1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * Copyright (c) 2014, STMicroelectronics International N.V. 4 * Copyright (c) 2022, Linaro Limited 5 */ 6 7 /* Based on GP TEE Internal Core API Specification Version 1.3.1 */ 8 9 #ifndef TEE_API_DEFINES_H 10 #define TEE_API_DEFINES_H 11 12 #define TEE_CORE_API_MAJOR_VERSION 1U 13 #define TEE_CORE_API_MINOR_VERSION 3U 14 #define TEE_CORE_API_MAINTENANCE_VERSION 1U 15 #define TEE_CORE_API_VERSION \ 16 ((TEE_CORE_API_MAJOR_VERSION << 24) | \ 17 (TEE_CORE_API_MINOR_VERSION << 16) | \ 18 (TEE_CORE_API_MAINTENANCE_VERSION << 8)) 19 #define TEE_CORE_API_1_3_1 20 21 /* 22 * Below follows the GP defined way of letting a TA define that it wants an 23 * API compatible with version 1.1 or the latest. An alternative approach 24 * is to set __OPTEE_CORE_API_COMPAT_1_1, but that's an OP-TEE extension. 25 * 26 * The GP specs (>= 1.2) requires that only APIs defined in the indicated 27 * version SHALL be made available when using this mechanism. However, that 28 * is far beyond what ordinary standards requires as they permit 29 * extensions. With this, in OP-TEE, extensions and new API that doesn't 30 * interfere with the selected version of the standard will be permitted. 31 */ 32 #if defined(TEE_CORE_API_REQUIRED_MAINTENANCE_VERSION) && \ 33 !defined(TEE_CORE_API_REQUIRED_MINOR_VERSION) 34 #error "Required TEE_CORE_API_REQUIRED_MINOR_VERSION undefined" 35 #endif 36 #if defined(TEE_CORE_API_REQUIRED_MINOR_VERSION) && \ 37 !defined(TEE_CORE_API_REQUIRED_MAJOR_VERSION) 38 #error "Required TEE_CORE_API_REQUIRED_MAJOR_VERSION undefined" 39 #endif 40 41 #if defined(TEE_CORE_API_REQUIRED_MAJOR_VERSION) 42 #if TEE_CORE_API_REQUIRED_MAJOR_VERSION != 1 && \ 43 TEE_CORE_API_REQUIRED_MAJOR_VERSION != 0 44 #error "Required major version not supported" 45 #endif 46 #ifdef TEE_CORE_API_REQUIRED_MINOR_VERSION 47 #if TEE_CORE_API_REQUIRED_MINOR_VERSION == 1 48 #define __OPTEE_CORE_API_COMPAT_1_1 1 49 #else 50 #error "Required minor version not supported" 51 #endif 52 #if defined(TEE_CORE_API_REQUIRED_MAINTENANCE_VERSION) && \ 53 TEE_CORE_API_REQUIRED_MAINTENANCE_VERSION != 0 54 #error "Required maintenance version not supported" 55 #endif 56 #endif 57 #endif 58 59 /* 60 * For backwards compatibility with v1.1 as provided by up to OP-TEE 61 * version 3.19.0, define __OPTEE_CORE_API_COMPAT_1_1 to 1. 62 * 63 * Some versions of the GP specs have introduced backwards incompatible 64 * changes. For example the v1.0: 65 * 66 * TEE_Result TEE_DigestDoFinal(TEE_OperationHandle operation, 67 * const void *chunk, uint32_t chunkLen, 68 * void *hash, uint32_t *hashLen); 69 * 70 * Was changed in v1.1.1 to this: 71 * 72 * TEE_Result TEE_DigestDoFinal(TEE_OperationHandle operation, 73 * const void *chunk, size_t chunkLen, 74 * void *hash, size_t *hashLen); 75 * 76 * Note the type change for "hashLen", a source of problem especially on 77 * platforms where size_t is a 64-bit unsigned integer. 78 * 79 * As a way of allowing older TAs to be compiled with a newer version of 80 * the API we can turn off or hide different incompatible changes. New 81 * features which are not interfering with older versions of the API are 82 * not disabled. So by enabling __OPTEE_CORE_API_COMPAT_1_1 will not result 83 * in pure 1.1 API, it will be a hybrid API that should work with most TAs 84 * not yet updated to the new API. 85 * 86 * Backwards compatibility is provided by duplicating all functions that 87 * has changed since v1.1. The original function is given a "__GP11_" 88 * prefix and preprocessor macros are used to let a legacy TA use the old 89 * function instead. The same principle applies to defined types. 