18eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/** 28eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @file tlcTeeKeymaster_if.h 38eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @brief Contains TEE Keymaster trustlet connector interface definitions 48eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 58eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Copyright Giesecke & Devrient GmbH 2012 68eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 78eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Redistribution and use in source and binary forms, with or without 88eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * modification, are permitted provided that the following conditions 98eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * are met: 108eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 1. Redistributions of source code must retain the above copyright 118eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * notice, this list of conditions and the following disclaimer. 128eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 2. Redistributions in binary form must reproduce the above copyright 138eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * notice, this list of conditions and the following disclaimer in the 148eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * documentation and/or other materials provided with the distribution. 158eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 3. The name of the author may not be used to endorse or promote 168eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * products derived from this software without specific prior 178eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * written permission. 188eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 198eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS 208eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 218eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 228eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 238eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 248eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE 258eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 268eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 278eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 288eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 298eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 308eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */ 318eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 328eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#ifndef __TLCTEEKEYMASTERIF_H__ 338eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#define __TLCTEEKEYMASTERIF_H__ 348eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 358eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#ifdef __cplusplus 368eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parkextern "C" { 378eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#endif 388eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 398eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#include <stdint.h> 408eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#include <stdbool.h> 418eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 428eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 438eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/** 448eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Key sizes 458eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */ 468eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#define TEE_RSA_KEY_SIZE_512 512 478eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#define TEE_RSA_KEY_SIZE_1024 1024 488eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#define TEE_RSA_KEY_SIZE_2048 2048 498eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 508eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 518eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/* error codes */ 528eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parktypedef enum 538eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park{ 548eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_ERR_NONE = 0, 558eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_ERR_FAIL = 1, 568eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_ERR_INVALID_BUFFER = 2, 578eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_ERR_BUFFER_TOO_SMALL = 3, 588eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_ERR_NOT_IMPLEMENTED = 4, 598eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_ERR_SESSION = 5, 608eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_ERR_MC_DEVICE = 6, 618eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_ERR_NOTIFICATION = 7, 628eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_ERR_MEMORY = 8, 638eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_ERR_MAP = 9 648eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park /* more can be added as required */ 658eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park} teeResult_t; 668eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 678eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 688eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/* RSA key pair types */ 698eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parktypedef enum { 708eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_KEYPAIR_RSA = 1, /**< RSA public and RSA private key. */ 718eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_KEYPAIR_RSACRT = 2 /**< RSA public and RSA CRT private key. */ 728eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park} teeRsaKeyPairType_t; 738eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 748eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 758eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/* Supported RSA signature algorithms */ 768eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parktypedef enum 778eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park{ 788eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park /* RSA */ 798eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_RSA_SHA_ISO9796 = 1, /**< 20-byte SHA-1 digest, padded according to the ISO 9796-2 scheme as specified in EMV '96 and EMV 2000, encrypted using RSA. */ 808eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_RSA_SHA_ISO9796_MR = 2, /**< 20-byte SHA-1 digest, padded according to the ISO9796-2 specification and encrypted using RSA. */ 818eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_RSA_SHA_PKCS1 = 3, /**< 20-byte SHA-1 digest, padded according to the PKCS#1 (v1.5) scheme, and encrypted using RSA. */ 828eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_RSA_SHA256_PSS = 4, /**< SHA-256 digest and PSS padding */ 838eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_RSA_SHA1_PSS = 5, /**< SHA-256 digest and PSS padding */ 848eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_RSA_NODIGEST_NOPADDING = 6, /**< No digest and padding */ 858eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park} teeRsaSigAlg_t; 868eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 878eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 888eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/* Digest types */ 898eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parktypedef enum 908eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park{ 918eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_DIGEST_SHA1, 928eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park TEE_DIGEST_SHA256 938eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park} teeDigest_t; 948eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 958eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 968eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/** 978eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * RSA private key metadata (Private modulus and exponent lengths) 988eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */ 998eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parktypedef struct { 1008eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t lenprimod; /**< Private key modulus length */ 1018eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t lenpriexp; /**< Private key exponent length */ 1028eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park} teeRsaPrivKeyMeta_t; 1038eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 1048eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 1058eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/** 1068eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * RSA CRT private key metadata (Private modulus and exponent lengths) 1078eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */ 1088eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parktypedef struct { 1098eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t