1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * Copyright (c) 2014, STMicroelectronics International N.V. 4 * Copyright (c) 2022, Linaro Limited 5 */ 6 7 /* Based on GP TEE Internal Core API Specification Version 1.1 */ 8 9 #ifndef TEE_API_DEFINES_H 10 #define TEE_API_DEFINES_H 11 12 #define TEE_CORE_API_MAJOR_VERSION 1U 13 #define TEE_CORE_API_MINOR_VERSION 1U 14 #define TEE_CORE_API_MAINTENANCE_VERSION 0U 15 #define TEE_CORE_API_VERSION \ 16 ((TEE_CORE_API_MAJOR_VERSION << 24) | \ 17 (TEE_CORE_API_MINOR_VERSION << 16) | \ 18 (TEE_CORE_API_MAINTENANCE_VERSION << 8)) 19 #define TEE_CORE_API_1_1 20 21 /* 22 * The things that follows below to select compatibility version 1.1 doesn't 23 * do much useful at the moment since OP-TEE is already compatible with that 24 * version by default. However, that will change when a newer version of 25 * this API is provided. 26 * 27 * Below follows the GP defined way of letting a TA define that it wants an 28 * API compatible with version 1.1 or the latest. An alternative approach 29 * is to set __OPTEE_CORE_API_COMPAT_1_1, but that's an OP-TEE extension. 30 * 31 * The GP specs (>= 1.2) requires that only APIs defined in the indicated 32 * version SHALL be made available when using this mechanism. However, that 33 * is far beyond what ordinary standards requires as they permit 34 * extensions. With this, in OP-TEE, extensions and new API that doesn't 35 * interfere with the selected version of the standard will be permitted. 36 */ 37 #if defined(TEE_CORE_API_REQUIRED_MAINTENANCE_VERSION) && \ 38 !defined(TEE_CORE_API_REQUIRED_MINOR_VERSION) 39 #error "Required TEE_CORE_API_REQUIRED_MINOR_VERSION undefined" 40 #endif 41 #if defined(TEE_CORE_API_REQUIRED_MINOR_VERSION) && \ 42 !defined(TEE_CORE_API_REQUIRED_MAJOR_VERSION) 43 #error "Required TEE_CORE_API_REQUIRED_MAJOR_VERSION undefined" 44 #endif 45 46 #if defined(TEE_CORE_API_REQUIRED_MAJOR_VERSION) 47 #if TEE_CORE_API_REQUIRED_MAJOR_VERSION != 1 && \ 48 TEE_CORE_API_REQUIRED_MAJOR_VERSION != 0 49 #error "Required major version not supported" 50 #endif 51 #ifdef TEE_CORE_API_REQUIRED_MINOR_VERSION 52 #if TEE_CORE_API_REQUIRED_MINOR_VERSION == 1 53 #define __OPTEE_CORE_API_COMPAT_1_1 1 54 #else 55 #error "Required minor version not supported" 56 #endif 57 #if defined(TEE_CORE_API_REQUIRED_MAINTENANCE_VERSION) && \ 58 TEE_CORE_API_REQUIRED_MAINTENANCE_VERSION != 0 59 #error "Required maintenance version not supported" 60 #endif 61 #endif 62 #endif 63 64 /* 65 * For backwards compatibility with v1.1 as provided by up to OP-TEE 66 * version 3.19.0, define __OPTEE_CORE_API_COMPAT_1_1 to 1. 67 * 68 * Some versions of the GP specs have introduced backwards incompatible 69 * changes. For example the v1.0: 70 * 71 * TEE_Result TEE_DigestDoFinal(TEE_OperationHandle operation, 72 * const void *chunk, uint32_t chunkLen, 73 * void *hash, uint32_t *hashLen); 74 * 75 * Was changed in v1.1.1 to this: 76 * 77 * TEE_Result TEE_DigestDoFinal(TEE_OperationHandle operation, 78 * const void *chunk, size_t chunkLen, 79 * void *hash, size_t *hashLen); 80 * 81 * Note the type change for "hashLen", a source of problem especially on 82 * platforms where size_t is a 64-bit unsigned integer. 