90 */ 91 #ifndef __OPTEE_CORE_API_COMPAT_1_1 92 #define __OPTEE_CORE_API_COMPAT_1_1 0 93 #endif 94 95 #define TEE_HANDLE_NULL 0 96 97 #define TEE_TIMEOUT_INFINITE 0xFFFFFFFF 98 99 /* API Error Codes */ 100 #define TEE_SUCCESS 0x00000000 101 #define TEE_ERROR_CORRUPT_OBJECT 0xF0100001 102 #define TEE_ERROR_CORRUPT_OBJECT_2 0xF0100002 103 #define TEE_ERROR_STORAGE_NOT_AVAILABLE 0xF0100003 104 #define TEE_ERROR_STORAGE_NOT_AVAILABLE_2 0xF0100004 105 #define TEE_ERROR_UNSUPPORTED_VERSION 0xF0100005 106 #define TEE_ERROR_CIPHERTEXT_INVALID 0xF0100006 107 #define TEE_ERROR_GENERIC 0xFFFF0000 108 #define TEE_ERROR_ACCESS_DENIED 0xFFFF0001 109 #define TEE_ERROR_CANCEL 0xFFFF0002 110 #define TEE_ERROR_ACCESS_CONFLICT 0xFFFF0003 111 #define TEE_ERROR_EXCESS_DATA 0xFFFF0004 112 #define TEE_ERROR_BAD_FORMAT 0xFFFF0005 113 #define TEE_ERROR_BAD_PARAMETERS 0xFFFF0006 114 #define TEE_ERROR_BAD_STATE 0xFFFF0007 115 #define TEE_ERROR_ITEM_NOT_FOUND 0xFFFF0008 116 #define TEE_ERROR_NOT_IMPLEMENTED 0xFFFF0009 117 #define TEE_ERROR_NOT_SUPPORTED 0xFFFF000A 118 #define TEE_ERROR_NO_DATA 0xFFFF000B 119 #define TEE_ERROR_OUT_OF_MEMORY 0xFFFF000C 120 #define TEE_ERROR_BUSY 0xFFFF000D 121 #define TEE_ERROR_COMMUNICATION 0xFFFF000E 122 #define TEE_ERROR_SECURITY 0xFFFF000F 123 #define TEE_ERROR_SHORT_BUFFER 0xFFFF0010 124 #define TEE_ERROR_EXTERNAL_CANCEL 0xFFFF0011 125 #define TEE_ERROR_TIMEOUT 0xFFFF3001 126 #define TEE_ERROR_OVERFLOW 0xFFFF300F 127 #define TEE_ERROR_TARGET_DEAD 0xFFFF3024 128 #define TEE_ERROR_STORAGE_NO_SPACE 0xFFFF3041 129 #define TEE_ERROR_MAC_INVALID 0xFFFF3071 130 #define TEE_ERROR_SIGNATURE_INVALID 0xFFFF3072 131 #define TEE_ERROR_TIME_NOT_SET 0xFFFF5000 132 #define TEE_ERROR_TIME_NEEDS_RESET 0xFFFF5001 133 134 /* Parameter Type Constants */ 135 #define TEE_PARAM_TYPE_NONE 0 136 #define TEE_PARAM_TYPE_VALUE_INPUT 1 137 #define TEE_PARAM_TYPE_VALUE_OUTPUT 2 138 #define TEE_PARAM_TYPE_VALUE_INOUT 3 139 #define TEE_PARAM_TYPE_MEMREF_INPUT 5 140 #define TEE_PARAM_TYPE_MEMREF_OUTPUT 6 141 #define TEE_PARAM_TYPE_MEMREF_INOUT 7 142 143 /* Login Type Constants */ 144 #define TEE_LOGIN_PUBLIC 0x00000000 145 #define TEE_LOGIN_USER 0x00000001 146 #define TEE_LOGIN_GROUP 0x00000002 147 #define TEE_LOGIN_APPLICATION 0x00000004 148 #define TEE_LOGIN_APPLICATION_USER 0x00000005 149 #define TEE_LOGIN_APPLICATION_GROUP 0x00000006 150 #define TEE_LOGIN_TRUSTED_APP 0xF0000000 151 152 /* Origin Code Constants */ 153 #define TEE_ORIGIN_API 0x00000001 154 #define TEE_ORIGIN_COMMS 0x00000002 155 #define TEE_ORIGIN_TEE 0x00000003 156 #define TEE_ORIGIN_TRUSTED_APP 0x00000004 157 158 /* Property Sets pseudo handles */ 159 #define TEE_PROPSET_TEE_IMPLEMENTATION (TEE_PropSetHandle)0xFFFFFFFD 160 #define TEE_PROPSET_CURRENT_CLIENT (TEE_PropSetHandle)0xFFFFFFFE 161 #define TEE_PROPSET_CURRENT_TA (TEE_PropSetHandle)0xFFFFFFFF 162 163 /* Memory Access Rights Constants */ 164 #define TEE_MEMORY_ACCESS_READ 0x00000001 165 #define TEE_MEMORY_ACCESS_WRITE 0x00000002 166 #define TEE_MEMORY_ACCESS_ANY_OWNER 0x00000004 167 168 /* Memory Management Constant */ 169 #define TEE_MALLOC_FILL_ZERO 0x00000000 170 #define TEE_MALLOC_NO_FILL 0x00000001 171 #define TEE_MALLOC_NO_SHARE 0x00000002 172 173 /* TEE_Whence Constants */ 174 #define TEE_DATA_SEEK_SET 0x00000000 175 #define TEE_DATA_SEEK_CUR 0x00000001 176 #define TEE_DATA_SEEK_END 0x00000002 177 #define TEE_WHENCE_ILLEGAL_VALUE 0x7FFFFFFF 178 179 /* TEE_OperationMode Values */ 180 #define TEE_MODE_ENCRYPT 0x00000000 181 #define TEE_MODE_DECRYPT 0x00000001 182 #define TEE_MODE_SIGN 0x00000002 183 #define TEE_MODE_VERIFY 0x00000003 184 #define TEE_MODE_MAC 0x00000004 185 #define TEE_MODE_DIGEST 0x00000005 186 #define TEE_MODE_DERIVE 0x00000006 187 #define TEE_MODE_ILLEGAL_VALUE 0x7FFFFFFF 188 189 /* Other constants */ 190 #define TEE_STORAGE_PRIVATE 0x00000001 191 192 #define TEE_DATA_FLAG_ACCESS_READ 0x00000001 193 #define TEE_DATA_FLAG_ACCESS_WRITE 0x00000002 194 #define TEE_DATA_FLAG_ACCESS_WRITE_META 0x00000004 195 #define TEE_DATA_FLAG_SHARE_READ 0x00000010 196 #define TEE_DATA_FLAG_SHARE_WRITE 0x00000020 197 #define TEE_DATA_FLAG_OVERWRITE 0x00000400 198 #define