diff --git a/api-tests/CMakeLists.txt b/api-tests/CMakeLists.txt index 5adf5860..e1508b54 100644 --- a/api-tests/CMakeLists.txt +++ b/api-tests/CMakeLists.txt @@ -1,5 +1,5 @@ #/** @file -# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. +# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. # * SPDX-License-Identifier : Apache-2.0 # * # * Licensed under the Apache License, Version 2.0 (the "License"); @@ -31,6 +31,7 @@ get_filename_component(PSA_ROOT_DIR . ABSOLUTE) list(APPEND CMAKE_MODULE_PATH ${PSA_ROOT_DIR}/tools/cmake) include("common/Utils") include(${PSA_ROOT_DIR}/tools/cmake/common/CMakeSettings.cmake) +include(${PSA_ROOT_DIR}/tools/cmake/common/CMakeExternal.cmake) # list of supported suites list(APPEND PSA_SUITES @@ -109,6 +110,8 @@ string(TOLOWER ${SUITE} SUITE_LOWER) _get_sub_dir_list(PSA_TARGET_LIST ${PSA_ROOT_DIR}/platform/targets) if(NOT ${TARGET} IN_LIST PSA_TARGET_LIST) message(FATAL_ERROR "[PSA] : Error: Unspported value for -DTARGET=, supported targets are : ${PSA_TARGET_LIST}") +else() + message(STATUS "[PSA] : TARGET is set to ${TARGET}") endif() # Check for the presence of required test suite directories @@ -128,6 +131,8 @@ endif() # Check for valid suite cmake argument passed if(NOT ${SUITE} IN_LIST PSA_SUITES) message(FATAL_ERROR "[PSA] : Error: Unsupported value for -DSUITE=, select one from supported suites which are : ${PSA_SUITES}") +else() + message(STATUS "[PSA] : SUITE is set to ${SUITE}") endif() # Project variables @@ -135,7 +140,9 @@ set(PSA_TARGET_PRE_BUILD psa_pre_build) set(PSA_TARGET_GENERATE_DATABASE_PRE psa_generate_database_prerequisite) set(PSA_TARGET_GENERATE_DATABASE psa_generate_database) set(PSA_TARGET_GENERATE_DATABASE_POST psa_generate_database_cleanup) -set(PSA_TARGET_QCBOR psa_qcbor) +if(${SUITE} STREQUAL "INITIAL_ATTESTATION") + set(PSA_TARGET_QCBOR psa_qcbor) +endif() set(PSA_TARGET_PAL_NSPE_LIB pal_nspe) set(PSA_TARGET_VAL_NSPE_LIB val_nspe) set(PSA_TARGET_TEST_COMBINE_LIB test_combine) @@ -158,10 +165,6 @@ set(DATABASE_TABLE_NAME target_database) set(DATABASE_TABLE_SECTION_NAME "NOSECTION") set(TARGET_HEADER_GEN_INCLUDE_PATHS "${PSA_ROOT_DIR}/val/nspe|${PSA_ROOT_DIR}/val/common|${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common|${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto") set(TESTSUITE_DB ${PSA_SUITE_DIR}/testsuite.db) -if(${SUITE} STREQUAL "INITIAL_ATTESTATION") -set(PSA_QCBOR_GIT_REPO_LINK https://github.com/laurencelundblade/QCBOR.git) -set(PSA_QCBOR_INCLUDE_PATH ${CMAKE_CURRENT_BINARY_DIR}/src/psa_qcbor/inc) -endif() set(PSA_TESTLIST_FILE ${CMAKE_CURRENT_BINARY_DIR}/testlist.txt) set(PSA_TEST_ENTRY_LIST_INC ${CMAKE_CURRENT_BINARY_DIR}/test_entry_list.inc) set(PSA_TEST_ENTRY_FUN_DECLARE_INC ${CMAKE_CURRENT_BINARY_DIR}/test_entry_fn_declare_list.inc) @@ -169,6 +172,9 @@ set(PSA_CLIENT_TEST_LIST_DELCARE_INC ${CMAKE_CURRENT_BINARY_DIR}/client_tests_li set(PSA_CLIENT_TEST_LIST_INC ${CMAKE_CURRENT_BINARY_DIR}/client_tests_list.inc) set(PSA_SERVER_TEST_LIST_DECLARE_INC ${CMAKE_CURRENT_BINARY_DIR}/server_tests_list_declare.inc) set(PSA_SERVER_TEST_LIST ${CMAKE_CURRENT_BINARY_DIR}/server_tests_list.inc) +if(${SUITE} STREQUAL "INITIAL_ATTESTATION") + set(PSA_QCBOR_INCLUDE_PATH ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/inc) +endif() # Validity check for required files for a given suite if(NOT DEFINED PSA_${SUITE}_FILES) @@ -192,6 +198,8 @@ endforeach() if(NOT DEFINED TOOLCHAIN) set(TOOLCHAIN "GNUARM" CACHE INTERNAL "Compiler used" FORCE) message(STATUS "[PSA] : Defaulting compiler to ${TOOLCHAIN}") +else() + message(STATUS "[PSA] : TOOLCHAIN is set to ${TOOLCHAIN}") endif() if(${TOOLCHAIN} STREQUAL "ARMCLANG" OR ${TOOLCHAIN} STREQUAL "GNUARM") @@ -203,65 +211,99 @@ if(${TOOLCHAIN} STREQUAL "ARMCLANG" OR ${TOOLCHAIN} STREQUAL "GNUARM") message(FATAL_ERROR "[PSA] : Error: Unsupported value for -DCPU_ARCH=, supported CPU arch are : ${PSA_CPU_ARCH_SUPPORT}") endif() endif() + message(STATUS "[PSA] : CPU_ARCH is set to ${CPU_ARCH}") endif() # Check for VERBOSE if(NOT DEFINED VERBOSE) set(VERBOSE 3 CACHE INTERNAL "Default VERBOSE value" FORCE) - message(STATUS "[PSA] : Defaulting to VERBOSE=${VERBOSE}") + message(STATUS "[PSA] : Defaulting VERBOSE to ${VERBOSE}") else() if(NOT ${VERBOSE} IN_LIST PSA_VERBOSE_OPTIONS) message(FATAL_ERROR "[PSA] : Error: Unspported value for -DVERBOSE=, supported values are : ${PSA_VERBOSE_OPTIONS}") endif() + message(STATUS "[PSA] : VERBOSE is set to ${VERBOSE}") endif() # Check for PLATFORM_PSA_ISOLATION_LEVEL if(NOT DEFINED PLATFORM_PSA_ISOLATION_LEVEL) set(PLATFORM_PSA_ISOLATION_LEVEL 3 CACHE INTERNAL "Default PLATFORM_PSA_ISOLATION_LEVEL value" FORCE) - message(STATUS "[PSA] : Defaulting to PLATFORM_PSA_ISOLATION_LEVEL=${PLATFORM_PSA_ISOLATION_LEVEL}") + if(${SUITE} STREQUAL "IPC") + message(STATUS "[PSA] : Defaulting PLATFORM_PSA_ISOLATION_LEVEL to ${PLATFORM_PSA_ISOLATION_LEVEL}") + endif() else() if(NOT ${PLATFORM_PSA_ISOLATION_LEVEL} IN_LIST PLATFORM_PSA_ISOLATION_LEVEL_OPTIONS) message(FATAL_ERROR "[PSA] : Error: Unspported value for -DPLATFORM_PSA_ISOLATION_LEVEL=, supported values are : ${PLATFORM_PSA_ISOLATION_LEVEL_OPTIONS}") endif() + if(${SUITE} STREQUAL "IPC") + message(STATUS "[PSA] : PLATFORM_PSA_ISOLATION_LEVEL is set to ${PLATFORM_PSA_ISOLATION_LEVEL}") + endif() endif() if(NOT DEFINED INCLUDE_PANIC_TESTS) - set(INCLUDE_PANIC_TESTS 0 CACHE INTERNAL "By default panic tests are disabled" FORCE) - message(STATUS "[PSA] : Defaulting to INCLUDE_PANIC_TESTS=${INCLUDE_PANIC_TESTS}") + #By default panic tests are disabled + set(INCLUDE_PANIC_TESTS 0 CACHE INTERNAL "Default INCLUDE_PANIC_TESTS value" FORCE) + message(STATUS "[PSA] : Defaulting INCLUDE_PANIC_TESTS to ${INCLUDE_PANIC_TESTS}") else() if(INCLUDE_PANIC_TESTS EQUAL 1) - message(STATUS "[PSA] : Ensure you set watchdog.num to 1 in ${PSA_ROOT_DIR}/platform/targets/${TARGET}/target.cfg") - message(STATUS "[PSA] : To test PSA APIs panic conditions, test harness may require to access watchdog timer " - "to recover from panic and to be able to continue with next test. " - "Ignore this warning if system under test has capability to reset the system " - "when it encounters panic condition.") + message(STATUS "[PSA] : " + "INCLUDE_PANIC_TESTS set to 1, therefore including PSA APIs panic tests into the regression,\n" + "\tensure that watchdog.num is set to 1 in ${PSA_ROOT_DIR}/platform/targets/${TARGET}/target.cfg") endif() endif() if(NOT DEFINED WATCHDOG_AVAILABLE) - set(WATCHDOG_AVAILABLE 1 CACHE INTERNAL "Assuming watchdog is available to program by test suite" FORCE) - message(STATUS "[PSA] : Watchdog is available by default") + #Assuming watchdog is available to program by test suite + set(WATCHDOG_AVAILABLE 1 CACHE INTERNAL "Default WATCHDOG_AVAILABLE value" FORCE) + message(STATUS "[PSA] : Defaulting WATCHDOG_AVAILABLE to ${WATCHDOG_AVAILABLE}") +else() + message(STATUS "[PSA] : WATCHDOG_AVAILABLE is set to ${WATCHDOG_AVAILABLE}") endif() if((INCLUDE_PANIC_TESTS EQUAL 1) AND (WATCHDOG_AVAILABLE EQUAL 0)) - message(FATAL_ERROR "[PSA]: Panic test execution needs watchdog access. set -DWATCHDOG_AVAILABLE=1") + message(WARNING "[PSA]: " + "Note that to test PSA APIs panic conditions, test harness may require to access" + "the