18eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/**
28eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @file   tlcTeeKeymaster_if.h
38eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @brief  Contains TEE Keymaster trustlet connector interface definitions
48eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
58eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Copyright Giesecke & Devrient GmbH 2012
68eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
78eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Redistribution and use in source and binary forms, with or without
88eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * modification, are permitted provided that the following conditions
98eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * are met:
108eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 1. Redistributions of source code must retain the above copyright
118eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *    notice, this list of conditions and the following disclaimer.
128eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 2. Redistributions in binary form must reproduce the above copyright
138eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *    notice, this list of conditions and the following disclaimer in the
148eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *    documentation and/or other materials provided with the distribution.
158eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 3. The name of the author may not be used to endorse or promote
168eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *    products derived from this software without specific prior
178eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *    written permission.
188eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
198eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
208eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
218eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
228eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
238eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
248eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
258eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
268eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
278eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
288eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
298eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
308eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */
318eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
328eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#ifndef __TLCTEEKEYMASTERIF_H__
338eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#define __TLCTEEKEYMASTERIF_H__
348eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
358eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#ifdef __cplusplus
368eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parkextern "C" {
378eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#endif
388eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
398eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#include <stdint.h>
408eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#include <stdbool.h>
418eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
428eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
438eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/**
448eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Key sizes
458eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */
468eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#define TEE_RSA_KEY_SIZE_512   512
478eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#define TEE_RSA_KEY_SIZE_1024  1024
488eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#define TEE_RSA_KEY_SIZE_2048  2048
498eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
508eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
518eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/* error codes */
528eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parktypedef enum
538eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park{
548eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_ERR_NONE             = 0,
558eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_ERR_FAIL             = 1,
568eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_ERR_INVALID_BUFFER   = 2,
578eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_ERR_BUFFER_TOO_SMALL = 3,
588eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_ERR_NOT_IMPLEMENTED  = 4,
598eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_ERR_SESSION          = 5,
608eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_ERR_MC_DEVICE        = 6,
618eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_ERR_NOTIFICATION     = 7,
628eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_ERR_MEMORY           = 8,
638eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_ERR_MAP              = 9
648eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    /* more can be added as required */
658eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park} teeResult_t;
668eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
678eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
688eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/* RSA key pair types */
698eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parktypedef enum {
708eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_KEYPAIR_RSA       = 1,   /**< RSA public and RSA private key. */
718eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_KEYPAIR_RSACRT    = 2    /**< RSA public and RSA CRT private key. */
728eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park} teeRsaKeyPairType_t;
738eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
748eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
758eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/* Supported RSA signature algorithms */
768eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parktypedef enum
778eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park{
788eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    /* RSA */
798eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_RSA_SHA_ISO9796           = 1, /**< 20-byte SHA-1 digest, padded according to the ISO 9796-2 scheme as specified in EMV '96 and EMV 2000, encrypted using RSA. */
808eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_RSA_SHA_ISO9796_MR        = 2, /**< 20-byte SHA-1 digest, padded according to the ISO9796-2 specification and encrypted using RSA. */
818eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_RSA_SHA_PKCS1             = 3, /**< 20-byte SHA-1 digest, padded according to the PKCS#1 (v1.5) scheme, and encrypted using RSA. */
828eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_RSA_SHA256_PSS            = 4, /**< SHA-256 digest and PSS padding */
838eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_RSA_SHA1_PSS              = 5, /**< SHA-256 digest and PSS padding */
848eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_RSA_NODIGEST_NOPADDING    = 6, /**< No digest and padding */
858eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park} teeRsaSigAlg_t;
868eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
878eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
888eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/* Digest types */
898eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parktypedef enum
908eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park{
918eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_DIGEST_SHA1,
928eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    TEE_DIGEST_SHA256
938eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park} teeDigest_t;
948eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
958eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
968eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/**
978eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * RSA private key metadata (Private modulus and exponent lengths)
988eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */
998eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parktypedef struct {
1008eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t     lenprimod;     /**< Private key modulus length */
1018eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t     lenpriexp;     /**< Private key exponent length */
1028eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park} teeRsaPrivKeyMeta_t;
1038eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
1048eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
1058eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/**
1068eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * RSA CRT private key metadata (Private modulus and exponent lengths)
1078eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */
1088eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parktypedef struct {
1098eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t     lenprimod;     /**< Private key modulus length */
1108eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t     lenp;          /**< Prime p length */
1118eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t     lenq;          /**< Prime q length */
1128eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t     lendp;         /**< DP length */
1138eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t     lendq;         /**< DQ length */
1148eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t     lenqinv;       /**< QP length */
1158eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park} teeRsaCrtPrivKeyMeta_t;
1168eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
1178eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
1188eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/**
1198eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Key metadata (public key hash, key size, modulus/exponent lengths, etc..)