TEE_DATA_MAX_POSITION 0xFFFFFFFF 199 #define TEE_OBJECT_ID_MAX_LEN 64 200 #define TEE_USAGE_EXTRACTABLE 0x00000001 201 #define TEE_USAGE_ENCRYPT 0x00000002 202 #define TEE_USAGE_DECRYPT 0x00000004 203 #define TEE_USAGE_MAC 0x00000008 204 #define TEE_USAGE_SIGN 0x00000010 205 #define TEE_USAGE_VERIFY 0x00000020 206 #define TEE_USAGE_DERIVE 0x00000040 207 #define TEE_HANDLE_FLAG_PERSISTENT 0x00010000 208 #define TEE_HANDLE_FLAG_INITIALIZED 0x00020000 209 #define TEE_HANDLE_FLAG_KEY_SET 0x00040000 210 #define TEE_HANDLE_FLAG_EXPECT_TWO_KEYS 0x00080000 211 #define TEE_HANDLE_FLAG_EXTRACTING 0x00100000 212 #define TEE_OPERATION_CIPHER 1 213 #define TEE_OPERATION_MAC 3 214 #define TEE_OPERATION_AE 4 215 #define TEE_OPERATION_DIGEST 5 216 #define TEE_OPERATION_ASYMMETRIC_CIPHER 6 217 #define TEE_OPERATION_ASYMMETRIC_SIGNATURE 7 218 #define TEE_OPERATION_KEY_DERIVATION 8 219 #define TEE_OPERATION_STATE_INITIAL 0x00000000 220 #define TEE_OPERATION_STATE_ACTIVE 0x00000001 221 #define TEE_OPERATION_STATE_EXTRACTING 0x00000002 222 223 /* Algorithm Identifiers */ 224 #define TEE_ALG_AES_ECB_NOPAD 0x10000010 225 #define TEE_ALG_AES_CBC_NOPAD 0x10000110 226 #define TEE_ALG_AES_CTR 0x10000210 227 #define TEE_ALG_AES_CTS 0x10000310 228 #define TEE_ALG_AES_XTS 0x10000410 229 #define TEE_ALG_AES_CBC_MAC_NOPAD 0x30000110 230 #define TEE_ALG_AES_CBC_MAC_PKCS5 0x30000510 231 #define TEE_ALG_AES_CMAC 0x30000610 232 #define TEE_ALG_AES_CCM 0x40000710 233 #define TEE_ALG_AES_GCM 0x40000810 234 #define TEE_ALG_DES_ECB_NOPAD 0x10000011 235 #define TEE_ALG_DES_CBC_NOPAD 0x10000111 236 #define TEE_ALG_DES_CBC_MAC_NOPAD 0x30000111 237 #define TEE_ALG_DES_CBC_MAC_PKCS5 0x30000511 238 #define TEE_ALG_DES3_ECB_NOPAD 0x10000013 239 #define TEE_ALG_DES3_CBC_NOPAD 0x10000113 240 #define TEE_ALG_DES3_CBC_MAC_NOPAD 0x30000113 241 #define TEE_ALG_DES3_CBC_MAC_PKCS5 0x30000513 242 #define TEE_ALG_SM4_ECB_NOPAD 0x10000014 243 #define TEE_ALG_SM4_CBC_NOPAD 0x10000114 244 #define TEE_ALG_SM4_CTR 0x10000214 245 #define TEE_ALG_RSASSA_PKCS1_V1_5_MD5 0x70001830 246 #define TEE_ALG_RSASSA_PKCS1_V1_5_SHA1 0x70002830 247 #define TEE_ALG_RSASSA_PKCS1_V1_5_SHA224 0x70003830 248 #define TEE_ALG_RSASSA_PKCS1_V1_5_SHA256 0x70004830 249 #define TEE_ALG_RSASSA_PKCS1_V1_5_SHA384 0x70005830 250 #define TEE_ALG_RSASSA_PKCS1_V1_5_SHA512 0x70006830 251 #define TEE_ALG_RSASSA_PKCS1_V1_5_MD5SHA1 0x7000F830 252 #define TEE_ALG_RSASSA_PKCS1_V1_5_SHA3_224 0x70008830 253 #define TEE_ALG_RSASSA_PKCS1_V1_5_SHA3_256 0x70009830 254 #define TEE_ALG_RSASSA_PKCS1_V1_5_SHA3_384 0x7000A830 255 #define TEE_ALG_RSASSA_PKCS1_V1_5_SHA3_512 0x7000B830 256 #define TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1 0x70212930 257 #define TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224 0x70313930 258 #define TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256 0x70414930 259 #define TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384 0x70515930 260 #define TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512 0x70616930 261 #define TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA3_224 0x70818930 262 #define TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA3_256 0x70919930 263 #define TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA3_384 0x70A1A930 264 #define TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA3_512 0x70B1B930 265 #define TEE_ALG_RSAES_PKCS1_V1_5 0x60000130 266 #define TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1 0x60210230 267 #define TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224 0x60310230 268 #define TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256 0x60410230 269 #define TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384 0x60510230 270 #define TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512 0x60610230 271 #define TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA3_224 0x60810230 272 #define TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA3_256 0x60910230 273 #define TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA3_384 0x60A10230 274 #define TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA3_512 0x60B10230 275 #define TEE_ALG_RSA_NOPAD 0x60000030 276 #define TEE_ALG_DSA_SHA1 0x70002131 277 #define TEE_ALG_DSA_SHA224 0x70003131 278 #define TEE_ALG_DSA_SHA256 0x70004131 279 #define TEE_ALG_DSA_SHA3_224 0x70008131 280 #define TEE_ALG_DSA_SHA3_256 0x70009131 281 #define TEE_ALG_DSA_SHA3_384 0x7000A131 282 #define TEE_ALG_DSA_SHA3_512 0x7000B131 283 #define TEE_ALG_SM2_DSA_SM3 0x70006045 284 #define TEE_ALG_DH_DERIVE_SHARED_SECRET 0x80000032 285 #define TEE_ALG_SM2_KEP 0x60000045 286 #define TEE_ALG_MD5 0x50000001 287 #define TEE_ALG_SHA1 0x50000002 288 #define TEE_ALG_SHA224 0x50000003 289 #define TEE_ALG_SHA256 0x50000004 290 #define TEE_ALG_SHA384 0x50000005 291 #define TEE_ALG_SHA512 0x50000006 292 #define TEE_ALG_SHA3_224 0x50000008 293 #define TEE_ALG_SHA3_256 0x50000009 294 #define TEE_ALG_SHA3_384 0x5000000A 295 #define TEE_ALG_SHA3_512 0x5000000B 296 #define TEE_ALG_MD5SHA1 0x5000000F 297 #define TEE_ALG_HMAC_MD5 0x30000001 298 #define TEE_ALG_HMAC_SHA1 0x30000002 299 #define TEE_ALG_HMAC_SHA224 0x30000003 300 #define TEE_ALG_HMAC_SHA256 0x30000004 301 #define TEE_ALG_HMAC_SHA384 0x30000005 302 #define TEE_ALG_HMAC_SHA512 0x30000006 303 #define TEE_ALG_HMAC_SM3 0x30000007 304 #define TEE_ALG_HMAC_SHA3_224 0x30000008 305 #define TEE_ALG_HMAC_SHA3_256 0x30000009 306 #define TEE_ALG_HMAC_SHA3_384 0x3000000A 307 #define TEE_ALG_HMAC_SHA3_512 0x3000000B 308 309 /* 310 * These are used in the OP-TEE ABI, due to an inconsistency in the v1.1 311 * specification the wrong values we assumed and now we're stuck with those. 312 * 313 * In GP Internal Core API v1.1 314 * "Table 6-12: Structure of Algorithm Identifier" 315 * indicates ECDSA have the algorithm "0x41" and ECDH "0x42" 316 * whereas 317 * "Table 6-11: List of Algorithm Identifiers" defines 318 * TEE_ALG_ECDSA_P192 as 0x70001042 319 * 320 * We chose to define __OPTEE_TEE_ALG_ECDSA_P192 as 0x70001041 and so on 321 * to conform to table 6-12. 322 */ 323 #define __OPTEE_ALG_ECDSA_P192 0x70001041 324 #define __OPTEE_ALG_ECDSA_P224 0x70002041 325 #define __OPTEE_ALG_ECDSA_P256 0x70003041 326 #define __OPTEE_ALG_ECDSA_P384 0x70004041 327 #define __OPTEE_ALG_ECDSA_P521 0x70005041 328 #define __OPTEE_ALG_ECDH_P192 0x80001042 329 #define __OPTEE_ALG_ECDH_P224 0x80002042 330 #define __OPTEE_ALG_ECDH_P256 0x80003042 331 #define __OPTEE_ALG_ECDH_P384 0x80004042 332 #define __OPTEE_ALG_ECDH_P521 0x80005042 333 334 /* TEE_ALG_ECDSA_P* and TEE_ALG_ECDH_P* are deprecated */ 335 #define TEE_ALG_ECDSA_P192 TEE_ALG_ECDSA_SHA1 336 #define TEE_ALG_ECDSA_P224 TEE_ALG_ECDSA_SHA224 337 #define TEE_ALG_ECDSA_P256 TEE_ALG_ECDSA_SHA256 338 #define TEE_ALG_ECDSA_P384 TEE_ALG_ECDSA_SHA384 339 #define TEE_ALG_ECDSA_P521 TEE_ALG_ECDSA_SHA512 340 #define TEE_ALG_ECDH_P192 TEE_ALG_ECDH_DERIVE_SHARED_SECRET 341 #define TEE_ALG_ECDH_P224 TEE_ALG_ECDH_DERIVE_SHARED_SECRET 342 #define TEE_ALG_ECDH_P256 TEE_ALG_ECDH_DERIVE_SHARED_SECRET 343 #define TEE_ALG_ECDH_P384 TEE_ALG_ECDH_DERIVE_SHARED_SECRET 344 #define TEE_ALG_ECDH_P521 TEE_ALG_ECDH_DERIVE_SHARED_SECRET 345 346 #define TEE_ALG_ECDH_DERIVE_SHARED_SECRET 0x80000042 347 #define TEE_ALG_ECDSA_SHA1 0x70001042 348 #define TEE_ALG_ECDSA_SHA224 0x70002042 349 #define TEE_ALG_ECDSA_SHA256 0x70003042 350 #define TEE_ALG_ECDSA_SHA384 0x70004042 351 #define TEE_ALG_ECDSA_SHA512 0x70005042 352 #define TEE_ALG_ECDSA_SHA3_224 0x70006042 353 #define TEE_ALG_ECDSA_SHA3_256 0x70007042 354 #define TEE_ALG_ECDSA_SHA3_384 0x70008042 355 #define TEE_ALG_ECDSA_SHA3_512 0x70009042 356 357 #define TEE_ALG_ED25519 0x70006043 358 #define TEE_ALG_ED448 0x70006044 359 #define TEE_ALG_SM2_PKE 0x80000046 360 #define TEE_ALG_HKDF 0x80000047 361 #define TEE_ALG_SM3 