diff options
| author | Bryan Buckley <bryan.buckley@ti.com> | 2011-10-19 19:12:18 -0500 |
|---|---|---|
| committer | Jeffrey Tinker <jtinker@google.com> | 2011-10-20 13:33:52 -0700 |
| commit | 1d03b509dd304ff330aeda3d419e131febc5712a (patch) | |
| tree | 7c480f1a2fe504917e938baf6f9474a93adf679f /security/tf_sdk | |
| parent | bf4beebf2cea4ba090fa2ebe2ee4c67a848a826a (diff) | |
| download | hardware_ti_omap4-1d03b509dd304ff330aeda3d419e131febc5712a.zip hardware_ti_omap4-1d03b509dd304ff330aeda3d419e131febc5712a.tar.gz hardware_ti_omap4-1d03b509dd304ff330aeda3d419e131febc5712a.tar.bz2 | |
SMC: Initial release of smc_pa_strl, tf_daemon
These userspace components are used to load secure services in the normal
(non-secure) world. The SMC kernel driver is required to use these binaries.
Secure services enable certain security features such as
hardware-accelerated crypto, secure storage, drm, and much more.
Author: "Trusted Logic <smc_support@trusted-logic.com>." Gerrit refuses to
accept.
Change-Id: Ie81604d3fee31abc319643401c3cc66888f9f848
Signed-off-by: Bryan Buckley <bryan.buckley@ti.com>
Signed-off-by: Trusted Logic <smc_support@trusted-logic.com>
Diffstat (limited to 'security/tf_sdk')
| -rw-r--r-- | security/tf_sdk/include/cryptoki.h | 54 | ||||
| -rw-r--r-- | security/tf_sdk/include/mtc.h | 97 | ||||
| -rw-r--r-- | security/tf_sdk/include/pkcs11.h | 595 | ||||
| -rw-r--r-- | security/tf_sdk/include/s_error.h | 321 | ||||
| -rw-r--r-- | security/tf_sdk/include/s_type.h | 146 | ||||
| -rw-r--r-- | security/tf_sdk/include/sst.h | 172 | ||||
| -rw-r--r-- | security/tf_sdk/include/tee_client_api.h | 184 | ||||
| -rw-r--r-- | security/tf_sdk/include/tee_client_api_ex.h | 105 | ||||
| -rw-r--r-- | security/tf_sdk/include/tee_client_api_imp.h | 78 |
9 files changed, 1752 insertions, 0 deletions
diff --git a/security/tf_sdk/include/cryptoki.h b/security/tf_sdk/include/cryptoki.h new file mode 100644 index 0000000..41a66ec --- /dev/null +++ b/security/tf_sdk/include/cryptoki.h @@ -0,0 +1,54 @@ +/**
+ * Copyright(c) 2011 Trusted Logic. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name Trusted Logic nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifndef __CRYPTOKI_H__
+#define __CRYPTOKI_H__
+
+#include "s_type.h"
+
+/* Define CRYPTOKI_EXPORTS during the build of cryptoki libraries. Do
+ * not define it in applications.
+ */
+#ifdef CRYPTOKI_EXPORTS
+#define PKCS11_EXPORT S_DLL_EXPORT
+#else
+#define PKCS11_EXPORT S_DLL_IMPORT
+#endif
+
+#define CKV_TOKEN_SYSTEM 0x00000001
+#define CKV_TOKEN_SYSTEM_SHARED 0x00000000
+#define CKV_TOKEN_USER 0x00004004
+#define CKV_TOKEN_USER_SHARED 0x00004012
+
+#define CKV_TOKEN_SYSTEM_GROUP(gid) (0x00010000 | (gid))
+#define CKV_TOKEN_USER_GROUP(gid) (0x00020000 | (gid))
+
+#include "pkcs11.h"
+
+#endif /* __CRYPTOKI_H__ */
diff --git a/security/tf_sdk/include/mtc.h b/security/tf_sdk/include/mtc.h new file mode 100644 index 0000000..ed828b3 --- /dev/null +++ b/security/tf_sdk/include/mtc.h @@ -0,0 +1,97 @@ +/**
+ * Copyright(c) 2011 Trusted Logic. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name Trusted Logic nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef ___MTC_H_INC___
+#define ___MTC_H_INC___
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*------------------------------------------------------------------------------
+ includes
+------------------------------------------------------------------------------*/
+#include "s_type.h"
+#include "s_error.h"
+
+/* Define MTC_EXPORTS during the build of mtc libraries. Do
+ * not define it in applications.
+ */
+
+#ifdef MTC_EXPORTS
+#define MTC_EXPORT S_DLL_EXPORT
+#else
+#define MTC_EXPORT S_DLL_IMPORT
+#endif
+
+/*------------------------------------------------------------------------------
+ typedefs
+------------------------------------------------------------------------------*/
+
+typedef struct
+{
+ uint32_t nLow;
+ uint32_t nHigh;
+}
+S_MONOTONIC_COUNTER_VALUE;
+
+/*------------------------------------------------------------------------------
+ defines
+------------------------------------------------------------------------------*/
+
+#define S_MONOTONIC_COUNTER_GLOBAL 0x00000000
+
+/*------------------------------------------------------------------------------
+ API
+------------------------------------------------------------------------------*/
+
+S_RESULT MTC_EXPORT SMonotonicCounterInit(void);
+
+void MTC_EXPORT SMonotonicCounterTerminate(void);
+
+S_RESULT MTC_EXPORT SMonotonicCounterOpen(
+ uint32_t nCounterIdentifier,
+ S_HANDLE* phCounter);
+
+void MTC_EXPORT SMonotonicCounterClose(S_HANDLE hCounter);
+
+S_RESULT MTC_EXPORT SMonotonicCounterGet(
+ S_HANDLE hCounter,
+ S_MONOTONIC_COUNTER_VALUE* psCurrentValue);
+
+S_RESULT MTC_EXPORT SMonotonicCounterIncrement(
+ S_HANDLE hCounter,
+ S_MONOTONIC_COUNTER_VALUE* psNewValue);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /*___MTC_H_INC___*/
diff --git a/security/tf_sdk/include/pkcs11.h b/security/tf_sdk/include/pkcs11.h new file mode 100644 index 0000000..8f28917 --- /dev/null +++ b/security/tf_sdk/include/pkcs11.h @@ -0,0 +1,595 @@ +/**