83 * 84 * As a way of allowing older TAs to be compiled with a newer version of 85 * the API we can turn off or hide different incompatible changes. New 86 * features which are not interfering with older versions of the API are 87 * not disabled. So by enabling __OPTEE_CORE_API_COMPAT_1_1 will not result 88 * in pure 1.1 API, it will be a hybrid API that should work with most TAs 89 * not yet updated to the new API. 90 * 91 * Backwards compatibility is provided by duplicating all functions that 92 * has changed since v1.1. The original function is given a "__GP11_" 93 * prefix and preprocessor macros are used to let a legacy TA use the old 94 * function instead. The same principle applies to defined types. 95 */ 96 #ifndef __OPTEE_CORE_API_COMPAT_1_1 97 #define __OPTEE_CORE_API_COMPAT_1_1 0 98 #endif 99 100 #define TEE_HANDLE_NULL 0 101 102 #define TEE_TIMEOUT_INFINITE 0xFFFFFFFF 103 104 /* API Error Codes */ 105 #define TEE_SUCCESS 0x00000000 106 #define TEE_ERROR_CORRUPT_OBJECT 0xF0100001 107 #define TEE_ERROR_CORRUPT_OBJECT_2 0xF0100002 108 #define TEE_ERROR_STORAGE_NOT_AVAILABLE 0xF0100003 109 #define TEE_ERROR_STORAGE_NOT_AVAILABLE_2 0xF0100004 110 #define TEE_ERROR_CIPHERTEXT_INVALID 0xF0100006 111 #define TEE_ERROR_GENERIC 0xFFFF0000 112 #define TEE_ERROR_ACCESS_DENIED 0xFFFF0001 113 #define TEE_ERROR_CANCEL 0xFFFF0002 114 #define TEE_ERROR_ACCESS_CONFLICT 0xFFFF0003 115 #define TEE_ERROR_EXCESS_DATA 0xFFFF0004 116 #define TEE_ERROR_BAD_FORMAT 0xFFFF0005 117 #define TEE_ERROR_BAD_PARAMETERS 0xFFFF0006 118 #define TEE_ERROR_BAD_STATE 0xFFFF0007 119 #define TEE_ERROR_ITEM_NOT_FOUND 0xFFFF0008 120 #define TEE_ERROR_NOT_IMPLEMENTED 0xFFFF0009 121 #define TEE_ERROR_NOT_SUPPORTED 0xFFFF000A 122 #define TEE_ERROR_NO_DATA 0xFFFF000B 123 #define TEE_ERROR_OUT_OF_MEMORY 0xFFFF000C 124 #define TEE_ERROR_BUSY 0xFFFF000D 125 #define TEE_ERROR_COMMUNICATION 0xFFFF000E 126 #define TEE_ERROR_SECURITY 0xFFFF000F 127 #define TEE_ERROR_SHORT_BUFFER 0xFFFF0010 128 #define TEE_ERROR_EXTERNAL_CANCEL 0xFFFF0011 129 #define TEE_ERROR_OVERFLOW 0xFFFF300F 130 #define TEE_ERROR_TARGET_DEAD 0xFFFF3024 131 #define TEE_ERROR_STORAGE_NO_SPACE 0xFFFF3041 132 #define TEE_ERROR_MAC_INVALID 0xFFFF3071 133 #define TEE_ERROR_SIGNATURE_INVALID 0xFFFF3072 134 #define TEE_ERROR_TIME_NOT_SET 0xFFFF5000 135 #define TEE_ERROR_TIME_NEEDS_RESET 0xFFFF5001 136 137 /* Parameter Type Constants */ 138 #define TEE_PARAM_TYPE_NONE 0 139 #define TEE_PARAM_TYPE_VALUE_INPUT 1 140 #define TEE_PARAM_TYPE_VALUE_OUTPUT 2 141 #define TEE_PARAM_TYPE_VALUE_INOUT 3 142 #define TEE_PARAM_TYPE_MEMREF_INPUT 5 143 #define TEE_PARAM_TYPE_MEMREF_OUTPUT 6 144 #define TEE_PARAM_TYPE_MEMREF_INOUT 7 145 146 /* Login Type Constants */ 147 #define TEE_LOGIN_PUBLIC 0x00000000 148 #define TEE_LOGIN_USER 0x00000001 149 #define TEE_LOGIN_GROUP 0x00000002 150 #define TEE_LOGIN_APPLICATION 0x00000004 151 #define TEE_LOGIN_APPLICATION_USER 0x00000005 152 #define TEE_LOGIN_APPLICATION_GROUP 0x00000006 153 #define TEE_LOGIN_TRUSTED_APP 0xF0000000 154 155 /* Origin Code Constants */ 156 #define TEE_ORIGIN_API 0x00000001 157 #define TEE_ORIGIN_COMMS 0x00000002 158 #define TEE_ORIGIN_TEE 0x00000003 159 #define TEE_ORIGIN_TRUSTED_APP 0x00000004 160 161 /* Property Sets pseudo handles */ 162 #define TEE_PROPSET_TEE_IMPLEMENTATION (TEE_PropSetHandle)0xFFFFFFFD 163 #define TEE_PROPSET_CURRENT_CLIENT (TEE_PropSetHandle)0xFFFFFFFE 164 #define TEE_PROPSET_CURRENT_TA (TEE_PropSetHandle)0xFFFFFFFF 165 166 /* Memory Access Rights Constants */ 167 #define TEE_MEMORY_ACCESS_READ 