * @param caller_info_data A pointer to a buffer where the caller_info struct will be stored. 110 * @param length The size of the buffer pointed to by caller_info_data. 111 * 112 * @return Returns <b>TEE_SUCCESS</b> if the operation is successful. 113 * @return Returns other information otherwise. 114 * 115 * @since 20 116 * @version 1.0 117 */ 118 TEE_Result tee_ext_get_caller_info(caller_info *caller_info_data, uint32_t length); 119 120 /** 121 * @brief Get user ID of current CA. 122 * 123 * @param user_id Indicates the user ID to be returned. 124 * 125 * @return Returns <b>TEE_SUCCESS</b> if the operation is successful. 126 * @return Returns other information otherwise. 127 * 128 * @since 20 129 * @version 1.0 130 */ 131 TEE_Result tee_ext_get_caller_userid(uint32_t *user_id); 132 133 /** 134 * @brief Adds information about a caller that can invoke this TA. 135 * This API applies to the client applications (CAs) in the native CA and HAP format. 136 * 137 * @param cainfo_hash Indicates the hash value of the CA caller information. 138 * @param length Indicates the length of the hash value. 139 * 140 * @return Returns <b>TEE_SUCCESS</b> if the operation is successful. 141 * @return Returns other information otherwise. 142 * 143 * @since 20 144 * @version 1.0 145 */ 146 TEE_Result AddCaller_CA(const uint8_t *cainfo_hash, uint32_t length); 147 148 /** 149 * @brief TA call this API allow others TA open session with itself. 150 * 151 * @return Returns <b>TEE_SUCCESS</b> if the operation is successful. 152 * @return Returns other information otherwise. 153 * 154 * @since 20 155 * @version 1.0 156 */ 157 TEE_Result AddCaller_TA_all(void); 158 159 /** 160 * @brief Defines the session caller from CA. 161 * 162 * @since 20 163 */ 164 #define SESSION_FROM_CA 0 165 166 /** 167 * @brief Defines the session caller from TA. 168 * 169 * @since 20 170 */ 171 #define SESSION_FROM_TA 1 172 173 /** 174 * @brief Defines the TA task is not found, for example, from TA sub thread. 175 * 176 * @since 20 177 */ 178 #define SESSION_FROM_NOT_SUPPORTED 0xFE 179 180 /** 181 * @brief Defines the TA caller is not found. 182 * 183 * @since 20 184 */ 185 #define SESSION_FROM_UNKNOWN 0xFF 186 187 /** 188 * @brief Obtains the session type. 189 * 190 * @return Returns the session type obtained. 191 * 192 * @since 20 193 * @version 1.0 194 */ 195 uint32_t tee_get_session_type(void); 196 197 /** 198 * @brief Derive key from platform key. 199 * 200 * @param object [IN/OUT] input data in ObjectInfo->keytype, output keys in Attributes. 201 * @param key_size [IN] key size in bits, it desides the ecc curve type too. 202 * @param params [IN] unused. 203 * @param param_count [IN] unused. 204 * @param exinfo [IN] user info as dervice salt. 205 * @param exinfo_size [IN] size of user info, Max is 64 bytes, must bigger than 0. 206 * 207 * @return Returns <b>TEE_SUCCESS</b> if the operation is successful. 208 * @return Returns other information otherwise. 209 * 210 * @since 20 211 * @version 1.0 212 */ 213 TEE_Result tee_ext_derive_ta_platfrom_keys(TEE_ObjectHandle object, uint32_t key_size, const TEE_Attribute *params, 214 uint32_t param_count, const uint8_t *exinfo, uint32_t exinfo_size); 215 216 #ifdef __cplusplus 217 } 218 #endif 219 220 #endif 221 /** @} */