1 /*
2  * Copyright (c) 2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *    http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef __TEE_HW_EXT_API_LEGACY_H__
17 #define __TEE_HW_EXT_API_LEGACY_H__
18 
19 /**
20  * @addtogroup TeeTrusted
21  * @{
22  *
23  * @brief TEE(Trusted Excution Environment) API.
24  * Provides security capability APIs such as trusted storage, encryption and decryption,
25  * and trusted time for trusted application development.
26  *
27  * @since 12
28  */
29 
30 /**
31  * @file tee_hw_ext_api_legacy.h
32  *
33  * @brief Provides extended interfaces.
34  *
35  * @library NA
36  * @kit TEEKit
37  * @syscap SystemCapability.Tee.TeeClient
38  * @since 12
39  * @version 1.0
40  */
41 
42 #include "tee_defines.h"
43 
44 #ifdef __cplusplus
45 extern "C" {
46 #endif
47 
48 /**
49  * @brief Derive key from device root key.
50  *
51  * @param salt [IN] Indicates the data for salt.
52  * @param size [IN] Indicates the length of salt.
53  * @param key [OUT] Indicates the pointer where key is saved.
54  * @param key_size [IN] Indicates the size of the key, which must be integer times of 16.
55  *
56  * @return Returns {@code TEE_SUCCESS} if the operation is successful.
57  *         Returns {@code TEE_ERROR_BAD_PARAMETERS} if input parameter is incorrect.
58  *         Returns {@code TEE_ERROR_GENERIC} if the processing failed.
59  *
60  * @since 12
61  * @version 1.0
62  */
63 TEE_Result TEE_EXT_DeriveTARootKey(const uint8_t *salt, uint32_t size, uint8_t *key, uint32_t key_size);
64 
65 /**
66  * @brief Derive key from device root key by HUK2.
67  * @attention If the device does not support HUK2, the key is derived by HUK.
68  *
69  * @param salt [IN] Indicates the data for salt.
70  * @param size [IN] Indicates the length of salt.
71  * @param key [OUT] Indicates the pointer where key is saved.
72  * @param key_size [IN] Indicates the size of the key, which must be integer times of 16.
73  *
74  * @return Returns {@code TEE_SUCCESS} if the operation is successful.
75  *         Returns {@code TEE_ERROR_BAD_PARAMETERS} if input parameter is incorrect.
76  *         Returns {@code TEE_ERROR_GENERIC} if the processing failed.
77  *
78  * @since 12
79  * @version 1.0
80  */
81 TEE_Result tee_ext_derive_ta_root_key_by_huk2(const uint8_t *salt, uint32_t size, uint8_t *key, uint32_t key_size);
82 
83 /**
84  * @brief Derive key from device root key by HUK2.
85  * @attention If the device does not support HUK2, the key is derived by HUK.
86  *
87  * @param secret [IN] Indicates the input secret.
88  * @param secret_len [IN] Indicates the length of the input secret.
89  * @param key [OUT] Indicates the derived key.
90  * @param key_len [IN] Indicates the length of the derived key.
91  *
92  * @return Returns {@code TEE_SUCCESS} if the operation is successful.
93  *         Returns {@code TEE_ERROR_BAD_PARAMETERS} if input parameter is incorrect.
94  *         Returns {@code TEE_ERROR_GENERIC} if the processing failed.
95  *
96  * @since 12
97  * @version 1.0
98  */
99 TEE_Result tee_ext_root_derive_key2_by_huk2(const uint8_t *secret, uint32_t secret_len, uint8_t *key, uint32_t key_len);
100 
101 /**
102  * @brief Derive key from device root key and UUID of the current task by HUK2.
103  * @attention If the device does not support HUK2, the key is derived by HUK.
104  *
105  * @param salt [IN] Indicates the data for salt.
106  * @param size [IN] Indicates the length of salt.
107  * @param key [OUT] Indicates the pointer where key is saved.
108  * @param key_size [IN] Indicates the size of the generated key, fix-size 32 bytes.
109  *
110  * @return Returns {@code TEE_SUCCESS} if the operation is successful.
111  *         Returns {@code TEE_ERROR_BAD_PARAMETERS} if input parameter is incorrect.
112  *         Returns {@code TEE_ERROR_GENERIC} if the processing failed.
113  *
114  * @since 12
115  * @version 1.0
116  */
117 TEE_Result tee_ext_root_uuid_derive_key_by_huk2(const uint8_t *salt, uint32_t size, uint8_t *key, uint32_t key_size);
118 
119 #ifdef __cplusplus
120 }
121 #endif
122 /** @} */
123 #endif
124