0x50000007 362 #define TEE_ALG_X25519 0x80000044 363 #define TEE_ALG_X448 0x80000045 364 #define TEE_ALG_SM4_ECB_PKCS5 0x10000015 365 #define TEE_ALG_SM4_CBC_PKCS5 0x10000115 366 #define TEE_ALG_ILLEGAL_VALUE 0xEFFFFFFF 367 368 #define TEE_ALG_SHA3_224 0x50000008 369 #define TEE_ALG_SHA3_256 0x50000009 370 #define TEE_ALG_SHA3_384 0x5000000A 371 #define TEE_ALG_SHA3_512 0x5000000B 372 #define TEE_ALG_SHAKE128 0x50000101 373 #define TEE_ALG_SHAKE256 0x50000102 374 375 /* Object Types */ 376 377 #define TEE_TYPE_AES 0xA0000010 378 #define TEE_TYPE_DES 0xA0000011 379 #define TEE_TYPE_DES3 0xA0000013 380 #define TEE_TYPE_SM4 0xA0000014 381 #define TEE_TYPE_HMAC_MD5 0xA0000001 382 #define TEE_TYPE_HMAC_SHA1 0xA0000002 383 #define TEE_TYPE_HMAC_SHA224 0xA0000003 384 #define TEE_TYPE_HMAC_SHA256 0xA0000004 385 #define TEE_TYPE_HMAC_SHA384 0xA0000005 386 #define TEE_TYPE_HMAC_SHA512 0xA0000006 387 #define TEE_TYPE_HMAC_SM3 0xA0000007 388 #define TEE_TYPE_HMAC_SHA3_224 0xA0000008 389 #define TEE_TYPE_HMAC_SHA3_256 0xA0000009 390 #define TEE_TYPE_HMAC_SHA3_384 0xA000000A 391 #define TEE_TYPE_HMAC_SHA3_512 0xA000000B 392 #define TEE_TYPE_RSA_PUBLIC_KEY 0xA0000030 393 #define TEE_TYPE_RSA_KEYPAIR 0xA1000030 394 #define TEE_TYPE_DSA_PUBLIC_KEY 0xA0000031 395 #define TEE_TYPE_DSA_KEYPAIR 0xA1000031 396 #define TEE_TYPE_DH_KEYPAIR 0xA1000032 397 #define TEE_TYPE_ECDSA_PUBLIC_KEY 0xA0000041 398 #define TEE_TYPE_ECDSA_KEYPAIR 0xA1000041 399 #define TEE_TYPE_ECDH_PUBLIC_KEY 0xA0000042 400 #define TEE_TYPE_ECDH_KEYPAIR 0xA1000042 401 #define TEE_TYPE_ED25519_PUBLIC_KEY 0xA0000043 402 #define TEE_TYPE_ED25519_KEYPAIR 0xA1000043 403 #define TEE_TYPE_ED448_PUBLIC_KEY 0xA0000048 404 #define TEE_TYPE_ED448_KEYPAIR 0xA1000048 405 #define TEE_TYPE_X448_PUBLIC_KEY 0xA0000049 406 #define TEE_TYPE_X448_KEYPAIR 0xA1000049 407 #define TEE_TYPE_SM2_DSA_PUBLIC_KEY 0xA0000045 408 #define TEE_TYPE_SM2_DSA_KEYPAIR 0xA1000045 409 #define TEE_TYPE_SM2_KEP_PUBLIC_KEY 0xA0000046 410 #define TEE_TYPE_SM2_KEP_KEYPAIR 0xA1000046 411 #define TEE_TYPE_SM2_PKE_PUBLIC_KEY 0xA0000047 412 #define TEE_TYPE_SM2_PKE_KEYPAIR 0xA1000047 413 #define TEE_TYPE_HKDF 0xA000004A 414 #define TEE_TYPE_GENERIC_SECRET 0xA0000000 415 #define TEE_TYPE_CORRUPTED_OBJECT 0xA00000BE 416 #define TEE_TYPE_DATA 0xA00000BF 417 #define TEE_TYPE_X25519_PUBLIC_KEY 0xA0000044 418 #define TEE_TYPE_X25519_KEYPAIR 0xA1000044 419 #define TEE_TYPE_ILLEGAL_VALUE 0xEFFFFFFF 420 421 /* List of Object or Operation Attributes */ 422 423 #define TEE_ATTR_SECRET_VALUE 0xC0000000 424 #define TEE_ATTR_RSA_MODULUS 0xD0000130 425 #define TEE_ATTR_RSA_PUBLIC_EXPONENT 0xD0000230 426 #define TEE_ATTR_RSA_PRIVATE_EXPONENT 0xC0000330 427 #define TEE_ATTR_RSA_PRIME1 0xC0000430 428 #define TEE_ATTR_RSA_PRIME2 0xC0000530 429 #define TEE_ATTR_RSA_EXPONENT1 0xC0000630 430 #define TEE_ATTR_RSA_EXPONENT2 0xC0000730 431 #define TEE_ATTR_RSA_COEFFICIENT 0xC0000830 432 #define TEE_ATTR_DSA_PRIME 0xD0001031 433 #define TEE_ATTR_DSA_SUBPRIME 0xD0001131 434 #define TEE_ATTR_DSA_BASE 0xD0001231 435 #define TEE_ATTR_DSA_PUBLIC_VALUE 0xD0000131 436 #define TEE_ATTR_DSA_PRIVATE_VALUE 0xC0000231 437 #define TEE_ATTR_DH_PRIME 0xD0001032 438 #define TEE_ATTR_DH_SUBPRIME 0xD0001132 439 #define TEE_ATTR_DH_BASE 0xD0001232 440 #define TEE_ATTR_DH_X_BITS 0xF0001332 441 #define TEE_ATTR_DH_PUBLIC_VALUE 0xD0000132 442 #define TEE_ATTR_DH_PRIVATE_VALUE 0xC0000232 443 #define TEE_ATTR_RSA_OAEP_LABEL 0xD0000930 444 #define TEE_ATTR_RSA_OAEP_MGF_HASH 0xD0000931 445 #define TEE_ATTR_RSA_PSS_SALT_LENGTH 0xF0000A30 446 #define TEE_ATTR_ECC_PUBLIC_VALUE_X 0xD0000141 447 #define TEE_ATTR_ECC_PUBLIC_VALUE_Y 0xD0000241 448 #define TEE_ATTR_ECC_PRIVATE_VALUE 0xC0000341 449 #define TEE_ATTR_ECC_CURVE 0xF0000441 450 #define TEE_ATTR_SM2_ID_INITIATOR 0xD0000446 451 #define TEE_ATTR_SM2_ID_RESPONDER 0xD0000546 452 #define TEE_ATTR_SM2_KEP_USER 0xF0000646 453 #define TEE_ATTR_SM2_KEP_CONFIRMATION_IN 0xD0000746 454 #define TEE_ATTR_SM2_KEP_CONFIRMATION_OUT 0xD0000846 455 456 /* 457 * Commit 5b385b3f835d ("core: crypto: add support for SM2 KEP") defined by 458 * mistake the wrong values for these two. OP-TEE recognizes these two as 459 * alternative IDs in parallel with the correct official values when 460 * supplied as parameters when deriving a key using the TEE_ALG_SM2_KEP 461 * algorithm. 