0x00000001 168 #define TEE_MEMORY_ACCESS_WRITE 0x00000002 169 #define TEE_MEMORY_ACCESS_ANY_OWNER 0x00000004 170 171 /* Memory Management Constant */ 172 #define TEE_MALLOC_FILL_ZERO 0x00000000 173 174 /* Other constants */ 175 #define TEE_STORAGE_PRIVATE 0x00000001 176 177 #define TEE_DATA_FLAG_ACCESS_READ 0x00000001 178 #define TEE_DATA_FLAG_ACCESS_WRITE 0x00000002 179 #define TEE_DATA_FLAG_ACCESS_WRITE_META 0x00000004 180 #define TEE_DATA_FLAG_SHARE_READ 0x00000010 181 #define TEE_DATA_FLAG_SHARE_WRITE 0x00000020 182 #define TEE_DATA_FLAG_OVERWRITE 0x00000400 183 #define TEE_DATA_MAX_POSITION 0xFFFFFFFF 184 #define TEE_OBJECT_ID_MAX_LEN 64 185 #define TEE_USAGE_EXTRACTABLE 0x00000001 186 #define TEE_USAGE_ENCRYPT 0x00000002 187 #define TEE_USAGE_DECRYPT 0x00000004 188 #define TEE_USAGE_MAC 0x00000008 189 #define TEE_USAGE_SIGN 0x00000010 190 #define TEE_USAGE_VERIFY 0x00000020 191 #define TEE_USAGE_DERIVE 0x00000040 192 #define TEE_HANDLE_FLAG_PERSISTENT 0x00010000 193 #define TEE_HANDLE_FLAG_INITIALIZED 0x00020000 194 #define TEE_HANDLE_FLAG_KEY_SET 0x00040000 195 #define TEE_HANDLE_FLAG_EXPECT_TWO_KEYS 0x00080000 196 #define TEE_OPERATION_CIPHER 1 197 #define TEE_OPERATION_MAC 3 198 #define TEE_OPERATION_AE 4 199 #define TEE_OPERATION_DIGEST 5 200 #define TEE_OPERATION_ASYMMETRIC_CIPHER 6 201 #define TEE_OPERATION_ASYMMETRIC_SIGNATURE 7 202 #define TEE_OPERATION_KEY_DERIVATION 8 203 #define TEE_OPERATION_STATE_INITIAL 0x00000000 204 #define TEE_OPERATION_STATE_ACTIVE 0x00000001 205 206 /* Algorithm Identifiers */ 207 #define TEE_ALG_AES_ECB_NOPAD 0x10000010 208 #define TEE_ALG_AES_CBC_NOPAD 0x10000110 209 #define TEE_ALG_AES_CTR 0x10000210 210 #define TEE_ALG_AES_CTS 0x10000310 211 #define TEE_ALG_AES_XTS 0x10000410 212 #define TEE_ALG_AES_CBC_MAC_NOPAD 0x30000110 213 #define TEE_ALG_AES_CBC_MAC_PKCS5 0x30000510 214 #define TEE_ALG_AES_CMAC 0x30000610 215 #define TEE_ALG_AES_CCM 0x40000710 216 #define TEE_ALG_AES_GCM 0x40000810 217 #define TEE_ALG_DES_ECB_NOPAD 0x10000011 218 #define TEE_ALG_DES_CBC_NOPAD 0x10000111 219 #define TEE_ALG_DES_CBC_MAC_NOPAD 0x30000111 220 #define TEE_ALG_DES_CBC_MAC_PKCS5 0x30000511 221 #define TEE_ALG_DES3_ECB_NOPAD 0x10000013 222 #define TEE_ALG_DES3_CBC_NOPAD 0x10000113 223 #define TEE_ALG_DES3_CBC_MAC_NOPAD 0x30000113 224 #define TEE_ALG_DES3_CBC_MAC_PKCS5 0x30000513 225 #define TEE_ALG_SM4_ECB_NOPAD 0x10000014 226 #define TEE_ALG_SM4_CBC_NOPAD 0x10000114 227 #define TEE_ALG_SM4_CTR 0x10000214 228 #define TEE_ALG_RSASSA_PKCS1_V1_5_MD5 0x70001830 229 #define TEE_ALG_RSASSA_PKCS1_V1_5_SHA1 0x70002830 230 #define TEE_ALG_RSASSA_PKCS1_V1_5_SHA224 0x70003830 231 #define TEE_ALG_RSASSA_PKCS1_V1_5_SHA256 0x70004830 232 #define TEE_ALG_RSASSA_PKCS1_V1_5_SHA384 0x70005830 233 #define TEE_ALG_RSASSA_PKCS1_V1_5_SHA512 0x70006830 234 #define TEE_ALG_RSASSA_PKCS1_V1_5_MD5SHA1 0x7000F830 235 #define TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1 0x70212930 236 #define TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224 0x70313930 237 #define TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256 0x70414930 238 #define TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384 0x70515930 239 #define TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512 0x70616930 240 #define TEE_ALG_RSAES_PKCS1_V1_5 0x60000130 241 #define TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1 