/* * app_cipher.h */ #ifndef _TZ_ICCC_APP_CIPHER_H_ #define _TZ_ICCC_APP_CIPHER_H_ #include #include #include #include #include #include #include #include #include #include #define TZ_API_OK 0 #define TZ_API_ERROR 1 #define TZ_API_ERROR_NO_KEY 2 #define TZ_API_ERROR_VERSION_MISMATCH 3 #define AES_IV_SIZE 16 #define AES_BLOCK_SIZE 16 #define EXTRA_AES_BUFFER_SPACE (AES_BLOCK_SIZE) #define AES256_KEY_SIZE 32 #define SHA256_DIGEST_LENGTH 32 #define MAX_PRNG_LENGTH 512 /* Maximum number of random bytes to generate*/ #define MAX_RESERVED_LEN 4 #define MAX_WRAPPED_MESSAGE_SIZE 81920 #define PERSIST_DATA_HEADER_VERSION 2 #define PERSIST_DATA_HEADER_MAGIC 0xFAFBFCFD #define MAX_FULLNAME_SIZE 160 // MAX_FULLNAME_SZ 160 (app_getDeviceStatus.h) #define ICCC_MAX_DATA_BUF 4096 // ICCC_MAX_KEY_BUF 4096 (app_drk.h) #define MAX_WRAPPED_DATA_LEN 8192 // MAX_WRAPPED_KEY_LEN 8192 (app_drk.h) typedef enum { CIPHER_MODE_ECB = 0, CIPHER_MODE_CBC, CIPHER_MODE_CTR, CIPHER_MODE_XTS, CIPHER_MODE_CCM, CIPHER_MODE_CTS, CIPHER_MODE_INVALID = 0x7FFFFFFF } CIPHER_MODE_ET; typedef enum { CIPHER_PAD_ISO10126, CIPHER_PAD_PKCS7, CIPHER_PAD_NO_PAD, CIPHER_PAD_INVALID = 0x7FFFFFFF } CIPHER_PAD_ET; typedef struct { uint32_t version; uint32_t magic; uint8_t iv[AES_IV_SIZE]; uint32_t iv_len; uint8_t reserved[MAX_RESERVED_LEN]; } persist_data_header_t; uint32_t TZ_SHA256_digest( uint8_t* messageData, uint32_t messageLen, uint8_t* digest, uint32_t* pDigestLen ); uint32_t TZ_sign_CKM_SHA256_RSA_PKCS_PSS( QSEE_RSA_KEY *rsa_key, uint8_t *messageData, uint32_t messageLen, uint8_t *signature, int *pSigLen ); uint32_t TZ_wrap_persist_data_aes_cbc_256( uint8_t* appName, uint32_t appNameLen, uint8_t* data, uint32_t size, uint8_t* wrapped_data, uint32_t* wrapped_data_size ); uint32_t TZ_unwrap_persist_data_aes_cbc_256( uint8_t* appName, uint32_t appNameLen, uint8_t* wrapped_data, uint32_t wrapped_data_size, uint8_t* unwrapped_data, uint32_t* unwrapped_data_size ); #endif // _TZ_ICCC_APP_CIPHER_H_