defines enums for new tz commands

Change-Id: I85ad5898d82932dc0cbadaf5e4ccbc3f98d836dc

diff --git a/ta/include/km_ta_defines.h b/ta/include/km_ta_defines.h
index efbede33d6f607d3993eaaafc481ba3cfc9ca79c..ec0e74b325c4ff8510a3048f807ef779a392b098 100644 (file)
--- a/ta/include/km_ta_defines.h
+++ b/ta/include/km_ta_defines.h
@@ -52,8 +52,18 @@ typedef enum {
                             ///< TA will decrypt data with password if provided
        CMD_GET_DATA_SIZE,      ///< Key Manager binary data size to be retrieved from persistent storage
        CMD_DESTROY_DATA,       ///< Key Manager binary data removal from persistent storage
-    CMD_GENERATE_RSA_KEYPAIR,   ///< Generate random RSA key pair.
-    CMD_GENERATE_DSA_KEYPAIR,   ///< Generate random DSA key pair.
+       CMD_GENERATE_RSA_KEYPAIR,   ///< Generate random RSA key pair.
+       CMD_GENERATE_DSA_KEYPAIR,   ///< Generate random DSA key pair.
+       CMD_GENERATE_EC_KEYPAIR,    ///< Generate random EC key pair.
+       CMD_DERIVE,             ///< Derive secret or key
+       CMD_IMPORT_WRAPPED_KEY, ///< Import a wrapped key
+       CMD_EXPORT_WRAPPED_KEY, ///< Export a key in a wrapped form
+       CMD_CIPHER_INIT,        ///< Initialize encryption/decryption context
+       CMD_CIPHER_INIT_AAD,    ///< Supply another AAD chunk for the context
+       CMD_CIPHER_UPDATE,      ///< Add a chunk of data for encryption/decryption
+       CMD_CIPHER_FINALIZE,    ///< Finish the encryption/decryption
+       CMD_CIPHER_CLEANUP,     ///< Release resources related to the context in the TA
+       CMD_GET_MAX_CHUNK_SIZE, ///< Get maximum chunk size that can be passed to TA.
 } tz_command;
 
 /** \enum tz_algo_type
@@ -62,6 +72,7 @@ typedef enum {
  * Each enum corresponds to algorithm and action that will be taken.
  * Algorithms with suffix GEN should be used to key generations.
  * Algorithms with suffix SV should be used to data signing/verification with key.
+ * Algorithms with suffix DRV should be used for key/secret derivation.
  * Other algorithms should be used to encryption/decrytpion.
  */
 typedef enum {
@@ -78,6 +89,8 @@ typedef enum {
        ALGO_RSA_SV,
        ALGO_DSA_SV,
        ALGO_ECDSA_SV,
+       ALGO_ECDH_DRV,
+       ALGO_KBKDF_DRV,
 } tz_algo_type;
 
 /** \enum tz_hash_type
@@ -104,12 +117,61 @@ typedef enum {
        TYPE_AKEY_PRIVATE_RSA,
        TYPE_AKEY_PUBLIC_DSA,
        TYPE_AKEY_PUBLIC_RSA,
+       TYPE_AKEY_PRIVATE_EC,
+       TYPE_AKEY_PUBLIC_EC,
 } tz_data_type;
 
+/** \enum tz_ec
+ * \brief tz_ec contains definitions of supported elliptic curves
+ *
+ * Each enum corresponds to elliptic curve supported by TA side.
+ */
+typedef enum {
+       EC_NIST_P192,
+       EC_NIST_P256,
+       EC_NIST_P384,
+} tz_ec;
+
+/** \enum tz_prf
+ * \brief tz_prf contains definitions of supported keyed pseudo random functions
+ *
+ * Each enum corresponds to keyed pseudo random function supported by TA side.
+ */
+typedef enum {
+       PRF_HMAC_SHA256,
+       PRF_HMAC_SHA384,
+       PRF_HMAC_SHA512,
+} tz_prf;
+
+/** \enum tz_kbkdf_mode
+ * \brief tz_kbkdf_mode contains definitions of supported KBKDF pseudo random functions
+ *
+ * Each enum corresponds to keyed pseudo random function supported by TA side.
+ */
+typedef enum {
+       KBKDF_MODE_COUNTER,
+} tz_kbkdf_mode;
+
+/** \enum tz_kbkdf_ctr_loc
+ * \brief tz_kbkdf_ctr_loc contains definitions of supported KBKDF counter locations
+ *
+ * Each enum corresponds to counter location supported by TA side.
+ */
+typedef enum {
+       KBKDF_LOC_BEFORE_FIXED,
+       KBKDF_LOC_AFTER_FIXED,
+       KBKDF_LOC_MIDDLE_FIXED,
+} tz_kbkdf_ctr_loc;
+
 // TODO these must be somehow confronted with TEE_OBJECT_ID_MAX_LEN
 #define KM_KEY_ID_SIZE 64
 #define KM_DATA_ID_SIZE 64
 
+// Maximum additional size required for encrypted data
+#define KM_ENCRYPTION_OVERHEAD 16
+// Maximum RSA Block Size for encrypted data, in bytes, assumes max RSA key size 4096 bits
+#define KM_RSA_BLOCK_SIZE 512
+
 // Errors
 #define KM_TA_SUCCESS 0
 #define KM_TA_ERROR_GENERIC 1
@@ -119,4 +181,8 @@ typedef enum {
 // UUID
 #define KM_TA_UUID { 0x00000000, 0x0000, 0x0000, { 0x00, 0x00, 0x66, 0x66, 0x66, 0x55, 0x55, 0x55} }
 
+// Encryption/decryption flag
+#define CIPHER_ENCRYPT 1
+#define CIPHER_DECRYPT 0
+
 #endif //__KM_TA_DEFINES_H__