• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2022 Huawei Technologies Co., Ltd.
3  * Licensed under the Mulan PSL v2.
4  * You can use this software according to the terms and conditions of the Mulan PSL v2.
5  * You may obtain a copy of Mulan PSL v2 at:
6  *     http://license.coscl.org.cn/MulanPSL2
7  * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
8  * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
9  * PURPOSE.
10  * See the Mulan PSL v2 for more details.
11  */
12 
13 #ifndef __TEE_HW_EXT_API_LEGACY_H__
14 #define __TEE_HW_EXT_API_LEGACY_H__
15 
16 /**
17  * @addtogroup TeeTrusted
18  * @{
19  *
20  * @brief TEE(Trusted Excution Environment) API.
21  * Provides security capability APIs such as trusted storage, encryption and decryption,
22  * and trusted time for trusted application development.
23  *
24  * @since 12
25  */
26 
27 /**
28  * @file tee_hw_ext_api_legacy.h
29  *
30  * @brief Provides extended interfaces.
31  *
32  * @library NA
33  * @kit TEE Kit
34  * @syscap SystemCapability.Tee.TeeClient
35  * @since 12
36  * @version 1.0
37  */
38 
39 #include "tee_defines.h"
40 
41 #ifdef __cplusplus
42 extern "C" {
43 #endif
44 
45 /**
46  * @brief Derive key from device root key.
47  *
48  * @param salt [IN] Indicates the data for salt.
49  * @param size [IN] Indicates the length of salt.
50  * @param key [OUT] Indicates the pointer where key is saved.
51  * @param key_size [IN] Indicates the size of the key, which must be integer times of 16.
52  *
53  * @return Returns {@code TEE_SUCCESS} if the operation is successful.
54  *         Returns {@code TEE_ERROR_BAD_PARAMETERS} if input parameter is incorrect.
55  *         Returns {@code TEE_ERROR_GENERIC} if the processing failed.
56  *
57  * @since 20
58  * @version 1.0
59  */
60 TEE_Result TEE_EXT_DeriveTARootKey(const uint8_t *salt, uint32_t size, uint8_t *key, uint32_t key_size);
61 
62 /**
63  * @brief Derive key from device root key by HUK2.
64  * @attention If the device does not support HUK2, the key is derived by HUK.
65  *
66  * @param secret [IN] Indicates the input secret.
67  * @param secret_len [IN] Indicates the length of the input secret.
68  * @param key [OUT] Indicates the derived key.
69  * @param key_len [IN] Indicates the length of the derived key.
70  *
71  * @return Returns {@code TEE_SUCCESS} if the operation is successful.
72  *         Returns {@code TEE_ERROR_BAD_PARAMETERS} if input parameter is incorrect.
73  *         Returns {@code TEE_ERROR_GENERIC} if the processing failed.
74  *
75  * @since 20
76  * @version 1.0
77  */
78 TEE_Result tee_ext_root_derive_key2_by_huk2(const uint8_t *secret, uint32_t secret_len, uint8_t *key, uint32_t key_len);
79 
80 /**
81  * @brief Derive key from device root key and UUID of the current task by HUK2.
82  * @attention If the device does not support HUK2, the key is derived by HUK.
83  *
84  * @param salt [IN] Indicates the data for salt.
85  * @param size [IN] Indicates the length of salt.
86  * @param key [OUT] Indicates the pointer where key is saved.
87  * @param key_size [IN] Indicates the size of the generated key, fix-size 32 bytes.
88  *
89  * @return Returns {@code TEE_SUCCESS} if the operation is successful.
90  *         Returns {@code TEE_ERROR_BAD_PARAMETERS} if input parameter is incorrect.
91  *         Returns {@code TEE_ERROR_GENERIC} if the processing failed.
92  *
93  * @since 20
94  * @version 1.0
95  */
96 TEE_Result tee_ext_root_uuid_derive_key_by_huk2(const uint8_t *salt, uint32_t size, uint8_t *key, uint32_t *key_size);
97 
98 /**
99  * @brief using root key to derive key for keymaster using huk2 enhance
100  *
101  * @param secret [IN] input secret
102  * @param secret_len [IN] input secret size
103  * @param key [OUT] derived key
104  * @param key_len [OUT] derived key size
105  *
106  * @return Returns {@code TEE_SUCCESS} if the operation is successful.
107  *         Returns {@code TEE_ERROR_BAD_PARAMETERS} if input parameter is incorrect.
108  *         Returns {@code TEE_ERROR_GENERIC} if the processing failed.
109  *
110  * @since 20
111  * @version 1.0
112  */
113 TEE_Result tee_ext_root_derive_key2_by_huk2_enhance(const uint8_t *secret, uint32_t secret_len, uint8_t *key,
114                                                     uint32_t key_len);
115 
116 /**
117  * @brief derive key from device rootkey and UUID of the current task using huk2 enhance
118  *
119  * @param salt [IN] data for salt
120  * @param size [IN] salt length
121  * @param key [OUT] pointer where key is saved
122  * @param key_size [OUT] size of generated key, fix-size 32 bytes
123  *
124  * @return Returns {@code TEE_SUCCESS} if the operation is successful.
125  *         Returns {@code TEE_ERROR_BAD_PARAMETERS} if input parameter is incorrect.
126  *         Returns {@code TEE_ERROR_GENERIC} if the processing failed.
127  *
128  * @since 20
129  * @version 1.0
130  */
131 TEE_Result tee_ext_root_uuid_derive_key_by_huk2_enhance(const uint8_t *salt, uint32_t size, uint8_t *key,
132                                                         uint32_t *key_size);
133 
134 #ifdef __cplusplus
135 }
136 #endif
137 /** @} */
138 #endif
139