watchdog timer in oder to recover from panic and to be able to continue with" + "next test. Ignore this warning if system under test has capability to reset the" + "system when it encounters panic condition.") endif() if(NOT DEFINED SP_HEAP_MEM_SUPP) - set(SP_HEAP_MEM_SUPP 1 CACHE INTERNAL "Are dynamic memory functions available to secure partition?" FORCE) - message(STATUS "[PSA] : Default value for SP_HEAP_MEM_SUPP is ${SP_HEAP_MEM_SUPP}") + #Are dynamic memory functions available to secure partition? + set(SP_HEAP_MEM_SUPP 1 CACHE INTERNAL "Default SP_HEAP_MEM_SUPP value" FORCE) + message(STATUS "[PSA] : Defaulting SP_HEAP_MEM_SUPP to ${SP_HEAP_MEM_SUPP}") endif() if(NOT DEFINED TEST_COMBINE_ARCHIVE) - set(TEST_COMBINE_ARCHIVE 1 CACHE INTERNAL "Default option is to create archive" FORCE) - message(STATUS "[PSA] : Default value for TEST_COMBINE_ARCHIVE is ${TEST_COMBINE_ARCHIVE}") + #Default option is to create archive + set(TEST_COMBINE_ARCHIVE 1 CACHE INTERNAL "Default TEST_COMBINE_ARCHIVE value" FORCE) + message(STATUS "[PSA] : Defaulting TEST_COMBINE_ARCHIVE to ${TEST_COMBINE_ARCHIVE}") +else() + message(STATUS "[PSA] : TEST_COMBINE_ARCHIVE is set to ${TEST_COMBINE_ARCHIVE}") endif() message(STATUS "[PSA] : ----------Process input arguments- complete-------------") -# Build PAL NSPE LIB -include(${PSA_ROOT_DIR}/platform/targets/${TARGET}/target.cmake) + +if((${SUITE} STREQUAL "INITIAL_ATTESTATION") AND (NOT EXISTS ${PSA_TARGET_QCBOR})) +# Clone QCBOR and move to specified tag +execute_process(COMMAND ${GIT_EXECUTABLE} clone ${PSA_QCBOR_GIT_REPO_LINK} ${PSA_TARGET_QCBOR} + RESULT_VARIABLE ${PSA_TARGET_QCBOR}_clone_result + WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}) +if(${PSA_TARGET_QCBOR}_clone_result) + message(FATAL_ERROR "git clone failed for ${PSA_QCBOR_GIT_REPO_LINK}") +endif() + +if(NOT ${PSA_TARGET_QCBOR}_clone_result) +execute_process(COMMAND ${GIT_EXECUTABLE} checkout -q "${PSA_QCBOR_GIT_REPO_TAG}" + RESULT_VARIABLE ${PSA_TARGET_QCBOR}_checkout_result + WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}) +if(${PSA_TARGET_QCBOR}_checkout_result) + message(FATAL_ERROR "git checkout failed for Repo : ${PSA_QCBOR_GIT_REPO_LINK}, Tag : ${PSA_QCBOR_GIT_REPO_TAG}") +endif() +endif() +endif() # Create PSA clean list list(APPEND PSA_CLEAN_LIST @@ -332,22 +374,6 @@ add_custom_target( COMMAND ${CMAKE_COMMAND} --build ${CMAKE_CURRENT_BINARY_DIR}/src/${PSA_TARGET_GENERATE_DATABASE}-build/ -- clean ) -if(${SUITE} STREQUAL "INITIAL_ATTESTATION") -# Cloning CMSIS_5 repo -ExternalProject_Add( - ${PSA_TARGET_QCBOR} - PREFIX ${CMAKE_CURRENT_BINARY_DIR} - GIT_REPOSITORY ${PSA_QCBOR_GIT_REPO_LINK} - GIT_TAG ${PSA_QCBOR_GIT_REPO_TAG} - CONFIGURE_COMMAND "" - UPDATE_COMMAND "" - PATCH_COMMAND "" - BUILD_COMMAND "" - TEST_COMMAND "" - INSTALL_COMMAND "" -) -endif() - # Check for supported toolchain/s if(${TOOLCHAIN} IN_LIST PSA_TOOLCHAIN_SUPPORT) include(${PSA_ROOT_DIR}/tools/cmake/compiler/${TOOLCHAIN}.cmake) @@ -365,6 +391,8 @@ if(${SP_HEAP_MEM_SUPP} EQUAL 1) add_definitions(-DSP_HEAP_MEM_SUPP) endif() +# Build PAL NSPE LIB +include(${PSA_ROOT_DIR}/platform/targets/${TARGET}/target.cmake) # Build VAL NSPE LIB #add_definitions(-DVAL_NSPE_BUILD) include(${PSA_ROOT_DIR}/val/val_nspe.cmake) @@ -377,13 +405,7 @@ endif() add_dependencies(${PSA_TARGET_GENERATE_DATABASE} ${PSA_TARGET_GENERATE_DATABASE_PRE}) add_dependencies(${PSA_TARGET_GENERATE_DATABASE_POST} ${PSA_TARGET_GENERATE_DATABASE}) -if(${SUITE} STREQUAL "INITIAL_ATTESTATION") -add_dependencies(${PSA_TARGET_QCBOR} ${PSA_TARGET_GENERATE_DATABASE_POST}) -add_dependencies(${PSA_TARGET_PAL_NSPE_LIB} ${PSA_TARGET_QCBOR}) -add_dependencies(${PSA_TARGET_VAL_NSPE_LIB} ${PSA_TARGET_QCBOR}) -else() add_dependencies(${PSA_TARGET_PAL_NSPE_LIB} ${PSA_TARGET_GENERATE_DATABASE_POST}) -endif() add_dependencies(${PSA_TARGET_VAL_NSPE_LIB} ${PSA_TARGET_PAL_NSPE_LIB}) add_dependencies(${PSA_TARGET_TEST_COMBINE_LIB} ${PSA_TARGET_VAL_NSPE_LIB}) if(${SUITE} STREQUAL "IPC") diff --git a/api-tests/README.md b/api-tests/README.md index f0bee670..aa989847 100644 --- a/api-tests/README.md +++ b/api-tests/README.md @@ -18,8 +18,7 @@ The test suite for this specification is located in the **ff** directory of this The test suite for this specification is located in the **dev_apis** directory of this repository. See the [PSA Developer APIs README](dev_apis/README.md) file for more details. ## Release Update - - Release Version: 0.9 - - Code quality: Arm welcomes suggestions for enhancements and error corrections. + - Code Quality : REL v1.0 - This release contains following tests:
1. Developer APIs test list: @@ -31,7 +30,7 @@ The test suite for this specification is located in the **dev_apis** directory o | Internal Trusted Storage | [PSA Internal Trusted Storage API 1.0.0](../api-specs/storage/v1.0/doc/) | | Initial Attestation | [PSA Initial Attestation API 1.0.0](../api-specs/attestation/v1.0/doc/) | -2. PSA-FF tests that are written for version 1.0-Beta1 of the PSA FF specification. +2. PSA-FF tests that are written for the PSA FF 1.0 specification. ## License @@ -46,4 +45,4 @@ Arm PSA test suite is distributed under Apache v2.0 License. -------------- -*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.* +*Copyright (c) 2018-2020, Arm Limited and Contributors. All rights reserved.* diff --git a/api-tests/dev_apis/README.md b/api-tests/dev_apis/README.md index 83aac79e..2cdff611 100644 --- a/api-tests/dev_apis/README.md +++ b/api-tests/dev_apis/README.md @@ -40,13 +40,13 @@ To build the test suite for your target platform, execute the following commands
Options information:
- -G"" : "Unix Makefiles" to generate Makefiles for Linux and Cygwin. "MinGW Makefiles" to generate Makefiles for cmd.exe on Windows
-- -DTARGET= is the same as the name of the target-specific directory created in the **platform/targets/** directory. The current release has been tested on **tgt_dev_apis_tfm_an521**, **tgt_dev_apis_tfm_musca_b1** and **tgt_dev_apis_tfm_musca_a** platforms.
+- -DTARGET= is the same as the name of the target-specific directory created in the **platform/targets/** directory. The current release has been tested on **tgt_dev_apis_tfm_an521**, **tgt_dev_apis_tfm_musca_b1** and **tgt_dev_apis_tfm_musca_a** platforms. Refer [Test_failure analysis](../docs/test_failure_analysis.md) document to know the reason for any known test fail.
- -DTOOLCHAIN= Compiler toolchain to be used for test suite compilation. Supported values are GNUARM (GNU Arm Embedded), ARMCLANG (ARM Compiler 6.x) and HOST_GCC. Default is GNUARM.
- -DCPU_ARCH= is the Arm Architecture version name for which the tests should be compiled. Supported CPU arch are armv8m_ml, armv8m_bl and armv7m. Default is empty. This option is unused when TOOLCHAIN type is HOST_GCC.
- -DSUITE= is the suite name that is the same as the suite name available in **dev_apis/** directory.