462 */ 463 #define __OPTEE_SM2_KEP_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X 0xD0000946 464 #define __OPTEE_SM2_KEP_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y 0xD0000A46 465 466 #define TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X 0xD0000146 467 #define TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y 0xD0000246 468 #define TEE_ATTR_EDDSA_CTX 0xD0000643 469 #define TEE_ATTR_ED25519_PUBLIC_VALUE 0xD0000743 470 #define TEE_ATTR_ED25519_PRIVATE_VALUE 0xC0000843 471 #define TEE_ATTR_X25519_PUBLIC_VALUE 0xD0000944 472 #define TEE_ATTR_X25519_PRIVATE_VALUE 0xC0000A44 473 #define TEE_ATTR_EDDSA_PREHASH 0xF0000004 474 #define TEE_ATTR_X448_PUBLIC_VALUE 0xD0000A45 475 #define TEE_ATTR_X448_PRIVATE_VALUE 0xC0000A46 476 #define TEE_ATTR_HKDF_SALT 0xD0000946 477 #define TEE_ATTR_HKDF_INFO 0xD0000A46 478 #define TEE_ATTR_HKDF_HASH_ALGORITHM 0xF0000B46 479 #define TEE_ATTR_KDF_KEY_SIZE 0xF0000C46 480 481 #define TEE_ATTR_FLAG_PUBLIC (1 << 28) 482 #define TEE_ATTR_FLAG_VALUE (1 << 29) 483 /* 484 * Deprecated, but kept for backwards compatibility 485 * 486 * Be careful with GPD TEE Internal API specification v1.0 where table 6-12 487 * defines BIT [28] with the right meaning whereas sections 5.4.3 and 5.4.4 488 * falsely describe a reversed bit flag value meaning. 489 */ 490 #define TEE_ATTR_BIT_PROTECTED TEE_ATTR_FLAG_PUBLIC 491 #define TEE_ATTR_BIT_VALUE TEE_ATTR_FLAG_VALUE 492 493 /* List of Supported ECC Curves */ 494 #define TEE_CRYPTO_ELEMENT_NONE 0x00000000 495 #define TEE_ECC_CURVE_NIST_P192 0x00000001 496 #define TEE_ECC_CURVE_NIST_P224 0x00000002 497 #define TEE_ECC_CURVE_NIST_P256 0x00000003 498 #define TEE_ECC_CURVE_NIST_P384 0x00000004 499 #define TEE_ECC_CURVE_NIST_P521 0x00000005 500 #define TEE_ECC_CURVE_25519 0x00000300 501 #define TEE_ECC_CURVE_SM2 0x00000400 502 503 /* Panicked Functions Identification */ 504 /* TA Interface */ 505 #define TEE_PANIC_ID_TA_CLOSESESSIONENTRYPOINT 0x00000101 506 #define TEE_PANIC_ID_TA_CREATEENTRYPOINT 0x00000102 507 #define TEE_PANIC_ID_TA_DESTROYENTRYPOINT 0x00000103 508 #define TEE_PANIC_ID_TA_INVOKECOMMANDENTRYPOINT 0x00000104 509 #define TEE_PANIC_ID_TA_OPENSESSIONENTRYPOINT 0x00000105 510 /* Property Access */ 511 #define TEE_PANIC_ID_TEE_ALLOCATEPROPERTYENUMERATOR 0x00000201 512 #define TEE_PANIC_ID_TEE_FREEPROPERTYENUMERATOR 0x00000202 513 #define TEE_PANIC_ID_TEE_GETNEXTPROPERTY 0x00000203 514 #define TEE_PANIC_ID_TEE_GETPROPERTYASBINARYBLOCK 0x00000204 515 #define TEE_PANIC_ID_TEE_GETPROPERTYASBOOL 0x00000205 516 #define TEE_PANIC_ID_TEE_GETPROPERTYASIDENTITY 0x00000206 517 #define TEE_PANIC_ID_TEE_GETPROPERTYASSTRING 0x00000207 518 #define TEE_PANIC_ID_TEE_GETPROPERTYASU32 0x00000208 519 #define TEE_PANIC_ID_TEE_GETPROPERTYASUUID 0x00000209 520 #define TEE_PANIC_ID_TEE_GETPROPERTYNAME 0x0000020A 521 #define TEE_PANIC_ID_TEE_RESETPROPERTYENUMERATOR 0x0000020B 522 #define TEE_PANIC_ID_TEE_STARTPROPERTYENUMERATOR 0x0000020C 523 /* Panic Function */ 524 #define TEE_PANIC_ID_TEE_PANIC 0x00000301 525 /* Internal Client API */ 526 #define TEE_PANIC_ID_TEE_CLOSETASESSION 0x00000401 527 #define TEE_PANIC_ID_TEE_INVOKETACOMMAND 0x00000402 528 #define TEE_PANIC_ID_TEE_OPENTASESSION 0x00000403 529 /* Cancellation */ 530 #define TEE_PANIC_ID_TEE_GETCANCELLATIONFLAG 0x00000501 531 #define TEE_PANIC_ID_TEE_MASKCANCELLATION 0x00000502 532 #define TEE_PANIC_ID_TEE_UNMASKCANCELLATION 0x00000503 533 /* Memory Management */ 534 #define TEE_PANIC_ID_TEE_CHECKMEMORYACCESSRIGHTS 