+ * Copyright(c) 2011 Trusted Logic. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name Trusted Logic nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */ + +/* + * This header file contains the definition of the PKCS#11 types and functions + * supported by the Trusted Foundations Software. This header file is + * derived from the RSA Security Inc. PKCS #11 Cryptographic Token Interface + * (Cryptoki) + */ +#ifndef __PKCS11_H__ +#define __PKCS11_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +/*------------------------------------------ +* Types and constants +*------------------------------------------*/ + +#include "s_type.h" + +#define CK_TRUE true +#define CK_FALSE false + +#ifndef FALSE +#define FALSE CK_FALSE +#endif + +#ifndef TRUE +#define TRUE CK_TRUE +#endif + +#define NULL_PTR NULL + +typedef uint8_t CK_BYTE, *CK_BYTE_PTR; +typedef CK_BYTE CK_CHAR, *CK_CHAR_PTR; +typedef CK_BYTE CK_UTF8CHAR, *CK_UTF8CHAR_PTR; +typedef bool CK_BBOOL; +typedef uint32_t CK_ULONG, *CK_ULONG_PTR; +typedef int32_t CK_LONG; +typedef CK_ULONG CK_FLAGS; +typedef void* CK_VOID_PTR, *CK_VOID_PTR_PTR; + +#define CK_INVALID_HANDLE 0 + +typedef struct CK_VERSION +{ + CK_BYTE major; + CK_BYTE minor; +} +CK_VERSION, *CK_VERSION_PTR; + +typedef struct CK_INFO +{ + CK_VERSION cryptokiVersion; + CK_UTF8CHAR manufacturerID[32]; + CK_FLAGS flags; + CK_UTF8CHAR libraryDescription[32]; + CK_VERSION libraryVersion; +} +CK_INFO, *CK_INFO_PTR; + +typedef CK_ULONG CK_NOTIFICATION; +typedef CK_ULONG CK_SLOT_ID, *CK_SLOT_ID_PTR; +typedef CK_ULONG CK_SESSION_HANDLE, *CK_SESSION_HANDLE_PTR; + +typedef CK_ULONG CK_USER_TYPE; +#define CKU_SO 0 +#define CKU_USER 1 +#define CKU_CONTEXT_SPECIFIC 2 + +typedef CK_ULONG CK_STATE; +#define CKS_RO_PUBLIC_SESSION 0 +#define CKS_RO_USER_FUNCTIONS 1 +#define CKS_RW_PUBLIC_SESSION 2 +#define CKS_RW_USER_FUNCTIONS 3 +#define CKS_RW_SO_FUNCTIONS 4 + +typedef struct CK_SESSION_INFO +{ + CK_SLOT_ID slotID; + CK_STATE state; + CK_FLAGS flags; + CK_ULONG ulDeviceError; +} +CK_SESSION_INFO, *CK_SESSION_INFO_PTR; + +#define CKF_RW_SESSION 0x00000002 +#define CKF_SERIAL_SESSION 0x00000004 +#define CKVF_OPEN_SUB_SESSION 0x00000008 + +typedef CK_ULONG CK_OBJECT_HANDLE, *CK_OBJECT_HANDLE_PTR; + +typedef CK_ULONG CK_OBJECT_CLASS, *CK_OBJECT_CLASS_PTR; + +#define CKO_DATA 0x00000000 +#define CKO_PUBLIC_KEY 0x00000002 +#define CKO_PRIVATE_KEY 0x00000003 +#define CKO_SECRET_KEY 0x00000004 + +typedef CK_ULONG CK_KEY_TYPE; + +#define CKK_RSA 0x00000000 +#define CKK_DSA 0x00000001 +#define CKK_DH 0x00000002 +#define CKK_EC 0x00000003 + +#define CKK_GENERIC_SECRET 0x00000010 + +#define CKK_RC4 0x00000012 +#define CKK_DES 0x00000013 +#define CKK_DES2 0x00000014 +#define CKK_DES3 0x00000015 + +#define CKK_AES 0x0000001F + +#define CKK_VENDOR_DEFINED 0x80000000 + +typedef CK_ULONG CK_ATTRIBUTE_TYPE; + +#define CKF_ARRAY_ATTRIBUTE 0x40000000 + +#define CKA_CLASS 0x00000000 +#define CKA_TOKEN 0x00000001 +#define CKA_PRIVATE 0x00000002 +#define CKA_VALUE 0x00000011 + +#define CKA_OBJECT_ID 0x00000012 + +#define CKA_KEY_TYPE 0x00000100 +#define CKA_ID 0x00000102 +#define CKA_SENSITIVE 0x00000103 +#define CKA_ENCRYPT 0x00000104 +#define CKA_DECRYPT 0x00000105 +#define CKA_WRAP 0x00000106 +#define CKA_UNWRAP 0x00000107 +#define CKA_SIGN 0x00000108 +#define CKA_VERIFY 0x0000010A +#define CKA_DERIVE 0x0000010C +#define CKA_MODULUS 0x00000120 +#define CKA_MODULUS_BITS 0x00000121 +#define CKA_PUBLIC_EXPONENT 0x00000122 +#define CKA_PRIVATE_EXPONENT 0x00000123 +#define CKA_PRIME_1 0x00000124 +#define CKA_PRIME_2 0x00000125 +#define CKA_EXPONENT_1 0x00000126 +#define CKA_EXPONENT_2 0x00000127 +#define CKA_COEFFICIENT 0x00000128 +#define CKA_PRIME 0x00000130 +#define CKA_SUBPRIME 0x00000131 +#define CKA_BASE 0x00000132 + +#define CKA_VALUE_BITS 0x00000160 +#define CKA_VALUE_LEN 0x00000161 + +#define CKA_EXTRACTABLE 0x00000162 + +#define CKA_MODIFIABLE 0x00000170 +#define CKA_COPYABLE 0x00000171 +#define CKA_ALWAYS_AUTHENTICATE 0x00000202 + +#define CKA_VENDOR_DEFINED 0x80000000 + +#define CKAV_ALLOW_NON_SENSITIVE_DERIVED_KEY 0x80000001 + +typedef struct CK_ATTRIBUTE +{ + CK_ATTRIBUTE_TYPE type; + void* pValue; + CK_ULONG ulValueLen; +} +CK_ATTRIBUTE, *CK_ATTRIBUTE_PTR; + +typedef CK_ULONG CK_MECHANISM_TYPE, *CK_MECHANISM_TYPE_PTR; + +#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000 +#define CKM_RSA_PKCS 0x00000001 +#define CKM_RSA_X_509 0x00000003 +#define CKM_MD5_RSA_PKCS 0x00000005 +#define CKM_SHA1_RSA_PKCS 0x00000006 +#define CKM_RSA_PKCS_OAEP 0x00000009 +#define CKM_RSA_PKCS_PSS 0x0000000D +#define CKM_SHA1_RSA_PKCS_PSS 0x0000000E +#define CKM_DSA_KEY_PAIR_GEN 0x00000010 +#define CKM_DSA 0x00000011 +#define CKM_DSA_SHA1 0x00000012 +#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020 +#define CKM_DH_PKCS_DERIVE 0x00000021 +#define CKM_SHA256_RSA_PKCS 0x00000040 +#define CKM_SHA384_RSA_PKCS 0x00000041 +#define CKM_SHA512_RSA_PKCS 0x00000042 +#define CKM_SHA256_RSA_PKCS_PSS 0x00000043 +#define CKM_SHA384_RSA_PKCS_PSS 0x00000044 +#define CKM_SHA512_RSA_PKCS_PSS 0x00000045 +#define CKM_SHA224_RSA_PKCS 0x00000046 +#define CKM_SHA224_RSA_PKCS_PSS 0x00000047 +#define CKM_RC4_KEY_GEN 0x00000110 +#define CKM_RC4 0x00000111 +#define CKM_DES_KEY_GEN 0x00000120 +#define CKM_DES_ECB 0x00000121 +#define CKM_DES_CBC 0x00000122 +#define CKM_DES_MAC 0x00000123 +#define CKM_DES2_KEY_GEN 0x00000130 +#define CKM_DES3_KEY_GEN 0x00000131 +#define CKM_DES3_ECB 0x00000132 +#define CKM_DES3_CBC 0x00000133 +#define CKM_DES3_MAC 0x00000134 +#define CKM_MD5 0x00000210 +#define CKM_MD5_HMAC 0x00000211 +#define CKM_SHA_1 0x00000220 +#define CKM_SHA_1_HMAC 0x00000221 +#define CKM_SHA256 0x00000250 +#define CKM_SHA256_HMAC 0x00000251 +#define CKM_SHA224 0x00000255 +#define CKM_SHA224_HMAC 0x00000256 +#define CKM_SHA384 0x00000260 +#define CKM_SHA384_HMAC 0x00000261 +#define CKM_SHA512 0x00000270 +#define CKM_SHA512_HMAC 0x00000271 +#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350 +#define CKM_AES_KEY_GEN 0x00001080 +#define CKM_AES_ECB 0x00001081 +#define CKM_AES_CBC 0x00001082 +#define CKM_AES_MAC 0x00001083 +#define CKM_AES_CTR 0x00001086 +#define CKM_VENDOR_DEFINED 0x80000000 +#define CKMV_AES_CTR 0x80000001 + +#define CKMV_IMPLEMENTATION_DEFINED_0 0xC0000000 +#define CKMV_IMPLEMENTATION_DEFINED_1 0xC0000001 +#define CKMV_IMPLEMENTATION_DEFINED_2 0xC0000002 +#define CKMV_IMPLEMENTATION_DEFINED_3 0xC0000003 +#define CKMV_IMPLEMENTATION_DEFINED_4 0xC0000004 +#define CKMV_IMPLEMENTATION_DEFINED_5 0xC0000005 +#define CKMV_IMPLEMENTATION_DEFINED_6 0xC0000006 +#define CKMV_IMPLEMENTATION_DEFINED_7 0xC0000007 +#define CKMV_IMPLEMENTATION_DEFINED_8 0xC0000008 +#define CKMV_IMPLEMENTATION_DEFINED_9 0xC0000009 +#define CKMV_IMPLEMENTATION_DEFINED_10 0xC000000A +#define CKMV_IMPLEMENTATION_DEFINED_11 0xC000000B +#define CKMV_IMPLEMENTATION_DEFINED_12 0xC000000C +#define CKMV_IMPLEMENTATION_DEFINED_13 0xC000000D +#define CKMV_IMPLEMENTATION_DEFINED_14 0xC000000E +#define CKMV_IMPLEMENTATION_DEFINED_15 0xC000000F + +typedef struct CK_MECHANISM +{ + CK_MECHANISM_TYPE mechanism; + void* pParameter; + CK_ULONG ulParameterLen; /* in bytes */ +} +CK_MECHANISM, *CK_MECHANISM_PTR; + +typedef CK_ULONG CK_RV; + +#define CKR_OK 0x00000000 +#define CKR_CANCEL 0x00000001 +#define CKR_HOST_MEMORY 0x00000002 +#define CKR_SLOT_ID_INVALID 0x00000003 +#define CKR_GENERAL_ERROR 0x00000005 +#define CKR_ARGUMENTS_BAD 0x00000007 +#define CKR_ATTRIBUTE_SENSITIVE 0x00000011 +#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012 +#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013 +#define CKR_COPY_PROHIBITED 0x0000001A +#define CKR_DATA_INVALID 0x00000020 +#define CKR_DATA_LEN_RANGE 0x00000021 +#define CKR_DEVICE_ERROR 0x00000030 +#define CKR_DEVICE_MEMORY 0x00000031 +#define CKR_ENCRYPTED_DATA_INVALID 0x00000040 +#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041 +#define CKR_KEY_HANDLE_INVALID 0x00000060 +#define CKR_KEY_SIZE_RANGE 0x00000062 +#define CKR_KEY_TYPE_INCONSISTENT 0x00000063 +#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068 +#define CKR_KEY_NOT_WRAPPABLE 0x00000069 +#define CKR_MECHANISM_INVALID 0x00000070 +#define CKR_MECHANISM_PARAM_INVALID 0x00000071 +#define CKR_OBJECT_HANDLE_INVALID 0x00000082 +#define CKR_OPERATION_ACTIVE 0x00000090 +#define CKR_OPERATION_NOT_INITIALIZED 0x00000091 +#define CKR_PIN_INCORRECT 0x000000A0 +#define CKR_SESSION_COUNT 0x000000B1 +#define CKR_SESSION_HANDLE_INVALID 0x000000B3 +#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4 +#define CKR_SESSION_READ_ONLY 0x000000B5 +#define CKR_SIGNATURE_INVALID 0x000000C0 +#define CKR_SIGNATURE_LEN_RANGE 0x000000C1 +#define CKR_TEMPLATE_INCOMPLETE 0x000000D0 +#define CKR_TEMPLATE_INCONSISTENT 0x000000D1 +#define CKR_TOKEN_NOT_PRESENT 0x000000E0 +#define CKR_USER_ALREADY_LOGGED_IN 0x00000100 +#define CKR_USER_NOT_LOGGED_IN 0x00000101 +#define CKR_USER_TYPE_INVALID 0x00000103 +#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112 +#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113 +#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120 +#define CKR_RANDOM_NO_RNG 0x00000121 +#define CKR_BUFFER_TOO_SMALL 0x00000150 +#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190 +#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191 +#define CKR_VENDOR_DEFINED 0x80000000 + +typedef CK_RV (*CK_NOTIFY)( + CK_SESSION_HANDLE hSession, + CK_NOTIFICATION event, + void* pApplication +); + +typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE, *CK_RSA_PKCS_MGF_TYPE_PTR; + +#define CKG_MGF1_SHA1 0x00000001 +#define CKG_MGF1_SHA256 0x00000002 +#define CKG_MGF1_SHA384 0x00000003 +#define CKG_MGF1_SHA512 0x00000004 +#define CKG_MGF1_SHA224 0x00000005 + +typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE, *CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR; + +#define CKZ_DATA_SPECIFIED 0x00000001 +typedef struct CK_RSA_PKCS_OAEP_PARAMS +{ + CK_MECHANISM_TYPE hashAlg; + CK_RSA_PKCS_MGF_TYPE mgf; + CK_RSA_PKCS_OAEP_SOURCE_TYPE source; + void* pSourceData; + CK_ULONG ulSourceDataLen; +} +CK_RSA_PKCS_OAEP_PARAMS, *CK_RSA_PKCS_OAEP_PARAMS_PTR; + +typedef struct CK_RSA_PKCS_PSS_PARAMS +{ + CK_MECHANISM_TYPE hashAlg; + CK_RSA_PKCS_MGF_TYPE mgf; + CK_ULONG sLen; +} +CK_RSA_PKCS_PSS_PARAMS, *CK_RSA_PKCS_PSS_PARAMS_PTR; + +typedef struct CK_AES_CTR_PARAMS +{ + CK_ULONG ulCounterBits; + CK_BYTE cb[16]; +} +CK_AES_CTR_PARAMS, *CK_AES_CTR_PARAMS_PTR; + +/*------------------------------------------ +* Functions +*------------------------------------------*/ +CK_RV PKCS11_EXPORT C_Initialize(void* pInitArgs); + +CK_RV PKCS11_EXPORT C_Finalize(void* pReserved); + +CK_RV PKCS11_EXPORT C_GetInfo(CK_INFO* pInfo); + +CK_RV PKCS11_EXPORT C_OpenSession( + CK_SLOT_ID slotID, + CK_FLAGS flags, + void* pApplication, + CK_NOTIFY Notify, + CK_SESSION_HANDLE* phSession); + +CK_RV PKCS11_EXPORT C_CloseSession( + CK_SESSION_HANDLE hSession); + +CK_RV PKCS11_EXPORT C_Login( + CK_SESSION_HANDLE hSession, + CK_USER_TYPE userType, + const CK_UTF8CHAR* pPin, + CK_ULONG ulPinLen); + +CK_RV PKCS11_EXPORT C_Logout( + CK_SESSION_HANDLE hSession); + +CK_RV PKCS11_EXPORT C_CreateObject( + CK_SESSION_HANDLE hSession, + const CK_ATTRIBUTE* pTemplate, + CK_ULONG ulCount, + CK_OBJECT_HANDLE* phObject); + +CK_RV PKCS11_EXPORT C_DestroyObject( + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject); + +CK_RV PKCS11_EXPORT