0x60210230 242 #define TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224 0x60310230 243 #define TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256 0x60410230 244 #define TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384 0x60510230 245 #define TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512 0x60610230 246 #define TEE_ALG_RSA_NOPAD 0x60000030 247 #define TEE_ALG_DSA_SHA1 0x70002131 248 #define TEE_ALG_DSA_SHA224 0x70003131 249 #define TEE_ALG_DSA_SHA256 0x70004131 250 #define TEE_ALG_SM2_DSA_SM3 0x70006045 251 #define TEE_ALG_DH_DERIVE_SHARED_SECRET 0x80000032 252 #define TEE_ALG_SM2_KEP 0x60000045 253 #define TEE_ALG_MD5 0x50000001 254 #define TEE_ALG_SHA1 0x50000002 255 #define TEE_ALG_SHA224 0x50000003 256 #define TEE_ALG_SHA256 0x50000004 257 #define TEE_ALG_SHA384 0x50000005 258 #define TEE_ALG_SHA512 0x50000006 259 #define TEE_ALG_SHA3_224 0x50000008 260 #define TEE_ALG_SHA3_256 0x50000009 261 #define TEE_ALG_SHA3_384 0x5000000A 262 #define TEE_ALG_SHA3_512 0x5000000B 263 #define TEE_ALG_MD5SHA1 0x5000000F 264 #define TEE_ALG_HMAC_MD5 0x30000001 265 #define TEE_ALG_HMAC_SHA1 0x30000002 266 #define TEE_ALG_HMAC_SHA224 0x30000003 267 #define TEE_ALG_HMAC_SHA256 0x30000004 268 #define TEE_ALG_HMAC_SHA384 0x30000005 269 #define TEE_ALG_HMAC_SHA512 0x30000006 270 #define TEE_ALG_HMAC_SM3 0x30000007 271 /* 272 * Fix GP Internal Core API v1.1 273 * "Table 6-12: Structure of Algorithm Identifier" 274 * indicates ECDSA have the algorithm "0x41" and ECDH "0x42" 275 * whereas 276 * "Table 6-11: List of Algorithm Identifiers" defines 277 * TEE_ALG_ECDSA_P192 as 0x70001042 278 * 279 * We chose to define TEE_ALG_ECDSA_P192 as 0x70001041 (conform to table 6-12) 280 */ 281 #define TEE_ALG_ECDSA_P192 0x70001041 282 #define TEE_ALG_ECDSA_P224 0x70002041 283 #define TEE_ALG_ECDSA_P256 0x70003041 284 #define TEE_ALG_ECDSA_P384 0x70004041 285 #define TEE_ALG_ECDSA_P521 0x70005041 286 #define TEE_ALG_ED25519 0x70006043 /* v1.3.1 spec */ 287 #define TEE_ALG_ECDH_P192 0x80001042 288 #define TEE_ALG_ECDH_P224 0x80002042 289 #define TEE_ALG_ECDH_P256 0x80003042 290 #define TEE_ALG_ECDH_P384 0x80004042 291 #define TEE_ALG_ECDH_P521 0x80005042 292 #define TEE_ALG_SM2_PKE 0x80000045 293 #define TEE_ALG_SM3 0x50000007 294 #define TEE_ALG_X25519 0x80000044 295 #define TEE_ALG_ILLEGAL_VALUE 0xEFFFFFFF 296 297 /* Object Types */ 298 299 #define TEE_TYPE_AES 0xA0000010 300 #define TEE_TYPE_DES 0xA0000011 301 #define TEE_TYPE_DES3 0xA0000013 302 #define TEE_TYPE_SM4 0xA0000014 303 #define TEE_TYPE_HMAC_MD5 0xA0000001 304 #define TEE_TYPE_HMAC_SHA1 0xA0000002 305 #define TEE_TYPE_HMAC_SHA224 0xA0000003 306 #define TEE_TYPE_HMAC_SHA256 0xA0000004 307 #define TEE_TYPE_HMAC_SHA384 0xA0000005 308 #define TEE_TYPE_HMAC_SHA512 0xA0000006 309 #define TEE_TYPE_HMAC_SM3 0xA0000007 /* Not in spec */ 310 #define TEE_TYPE_RSA_PUBLIC_KEY 0xA0000030 311 #define TEE_TYPE_RSA_KEYPAIR 0xA1000030 312 #define TEE_TYPE_DSA_PUBLIC_KEY 0xA0000031 313 #define TEE_TYPE_DSA_KEYPAIR 0xA1000031 314 #define TEE_TYPE_DH_KEYPAIR 0xA1000032 315 #define TEE_TYPE_ECDSA_PUBLIC_KEY 0xA0000041 316 #define TEE_TYPE_ECDSA_KEYPAIR 0xA1000041 317 #define TEE_TYPE_ECDH_PUBLIC_KEY 0xA0000042 318 #define TEE_TYPE_ECDH_KEYPAIR 0xA1000042 319 #define TEE_TYPE_ED25519_PUBLIC_KEY 0xA0000043 /* v1.3.1 spec */ 320 #define TEE_TYPE_ED25519_KEYPAIR 