1208eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */
1218eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parktypedef struct {
1228eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t     keytype;       /**< Key type, e.g. RSA */
1238eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t     keysize;       /**< Key size, e.g. 1024, 2048 */
1248eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t     lenpubmod;     /**< Public key modulus length */
1258eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t     lenpubexp;     /**< Public key exponent length */
1268eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    union {
1278eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park        teeRsaPrivKeyMeta_t rsapriv;       /**< RSA private key */
1288eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park        teeRsaCrtPrivKeyMeta_t rsacrtpriv; /**< RSA CRT private key */
1298eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    };
1308eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t     rfu;          /**< Reserved for future use */
1318eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t     rfulen;       /**< Reserved for future use */
1328eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park} teeRsaKeyMeta_t;
1338eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
1348eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/**
1358eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_RSAGenerateKeyPair
1368eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
1378eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Generates RSA key pair and returns key pair data as wrapped object
1388eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
1398eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyType        [in]  Key pair type. RSA or RSACRT
1408eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyData        [in]  Pointer to the key data buffer
1418eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyDataLength  [in]  Key data buffer length
1428eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keySize        [in]  Key size
1438eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  exponent       [in]  Exponent number
1448eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  soLen          [out] Key data secure object length
1458eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */
1468eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_RSAGenerateKeyPair(
1478eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    teeRsaKeyPairType_t keyType,
1488eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint8_t*            keyData,
1498eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t            keyDataLength,
1508eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t            keySize,
1518eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t            exponent,
1528eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t*           soLen);
1538eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
1548eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
1558eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/**
1568eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_RSASign
1578eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
1588eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Signs given plain data and returns signature data
1598eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
1608eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyData          [in]  Pointer to key data buffer
1618eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyDataLength    [in]  Key data buffer length
1628eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  plainData        [in]  Pointer to plain data to be signed
1638eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  plainDataLength  [in]  Plain data length
1648eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  signatureData    [out] Pointer to signature data
1658eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  signatureDataLength  [out] Signature data length
1668eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  algorithm        [in]  RSA signature algorithm
1678eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */
1688eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_RSASign(
1698eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint8_t*  keyData,
1708eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint32_t  keyDataLength,
1718eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint8_t*  plainData,
1728eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint32_t  plainDataLength,
1738eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint8_t*        signatureData,
1748eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t*       signatureDataLength,
1758eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    teeRsaSigAlg_t  algorithm);
1768eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
1778eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
1788eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/**
1798eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_RSAVerify
1808eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
1818eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Verifies given data with RSA public key and return status
1828eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
1838eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyData          [in]  Pointer to key data buffer
1848eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyDataLength    [in]  Key data buffer length
1858eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  plainData        [in]  Pointer to plain data to be signed
1868eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  plainDataLength  [in]  Plain data length
1878eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  signatureData    [in]  Pointer to signed data
1888eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  signatureData    [in]  Plain  data length
1898eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  algorithm        [in]  RSA signature algorithm
1908eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  validity         [out] Signature validity
1918eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */
1928eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_RSAVerify(
1938eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint8_t*  keyData,
1948eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint32_t  keyDataLength,
1958eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint8_t*  plainData,
1968eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint32_t  plainDataLength,
1978eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint8_t*  signatureData,
1988eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint32_t  signatureDataLength,
1998eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    teeRsaSigAlg_t  algorithm,
2008eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    bool            *validity);
2018eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
2028eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
2038eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/**
2048eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_HMACKeyGenerate
2058eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
2068eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Generates random key for HMAC calculation and returns key data as wrapped object
2078eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * (key is encrypted)
2088eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
2098eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyData        [out] Pointer to key data
2108eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyDataLength  [in]  Key data buffer length
2118eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  soLen          [out] Key data secure object length
2128eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */
2138eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_HMACKeyGenerate(
2148eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint8_t*  keyData,
2158eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t  keyDataLength,
2168eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t* soLen);
2178eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
2188eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
2198eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/**
2208eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_HMACSign
2218eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