C_GetAttributeValue( + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject, + CK_ATTRIBUTE* pTemplate, + CK_ULONG ulCount); + +CK_RV PKCS11_EXPORT C_FindObjectsInit( + CK_SESSION_HANDLE hSession, + const CK_ATTRIBUTE* pTemplate, + CK_ULONG ulCount); + +CK_RV PKCS11_EXPORT C_FindObjects( + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE* phObject, + CK_ULONG ulMaxObjectCount, + CK_ULONG* pulObjectCount); + +CK_RV PKCS11_EXPORT C_FindObjectsFinal( + CK_SESSION_HANDLE hSession); + +CK_RV PKCS11_EXPORT C_EncryptInit( + CK_SESSION_HANDLE hSession, + const CK_MECHANISM* pMechanism, + CK_OBJECT_HANDLE hKey); + +CK_RV PKCS11_EXPORT C_Encrypt( + CK_SESSION_HANDLE hSession, + const CK_BYTE* pData, + CK_ULONG ulDataLen, + CK_BYTE* pEncryptedData, + CK_ULONG* pulEncryptedDataLen); + +CK_RV PKCS11_EXPORT C_EncryptUpdate( + CK_SESSION_HANDLE hSession, + const CK_BYTE* pPart, + CK_ULONG ulPartLen, + CK_BYTE* pEncryptedPart, + CK_ULONG* pulEncryptedPartLen); + +CK_RV PKCS11_EXPORT C_EncryptFinal( + CK_SESSION_HANDLE hSession, + CK_BYTE* pLastEncryptedPart, + CK_ULONG* pulLastEncryptedPartLen); + +CK_RV PKCS11_EXPORT C_DecryptInit( + CK_SESSION_HANDLE hSession, + const CK_MECHANISM* pMechanism, + CK_OBJECT_HANDLE hKey); + +CK_RV PKCS11_EXPORT C_Decrypt( + CK_SESSION_HANDLE hSession, + const CK_BYTE* pEncryptedData, + CK_ULONG ulEncryptedDataLen, + CK_BYTE* pData, + CK_ULONG* pulDataLen); + +CK_RV PKCS11_EXPORT C_DecryptUpdate( + CK_SESSION_HANDLE hSession, + const CK_BYTE* pEncryptedPart, + CK_ULONG ulEncryptedPartLen, + CK_BYTE* pPart, + CK_ULONG* pulPartLen); + +CK_RV PKCS11_EXPORT C_DecryptFinal( + CK_SESSION_HANDLE hSession, + CK_BYTE* pLastPart, + CK_ULONG* pulLastPartLen); + +CK_RV PKCS11_EXPORT C_DigestInit( + CK_SESSION_HANDLE hSession, + const CK_MECHANISM* pMechanism); + +CK_RV PKCS11_EXPORT C_Digest( + CK_SESSION_HANDLE hSession, + const CK_BYTE* pData, + CK_ULONG ulDataLen, + CK_BYTE* pDigest, + CK_ULONG* pulDigestLen); + +CK_RV PKCS11_EXPORT C_DigestUpdate( + CK_SESSION_HANDLE hSession, + const CK_BYTE* pPart, + CK_ULONG ulPartLen); + +CK_RV PKCS11_EXPORT C_DigestFinal( + CK_SESSION_HANDLE hSession, + CK_BYTE* pDigest, + CK_ULONG* pulDigestLen); + +CK_RV PKCS11_EXPORT C_SignInit( + CK_SESSION_HANDLE hSession, + const CK_MECHANISM* pMechanism, + CK_OBJECT_HANDLE hKey); + +CK_RV PKCS11_EXPORT C_Sign( + CK_SESSION_HANDLE hSession, + const CK_BYTE* pData, + CK_ULONG ulDataLen, + CK_BYTE* pSignature, + CK_ULONG* pulSignatureLen); + +CK_RV PKCS11_EXPORT C_SignUpdate( + CK_SESSION_HANDLE hSession, + const CK_BYTE* pPart, + CK_ULONG ulPartLen); + +CK_RV PKCS11_EXPORT C_SignFinal( + CK_SESSION_HANDLE hSession, + CK_BYTE* pSignature, + CK_ULONG* pulSignatureLen); + +CK_RV PKCS11_EXPORT C_VerifyInit( + CK_SESSION_HANDLE hSession, + const CK_MECHANISM* pMechanism, + CK_OBJECT_HANDLE hKey); + +CK_RV PKCS11_EXPORT C_Verify( + CK_SESSION_HANDLE hSession, + const CK_BYTE* pData, + CK_ULONG ulDataLen, + CK_BYTE* pSignature, + CK_ULONG ulSignatureLen); + +CK_RV PKCS11_EXPORT C_VerifyUpdate( + CK_SESSION_HANDLE hSession, + const CK_BYTE* pPart, + CK_ULONG ulPartLen); + +CK_RV PKCS11_EXPORT C_VerifyFinal( + CK_SESSION_HANDLE hSession, + const CK_BYTE* pSignature, + CK_ULONG ulSignatureLen); + +CK_RV PKCS11_EXPORT C_GenerateKey( + CK_SESSION_HANDLE hSession, + const CK_MECHANISM* pMechanism, + const CK_ATTRIBUTE* pTemplate, + CK_ULONG ulCount, + CK_OBJECT_HANDLE* phKey); + +CK_RV PKCS11_EXPORT C_GenerateKeyPair( + CK_SESSION_HANDLE hSession, + const CK_MECHANISM* pMechanism, + const CK_ATTRIBUTE* pPublicKeyTemplate, + CK_ULONG ulPublicKeyAttributeCount, + const CK_ATTRIBUTE* pPrivateKeyTemplate, + CK_ULONG ulPrivateKeyAttributeCount, + CK_OBJECT_HANDLE* phPublicKey, + CK_OBJECT_HANDLE* phPrivateKey); + +CK_RV PKCS11_EXPORT C_DeriveKey( + CK_SESSION_HANDLE hSession, + const CK_MECHANISM* pMechanism, + CK_OBJECT_HANDLE hBaseKey, + const CK_ATTRIBUTE* pTemplate, + CK_ULONG ulAttributeCount, + CK_OBJECT_HANDLE* phKey); + +CK_RV PKCS11_EXPORT C_SeedRandom( + CK_SESSION_HANDLE hSession, + const CK_BYTE* pSeed, + CK_ULONG ulSeedLen); + +CK_RV PKCS11_EXPORT C_GenerateRandom( + CK_SESSION_HANDLE hSession, + CK_BYTE* pRandomData, + CK_ULONG ulRandomLen); + +CK_RV PKCS11_EXPORT C_CloseObjectHandle( + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject); + +CK_RV PKCS11_EXPORT C_CopyObject( + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject, + const CK_ATTRIBUTE* pTemplate, + CK_ULONG ulAttributeCount, + CK_OBJECT_HANDLE* phNewObject); + +#ifdef __cplusplus +} +#endif + +#endif /* __PKCS11_H__ */ diff --git a/security/tf_sdk/include/s_error.h b/security/tf_sdk/include/s_error.h new file mode 100644 index 0000000..d77d3dd --- /dev/null +++ b/security/tf_sdk/include/s_error.h @@ -0,0 +1,321 @@ +/**