0xA1000043 /* v1.3.1 spec */ 321 #define TEE_TYPE_SM2_DSA_PUBLIC_KEY 0xA0000045 322 #define TEE_TYPE_SM2_DSA_KEYPAIR 0xA1000045 323 #define TEE_TYPE_SM2_KEP_PUBLIC_KEY 0xA0000046 324 #define TEE_TYPE_SM2_KEP_KEYPAIR 0xA1000046 325 #define TEE_TYPE_SM2_PKE_PUBLIC_KEY 0xA0000047 326 #define TEE_TYPE_SM2_PKE_KEYPAIR 0xA1000047 327 #define TEE_TYPE_GENERIC_SECRET 0xA0000000 328 #define TEE_TYPE_CORRUPTED_OBJECT 0xA00000BE 329 #define TEE_TYPE_DATA 0xA00000BF 330 #define TEE_TYPE_X25519_PUBLIC_KEY 0xA0000044 331 #define TEE_TYPE_X25519_KEYPAIR 0xA1000044 332 333 /* List of Object or Operation Attributes */ 334 335 #define TEE_ATTR_SECRET_VALUE 0xC0000000 336 #define TEE_ATTR_RSA_MODULUS 0xD0000130 337 #define TEE_ATTR_RSA_PUBLIC_EXPONENT 0xD0000230 338 #define TEE_ATTR_RSA_PRIVATE_EXPONENT 0xC0000330 339 #define TEE_ATTR_RSA_PRIME1 0xC0000430 340 #define TEE_ATTR_RSA_PRIME2 0xC0000530 341 #define TEE_ATTR_RSA_EXPONENT1 0xC0000630 342 #define TEE_ATTR_RSA_EXPONENT2 0xC0000730 343 #define TEE_ATTR_RSA_COEFFICIENT 0xC0000830 344 #define TEE_ATTR_DSA_PRIME 0xD0001031 345 #define TEE_ATTR_DSA_SUBPRIME 0xD0001131 346 #define TEE_ATTR_DSA_BASE 0xD0001231 347 #define TEE_ATTR_DSA_PUBLIC_VALUE 0xD0000131 348 #define TEE_ATTR_DSA_PRIVATE_VALUE 0xC0000231 349 #define TEE_ATTR_DH_PRIME 0xD0001032 350 #define TEE_ATTR_DH_SUBPRIME 0xD0001132 351 #define TEE_ATTR_DH_BASE 0xD0001232 352 #define TEE_ATTR_DH_X_BITS 0xF0001332 353 #define TEE_ATTR_DH_PUBLIC_VALUE 0xD0000132 354 #define TEE_ATTR_DH_PRIVATE_VALUE 0xC0000232 355 #define TEE_ATTR_RSA_OAEP_LABEL 0xD0000930 356 #define TEE_ATTR_RSA_PSS_SALT_LENGTH 0xF0000A30 357 #define TEE_ATTR_ECC_PUBLIC_VALUE_X 0xD0000141 358 #define TEE_ATTR_ECC_PUBLIC_VALUE_Y 0xD0000241 359 #define TEE_ATTR_ECC_PRIVATE_VALUE 0xC0000341 360 #define TEE_ATTR_ECC_CURVE 0xF0000441 361 #define TEE_ATTR_SM2_ID_INITIATOR 0xD0000446 362 #define TEE_ATTR_SM2_ID_RESPONDER 0xD0000546 363 #define TEE_ATTR_SM2_KEP_USER 0xF0000646 364 #define TEE_ATTR_SM2_KEP_CONFIRMATION_IN 0xD0000746 365 #define TEE_ATTR_SM2_KEP_CONFIRMATION_OUT 0xD0000846 366 367 /* 368 * Commit 5b385b3f835d ("core: crypto: add support for SM2 KEP") defined by 369 * mistake the wrong values for these two. OP-TEE recognizes these two as 370 * alternative IDs in parallel with the correct official values when 371 * supplied as parameters when deriving a key using the TEE_ALG_SM2_KEP 372 * algorithm. 373 */ 374 #define __OPTEE_SM2_KEP_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X 0xD0000946 375 #define __OPTEE_SM2_KEP_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y 0xD0000A46 376 377 #define TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X 0xD0000146 378 #define TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y 0xD0000246 379 #define TEE_ATTR_EDDSA_CTX 0xD0000643 /* v1.3.1 spec */ 380 #define TEE_ATTR_ED25519_PUBLIC_VALUE 0xD0000743 /* v1.3.1 spec */ 381 #define TEE_ATTR_ED25519_PRIVATE_VALUE 0xC0000843 /* v1.3.1 spec */ 382 #define TEE_ATTR_X25519_PUBLIC_VALUE 0xD0000944 383 #define TEE_ATTR_X25519_PRIVATE_VALUE 0xC0000A44 384 #define TEE_ATTR_EDDSA_PREHASH 0xF0000004 /* v1.3.1 spec */ 385 386 #define TEE_ATTR_FLAG_PUBLIC (1 << 28) 387 #define TEE_ATTR_FLAG_VALUE (1 << 29) 388 /* 389 * Deprecated, but kept for backwards compatibility 390 * 391 * Be careful with GPD TEE Internal API specification v1.0 where table 6-12 392 * defines BIT [28] with the right meaning whereas sections 5.4.3 and 5.4.4 393 * falsely describe a reversed bit flag value meaning. 