optee_utee/object/
object_define.rs

1// Licensed to the Apache Software Foundation (ASF) under one
2// or more contributor license agreements.  See the NOTICE file
3// distributed with this work for additional information
4// regarding copyright ownership.  The ASF licenses this file
5// to you under the Apache License, Version 2.0 (the
6// "License"); you may not use this file except in compliance
7// with the License.  You may obtain a copy of the License at
8//
9//   http://www.apache.org/licenses/LICENSE-2.0
10//
11// Unless required by applicable law or agreed to in writing,
12// software distributed under the License is distributed on an
13// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
14// KIND, either express or implied.  See the License for the
15// specific language governing permissions and limitations
16// under the License.
17
18use bitflags::bitflags;
19use optee_utee_sys as raw;
20
21/// Indicate the possible start offset when moving a data position in the data
22/// stream associated with a [PersistentObject](crate::PersistentObject).
23pub enum Whence {
24    /// The data position is set to offset bytes from the beginning of the data stream.
25    DataSeekSet,
26    /// The data position is set to its current position plus offset.
27    DataSeekCur,
28    /// The data position is set to the size of the object data plus offset.
29    DataSeekEnd,
30}
31
32impl From<Whence> for raw::TEE_Whence {
33    fn from(val: Whence) -> Self {
34        match val {
35            Whence::DataSeekSet => raw::TEE_Whence::TEE_DATA_SEEK_SET,
36            Whence::DataSeekCur => raw::TEE_Whence::TEE_DATA_SEEK_CUR,
37            Whence::DataSeekEnd => raw::TEE_Whence::TEE_DATA_SEEK_END,
38        }
39    }
40}
41
42#[repr(u32)]
43pub enum ObjectStorageConstants {
44    Private = 0x00000001,
45    IllegalValue = 0x7FFFFFFF,
46}
47
48bitflags! {
49    /// A set of flags that controls the access rights and sharing permissions
50    /// with which the object handle is opened.
51    pub struct DataFlag: u32 {
52        /// The object is opened with the read access right. This allows the
53        /// Trusted Application to call the function `TEE_ReadObjectData`.
54        const ACCESS_READ = 0x00000001;
55        /// The object is opened with the write access right. This allows the
56        /// Trusted Application to call the functions `TEE_WriteObjectData` and
57        /// `TEE_TruncateObjectData`.
58        const ACCESS_WRITE = 0x00000002;
59        /// The object is opened with the write-meta access right. This allows
60        /// the Trusted Application to call the functions
61        /// `TEE_CloseAndDeletePersistentObject1` and
62        /// `TEE_RenamePersistentObject`.
63        const ACCESS_WRITE_META = 0x00000004;
64        /// The caller allows another handle on the object to be created with
65        /// read access.
66        const SHARE_READ = 0x00000010;
67        /// The caller allows another handle on the object to be created with
68        /// write access.
69        const SHARE_WRITE = 0x00000020;
70        /// * If this flag is present and the object exists, then the object is
71        ///   deleted and re-created as an atomic operation: that is, the TA
72        ///   sees either the old object or the new one.
73        /// * If the flag is absent and the object exists, then the function
74        ///   SHALL return `TEE_ERROR_ACCESS_CONFLICT`.
75        const OVERWRITE = 0x00000400;
76    }
77}
78
79bitflags! {
80    /// A set of flags that defines usages of data in TEE secure storage.
81    pub struct UsageFlag: u32 {
82        /// The object [Attribute](Attribute) can be extracted.
83        const EXTRACTABLE = 0x00000001;
84        /// The object can be used for encryption.
85        const ENCRYPT = 0x00000002;
86        /// The object can be used for decryption.
87        const DECRYPT = 0x00000004;
88        /// The object can be used for mac operation.
89        const MAC = 0x00000008;
90        /// The object can be used for signature.
91        const SIGN = 0x00000010;
92        /// The object can be used for verification of a signature.
93        const VERIFY = 0x00000020;
94        /// The object can be used for deriving a key.
95        const DERIVE = 0x00000040;
96    }
97}
98
99/// Miscellaneous constants.
100#[repr(u32)]
101pub enum MiscellaneousConstants {
102    /// Maximum offset of a data object.
103    TeeDataMaxPosition = 0xFFFFFFFF,
104    /// Maximum length of an object id.
105    TeeObjectIdMaxLen = 64,
106}
107
108bitflags! {
109    /// A set of flags that defines Handle features.
110    pub struct HandleFlag: u32{
111        /// Set for a [PersistentObject](crate::PersistentObject).
112        const PERSISTENT = 0x00010000;
113        /// 1) For a [PersistentObject](crate::PersistentObject), always set.
114        /// 2) For a [TransientObject](crate::TransientObject), initially
115        ///    cleared, then set when the object becomes initialized.
116        const INITIALIZED = 0x00020000;
117        /// Following two flags are for crypto operation handles:
118        /// 1) Set if the required operation key has been set.
119        /// 2) Always set for digest operations.
120        const KEY_SET = 0x00040000;
121        /// Set if the algorithm expects two keys to be set, using
122        /// `TEE_SetOperationKey2`.
123        /// This happens only if algorithm is set to
124        /// [AesXts](crate::AlgorithmId::AesXts)
125        /// or `TEE_ALG_SM2_KEP`(not supported now).
126        const EXPECT_TWO_KEYS = 0x00080000;
127    }
128}