2228eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Signs given plain data and returns HMAC signature data
2238eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
2248eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyData          [in]  Pointer to key data buffer
2258eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyDataLength    [in]  Key data buffer length
2268eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  plainData        [in]  Pointer to plain data to be signed
2278eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  plainDataLength  [in]  Plain data length
2288eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  signatureData    [out] Pointer to signature data
2298eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  signatureDataLength  [out] Signature data length
2308eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  digest           [in]  Digest type
2318eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */
2328eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_HMACSign(
2338eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint8_t*  keyData,
2348eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint32_t  keyDataLength,
2358eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint8_t*  plainData,
2368eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint32_t  plainDataLength,
2378eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint8_t*        signatureData,
2388eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t*       signatureDataLength,
2398eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    teeDigest_t     digest);
2408eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
2418eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
2428eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/**
2438eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_HMACVerify
2448eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
2458eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Verifies given data HMAC key data and return status
2468eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
2478eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyData          [in]  Pointer to key data buffer
2488eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyDataLength    [in]  Key data buffer length
2498eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  plainData        [in]  Pointer to plain data to be signed
2508eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  plainDataLength  [in]  Plain data length
2518eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  signatureData    [in]  Pointer to signed data
2528eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  signatureData    [in]  Plain  data length
2538eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  digest           [in]  Digest type
2548eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  validity         [out] Signature validity
2558eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */
2568eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_HMACVerify(
2578eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint8_t*  keyData,
2588eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint32_t  keyDataLength,
2598eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint8_t*  plainData,
2608eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint32_t  plainDataLength,
2618eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint8_t*  signatureData,
2628eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint32_t  signatureDataLength,
2638eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    teeDigest_t     digest,
2648eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    bool            *validity);
2658eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
2668eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
2678eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/**
2688eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_KeyImport
2698eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
2708eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Imports key data and returns key data as secure object
2718eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
2728eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Key data needs to be in the following format
2738eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
2748eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * RSA key data:
2758eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * |--key metadata--|--public modulus--|--public exponent--|--private exponent--|
2768eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
2778eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * RSA CRT key data:
2788eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * |--key metadata--|--public modulus--|--public exponent--|--P--|--Q--|--DP--|--DQ--|--Qinv--|
2798eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
2808eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Where:
2818eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * P:     secret prime factor
2828eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Q:     secret prime factor
2838eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * DP:    d mod (p-1)
2848eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * DQ:    d mod (q-1)
2858eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Qinv:  q^-1 mod p
2868eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
2878eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyData          [in]  Pointer to key data
2888eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyDataLength    [in]  Key data length
2898eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  soData           [out] Pointer to wrapped key data
2908eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  soDataLength     [out] Wrapped key data length
2918eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */
2928eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_KeyImport(
2938eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint8_t*  keyData,
2948eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint32_t  keyDataLength,
2958eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint8_t*        soData,
2968eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t*       soDataLength);
2978eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
2988eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
2998eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/**
3008eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_GetPubKey
3018eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
3028eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Retrieves public key daya (modulus and exponent) from wrapped key data
3038eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park *
3048eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyData          [in]  Pointer to key data
3058eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  keyDataLength    [in]  Key data length
3068eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  modulus          [out] Pointer to public key modulus data
3078eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  modulusLength    [out] Modulus data length
3088eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  exponent         [out] Pointer to public key exponent data
3098eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param  exponentLength   [out] Exponent data length
3108eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */
3118eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_GetPubKey(
3128eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint8_t*  keyData,
3138eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    const uint32_t  keyDataLength,
3148eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint8_t*        modulus,
3158eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t*       modulusLength,
3168eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint8_t*        exponent,
3178eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park    uint32_t*       exponentLength);
3188eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
3198eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
3208eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#ifdef __cplusplus
3218eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park}
3228eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#endif
3238eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park
3248eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#endif // __TLCTEEKEYMASTERIF_H__
325