1 /* 2 * Copyright (c) 2025 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"), 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 /** 17 * @addtogroup TeeTrusted 18 * @{ 19 * 20 * @brief TEE(Trusted Excution Environment) API. 21 * Provides security capability APIs such as trusted storage, encryption and decryption, 22 * and trusted time for trusted application development. 23 * 24 * @since 20 25 */ 26 27 /** 28 * @file tee_ext_api.h 29 * 30 * @brief Provides extended interfaces. 31 * 32 * @library NA 33 * @kit TEEKit 34 * @syscap SystemCapability.Tee.TeeClient 35 * @since 20 36 */ 37 38 #ifndef TEE_EXT_API_H 39 #define TEE_EXT_API_H 40 41 #include "tee_defines.h" 42 #include "tee_hw_ext_api.h" 43 44 #ifdef __cplusplus 45 extern "C" { 46 #endif 47 48 /** 49 * @brief Defines the value of invalid user ID. 50 * 51 * @since 20 52 */ 53 #define INVALID_USERID 0xFFFFFFFFU 54 55 /** 56 * @brief Defines the SMC from user mode. 57 * 58 * @since 20 59 */ 60 #define TEE_SMC_FROM_USR 0 61 62 /** 63 * @brief Defines the SMC from kernel mode. 64 * 65 * @since 20 66 */ 67 #define TEE_SMC_FROM_KERNEL 1 68 69 /** 70 * @brief Defines the szie of reserved buffer. 71 * 72 * @since 20 73 */ 74 #define RESERVED_BUF_SIZE 32 75 76 /** 77 * @brief Defines the caller information. 78 * 79 * @since 20 80 */ 81 typedef struct ta_caller_info { 82 /** The session type. */ 83 uint32_t session_type; 84 union { 85 struct { 86 /** The caller's UUID. */ 87 TEE_UUID caller_uuid; 88 /** The caller's group ID. */ 89 uint32_t group_id; 90 }; 91 /** The buffer used to store CA information. */ 92 uint8_t ca_info[RESERVED_BUF_SIZE]; 93 } caller_identity; 94 /** Indicates whether the SMC is sent from kernel mode. */ 95 uint8_t smc_from_kernel_mode; 96 /** Reserved buffer. */ 97 uint8_t reserved[RESERVED_BUF_SIZE - 1]; 98 } caller_info; 99 100 /** 101 * @brief Get caller info of current session, refer caller_info struct for more details. 102 * 103 * @param caller_info_data A pointer to a buffer where the caller_info struct will be stored. 104 * @param length The size of the buffer pointed to by caller_info_data. 105 * 106 * @return Returns <b>TEE_SUCCESS</b> if the operation is successful. 107 * @return Returns other information otherwise. 108 * 109 * @since 20 110 */ 111 TEE_Result tee_ext_get_caller_info(caller_info *caller_info_data, uint32_t length); 112 113 /** 114 * @brief Get user ID of current CA. 115 * 116 * @param user_id Indicates the user ID to be returned. 117 * 118 * @return Returns <b>TEE_SUCCESS</b> if the operation is successful. 119 * @return Returns other information otherwise. 120 * 121 * @since 20 122 */ 123 TEE_Result tee_ext_get_caller_userid(uint32_t *user_id); 124 125 /** 126 * @brief Adds information about a caller that can invoke this TA. 127 * This API applies to the client applications (CAs) in the native CA and HAP format. 128 * 129 * @param cainfo_hash Indicates the hash value of the CA caller information. 130 * @param length Indicates the length of the hash value. 131 * 132 * @return Returns <b>TEE_SUCCESS</b> if the operation is successful. 133 * @return Returns other information otherwise. 134 * 135 * @since 20 136 */ 137 TEE_Result AddCaller_CA(const uint8_t *cainfo_hash, uint32_t length); 138 139 /** 140 * @brief TA call this API allow others TA open session with itself. 141 * 142 * @return Returns <b>TEE_SUCCESS</b> if the operation is successful. 143 * @return Returns other information otherwise. 144 * 145 * @since 20 146 */ 147 TEE_Result AddCaller_TA_all(void); 148 149 /** 150 * @brief Defines the session caller from CA. 151 * 152 * @since 20 153 */ 154 #define SESSION_FROM_CA 0 155 156 /** 157 * @brief Defines the session caller from TA. 158 * 159 * @since 20 160 */ 161 #define SESSION_FROM_TA 1 162 163 /** 164 * @brief Defines the TA task is not found, for example, from TA sub thread. 165 * 166 * @since 20 167 */ 168 #define SESSION_FROM_NOT_SUPPORTED 0xFE 169 170 /** 171 * @brief Defines the TA caller is not found. 172 * 173 * @since 20 174 */ 175 #define SESSION_FROM_UNKNOWN 0xFF 176 177 /** 178 * @brief Obtains the session type. 179 * 180 * @return Returns the session type obtained. 181 * 182 * @since 20 183 */ 184 uint32_t tee_get_session_type(void); 185 186 /** 187 * @brief Derive key from platform key. 188 * 189 * @param object [IN/OUT] input data in ObjectInfo->keytype, output keys in Attributes. 190 * @param key_size [IN] key size in bits, it desides the ecc curve type too. 191 * @param params [IN] unused. 192 * @param param_count [IN] unused. 193 * @param exinfo [IN] user info as dervice salt. 194 * @param exinfo_size [IN] size of user info, Max is 64 bytes, must bigger than 0. 195 * 196 * @return Returns <b>TEE_SUCCESS</b> if the operation is successful. 197 * @return Returns other information otherwise. 198 * 199 * @since 20 200 */ 201 TEE_Result tee_ext_derive_ta_platfrom_keys(TEE_ObjectHandle object, uint32_t key_size, const TEE_Attribute *params, 202 uint32_t param_count, const uint8_t *exinfo, uint32_t exinfo_size); 203 204 #ifdef __cplusplus 205 } 206 #endif 207 208 #endif 209 /** @} */