+ * Copyright(c) 2011 Trusted Logic. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name Trusted Logic nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */ +#ifndef __S_ERROR_H__ +#define __S_ERROR_H__ + +#define S_SUCCESS ((S_RESULT)0x00000000) +#define SM_SUCCESS S_SUCCESS +#define TEEC_SUCCESS S_SUCCESS +#define SST_SUCCESS S_SUCCESS + +/** + * Generic error code : Generic error + **/ +#define S_ERROR_GENERIC ((S_RESULT)0xFFFF0000) +#define SM_ERROR_GENERIC S_ERROR_GENERIC +#define TEEC_ERROR_GENERIC S_ERROR_GENERIC +#define SST_ERROR_GENERIC S_ERROR_GENERIC + +/** + * Generic error code : The underlying security system denies the access to the + * object + **/ +#define S_ERROR_ACCESS_DENIED ((S_RESULT)0xFFFF0001) +#define SM_ERROR_ACCESS_DENIED S_ERROR_ACCESS_DENIED +#define TEEC_ERROR_ACCESS_DENIED S_ERROR_ACCESS_DENIED +#define SST_ERROR_ACCESS_DENIED S_ERROR_ACCESS_DENIED + +/** + * Generic error code : The pending operation is cancelled. + **/ +#define S_ERROR_CANCEL ((S_RESULT)0xFFFF0002) +#define SM_ERROR_CANCEL S_ERROR_CANCEL +#define TEEC_ERROR_CANCEL S_ERROR_CANCEL + +/** + * Generic error code : The underlying system detects a conflict + **/ +#define S_ERROR_ACCESS_CONFLICT ((S_RESULT)0xFFFF0003) +#define SM_ERROR_EXCLUSIVE_ACCESS S_ERROR_ACCESS_CONFLICT +#define TEEC_ERROR_ACCESS_CONFLICT S_ERROR_ACCESS_CONFLICT +#define SST_ERROR_ACCESS_CONFLICT S_ERROR_ACCESS_CONFLICT + +/** + * Generic error code : Too much data for the operation or some data remain + * unprocessed by the operation. + **/ +#define S_ERROR_EXCESS_DATA ((S_RESULT)0xFFFF0004) +#define SM_ERROR_EXCESS_DATA S_ERROR_EXCESS_DATA +#define TEEC_ERROR_EXCESS_DATA S_ERROR_EXCESS_DATA + + +/** + * Generic error code : Error of data format + **/ +#define S_ERROR_BAD_FORMAT ((S_RESULT)0xFFFF0005) +#define SM_ERROR_FORMAT S_ERROR_BAD_FORMAT +#define TEEC_ERROR_BAD_FORMAT S_ERROR_BAD_FORMAT + +/** + * Generic error code : The specified parameters are invalid + **/ +#define S_ERROR_BAD_PARAMETERS ((S_RESULT)0xFFFF0006) +#define SM_ERROR_ILLEGAL_ARGUMENT S_ERROR_BAD_PARAMETERS +#define TEEC_ERROR_BAD_PARAMETERS S_ERROR_BAD_PARAMETERS +#define SST_ERROR_BAD_PARAMETERS S_ERROR_BAD_PARAMETERS + + +/** + * Generic error code : Illegal state for the operation. + **/ +#define S_ERROR_BAD_STATE ((S_RESULT)0xFFFF0007) +#define SM_ERROR_ILLEGAL_STATE S_ERROR_BAD_STATE +#define TEEC_ERROR_BAD_STATE S_ERROR_BAD_STATE + +/** + * Generic error code : The item is not found + **/ +#define S_ERROR_ITEM_NOT_FOUND ((S_RESULT)0xFFFF0008) +#define SM_ERROR_ITEM_NOT_FOUND S_ERROR_ITEM_NOT_FOUND +#define TEEC_ERROR_ITEM_NOT_FOUND S_ERROR_ITEM_NOT_FOUND +#define SST_ERROR_ITEM_NOT_FOUND S_ERROR_ITEM_NOT_FOUND + +/** + * Generic error code : The specified operation is not implemented + **/ +#define S_ERROR_NOT_IMPLEMENTED ((S_RESULT)0xFFFF0009) +#define SM_ERROR_NOT_IMPLEMENTED S_ERROR_NOT_IMPLEMENTED +#define TEEC_ERROR_NOT_IMPLEMENTED S_ERROR_NOT_IMPLEMENTED + +/** + * Generic error code : The specified operation is not supported + **/ +#define S_ERROR_NOT_SUPPORTED ((S_RESULT)0xFFFF000A) +#define SM_ERROR_NOT_SUPPORTED S_ERROR_NOT_SUPPORTED +#define TEEC_ERROR_NOT_SUPPORTED S_ERROR_NOT_SUPPORTED + +/** + * Generic error code : Insufficient data is available for the operation. + **/ +#define S_ERROR_NO_DATA ((S_RESULT)0xFFFF000B) +#define SM_ERROR_NO_DATA S_ERROR_NO_DATA +#define TEEC_ERROR_NO_DATA S_ERROR_NO_DATA + +/** + * Generic error code : Not enough memory to perform the operation + **/ +#define S_ERROR_OUT_OF_MEMORY ((S_RESULT)0xFFFF000C) +#define SM_ERROR_OUT_OF_MEMORY S_ERROR_OUT_OF_MEMORY +#define TEEC_ERROR_OUT_OF_MEMORY S_ERROR_OUT_OF_MEMORY +#define SST_ERROR_OUT_OF_MEMORY S_ERROR_OUT_OF_MEMORY + +/** + * Generic error code : The service is currently unable to handle the request; + * try later + **/ +#define S_ERROR_BUSY ((S_RESULT)0xFFFF000D) +#define SM_ERROR_BUSY S_ERROR_BUSY +#define TEEC_ERROR_BUSY S_ERROR_BUSY + +/** + * Generic error code : security violation + **/ +#define S_ERROR_SECURITY ((S_RESULT)0xFFFF000F) +#define SM_ERROR_SECURITY S_ERROR_SECURITY +#define TEEC_ERROR_SECURITY S_ERROR_SECURITY + +/** + * Generic error code : the buffer is too short + **/ +#define S_ERROR_SHORT_BUFFER ((S_RESULT)0xFFFF0010) +#define SM_ERROR_SHORT_BUFFER S_ERROR_SHORT_BUFFER +#define TEEC_ERROR_SHORT_BUFFER S_ERROR_SHORT_BUFFER + + +/** + * Generic error code : SControl Asynchronous Operations are not supported. + */ +#define S_ERROR_ASYNC_OPERATIONS_NOT_SUPPORTED ((S_RESULT)0xFFFF0011) +#define SM_ERROR_ASYNC_OPERATIONS_NOT_SUPPORTED S_ERROR_ASYNC_OPERATIONS_NOT_SUPPORTED + +/** + * Generic error code : the number of handles currently created + * for a specific resource has reached the maximum amount. + **/ +#define S_ERROR_NO_MORE_HANDLES ((S_RESULT)0xFFFF0013) + +/** + * Generic error code : the monotonic counter is corrupted + **/ +#define S_ERROR_CORRUPTED ((S_RESULT)0xFFFF0014) + +/** + * Generic error code : the operation is not terminated + **/ +#define S_PENDING ((S_RESULT)0xFFFF2000) + +/** + * Generic error code : A timeout occurred + **/ +#define S_ERROR_TIMEOUT ((S_RESULT)0xFFFF3001) + +/** + * Error code: Error of the underlying OS. + **/ +#define S_ERROR_UNDERLYING_OS ((S_RESULT)0xFFFF3002) +#define TEEC_ERROR_OS S_ERROR_UNDERLYING_OS + + +/** + * Error code: The operation is cancelled by a signal. + **/ +#define S_ERROR_CANCELLED_BY_SIGNAL ((S_RESULT)0xFFFF3003) + +/** + * Generic error code : Overflow + **/ +#define S_ERROR_OVERFLOW ((S_RESULT)0xFFFF300F) +#define SST_ERROR_OVERFLOW S_ERROR_OVERFLOW + +/** + * Generic error code : The item already exists + **/ +#define S_ERROR_ITEM_EXISTS ((S_RESULT)0xFFFF3012) + +/** + * Generic error code : The application reported an error. The code of the + * applicative error is encoded in the message data. + */ +#define S_ERROR_SERVICE ((S_RESULT)0xFFFF1000) +#define SM_ERROR_SERVICE S_ERROR_SERVICE + +#define S_PENDING ((S_RESULT)0xFFFF2000) +#define SM_PENDING S_PENDING + +/** + * Generic error code : Critical error causing the platform to shutdown. + */ +#define S_ERROR_CRITICAL ((S_RESULT)0xFFFF3010) + +/** + * Generic error code : the underlying peripheral is unreachable. + */ +#define S_ERROR_UNREACHABLE ((S_RESULT)0xFFFF3013) + +/*------------------------------------------------------------------------------ + Communication Error Codes +------------------------------------------------------------------------------*/ +/** + * Generic communication error + **/ +#define S_ERROR_COMMUNICATION ((S_RESULT)0xFFFF000E) +#define SM_ERROR_COMMUNICATION S_ERROR_COMMUNICATION +#define TEEC_ERROR_COMMUNICATION S_ERROR_COMMUNICATION + +/** + * Error of communication : Error of protocol + **/ +#define S_ERROR_CONNECTION_PROTOCOL ((S_RESULT)0xFFFF3020) + +/** + * Error of communication : The connection is broken. + **/ +#define S_ERROR_CONNECTION_BROKEN ((S_RESULT)0xFFFF3021) + +/** + * Error of communication : Error during the connection setup. + **/ +#define S_ERROR_CONNECTION_SETUP ((S_RESULT)0xFFFF3022) + +/** + * Error of communication : The connection is refused by the distant target. + **/ +#define S_ERROR_CONNECTION_REFUSED ((S_RESULT)0xFFFF3023) + +/** + * Error of communication: The target of the connection is dead + **/ +#define S_ERROR_TARGET_DEAD ((S_RESULT)0xFFFF3024) +#define SM_ERROR_TARGET_DEAD S_ERROR_TARGET_DEAD +#define TEEC_ERROR_TARGET_DEAD S_ERROR_TARGET_DEAD + + +/*------------------------------------------------------------------------------ + Storage Error Codes +------------------------------------------------------------------------------*/ + +/** File system error code: not enough space to complete the operation. */ +#define S_ERROR_STORAGE_NO_SPACE ((S_RESULT)0xFFFF3041) +#define SST_ERROR_NO_SPACE 0xFFFF3041 + +/** + * File system error code: The file system is corrupted. + */ +#define S_ERROR_STORAGE_CORRUPTED ((S_RESULT)0xFFFF3045) +#define SST_ERROR_CORRUPTED S_ERROR_STORAGE_CORRUPTED + +/** + * File system error code: The file system is unreachable. + */ +#define S_ERROR_STORAGE_UNREACHABLE ((S_RESULT)0xFFFF3046) + +/*------------------------------------------------------------------------------ + Authentication / X509 error codes +------------------------------------------------------------------------------*/ +#define S_ERROR_AUTHENTICATION_FAILED ((S_RESULT)0xFFFF3060) +#define S_ERROR_WRONG_SIGNATURE ((S_RESULT)0xFFFF3061) +#define S_ERROR_BAD_CERTIFICATE ((S_RESULT)0xFFFF3062) +#define S_ERROR_WRONG_ISSUER ((S_RESULT)0xFFFF3063) +#define S_ERROR_CERTIFICATE_EXPIRED ((S_RESULT)0xFFFF3064) + +/*------------------------------------------------------------------------------ + Crypto error codes +------------------------------------------------------------------------------*/ +#define S_ERROR_BAD_KEY ((S_RESULT)0xFFFF3070) + +/*------------------------------------------------------------------------------ + Indicates the physical memory is in TCM +------------------------------------------------------------------------------*/ +#define S_ERROR_ARM_MEMORY_IS_TCM ((S_RESULT)0xFFFF3100) + +/*------------------------------------------------------------------------------ + VM-specific Error Codes +------------------------------------------------------------------------------*/ +#define S_ERROR_UNCAUGHT_EXCEPTION ((S_RESULT)0xFFFF3080) +#define S_ERROR_TRUSTED_INTERPRETER ((S_RESULT)0xFFFF3081) + + +/*------------------------------------------------------------------------------ + Range [0xFFFF3200:0xFFFF35FF] is reserved for internal use +------------------------------------------------------------------------------*/ + +#endif /* __S_ERROR_H__ */ + + diff --git a/security/tf_sdk/include/s_type.h b/security/tf_sdk/include/s_type.h new file mode 100644 index 0000000..72f2a8a --- /dev/null +++ b/security/tf_sdk/include/s_type.h @@ -0,0 +1,146 @@ +/**
+ * Copyright(c) 2011 Trusted Logic. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name Trusted Logic nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */ + +/** + * Definition of the machine-specific integer types + **/ +#ifndef __S_TYPE_H__ +#define __S_TYPE_H__ + +/* C99 integer types */ +#if (!defined(__STDC_VERSION__) || __STDC_VERSION__ < 199901L) &&(!defined(__ANDROID32__)) + +#include <limits.h> + +/* Figure out if a 64-bit integer types is available */ +#if \ + defined(_MSC_VER) || \ + defined(__SYMBIAN32__) || \ + defined(_WIN32_WCE) || \ + (defined(ULLONG_MAX) && ULLONG_MAX == 0xFFFFFFFFFFFFFFFFULL) || \ + (defined(ULONG_LONG_MAX) && ULONG_LONG_MAX == 0xFFFFFFFFFFFFFFFFULL) +typedef unsigned long long uint64_t; +typedef long long int64_t; +#else +#define __S_TYPE_INT64_UNDEFINED +#endif + +#if UINT_MAX == 0xFFFFFFFF +typedef unsigned int uint32_t; +typedef int int32_t; +#elif ULONG_MAX == 0xFFFFFFFF +typedef unsigned long uint32_t; +typedef long int32_t; +#else +#error This compiler is not supported. +#endif + +#if USHRT_MAX == 0xFFFF +typedef unsigned short uint16_t; +typedef short int16_t; +#else +#error This compiler is not supported. +#endif + +#if UCHAR_MAX == 0xFF +typedef unsigned char uint8_t; +typedef signed char int8_t; +#else +#error This compiler is not supported. +#endif + +#if !defined(__cplusplus) +typedef unsigned char bool; +#define false ( (bool)0 ) +#define true ( (bool)1 ) +#endif + +#else /* !defined(__STDC_VERSION__) || __STDC_VERSION__ < 199901L */ + +#include <stdbool.h> +#include <stdint.h> + +#endif /* !