lenprimod; /**< Private key modulus length */ 1108eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t lenp; /**< Prime p length */ 1118eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t lenq; /**< Prime q length */ 1128eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t lendp; /**< DP length */ 1138eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t lendq; /**< DQ length */ 1148eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t lenqinv; /**< QP length */ 1158eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park} teeRsaCrtPrivKeyMeta_t; 1168eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 1178eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 1188eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/** 1198eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Key metadata (public key hash, key size, modulus/exponent lengths, etc..) 1208eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */ 1218eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Parktypedef struct { 1228eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t keytype; /**< Key type, e.g. RSA */ 1238eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t keysize; /**< Key size, e.g. 1024, 2048 */ 1248eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t lenpubmod; /**< Public key modulus length */ 1258eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t lenpubexp; /**< Public key exponent length */ 1268eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park union { 1278eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park teeRsaPrivKeyMeta_t rsapriv; /**< RSA private key */ 1288eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park teeRsaCrtPrivKeyMeta_t rsacrtpriv; /**< RSA CRT private key */ 1298eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park }; 1308eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t rfu; /**< Reserved for future use */ 1318eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t rfulen; /**< Reserved for future use */ 1328eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park} teeRsaKeyMeta_t; 1338eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 1348eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/** 1358eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_RSAGenerateKeyPair 1368eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 1378eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Generates RSA key pair and returns key pair data as wrapped object 1388eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 1398eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyType [in] Key pair type. RSA or RSACRT 1408eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyData [in] Pointer to the key data buffer 1418eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyDataLength [in] Key data buffer length 1428eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keySize [in] Key size 1438eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param exponent [in] Exponent number 1448eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param soLen [out] Key data secure object length 1458eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */ 1468eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_RSAGenerateKeyPair( 1478eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park teeRsaKeyPairType_t keyType, 1488eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint8_t* keyData, 1498eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t keyDataLength, 1508eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t keySize, 1518eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t exponent, 1528eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t* soLen); 1538eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 1548eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 1558eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/** 1568eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_RSASign 1578eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 1588eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Signs given plain data and returns signature data 1598eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 1608eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyData [in] Pointer to key data buffer 1618eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyDataLength [in] Key data buffer length 1628eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param plainData [in] Pointer to plain data to be signed 1638eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param plainDataLength [in] Plain data length 1648eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param signatureData [out] Pointer to signature data 1658eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param signatureDataLength [out] Signature data length 1668eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param algorithm [in] RSA signature algorithm 1678eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */ 1688eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_RSASign( 1698eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint8_t* keyData, 1708eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint32_t keyDataLength, 1718eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint8_t* plainData, 1728eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint32_t plainDataLength, 1738eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint8_t* signatureData, 1748eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t* signatureDataLength, 1758eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park teeRsaSigAlg_t algorithm); 1768eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 1778eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 1788eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/** 1798eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_RSAVerify 1808eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 1818eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Verifies given data with RSA public key and return status 1828eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 1838eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyData [in] Pointer to key data buffer 1848eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyDataLength [in] Key data buffer length 1858eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param plainData [in] Pointer to plain data to be signed 1868eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param plainDataLength [in] Plain data length 1878eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param signatureData [in] Pointer to signed data 1888eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param signatureData [in] Plain data length 1898eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param algorithm [in] RSA signature algorithm 1908eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param validity [out] Signature validity 1918eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */ 1928eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_RSAVerify( 1938eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint8_t* keyData, 1948eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint32_t keyDataLength, 1958eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint8_t* plainData, 1968eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint32_t plainDataLength, 1978eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint8_t* signatureData, 1988eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint32_t signatureDataLength, 1998eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park teeRsaSigAlg_t algorithm, 2008eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park bool *validity); 2018eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 2028eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 2038eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/** 2048eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_HMACKeyGenerate 2058eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 2068eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Generates random key for HMAC calculation and returns key data as wrapped object 2078eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * (key is encrypted) 2088eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 2098eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyData [out] Pointer to key data 2108eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyDataLength [in] Key data buffer length 2118eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param soLen [out] Key data secure object length 2128eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */ 2138eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_HMACKeyGenerate( 2148eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint8_t* keyData, 2158eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t