DRIVE_OS_Linux_SDK_NGC_Development_Guide/baggage/nv__te__cryptographic__constants_8h_source.html

/*

 * Copyright (c) 2019-2021, NVIDIA CORPORATION.  All rights reserved.

 * NVIDIA CORPORATION and its licensors retain all intellectual property

 * and proprietary rights in and to this software, related documentation

 * and any modifications thereto.  Any use, reproduction, disclosure or

 * distribution of this software and related documentation without an express

 * license agreement from NVIDIA CORPORATION is strictly prohibited.

 */


#ifndef NV_TE_CRYPTOGRAPHIC_CONSTANTS_H

#define NV_TE_CRYPTOGRAPHIC_CONSTANTS_H


/*

 * There is another set of crypto algorithm defined in tee_cryptographic_constants.h

 * that are supported in TZVault. This set of operation constants are used by the

 * openssl library, and will be removed and replaced by those in tee_cryptographic_constants.h

 * after CCC is available

 */

typedef enum {

    AES_CBC = 1,

    AES_CBC_NOPAD = 2,

    AES_ECB = 3,

    AES_ECB_NOPAD = 4,

    AES_CTS = 5,

    AES_CTR_128 = 6,

    AES_CTR_256 = 7,

    AES_CBC_256 = 8,

    AES_CBC_256_NOPAD = 9,

} NV_TE_CryptoAlgorithm;