0x00000601 535 #define TEE_PANIC_ID_TEE_FREE 0x00000602 536 #define TEE_PANIC_ID_TEE_GETINSTANCEDATA 0x00000603 537 #define TEE_PANIC_ID_TEE_MALLOC 0x00000604 538 #define TEE_PANIC_ID_TEE_MEMCOMPARE 0x00000605 539 #define TEE_PANIC_ID_TEE_MEMFILL 0x00000606 540 #define TEE_PANIC_ID_TEE_MEMMOVE 0x00000607 541 #define TEE_PANIC_ID_TEE_REALLOC 0x00000608 542 #define TEE_PANIC_ID_TEE_SETINSTANCEDATA 0x00000609 543 /* Generic Object */ 544 #define TEE_PANIC_ID_TEE_CLOSEOBJECT 0x00000701 545 #define TEE_PANIC_ID_TEE_GETOBJECTBUFFERATTRIBUTE 0x00000702 546 /* deprecated */ 547 #define TEE_PANIC_ID_TEE_GETOBJECTINFO 0x00000703 548 #define TEE_PANIC_ID_TEE_GETOBJECTVALUEATTRIBUTE 0x00000704 549 /* deprecated */ 550 #define TEE_PANIC_ID_TEE_RESTRICTOBJECTUSAGE 0x00000705 551 #define TEE_PANIC_ID_TEE_GETOBJECTINFO1 0x00000706 552 #define TEE_PANIC_ID_TEE_RESTRICTOBJECTUSAGE1 0x00000707 553 /* Transient Object */ 554 #define TEE_PANIC_ID_TEE_ALLOCATETRANSIENTOBJECT 0x00000801 555 /* deprecated */ 556 #define TEE_PANIC_ID_TEE_COPYOBJECTATTRIBUTES 0x00000802 557 #define TEE_PANIC_ID_TEE_FREETRANSIENTOBJECT 0x00000803 558 #define TEE_PANIC_ID_TEE_GENERATEKEY 0x00000804 559 #define TEE_PANIC_ID_TEE_INITREFATTRIBUTE 0x00000805 560 #define TEE_PANIC_ID_TEE_INITVALUEATTRIBUTE 0x00000806 561 #define TEE_PANIC_ID_TEE_POPULATETRANSIENTOBJECT 0x00000807 562 #define TEE_PANIC_ID_TEE_RESETTRANSIENTOBJECT 0x00000808 563 #define TEE_PANIC_ID_TEE_COPYOBJECTATTRIBUTES1 0x00000809 564 /* Persistent Object */ 565 /* deprecated */ 566 #define TEE_PANIC_ID_TEE_CLOSEANDDELETEPERSISTENTOBJECT 0x00000901 567 #define TEE_PANIC_ID_TEE_CREATEPERSISTENTOBJECT 0x00000902 568 #define TEE_PANIC_ID_TEE_OPENPERSISTENTOBJECT 0x00000903 569 #define TEE_PANIC_ID_TEE_RENAMEPERSISTENTOBJECT 0x00000904 570 #define TEE_PANIC_ID_TEE_CLOSEANDDELETEPERSISTENTOBJECT1 0x00000905 571 /* Persistent Object Enumeration */ 572 #define TEE_PANIC_ID_TEE_ALLOCATEPERSISTENTOBJECTENUMERATOR 0x00000A01 573 #define TEE_PANIC_ID_TEE_FREEPERSISTENTOBJECTENUMERATOR 0x00000A02 574 #define TEE_PANIC_ID_TEE_GETNEXTPERSISTENTOBJECT 0x00000A03 575 #define TEE_PANIC_ID_TEE_RESETPERSISTENTOBJECTENUMERATOR 0x00000A04 576 #define TEE_PANIC_ID_TEE_STARTPERSISTENTOBJECTENUMERATOR 0x00000A05 577 /* Data Stream Access */ 578 #define TEE_PANIC_ID_TEE_READOBJECTDATA 0x00000B01 579 #define TEE_PANIC_ID_TEE_SEEKOBJECTDATA 0x00000B02 580 #define TEE_PANIC_ID_TEE_TRUNCATEOBJECTDATA 0x00000B03 581 #define TEE_PANIC_ID_TEE_WRITEOBJECTDATA 0x00000B04 582 /* Generic Operation */ 583 #define TEE_PANIC_ID_TEE_ALLOCATEOPERATION 0x00000C01 584 #define TEE_PANIC_ID_TEE_COPYOPERATION 0x00000C02 585 #define TEE_PANIC_ID_TEE_FREEOPERATION 0x00000C03 586 #define TEE_PANIC_ID_TEE_GETOPERATIONINFO 0x00000C04 587 #define TEE_PANIC_ID_TEE_RESETOPERATION 0x00000C05 588 #define TEE_PANIC_ID_TEE_SETOPERATIONKEY 0x00000C06 589 #define TEE_PANIC_ID_TEE_SETOPERATIONKEY2 0x00000C07 590 #define TEE_PANIC_ID_TEE_GETOPERATIONINFOMULTIPLE 0x00000C08 591 /* Message Digest */ 592 #define TEE_PANIC_ID_TEE_DIGESTDOFINAL 0x00000D01 593 #define TEE_PANIC_ID_TEE_DIGESTUPDATE 0x00000D02 594 /* Symmetric Cipher */ 595 #define TEE_PANIC_ID_TEE_CIPHERDOFINAL 0x00000E01 596 #define TEE_PANIC_ID_TEE_CIPHERINIT 0x00000E02 597 #define TEE_PANIC_ID_TEE_CIPHERUPDATE 0x00000E03 598 /* MAC */ 599 #define TEE_PANIC_ID_TEE_MACCOMPAREFINAL 0x00000F01 600 #define TEE_PANIC_ID_TEE_MACCOMPUTEFINAL 0x00000F02 601 #define TEE_PANIC_ID_TEE_MACINIT 0x00000F03 602 #define TEE_PANIC_ID_TEE_MACUPDATE 0x00000F04 603 /* Authenticated Encryption */ 604 #define TEE_PANIC_ID_TEE_AEDECRYPTFINAL 0x00001001 605 #define TEE_PANIC_ID_TEE_AEENCRYPTFINAL 0x00001002 606 #define TEE_PANIC_ID_TEE_AEINIT 0x00001003 607 #define TEE_PANIC_ID_TEE_AEUPDATE 0x00001004 608 #define TEE_PANIC_ID_TEE_AEUPDATEAAD 0x00001005 609 /* Asymmetric */ 610 #define TEE_PANIC_ID_TEE_ASYMMETRICDECRYPT 0x00001101 