(!defined(__STDC_VERSION__) || __STDC_VERSION__ < 199901L) */ + +#include <stddef.h> + +#ifndef NULL +# ifdef __cplusplus +# define NULL 0 +# else +# define NULL ((void *)0) +# endif +#endif + +#define IN +#define OUT + +/* + * Definition of other common types + */ + +typedef uint32_t S_RESULT; +typedef S_RESULT TEEC_Result; +typedef S_RESULT SM_ERROR; + +typedef uint32_t S_HANDLE; +typedef S_HANDLE SM_HANDLE; +#define S_HANDLE_NULL ((S_HANDLE)0) +#define SM_HANDLE_INVALID S_HANDLE_NULL + +/** Definition of an UUID (from RFC 4122 http://www.ietf.org/rfc/rfc4122.txt) */ +typedef struct S_UUID +{ + uint32_t time_low; + uint16_t time_mid; + uint16_t time_hi_and_version; + uint8_t clock_seq_and_node[8]; +}S_UUID; +typedef S_UUID TEEC_UUID; +typedef S_UUID SM_UUID; + +/* DLL Import/Export directives */ + +#if defined(WIN32) || defined(__ARMCC_VERSION) || defined(__WINSCW__) || defined(_WIN32_WCE) +# define S_DLL_EXPORT __declspec(dllexport) +# define S_DLL_IMPORT __declspec(dllimport) +# define S_NO_RETURN __declspec(noreturn) +#elif defined(__GNUC__) +# define S_DLL_EXPORT __attribute__ ((visibility ("default"))) +# define S_DLL_IMPORT __attribute__ ((visibility ("default"))) +# define S_NO_RETURN __attribute__ ((noreturn)) +#else +# define S_DLL_EXPORT +# define S_DLL_IMPORT +# define S_NO_RETURN +#endif + +#endif /* __S_TYPE_H__ */ + diff --git a/security/tf_sdk/include/sst.h b/security/tf_sdk/include/sst.h new file mode 100644 index 0000000..f84c25a --- /dev/null +++ b/security/tf_sdk/include/sst.h @@ -0,0 +1,172 @@ +/**
+ * Copyright(c) 2011 Trusted Logic. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name Trusted Logic nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef __SST_H__
+#define __SST_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+#include "s_type.h"
+#include "s_error.h"
+
+#ifdef SST_EXPORTS
+#define SST_EXPORT_API S_DLL_EXPORT
+#else
+#define SST_EXPORT_API S_DLL_IMPORT
+#endif
+
+/* -----------------------------------------------------------------------------
+ Service SST Types
+----------------------------------------------------------------------------- */
+
+#ifndef EXCLUDE_SERVICE_SST_TYPES
+
+/** The SST_ERROR type */
+typedef uint32_t SST_ERROR;
+
+/** The SST_HANDLE type */
+typedef uint32_t SST_HANDLE;
+
+typedef struct SST_FILE_INFO
+{
+ char* pName;
+ uint32_t nSize;
+} SST_FILE_INFO;
+
+#endif /* EXCLUDE_SERVICE_SST_TYPES */
+
+typedef enum
+{
+ SST_SEEK_SET = 0,
+ SST_SEEK_CUR,
+ SST_SEEK_END
+} SST_WHENCE;
+
+
+/* -----------------------------------------------------------------------------
+ Constants
+----------------------------------------------------------------------------- */
+
+#ifndef EXCLUDE_SERVICE_SST_CONSTANTS
+
+/** The Invalid SST_FILE_HANDLE */
+#define SST_NULL_HANDLE 0
+
+/* Legacy constant name */
+#define SST_HANDLE_INVALID SST_NULL_HANDLE
+
+/** Max length for file names */
+#define SST_MAX_FILENAME 0x40
+
+/** Maximum pointer position in a file */
+#define SST_MAX_FILE_POSITION 0xFFFFFFFF
+
+/** File access modes */
+#define SST_O_READ 0x00000001
+#define SST_O_WRITE 0x00000002
+#define SST_O_WRITE_META 0x00000004
+#define SST_O_SHARE_READ 0x00000010
+#define SST_O_SHARE_WRITE 0x00000020
+#define SST_O_CREATE 0x00000200
+#define SST_O_EXCLUSIVE 0x00000400
+
+
+#endif /* EXCLUDE_SERVICE_SST_CONSTANTS */
+
+
+/* -----------------------------------------------------------------------------
+ Functions
+----------------------------------------------------------------------------- */
+
+#ifndef EXCLUDE_SERVICE_SST_FUNCTIONS
+
+SST_ERROR SST_EXPORT_API SSTInit(void);
+
+SST_ERROR SST_EXPORT_API SSTTerminate(void);
+
+SST_ERROR SST_EXPORT_API SSTOpen(const char* pFilename,
+ uint32_t nFlags,
+ uint32_t nReserved,
+ SST_HANDLE* phFile);
+
+SST_ERROR SST_EXPORT_API SSTCloseHandle(SST_HANDLE hFile);
+
+SST_ERROR SST_EXPORT_API SSTWrite(SST_HANDLE hFile,
+ const uint8_t* pBuffer,
+ uint32_t nSize);
+
+SST_ERROR SST_EXPORT_API SSTRead(SST_HANDLE hFile,
+ uint8_t* pBuffer,
+ uint32_t nSize,
+ uint32_t* pnCount);
+
+SST_ERROR SST_EXPORT_API SSTSeek(SST_HANDLE hFile,
+ int32_t nOffset,
+ SST_WHENCE eWhence);
+
+SST_ERROR SST_EXPORT_API SSTTell(SST_HANDLE hFile,
+ uint32_t* pnPos);
+
+SST_ERROR SST_EXPORT_API SSTGetSize(const char* pFilename,
+ uint32_t* pnSize);
+
+SST_ERROR SST_EXPORT_API SSTEof( SST_HANDLE hFile,
+ bool* pbEof);
+
+SST_ERROR SST_EXPORT_API SSTCloseAndDelete(SST_HANDLE hFile);
+
+SST_ERROR SST_EXPORT_API SSTTruncate( SST_HANDLE hFile,
+ uint32_t nSize);
+
+SST_ERROR SST_EXPORT_API SSTRename(SST_HANDLE hFile,
+ const char* pNewFilename);
+
+SST_ERROR SST_EXPORT_API SSTEnumerationStart(const char* pFilenamePattern,
+ uint32_t nReserved1,
+ uint32_t nReserved2,
+ SST_HANDLE* phFileEnumeration);
+
+SST_ERROR SST_EXPORT_API SSTEnumerationCloseHandle(SST_HANDLE hFileEnumeration);
+
+SST_ERROR SST_EXPORT_API SSTEnumerationGetNext(SST_HANDLE hFileEnumeration,
+ SST_FILE_INFO** ppFileInfo);
+
+SST_ERROR SST_EXPORT_API SSTDestroyFileInfo(SST_FILE_INFO* pFileInfo);
+
+#endif /* EXCLUDE_SERVICE_SST_FUNCTIONS */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __SST_H__ */
diff --git a/security/tf_sdk/include/tee_client_api.h b/security/tf_sdk/include/tee_client_api.h new file mode 100644 index 0000000..fb394f1 --- /dev/null +++ b/security/tf_sdk/include/tee_client_api.h @@ -0,0 +1,184 @@ +/**
+ * Copyright(c) 2011 Trusted Logic. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name Trusted Logic nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * This header file corresponds to V1.0 of the GlobalPlatform
+ * TEE Client API Specification
+ */
+#ifndef __TEE_CLIENT_API_H__
+#define __TEE_CLIENT_API_H__
+
+#include "s_type.h"
+#include "s_error.h"
+
+#ifndef TEEC_EXPORT
+#define TEEC_EXPORT
+#endif
+
+/* The header tee_client_api_imp.h must define implementation-dependent
+ types, constants and macros.