typedef enum {

    CRYPTO_SERVICE_PING = 0x00000000,

    CRYPTO_SERVICE_ENCRYPT = 0x00000001,

    CRYPTO_SERVICE_DECRYPT = 0x00000002,

    CRYPTO_SERVICE_DERIVE_KEK = 0x00000003,

#ifndef CONFIG_TRUSTY

    CRYPTO_SERVICE_DIGEST_INIT          = 0x00000004,


    CRYPTO_SERVICE_DIGEST_UPDATE        = 0x00000005,


    CRYPTO_SERVICE_DIGEST_DO_FINAL      = 0x00000006,


    CRYPTO_SERVICE_DIGEST_FREE          = 0x00000007,


    CRYPTO_SERVICE_AES_INIT             = 0x00000008,


    CRYPTO_SERVICE_AES_UPDATE           = 0x00000009,


    CRYPTO_SERVICE_AES_DO_FINAL         = 0x0000000A,


    CRYPTO_SERVICE_AES_FREE             = 0x0000000B,


    CRYPTO_SERVICE_MAC_INIT             = 0x0000000C,


    CRYPTO_SERVICE_MAC_UPDATE           = 0x0000000D,


    CRYPTO_SERVICE_MAC_DO_FINAL         = 0x0000000E,


    CRYPTO_SERVICE_MAC_FREE             = 0x0000000F,


    CRYPTO_SERVICE_RSA_HANDLE_REQUEST   = 0x00000011,


    CRYPTO_SERVICE_DRBG_GENERATE        = 0x00000013,


    CRYPTO_SERVICE_REQUEST_SE_KEYSLOT   = 0x00000014,


    CRYPTO_SERVICE_UPDATE_SE_KEYSLOT    = 0x00000015,


    CRYPTO_SERVICE_RELEASE_SE_KEYSLOT   = 0x00000016,


    CRYPTO_SERVICE_UNWRAP_KEY           = 0x00000017,


    CRYPTO_SERVICE_AES_CCM_INIT         = 0x00000019,


    CRYPTO_SERVICE_CCM_HANDLE_REQUEST   = 0x0000001A,


    CRYPTO_SERVICE_CCM_FREE             = 0x0000001B,


    CRYPTO_SERVICE_ECDSA_INIT           = 0x0000001C,


    CRYPTO_SERVICE_ECDSA_SET_KEY        = 0x0000001D,


    CRYPTO_SERVICE_ECDSA_DO_FINAL       = 0x0000001E,


    CRYPTO_SERVICE_ECDSA_FREE           = 0x0000001F,


    CRYPTO_SERVICE_ED25519_INIT         = 0x00000020,


    CRYPTO_SERVICE_ED25519_SET_KEY      = 0x00000021,


    CRYPTO_SERVICE_ED25519_DO_FINAL     = 0x00000022,


    CRYPTO_SERVICE_ED25519_FREE         = 0x00000023,


    CRYPTO_SERVICE_DERIVE_KEY           = 0x00000024,


    CRYPTO_SERVICE_SET_KEYSLOT_OIV      = 0x00000025,


    CRYPTO_SERVICE_DERIVE_KEK2          = 0x00000027,


    CRYPTO_SERVICE_GENERATE_AES_KEY = 0x00000028,


    CRYPTO_SERVICE_DERIVE_KEY_NIST_SP800_108 = 0x00000029,


    CRYPTO_SERVICE_WRAP_KEK0_DERIVATION = 0x00000030,


    CRYPTO_SERVICE_WRAP_KEK2_DERIVATION = 0x00000031,


    CRYPTO_SERVICE_NIST_SP800_108_DERIVE_FROM_KEK0 = 0x00000032,


    CRYPTO_SERVICE_NIST_SP800_108_DERIVE_FROM_KEK2 = 0x00000033,


    CRYPTO_SERVICE_CCM_UNWRAP_CBC_WRAP_INIT_CCM = 0x00000034,


    CRYPTO_SERVICE_CCM_UNWRAP_CBC_WRAP_INIT_CBC = 0x00000035,


    CRYPTO_SERVICE_CCM_UNWRAP_CBC_WRAP_HANDLE_OPERATION = 0x00000036,


    CRYPTO_SERVICE_CCM_UNWRAP_CBC_WRAP_FREE = 0x00000037,


    CRYPTO_SERVICE_REWRAP_DERIVED_KEY_INIT = 0x00000038,


    CRYPTO_SERVICE_REWRAP_DERIVE_KEY_HANDLE_OPERATION = 0x00000039,


    CRYPTO_SERVICE_REWRAP_DERIVE_KEY_FREE = 0x00000040,


    CRYPTO_SERVICE_WRAP_KEK_NISTKDF_DERIVATION_INIT = 0X00000041,


    CRYPTO_SERVICE_WRAP_KEK_NISTKDF_DERIVATION_HANDLE_OPERATION = 0x00000042,


    CRYPTO_SERVICE_WRAP_KEK_NISTKDF_DERIVATION_FREE = 0X00000043,


    CRYPTO_SERVICE_ECC_SET_KEYSLOT = 0x00000044,


    CRYPTO_SERVICE_KEY_VALIDATE_KCV = 0x00000045,


#ifdef VCAST_NV_CODE

    // Command to dump Vectorcast Coverage data,

    // this will be invoked from testing service after running all tests

    CRYPTO_SERVICE_VCAST_DUMP_COVERAGE  = 0x00000046,

#endif


#endif

} NV_TE_CryptoServiceOperation;


typedef enum {

    NV_TE_ALG_AES_ECB           = 0x10000510,

    NV_TE_ALG_AES_CBC           = 0x10000610,

    NV_TE_ALG_AES_CBC_256       = 0x10000710,

    NV_TE_ALG_AES_CBC_256_NOPAD = 0x10000810,

    NV_TE_ALG_AES_CMAC_128      = 0x20000110,

    NV_TE_ALG_AES_CMAC_256      = 0x20000130,


    NV_TE_ALG_ED25519PH         = 0x70006050,


    // Not supported

    NV_TE_ALG_AES_CMAC_192      = 0x20000120,


} NV_TE_OperationAlgorithm;


typedef enum {

    SE_DIAG_SERVICE_SE_VERIFY_CONFIG     = 0x00000201,


    SE_DIAG_SERVICE_SE_ERROR_INJECT = 0x00000202,


} NV_TE_SeDiagServiceOperation;


typedef enum {


    KEYSTORE_SERVICE_PING = 0x00000000,


    KEYSTORE_SERVICE_GET_KEY = 0x00000001,


    KEYSTORE_SERVICE_GET_KEY_ATTRIBUTE = 0x00000002,


    KEYSTORE_SERVICE_PKCS11_LOAD_AES_KEY = 0x00000003,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_LOAD_AES_KEY = 0x00000103,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_RELEASE_AES_KEYSLOT = 0x00000104,


    KEYSTORE_SERVICE_PKCS11_RELEASE_AES_KEYSLOT = 0x00000004,


    KEYSTORE_SERVICE_PKCS11_GET_KEY_OBJ_METADATA = 0x00000006,


    KEYSTORE_SERVICE_PKCS11_GENERATE_AES_KEY = 0x00000007,


    KEYSTORE_SERVICE_PKCS11_DELETE_KEY = 0x00000008,


    KEYSTORE_SERVICE_PKCS11_DERIVE_AES_KEY = 0x00000009,


    KEYSTORE_SERVICE_PKCS11_UNWRAP_AES_KEY = 0x0000000C,


    KEYSTORE_SERVICE_PKCS11_COPY_AES_KEY = 0x00000018,


    KEYSTORE_SERVICE_PKCS11_SET_KEY_OBJ_ID = 0x0000000E,


    KEYSTORE_SERVICE_PKCS11_SET_KEY_OBJ_LABEL = 0x0000000F,


    KEYSTORE_SERVICE_PKCS11_SECURE_STORAGE_GET_STATE = 0x00000010,


    KEYSTORE_SERVICE_PKCS11_SECURE_STORAGE_RESET_FILESYSTEM = 0x00000011,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_UNWRAP_AES_KEY = 0x00000012,