- -DVERBOSE=. Print verbosity level. Default is 3. Supported print levels are 1(INFO & above), 2(DEBUG & above), 3(TEST & above), 4(WARN & ERROR) and 5(ERROR). - -DBUILD= : To select the build directory to keep output files. Default is BUILD/ inside current directory. -- -DWATCHDOG_AVAILABLE=<0|1>: Test harness may require to access watchdog timer to recover system hang. 0 means skip watchdog programming in the test suite and 1 means program the watchdog. Default is 1. Note, watchdog must be available for the tests which depend on the system reset conditions. +- -DWATCHDOG_AVAILABLE=<0|1>: Test harness may require to access watchdog timer to recover system hang. 0 means skip watchdog programming in the test suite and 1 means program the watchdog. Default is 1. Note, watchdog must be available for the tests which check the PSA API behaviour on the system reset. - -DPSA_INCLUDE_PATHS=";;...;" is an additional directory to be included into the compiler search path.You must provide Developer APIs header files implementation to the test suite build system using this option. For example, to compile Crypto tests, the include path must point to the path where **psa/crypto.h** is located in your build system. Bydefault, PSA_INCLUDE_PATHS accepts absolute path. However, relative path can be provided using below format:
``` -DPSA_INCLUDE_PATHS=`readlink -f ` @@ -99,4 +99,4 @@ Arm PSA test suite is distributed under Apache v2.0 License. -------------- -*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.* +*Copyright (c) 2018-2020, Arm Limited and Contributors. All rights reserved.* diff --git a/api-tests/dev_apis/crypto/test_c039/test_data.h b/api-tests/dev_apis/crypto/test_c039/test_data.h index bdbcd54e..b90831b7 100644 --- a/api-tests/dev_apis/crypto/test_c039/test_data.h +++ b/api-tests/dev_apis/crypto/test_c039/test_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -41,12 +41,11 @@ static const uint8_t rsa_256_keypair[1]; static const uint8_t rsa_256_keydata[1]; static const uint8_t ec_keydata[] = { - 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, - 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC, - 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3, - 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A, - 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB, - 0x24, 0x74, 0x90, 0x9A, 0xE0}; + 0x04, 0xde, 0xa5, 0xe4, 0x5d, 0x0e, 0xa3, 0x7f, 0xc5, 0x66, 0x23, 0x2a, 0x50, 0x8f, + 0x4a, 0xd2, 0x0e, 0xa1, 0x3d, 0x47, 0xe4, 0xbf, 0x5f, 0xa4, 0xd5, 0x4a, 0x57, 0xa0, + 0xba, 0x01, 0x20, 0x42, 0x08, 0x70, 0x97, 0x49, 0x6e, 0xfc, 0x58, 0x3f, 0xed, 0x8b, + 0x24, 0xa5, 0xb9, 0xbe, 0x9a, 0x51, 0xde, 0x06, 0x3f, 0x5a, 0x00, 0xa8, 0xb6, 0x98, + 0xa1, 0x6f, 0xd7, 0xf2, 0x9b, 0x54, 0x85, 0xf3, 0x20}; static const uint8_t ec_keypair[] = { 0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38, @@ -216,19 +215,17 @@ static test_data check1[] = { #endif #ifdef ARCH_TEST_ECDSA -#ifdef ARCH_TEST_ECC_CURVE_SECP192R1 +#ifdef ARCH_TEST_ECC_CURVE_SECP256R1 {"Test psa_asymmetric_encrypt - ECC public key\n", 9, - PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP192R1), -{0}, 75, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_ECDSA_ANY, + PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1), +{0}, 65, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, {0}, 0, {0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 22, 128, - 0, 192, PSA_SUCCESS + 128, 256, PSA_SUCCESS }, -#endif -#ifdef ARCH_TEST_ECC_CURVE_SECP256R1 {"Test psa_asymmetric_encrypt - ECC keypair\n", 10, PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1), {0}, 97, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256), @@ -236,7 +233,7 @@ static test_data check1[] = { {0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 22, 128, - 0, 192, PSA_SUCCESS + 128, 256, PSA_SUCCESS } #endif #endif diff --git a/api-tests/dev_apis/crypto/test_c042/test_data.h b/api-tests/dev_apis/crypto/test_c042/test_data.h index 