+
+ The implementation-dependent types are:
+ - TEEC_Context_IMP
+ - TEEC_Session_IMP
+ - TEEC_SharedMemory_IMP
+ - TEEC_Operation_IMP
+
+ The implementation-dependent constants are:
+ - TEEC_CONFIG_SHAREDMEM_MAX_SIZE
+ The implementation-dependent macros are:
+ - TEEC_PARAM_TYPES
+*/
+#include "tee_client_api_imp.h"
+
+/* Type definitions */
+typedef struct TEEC_Context
+{
+ TEEC_Context_IMP imp;
+} TEEC_Context;
+
+typedef struct TEEC_Session
+{
+ TEEC_Session_IMP imp;
+} TEEC_Session;
+
+typedef struct TEEC_SharedMemory
+{
+ void* buffer;
+ size_t size;
+ uint32_t flags;
+ TEEC_SharedMemory_IMP imp;
+} TEEC_SharedMemory;
+
+typedef struct
+{
+ void* buffer;
+ size_t size;
+} TEEC_TempMemoryReference;
+
+typedef struct
+{
+ TEEC_SharedMemory * parent;
+ size_t size;
+ size_t offset;
+} TEEC_RegisteredMemoryReference;
+
+typedef struct
+{
+ uint32_t a;
+ uint32_t b;
+} TEEC_Value;
+
+typedef union
+{
+ TEEC_TempMemoryReference tmpref;
+ TEEC_RegisteredMemoryReference memref;
+ TEEC_Value value;
+} TEEC_Parameter;
+
+typedef struct TEEC_Operation
+{
+ volatile uint32_t started;
+ uint32_t paramTypes;
+ TEEC_Parameter params[4];
+
+ TEEC_Operation_IMP imp;
+} TEEC_Operation;
+
+
+#define TEEC_ORIGIN_API 0x00000001
+#define TEEC_ORIGIN_COMMS 0x00000002
+#define TEEC_ORIGIN_TEE 0x00000003
+#define TEEC_ORIGIN_TRUSTED_APP 0x00000004
+
+#define TEEC_MEM_INPUT 0x00000001
+#define TEEC_MEM_OUTPUT 0x00000002
+
+#define TEEC_NONE 0x0
+#define TEEC_VALUE_INPUT 0x1
+#define TEEC_VALUE_OUTPUT 0x2
+#define TEEC_VALUE_INOUT 0x3
+#define TEEC_MEMREF_TEMP_INPUT 0x5
+#define TEEC_MEMREF_TEMP_OUTPUT 0x6
+#define TEEC_MEMREF_TEMP_INOUT 0x7
+#define TEEC_MEMREF_WHOLE 0xC
+#define TEEC_MEMREF_PARTIAL_INPUT 0xD
+#define TEEC_MEMREF_PARTIAL_OUTPUT 0xE
+#define TEEC_MEMREF_PARTIAL_INOUT 0xF
+
+#define TEEC_LOGIN_PUBLIC 0x00000000
+#define TEEC_LOGIN_USER 0x00000001
+#define TEEC_LOGIN_GROUP 0x00000002
+#define TEEC_LOGIN_APPLICATION 0x00000004
+#define TEEC_LOGIN_USER_APPLICATION 0x00000005
+#define TEEC_LOGIN_GROUP_APPLICATION 0x00000006
+
+TEEC_Result TEEC_EXPORT TEEC_InitializeContext(
+ const char* name,
+ TEEC_Context* context);
+
+void TEEC_EXPORT TEEC_FinalizeContext(
+ TEEC_Context* context);
+
+TEEC_Result TEEC_EXPORT TEEC_RegisterSharedMemory(
+ TEEC_Context* context,
+ TEEC_SharedMemory* sharedMem);
+
+TEEC_Result TEEC_EXPORT TEEC_AllocateSharedMemory(
+ TEEC_Context* context,
+ TEEC_SharedMemory* sharedMem);
+
+void TEEC_EXPORT TEEC_ReleaseSharedMemory (
+ TEEC_SharedMemory* sharedMem);
+
+TEEC_Result TEEC_EXPORT TEEC_OpenSession (
+ TEEC_Context* context,
+ TEEC_Session* session,
+ const TEEC_UUID* destination,
+ uint32_t connectionMethod,
+ void* connectionData,
+ TEEC_Operation* operation,
+ uint32_t* errorOrigin);
+
+void TEEC_EXPORT TEEC_CloseSession (
+ TEEC_Session* session);
+
+TEEC_Result TEEC_EXPORT TEEC_InvokeCommand(
+ TEEC_Session* session,
+ uint32_t commandID,
+ TEEC_Operation* operation,
+ uint32_t* errorOrigin);
+
+void TEEC_EXPORT TEEC_RequestCancellation(
+ TEEC_Operation* operation);
+
+#include "tee_client_api_ex.h"
+
+#endif /* __TEE_CLIENT_API_H__ */
diff --git a/security/tf_sdk/include/tee_client_api_ex.h b/security/tf_sdk/include/tee_client_api_ex.h new file mode 100644 index 0000000..d0753ce --- /dev/null +++ b/security/tf_sdk/include/tee_client_api_ex.h @@ -0,0 +1,105 @@ +/**
+ * Copyright(c) 2011 Trusted Logic. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name Trusted Logic nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * This header file contains extensions to the TEE Client API that are
+ * specific to the Trusted Foundations implementations
+ */
+#ifndef __TEE_CLIENT_API_EX_H__
+#define __TEE_CLIENT_API_EX_H__
+
+/* Implementation defined Login types */
+#define TEEC_LOGIN_AUTHENTICATION 0x80000000
+#define TEEC_LOGIN_PRIVILEGED 0x80000002
+
+/* Type definitions */
+
+typedef struct
+{
+ uint32_t x;
+ uint32_t y;
+}
+TEEC_TimeLimit;
+
+typedef struct
+{
+ char apiDescription[65];
+ char commsDescription[65];
+ char TEEDescription[65];
+}
+TEEC_ImplementationInfo;
+
+typedef struct
+{
+ uint32_t pageSize;
+ uint32_t tmprefMaxSize;
+ uint32_t sharedMemMaxSize;
+ uint32_t nReserved3;
+ uint32_t nReserved4;
+ uint32_t nReserved5;
+ uint32_t nReserved6;
+ uint32_t nReserved7;
+}
+TEEC_ImplementationLimits;
+
+void TEEC_EXPORT TEEC_GetImplementationInfo(
+ TEEC_Context* context,
+ TEEC_ImplementationInfo* description);
+
+void TEEC_EXPORT TEEC_GetImplementationLimits(
+ TEEC_ImplementationLimits* limits);
+
+void TEEC_EXPORT TEEC_GetTimeLimit(
+ TEEC_Context* context,
+ uint32_t timeout,
+ TEEC_TimeLimit* timeLimit);
+
+TEEC_Result TEEC_EXPORT TEEC_OpenSessionEx (
+ TEEC_Context* context,
+ TEEC_Session* session,
+ const TEEC_TimeLimit* timeLimit,
+ const TEEC_UUID* destination,
+ uint32_t connectionMethod,
+ void* connectionData,
+ TEEC_Operation* operation,
+ uint32_t* errorOrigin);
+
+TEEC_Result TEEC_EXPORT TEEC_InvokeCommandEx(
+ TEEC_Session* session,
+ const TEEC_TimeLimit* timeLimit,
+ uint32_t commandID,
+ TEEC_Operation* operation,
+ uint32_t* errorOrigin);
+
+TEEC_Result TEEC_EXPORT TEEC_ReadSignatureFile(
+ void** ppSignatureFile,
+ uint32_t* pnSignatureFileLength);
+
+#endif /* __TEE_CLIENT_API_EX_H__ */
diff --git a/security/tf_sdk/include/tee_client_api_imp.h b/security/tf_sdk/include/tee_client_api_imp.h new file mode 100644 index 0000000..caab1c5 --- /dev/null +++ b/security/tf_sdk/include/tee_client_api_imp.h @@ -0,0 +1,78 @@ +/**
+ * Copyright(c) 2011 Trusted Logic. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name Trusted Logic nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * This header file defines the implementation-dependent types,
+ * constants and macros for all the Trusted Foundations implementations
+ * of the TEE Client API
+ */
+#ifndef __TEE_CLIENT_API_IMP_H__
+#define __TEE_CLIENT_API_IMP_H__
+
+#include "s_type.h"
+#include "s_error.h"
+
+typedef struct
+{
+ uint32_t _hConnection;
+}
+TEEC_Context_IMP;
+
+typedef struct
+{
+ struct TEEC_Context* _pContext;
+ S_HANDLE _hClientSession;
+}
+TEEC_Session_IMP;
+
+typedef struct
+{
+ struct TEEC_Context* _pContext;
+ S_HANDLE _hBlock;
+ bool _bAllocated;
+}
+TEEC_SharedMemory_IMP;
+
+typedef struct
+{
+ struct TEEC_Context* _pContext;
+ uint32_t _hSession;
+}
+TEEC_Operation_IMP;
+
+/* There is no natural, compile-time limit on the shared memory, but a specific
+ implementation may introduce a limit (in particular on TrustZone) */
+#define TEEC_CONFIG_SHAREDMEM_MAX_SIZE ((size_t)0xFFFFFFFF)
+
+#define TEEC_PARAM_TYPES(entry0Type, entry1Type, entry2Type, entry3Type) \
+ ((entry0Type) | ((entry1Type) << 4) | ((entry2Type) << 8) | ((entry3Type) << 12))
+
+
+#endif /* __TEE_CLIENT_API_IMP_H__ */
|