keyDataLength, 2168eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t* soLen); 2178eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 2188eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 2198eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/** 2208eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_HMACSign 2218eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 2228eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Signs given plain data and returns HMAC signature data 2238eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 2248eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyData [in] Pointer to key data buffer 2258eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyDataLength [in] Key data buffer length 2268eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param plainData [in] Pointer to plain data to be signed 2278eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param plainDataLength [in] Plain data length 2288eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param signatureData [out] Pointer to signature data 2298eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param signatureDataLength [out] Signature data length 2308eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param digest [in] Digest type 2318eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */ 2328eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_HMACSign( 2338eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint8_t* keyData, 2348eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint32_t keyDataLength, 2358eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint8_t* plainData, 2368eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint32_t plainDataLength, 2378eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint8_t* signatureData, 2388eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t* signatureDataLength, 2398eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park teeDigest_t digest); 2408eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 2418eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 2428eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/** 2438eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_HMACVerify 2448eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 2458eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Verifies given data HMAC key data and return status 2468eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 2478eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyData [in] Pointer to key data buffer 2488eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyDataLength [in] Key data buffer length 2498eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param plainData [in] Pointer to plain data to be signed 2508eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param plainDataLength [in] Plain data length 2518eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param signatureData [in] Pointer to signed data 2528eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param signatureData [in] Plain data length 2538eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param digest [in] Digest type 2548eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param validity [out] Signature validity 2558eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */ 2568eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_HMACVerify( 2578eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint8_t* keyData, 2588eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint32_t keyDataLength, 2598eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint8_t* plainData, 2608eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint32_t plainDataLength, 2618eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint8_t* signatureData, 2628eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint32_t signatureDataLength, 2638eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park teeDigest_t digest, 2648eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park bool *validity); 2658eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 2668eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 2678eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/** 2688eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_KeyImport 2698eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 2708eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Imports key data and returns key data as secure object 2718eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 2728eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Key data needs to be in the following format 2738eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 2748eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * RSA key data: 2758eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * |--key metadata--|--public modulus--|--public exponent--|--private exponent--| 2768eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 2778eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * RSA CRT key data: 2788eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * |--key metadata--|--public modulus--|--public exponent--|--P--|--Q--|--DP--|--DQ--|--Qinv--| 2798eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 2808eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Where: 2818eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * P: secret prime factor 2828eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Q: secret prime factor 2838eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * DP: d mod (p-1) 2848eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * DQ: d mod (q-1) 2858eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Qinv: q^-1 mod p 2868eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 2878eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyData [in] Pointer to key data 2888eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyDataLength [in] Key data length 2898eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param soData [out] Pointer to wrapped key data 2908eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param soDataLength [out] Wrapped key data length 2918eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */ 2928eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_KeyImport( 2938eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint8_t* keyData, 2948eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint32_t keyDataLength, 2958eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint8_t* soData, 2968eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t* soDataLength); 2978eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 2988eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 2998eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park/** 3008eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * TEE_GetPubKey 3018eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 3028eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * Retrieves public key daya (modulus and exponent) from wrapped key data 3038eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * 3048eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyData [in] Pointer to key data 3058eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param keyDataLength [in] Key data length 3068eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param modulus [out] Pointer to public key modulus data 3078eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param modulusLength [out] Modulus data length 3088eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param exponent [out] Pointer to public key exponent data 3098eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park * @param exponentLength [out] Exponent data length 3108eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park */ 3118eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin ParkteeResult_t TEE_GetPubKey( 3128eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint8_t* keyData, 3138eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park const uint32_t keyDataLength, 3148eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint8_t* modulus, 3158eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t* modulusLength, 3168eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint8_t* exponent, 3178eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park uint32_t* exponentLength); 3188eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 3198eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 3208eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#ifdef __cplusplus 3218eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park} 3228eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#endif 3238eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park 3248eff0eb0768d4f98b3b1c63ff7c41c333ff1ddfcDongJin Park#endif // __TLCTEEKEYMASTERIF_H__ 325