394 */ 395 #define TEE_ATTR_BIT_PROTECTED TEE_ATTR_FLAG_PUBLIC 396 #define TEE_ATTR_BIT_VALUE TEE_ATTR_FLAG_VALUE 397 398 /* List of Supported ECC Curves */ 399 #define TEE_CRYPTO_ELEMENT_NONE 0x00000000 400 #define TEE_ECC_CURVE_NIST_P192 0x00000001 401 #define TEE_ECC_CURVE_NIST_P224 0x00000002 402 #define TEE_ECC_CURVE_NIST_P256 0x00000003 403 #define TEE_ECC_CURVE_NIST_P384 0x00000004 404 #define TEE_ECC_CURVE_NIST_P521 0x00000005 405 #define TEE_ECC_CURVE_25519 0x00000300 406 #define TEE_ECC_CURVE_SM2 0x00000400 407 408 /* Panicked Functions Identification */ 409 /* TA Interface */ 410 #define TEE_PANIC_ID_TA_CLOSESESSIONENTRYPOINT 0x00000101 411 #define TEE_PANIC_ID_TA_CREATEENTRYPOINT 0x00000102 412 #define TEE_PANIC_ID_TA_DESTROYENTRYPOINT 0x00000103 413 #define TEE_PANIC_ID_TA_INVOKECOMMANDENTRYPOINT 0x00000104 414 #define TEE_PANIC_ID_TA_OPENSESSIONENTRYPOINT 0x00000105 415 /* Property Access */ 416 #define TEE_PANIC_ID_TEE_ALLOCATEPROPERTYENUMERATOR 0x00000201 417 #define TEE_PANIC_ID_TEE_FREEPROPERTYENUMERATOR 0x00000202 418 #define TEE_PANIC_ID_TEE_GETNEXTPROPERTY 0x00000203 419 #define TEE_PANIC_ID_TEE_GETPROPERTYASBINARYBLOCK 0x00000204 420 #define TEE_PANIC_ID_TEE_GETPROPERTYASBOOL 0x00000205 421 #define TEE_PANIC_ID_TEE_GETPROPERTYASIDENTITY 0x00000206 422 #define TEE_PANIC_ID_TEE_GETPROPERTYASSTRING 0x00000207 423 #define TEE_PANIC_ID_TEE_GETPROPERTYASU32 0x00000208 424 #define TEE_PANIC_ID_TEE_GETPROPERTYASUUID 0x00000209 425 #define TEE_PANIC_ID_TEE_GETPROPERTYNAME 0x0000020A 426 #define TEE_PANIC_ID_TEE_RESETPROPERTYENUMERATOR 0x0000020B 427 #define TEE_PANIC_ID_TEE_STARTPROPERTYENUMERATOR 0x0000020C 428 /* Panic Function */ 429 #define TEE_PANIC_ID_TEE_PANIC 0x00000301 430 /* Internal Client API */ 431 #define TEE_PANIC_ID_TEE_CLOSETASESSION 0x00000401 432 #define TEE_PANIC_ID_TEE_INVOKETACOMMAND 0x00000402 433 #define TEE_PANIC_ID_TEE_OPENTASESSION 0x00000403 434 /* Cancellation */ 435 #define TEE_PANIC_ID_TEE_GETCANCELLATIONFLAG 0x00000501 436 #define TEE_PANIC_ID_TEE_MASKCANCELLATION 0x00000502 437 #define TEE_PANIC_ID_TEE_UNMASKCANCELLATION 0x00000503 438 /* Memory Management */ 439 #define TEE_PANIC_ID_TEE_CHECKMEMORYACCESSRIGHTS 0x00000601 440 #define TEE_PANIC_ID_TEE_FREE 0x00000602 441 #define TEE_PANIC_ID_TEE_GETINSTANCEDATA 0x00000603 442 #define TEE_PANIC_ID_TEE_MALLOC 0x00000604 443 #define TEE_PANIC_ID_TEE_MEMCOMPARE 0x00000605 444 #define TEE_PANIC_ID_TEE_MEMFILL 0x00000606 445 #define TEE_PANIC_ID_TEE_MEMMOVE 0x00000607 446 #define TEE_PANIC_ID_TEE_REALLOC 0x00000608 447 #define TEE_PANIC_ID_TEE_SETINSTANCEDATA 0x00000609 448 /* Generic Object */ 449 #define TEE_PANIC_ID_TEE_CLOSEOBJECT 0x00000701 450 #define TEE_PANIC_ID_TEE_GETOBJECTBUFFERATTRIBUTE 0x00000702 451 /* deprecated */ 452 #define TEE_PANIC_ID_TEE_GETOBJECTINFO 0x00000703 453 #define TEE_PANIC_ID_TEE_GETOBJECTVALUEATTRIBUTE 0x00000704 454 /* deprecated */ 455 #define TEE_PANIC_ID_TEE_RESTRICTOBJECTUSAGE 0x00000705 456 #define TEE_PANIC_ID_TEE_GETOBJECTINFO1 0x00000706 457 #define TEE_PANIC_ID_TEE_RESTRICTOBJECTUSAGE1 0x00000707 458 /* Transient Object */ 459 #define TEE_PANIC_ID_TEE_ALLOCATETRANSIENTOBJECT 0x00000801 460 /* deprecated */ 461 #define TEE_PANIC_ID_TEE_COPYOBJECTATTRIBUTES 0x00000802 