5f8592ce..95a1c72c 100644 --- a/api-tests/dev_apis/crypto/test_c042/test_data.h +++ b/api-tests/dev_apis/crypto/test_c042/test_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -212,7 +212,7 @@ PSA_KEY_TYPE_RSA_PUBLIC_KEY, 0x28, 0x1d, 0xb1, 0xe0, 0x02, 0x5c, 0x3b, 0xfb, 0x55, 0x12, 0x96, 0x3e, 0xc3, 0xb9, 0x8d, 0xda, 0xa6, 0x9e, 0x38, 0xbc, 0x3c, 0x84, 0xb1, 0xb6, 0x1a, 0x04, 0xe5, 0x64, 0x86, 0x40, 0x85, 0x6a, 0xac, 0xc6, 0xfc, 0x73, 0x11}, - 120, 1024, PSA_ERROR_BUFFER_TOO_SMALL + 120, 1024, PSA_ERROR_INVALID_SIGNATURE }, #endif diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_its_data.h index 4372bb18..b31767eb 100644 --- a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_its_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_its_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -29,52 +29,55 @@ typedef struct { static struct psa_storage_info_t info; static const test_data s001_data[] = { { - 0, 0 /* Unused Index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_ITS_GET, PSA_ERROR_DOES_NOT_EXIST /* Call the get API when no UID is set */ + VAL_ITS_GET, PSA_ERROR_DOES_NOT_EXIST /* Index1 - Call the get API when no UID is set */ }, { - VAL_ITS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Call the get_info API when no UID is set */ + VAL_ITS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index2 - Call the get_info API when no UID is set */ }, { - VAL_ITS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Call the remove API when no UID is set */ + VAL_ITS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index3 - Call the remove API when no UID is set */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Create a valid storage entity with UID1 */ + VAL_ITS_SET, PSA_SUCCESS /* Index4 - Create a valid storage entity with UID1 */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Create a valid storage entity with UID2 */ + VAL_ITS_SET, PSA_SUCCESS /* Index5 - Create a valid storage entity with UID2 */ }, { - VAL_ITS_REMOVE, PSA_SUCCESS /* Remove UID1 */ + VAL_ITS_REMOVE, PSA_SUCCESS /* Index6 - Remove UID1 */ }, { - VAL_ITS_GET, PSA_ERROR_DOES_NOT_EXIST /* Call get API for UID1 */ + VAL_ITS_GET, PSA_ERROR_DOES_NOT_EXIST /* Index7 - Call get API for UID1 */ }, { - VAL_ITS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Call get_info API for UID1 */ + VAL_ITS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index8 - Call get_info API for UID1 */ }, { - VAL_ITS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Call remove API for UID1 */ + VAL_ITS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index9 - Call remove API for UID1 */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Create a valid storage entity again with UID1 */ + VAL_ITS_SET, PSA_SUCCESS /* Index10 - Create a valid storage entity again with UID1 */ }, { - VAL_ITS_GET, PSA_ERROR_DOES_NOT_EXIST /* Call get API for UID not same as UID1 or UID2 */ + VAL_ITS_GET, PSA_ERROR_DOES_NOT_EXIST /* Index11 - Call get API for UID not same as UID1 or UID2 */ }, { - VAL_ITS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Call get_info for UID not same as UID1 or UID2 */ + VAL_ITS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index12 - Call get_info for UID not same as UID1 + or UID2 */ }, { - VAL_ITS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Call remove API for UID not same as UID1 or UID2 */ + VAL_ITS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index13 - Call remove API for UID not same as UID1 + or UID2 */ }, { - VAL_ITS_REMOVE, PSA_SUCCESS /* Remove UID1 */ + VAL_ITS_REMOVE, PSA_SUCCESS /* Index14 - Remove UID1 */ }, { - VAL_ITS_REMOVE, PSA_SUCCESS /* Remove UID2 */ + VAL_ITS_REMOVE, PSA_SUCCESS /* Index15 - Remove UID2 */ }, }; #endif /* _TEST_S001_ITS_DATA_TESTS_H_ */ + diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_ps_data.h index 283ff861..b9b775ea 100644 --- a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_ps_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -29,52 +29,54 @@ typedef struct { static struct psa_storage_info_t info; static const test_data s001_data[] = { { - 0, 0 /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_PS_GET, PSA_ERROR_DOES_NOT_EXIST /* Call the get API when no UID is set */ + VAL_PS_GET, PSA_ERROR_DOES_NOT_EXIST /* Index1 - Call the get API when no UID is set */ }, { - VAL_PS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Call the get_info API when no UID is set */ + VAL_PS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index2 - Call the get_info API when no UID is set */ }, { - VAL_PS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Call the remove API when no UID is set */ + VAL_PS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index3 - Call the remove API when no UID is set */ }, { - VAL_PS_SET, PSA_SUCCESS /* Create a valid storage entity with UID1 */ + VAL_PS_SET, PSA_SUCCESS /* Index4 - Create a valid storage entity with UID1 */ }, { - VAL_PS_SET, PSA_SUCCESS /* Create a valid storage entity with UID2 */ + VAL_PS_SET, PSA_SUCCESS /* Index5 - Create a valid storage entity with UID2 */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove UID1 */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index6 - Remove UID1 */ }, { - VAL_PS_GET, PSA_ERROR_DOES_NOT_EXIST /* Call get API for UID1 */ + VAL_PS_GET, PSA_ERROR_DOES_NOT_EXIST /* Index7 - Call get API for UID1 */ }, { - VAL_PS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Call get_info API for UID1 */ + VAL_PS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index8 - Call get_info API for UID1 */ }, { - VAL_PS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Call remove API for UID1 */ + VAL_PS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index9 - Call remove API for UID1 */ }, { - VAL_PS_SET, PSA_SUCCESS /* Create a valid storage entity again with UID1 */ + VAL_PS_SET, PSA_SUCCESS /* Index10 - Create a valid storage entity again with UID1 */ }, { - VAL_PS_GET, PSA_ERROR_DOES_NOT_EXIST /* Call get API for UID not same as UID1 or UID2 */ + VAL_PS_GET, PSA_ERROR_DOES_NOT_EXIST /* Index11 - Call get API for UID not same as UID1 or UID2 */ }, { - VAL_PS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Call get_info for UID not same as UID1 or UID2 */ + VAL_PS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index12 - Call get_info for UID not same as UID1 + or UID2 */ }, { - VAL_PS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Call remove API for UID not same as UID1 or UID2 */ + VAL_PS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index13 - Call remove API for UID not same as UID1 + or UID2 */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove UID1 */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index14 - Remove UID1 */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove UID2 */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index15 - Remove UID2 */ }, }; #endif /* _TEST_S001_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.c b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.c index 3459886c..76bd7531 100644 --- a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.c +++ b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -112,18 +112,18 @@ static int32_t sst_calls_with_different_uid(psa_storage_uid_t