611 #define TEE_PANIC_ID_TEE_ASYMMETRICENCRYPT 0x00001102 612 #define TEE_PANIC_ID_TEE_ASYMMETRICSIGNDIGEST 0x00001103 613 #define TEE_PANIC_ID_TEE_ASYMMETRICVERIFYDIGEST 0x00001104 614 /* Key Derivation */ 615 #define TEE_PANIC_ID_TEE_DERIVEKEY 0x00001201 616 /* Random Data Generation */ 617 #define TEE_PANIC_ID_TEE_GENERATERANDOM 0x00001301 618 /* Time */ 619 #define TEE_PANIC_ID_TEE_GETREETIME 0x00001401 620 #define TEE_PANIC_ID_TEE_GETSYSTEMTIME 0x00001402 621 #define TEE_PANIC_ID_TEE_GETTAPERSISTENTTIME 0x00001403 622 #define TEE_PANIC_ID_TEE_SETTAPERSISTENTTIME 0x00001404 623 #define TEE_PANIC_ID_TEE_WAIT 0x00001405 624 /* Memory Allocation and Size of Objects */ 625 #define TEE_PANIC_ID_TEE_BIGINTFMMCONTEXTSIZEINU32 0x00001501 626 #define TEE_PANIC_ID_TEE_BIGINTFMMSIZEINU32 0x00001502 627 /* Initialization */ 628 #define TEE_PANIC_ID_TEE_BIGINTINIT 0x00001601 629 #define TEE_PANIC_ID_TEE_BIGINTINITFMM 0x00001602 630 #define TEE_PANIC_ID_TEE_BIGINTINITFMMCONTEXT 0x00001603 631 /* Converter */ 632 #define TEE_PANIC_ID_TEE_BIGINTCONVERTFROMOCTETSTRING 0x00001701 633 #define TEE_PANIC_ID_TEE_BIGINTCONVERTFROMS32 0x00001702 634 #define TEE_PANIC_ID_TEE_BIGINTCONVERTTOOCTETSTRING 0x00001703 635 #define TEE_PANIC_ID_TEE_BIGINTCONVERTTOS32 0x00001704 636 /* Logical Operation */ 637 #define TEE_PANIC_ID_TEE_BIGINTCMP 0x00001801 638 #define TEE_PANIC_ID_TEE_BIGINTCMPS32 0x00001802 639 #define TEE_PANIC_ID_TEE_BIGINTGETBIT 0x00001803 640 #define TEE_PANIC_ID_TEE_BIGINTGETBITCOUNT 0x00001804 641 #define TEE_PANIC_ID_TEE_BIGINTSHIFTRIGHT 0x00001805 642 /* Basic Arithmetic */ 643 #define TEE_PANIC_ID_TEE_BIGINTADD 0x00001901 644 #define TEE_PANIC_ID_TEE_BIGINTDIV 0x00001902 645 #define TEE_PANIC_ID_TEE_BIGINTMUL 0x00001903 646 #define TEE_PANIC_ID_TEE_BIGINTNEG 0x00001904 647 #define TEE_PANIC_ID_TEE_BIGINTSQUARE 0x00001905 648 #define TEE_PANIC_ID_TEE_BIGINTSUB 0x00001906 649 /* Modular Arithmetic */ 650 #define TEE_PANIC_ID_TEE_BIGINTADDMOD 0x00001A01 651 #define TEE_PANIC_ID_TEE_BIGINTINVMOD 0x00001A02 652 #define TEE_PANIC_ID_TEE_BIGINTMOD 0x00001A03 653 #define TEE_PANIC_ID_TEE_BIGINTMULMOD 0x00001A04 654 #define TEE_PANIC_ID_TEE_BIGINTSQUAREMOD 0x00001A05 655 #define TEE_PANIC_ID_TEE_BIGINTSUBMOD 0x00001A06 656 /* Other Arithmetic */ 657 #define TEE_PANIC_ID_TEE_BIGINTCOMPUTEEXTENDEDGCD 0x00001B01 658 #define TEE_PANIC_ID_TEE_BIGINTISPROBABLEPRIME 0x00001B02 659 #define TEE_PANIC_ID_TEE_BIGINTRELATIVEPRIME 0x00001B03 660 /* Fast Modular Multiplication */ 661 #define TEE_PANIC_ID_TEE_BIGINTCOMPUTEFMM 0x00001C01 662 #define TEE_PANIC_ID_TEE_BIGINTCONVERTFROMFMM 0x00001C02 663 #define TEE_PANIC_ID_TEE_BIGINTCONVERTTOFMM 0x00001C03 664 665 /* 666 * The macro TEE_PARAM_TYPES can be used to construct a value that you can 667 * compare against an incoming paramTypes to check the type of all the 668 * parameters in one comparison, like in the following example: 669 * if (paramTypes != TEE_PARAM_TYPES(TEE_PARAM_TYPE_MEMREF_INPUT, 670 * TEE_PARAM_TYPE_MEMREF_OUPUT, 671 * TEE_PARAM_TYPE_NONE, TEE_PARAM_TYPE_NONE)) { 672 * return TEE_ERROR_BAD_PARAMETERS; 673 * } 674 */ 675 #define TEE_PARAM_TYPES(t0,t1,t2,t3) \ 676 ((t0) | ((t1) << 4) | ((t2) << 8) | ((t3) << 12)) 677 678 /* 679 * The macro TEE_PARAM_TYPE_GET can be used to extract the type of a given 680 * parameter from paramTypes if you need more fine-grained type checking. 681 */ 682 #define TEE_PARAM_TYPE_GET(t, i) ((((uint32_t)t) >> ((i)*4)) & 0xF) 683 684 /* 685 * The macro TEE_PARAM_TYPE_SET can be used to load the type of a given 686 * parameter from paramTypes without specifying all types (TEE_PARAM_TYPES) 687 */ 688 #define TEE_PARAM_TYPE_SET(t, i) (((uint32_t)(t) & 0xF) << ((i)*4)) 689 690 /* Not specified in the standard */ 691 #define TEE_NUM_PARAMS 4 692 693 /* TEE Arithmetical APIs */ 694 695 #define TEE_BigIntSizeInU32(n) ((((n)+31)/32)+2) 696 697 #endif /* TEE_API_DEFINES_H */ 698