462 #define TEE_PANIC_ID_TEE_FREETRANSIENTOBJECT 0x00000803 463 #define TEE_PANIC_ID_TEE_GENERATEKEY 0x00000804 464 #define TEE_PANIC_ID_TEE_INITREFATTRIBUTE 0x00000805 465 #define TEE_PANIC_ID_TEE_INITVALUEATTRIBUTE 0x00000806 466 #define TEE_PANIC_ID_TEE_POPULATETRANSIENTOBJECT 0x00000807 467 #define TEE_PANIC_ID_TEE_RESETTRANSIENTOBJECT 0x00000808 468 #define TEE_PANIC_ID_TEE_COPYOBJECTATTRIBUTES1 0x00000809 469 /* Persistent Object */ 470 /* deprecated */ 471 #define TEE_PANIC_ID_TEE_CLOSEANDDELETEPERSISTENTOBJECT 0x00000901 472 #define TEE_PANIC_ID_TEE_CREATEPERSISTENTOBJECT 0x00000902 473 #define TEE_PANIC_ID_TEE_OPENPERSISTENTOBJECT 0x00000903 474 #define TEE_PANIC_ID_TEE_RENAMEPERSISTENTOBJECT 0x00000904 475 #define TEE_PANIC_ID_TEE_CLOSEANDDELETEPERSISTENTOBJECT1 0x00000905 476 /* Persistent Object Enumeration */ 477 #define TEE_PANIC_ID_TEE_ALLOCATEPERSISTENTOBJECTENUMERATOR 0x00000A01 478 #define TEE_PANIC_ID_TEE_FREEPERSISTENTOBJECTENUMERATOR 0x00000A02 479 #define TEE_PANIC_ID_TEE_GETNEXTPERSISTENTOBJECT 0x00000A03 480 #define TEE_PANIC_ID_TEE_RESETPERSISTENTOBJECTENUMERATOR 0x00000A04 481 #define TEE_PANIC_ID_TEE_STARTPERSISTENTOBJECTENUMERATOR 0x00000A05 482 /* Data Stream Access */ 483 #define TEE_PANIC_ID_TEE_READOBJECTDATA 0x00000B01 484 #define TEE_PANIC_ID_TEE_SEEKOBJECTDATA 0x00000B02 485 #define TEE_PANIC_ID_TEE_TRUNCATEOBJECTDATA 0x00000B03 486 #define TEE_PANIC_ID_TEE_WRITEOBJECTDATA 0x00000B04 487 /* Generic Operation */ 488 #define TEE_PANIC_ID_TEE_ALLOCATEOPERATION 0x00000C01 489 #define TEE_PANIC_ID_TEE_COPYOPERATION 0x00000C02 490 #define TEE_PANIC_ID_TEE_FREEOPERATION 0x00000C03 491 #define TEE_PANIC_ID_TEE_GETOPERATIONINFO 0x00000C04 492 #define TEE_PANIC_ID_TEE_RESETOPERATION 0x00000C05 493 #define TEE_PANIC_ID_TEE_SETOPERATIONKEY 0x00000C06 494 #define TEE_PANIC_ID_TEE_SETOPERATIONKEY2 0x00000C07 495 #define TEE_PANIC_ID_TEE_GETOPERATIONINFOMULTIPLE 0x00000C08 496 /* Message Digest */ 497 #define TEE_PANIC_ID_TEE_DIGESTDOFINAL 0x00000D01 498 #define TEE_PANIC_ID_TEE_DIGESTUPDATE 0x00000D02 499 /* Symmetric Cipher */ 500 #define TEE_PANIC_ID_TEE_CIPHERDOFINAL 0x00000E01 501 #define TEE_PANIC_ID_TEE_CIPHERINIT 0x00000E02 502 #define TEE_PANIC_ID_TEE_CIPHERUPDATE 0x00000E03 503 /* MAC */ 504 #define TEE_PANIC_ID_TEE_MACCOMPAREFINAL 0x00000F01 505 #define TEE_PANIC_ID_TEE_MACCOMPUTEFINAL 0x00000F02 506 #define TEE_PANIC_ID_TEE_MACINIT 0x00000F03 507 #define TEE_PANIC_ID_TEE_MACUPDATE 0x00000F04 508 /* Authenticated Encryption */ 509 #define TEE_PANIC_ID_TEE_AEDECRYPTFINAL 0x00001001 510 #define TEE_PANIC_ID_TEE_AEENCRYPTFINAL 0x00001002 511 #define TEE_PANIC_ID_TEE_AEINIT 0x00001003 512 #define TEE_PANIC_ID_TEE_AEUPDATE 0x00001004 513 #define TEE_PANIC_ID_TEE_AEUPDATEAAD 0x00001005 514 /* Asymmetric */ 515 #define TEE_PANIC_ID_TEE_ASYMMETRICDECRYPT 0x00001101 516 #define TEE_PANIC_ID_TEE_ASYMMETRICENCRYPT 0x00001102 517 #define TEE_PANIC_ID_TEE_ASYMMETRICSIGNDIGEST 0x00001103 518 #define TEE_PANIC_ID_TEE_ASYMMETRICVERIFYDIGEST 0x00001104 519 /* Key Derivation */ 520 #define TEE_PANIC_ID_TEE_DERIVEKEY 0x00001201 521 /* Random Data Generation */ 522 #define TEE_PANIC_ID_TEE_GENERATERANDOM 0x00001301 523 /* Time */ 524 #define TEE_PANIC_ID_TEE_GETREETIME 0x00001401 525 #define TEE_PANIC_ID_TEE_GETSYSTEMTIME 0x00001402 526 #define TEE_PANIC_ID_TEE_GETTAPERSISTENTTIME 0x00001403 527 #define