    KEYSTORE_SERVICE_PKCS11_CREATE_RSA_PUB_KEY = 0x00000020,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_LOOKUP_KEY = 0x000000013,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_GET_KEY_OBJ_METADATA = 0x00000014,


    KEYSTORE_SERVICE_PKCS11_LOOKUP_KEY = 0x00000021,


    KEYSTORE_SERVICE_PKCS11_LOAD_RSA_PUB_KEY = 0x00000022,


    KEYSTORE_SERVICE_PKCS11_RELEASE_RSA_KEYSLOT = 0x00000023,


    KEYSTORE_SERVICE_PKCS11_COPY_RSA_PUB_KEY = 0x000000024,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_LOAD_RSA_PUB_KEY = 0x00000122,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_RELEASE_RSA_KEYSLOT = 0x00000123,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_COPY_RSA_PUB_KEY = 0x000000124,


    KEYSTORE_SERVICE_PKCS11_CREATE_ECC_PUB_KEY = 0x00000030,


    KEYSTORE_SERVICE_PKCS11_LOAD_ECC_PUB_KEY = 0x00000031,


    KEYSTORE_SERVICE_PKCS11_RELEASE_ECC_KEYSLOT = 0x00000032,


    KEYSTORE_SERVICE_PKCS11_COPY_ECC_PUB_KEY = 0x000000033,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_COPY_ECC_PUB_KEY = 0x000000133,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_LOAD_ECC_PUB_KEY = 0x00000131,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_RELEASE_ECC_KEYSLOT = 0x00000132,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_GENERATE_AES_KEY = 0x000000015,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_SET_KEY_OBJ_ID = 0x00000016,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_SET_KEY_OBJ_LABEL = 0x00000017,


    KEYSTORE_SERVICE_PKCS11_INIT_KEYSTORE = 0x00000034,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_COPY_AES_KEY = 0x00000019,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_DELETE_KEY = 0x0000001A,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_REQUEST_RW_ACCESS = 0x0000001B,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_RELINQUISH_RW_ACCESS = 0x0000001C,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_REQUEST_RO_ACCESS = 0x0000001D,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_RELINQUISH_RO_ACCESS = 0x0000001E,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_UNWRAP_RSA_PUB_KEY = 0x00000127,


    KEYSTORE_SERVICE_PKCS11_UNWRAP_RSA_PUB_KEY = 0x00000027,


    KEYSTORE_SERVICE_PKCS11_PERSISTENT_UNWRAP_ECC_PUB_KEY = 0x00000128,


    KEYSTORE_SERVICE_PKCS11_UNWRAP_ECC_PUB_KEY = 0x00000028,

} NV_TE_KeystoreServiceOperation;


typedef enum {

    KEYSTORE_KEY_ATTRIBUTE_SIZE = 0x00000000,

    KEYSTORE_KEY_ATTRIBUTE_ALGO = 0x00000001,

    KEYSTORE_KEY_ATTRIBUTE_IV = 0x00000002,

} NV_TE_KeystoreKeyAttribute;


typedef enum {

    KEYSTORE_LOOKUP_TYPE_ABSOLUTE = 0x00000001,


    KEYSTORE_LOOKUP_TYPE_RELATIVE = 0x00000002,


    KEYSTORE_LOOKUP_TYPE_BY_ID = 0x00000003,

} NV_TE_KeystoreLookupType;


typedef enum {

    KEYSLOT_USAGE_SIGN = 1U,

    KEYSLOT_USAGE_VERIFY,

    KEYSLOT_USAGE_ENCRYPT,

    KEYSLOT_USAGE_DECRYPT,

    KEYSLOT_USAGE_MAC,

    KEYSLOT_USAGE_DERIVE,

    KEYSLOT_USAGE_DUAL_CRYPTO,

    KEYSLOT_USAGE_WRAPPING,

} KeySlotUsageInfo;


typedef uint32_t  KeySlotHandle;


typedef enum {

    KEYSLOT_TYPE_AES = 1U,

    KEYSLOT_TYPE_RSA,

    KEYSLOT_TYPE_PKA1,

} KeySlotType;


typedef enum {

    CMAC_VERIFY = 0x0000FFFFU,

    CMAC_GENERATE = 0xFFFF0000U,

} CmacIntent;


typedef enum {

    CRYPTO_KEK0_KEYSLOT = 0U,

    CRYPTO_KEK2_KEYSLOT = 2U,

} FuseKeySlot;


#endif /* NV_TE_CRYPTOGRAPHIC_CONSTANTS_H */

NVIDIA DRIVE OS Linux SDK API Reference	5.2.6 Release For Test and Development only