TEE_PANIC_ID_TEE_SETTAPERSISTENTTIME 0x00001404 528 #define TEE_PANIC_ID_TEE_WAIT 0x00001405 529 /* Memory Allocation and Size of Objects */ 530 #define TEE_PANIC_ID_TEE_BIGINTFMMCONTEXTSIZEINU32 0x00001501 531 #define TEE_PANIC_ID_TEE_BIGINTFMMSIZEINU32 0x00001502 532 /* Initialization */ 533 #define TEE_PANIC_ID_TEE_BIGINTINIT 0x00001601 534 #define TEE_PANIC_ID_TEE_BIGINTINITFMM 0x00001602 535 #define TEE_PANIC_ID_TEE_BIGINTINITFMMCONTEXT 0x00001603 536 /* Converter */ 537 #define TEE_PANIC_ID_TEE_BIGINTCONVERTFROMOCTETSTRING 0x00001701 538 #define TEE_PANIC_ID_TEE_BIGINTCONVERTFROMS32 0x00001702 539 #define TEE_PANIC_ID_TEE_BIGINTCONVERTTOOCTETSTRING 0x00001703 540 #define TEE_PANIC_ID_TEE_BIGINTCONVERTTOS32 0x00001704 541 /* Logical Operation */ 542 #define TEE_PANIC_ID_TEE_BIGINTCMP 0x00001801 543 #define TEE_PANIC_ID_TEE_BIGINTCMPS32 0x00001802 544 #define TEE_PANIC_ID_TEE_BIGINTGETBIT 0x00001803 545 #define TEE_PANIC_ID_TEE_BIGINTGETBITCOUNT 0x00001804 546 #define TEE_PANIC_ID_TEE_BIGINTSHIFTRIGHT 0x00001805 547 /* Basic Arithmetic */ 548 #define TEE_PANIC_ID_TEE_BIGINTADD 0x00001901 549 #define TEE_PANIC_ID_TEE_BIGINTDIV 0x00001902 550 #define TEE_PANIC_ID_TEE_BIGINTMUL 0x00001903 551 #define TEE_PANIC_ID_TEE_BIGINTNEG 0x00001904 552 #define TEE_PANIC_ID_TEE_BIGINTSQUARE 0x00001905 553 #define TEE_PANIC_ID_TEE_BIGINTSUB 0x00001906 554 /* Modular Arithmetic */ 555 #define TEE_PANIC_ID_TEE_BIGINTADDMOD 0x00001A01 556 #define TEE_PANIC_ID_TEE_BIGINTINVMOD 0x00001A02 557 #define TEE_PANIC_ID_TEE_BIGINTMOD 0x00001A03 558 #define TEE_PANIC_ID_TEE_BIGINTMULMOD 0x00001A04 559 #define TEE_PANIC_ID_TEE_BIGINTSQUAREMOD 0x00001A05 560 #define TEE_PANIC_ID_TEE_BIGINTSUBMOD 0x00001A06 561 /* Other Arithmetic */ 562 #define TEE_PANIC_ID_TEE_BIGINTCOMPUTEEXTENDEDGCD 0x00001B01 563 #define TEE_PANIC_ID_TEE_BIGINTISPROBABLEPRIME 0x00001B02 564 #define TEE_PANIC_ID_TEE_BIGINTRELATIVEPRIME 0x00001B03 565 /* Fast Modular Multiplication */ 566 #define TEE_PANIC_ID_TEE_BIGINTCOMPUTEFMM 0x00001C01 567 #define TEE_PANIC_ID_TEE_BIGINTCONVERTFROMFMM 0x00001C02 568 #define TEE_PANIC_ID_TEE_BIGINTCONVERTTOFMM 0x00001C03 569 570 /* 571 * The macro TEE_PARAM_TYPES can be used to construct a value that you can 572 * compare against an incoming paramTypes to check the type of all the 573 * parameters in one comparison, like in the following example: 574 * if (paramTypes != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, 575 * TEE_PARAM_TYPE_MEMREF_OUPUT, 576 * TEE_PARAM_TYPE_NONE, TEE_PARAM_TYPE_NONE)) { 577 * return TEE_ERROR_BAD_PARAMETERS; 578 * } 579 */ 580 #define TEE_PARAM_TYPES(t0,t1,t2,t3) \ 581 ((t0) | ((t1) << 4) | ((t2) << 8) | ((t3) << 12)) 582 583 /* 584 * The macro TEE_PARAM_TYPE_GET can be used to extract the type of a given 585 * parameter from paramTypes if you need more fine-grained type checking. 586 */ 587 #define TEE_PARAM_TYPE_GET(t, i) ((((uint32_t)t) >> ((i)*4)) & 0xF) 588 589 /* 590 * The macro TEE_PARAM_TYPE_SET can be used to load the type of a given 591 * parameter from paramTypes without specifying all types (TEE_PARAM_TYPES) 592 */ 593 #define TEE_PARAM_TYPE_SET(t, i) (((uint32_t)(t) & 0xF) << ((i)*4)) 594 595 /* Not specified in the standard */ 596 #define TEE_NUM_PARAMS 4 597 598 /* TEE Arithmetical APIs */ 599 600 #define TEE_BigIntSizeInU32(n) ((((n)+31)/32)+2) 601 602 #endif /* TEE_API_DEFINES_H */ 603