p_uid) TEST_ASSERT_EQUAL(status, s001_data[10].status, TEST_CHECKPOINT_NUM(10)); /* get() for different UID then set UID */ - val->print(PRINT_TEST, "[Check 7] Call get API for different UID %d\n", p_uid); + val->print(PRINT_TEST, "[Check 7] Call get API for different UID %d\n", p_uid-1); status = SST_FUNCTION(s001_data[11].api, p_uid-1, 0, TEST_BUFF_SIZE - 1, read_buff, &p_data_length); TEST_ASSERT_EQUAL(status, s001_data[11].status, TEST_CHECKPOINT_NUM(11)); /* get_info() for different UID then set UID */ - val->print(PRINT_TEST, "[Check 8] Call get_info API for different UID %d\n", p_uid); + val->print(PRINT_TEST, "[Check 8] Call get_info API for different UID %d\n", p_uid-1); status = SST_FUNCTION(s001_data[12].api, p_uid-1, &info); TEST_ASSERT_EQUAL(status, s001_data[12].status, TEST_CHECKPOINT_NUM(12)); /* remove() for different UID then set UID */ - val->print(PRINT_TEST, "[Check 9] Call remove API for different UID %d\n", p_uid); + val->print(PRINT_TEST, "[Check 9] Call remove API for different UID %d\n", p_uid-1); status = SST_FUNCTION(s001_data[13].api, p_uid-1); TEST_ASSERT_EQUAL(status, s001_data[13].status, TEST_CHECKPOINT_NUM(13)); diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_its_data.h index e3ac2cc3..b0c25411 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_its_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_its_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -30,103 +30,106 @@ static struct psa_storage_info_t orig_info; static struct psa_storage_info_t new_info; static const test_data s002_data[] = { { - 0, 0 /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Create a valid storage with create flag value 0 */ + VAL_ITS_SET, PSA_SUCCESS /* Index1 - Create a valid storage with create flag value 0 */ }, { - VAL_ITS_GET_INFO, PSA_SUCCESS /* Call the get_info API to validate the attributes */ + VAL_ITS_GET_INFO, PSA_SUCCESS /* Index2 - Call the get_info API to validate the attributes */ }, { - 0, 0 /* Index not used as check for get info size */ + 0, 0 /* This is dummy for Index3 */ }, { - 0, 0 /* Index not used as check for get info flag */ + 0, 0 /* This is dummy for Index4 */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Validate the data using get API */ + VAL_ITS_GET, PSA_SUCCESS /* Index5 - Validate the data using get API */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index6 */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Change the flag to WRITE_ONCE using set API */ + VAL_ITS_SET, PSA_SUCCESS /* Index7 - Change the flag to WRITE_ONCE using set API */ }, { - VAL_ITS_GET_INFO, PSA_SUCCESS /* Call the get_info API to validate the flag change */ + VAL_ITS_GET_INFO, PSA_SUCCESS /* Index8 - Call the get_info API to validate the flag change */ }, { - 0, 0 /* Index not used as check for get info size */ + 0, 0 /* This is dummy for Index9 */ }, { - 0, 0 /* Index not used as check for get info flag */ + 0, 0 /* This is dummy for Index10 */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Validate the data using get API after flag change */ + VAL_ITS_GET, PSA_SUCCESS /* Index11 - Validate the data using get API after flag change */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index12 */ }, { - VAL_ITS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Storage should not be removed after WRITE_ONCE flag */ + VAL_ITS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index13 - Storage should not be removed after + WRITE_ONCE flag */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Create a storage with different UID and flag value WRITE_ONCE */ + VAL_ITS_SET, PSA_SUCCESS /* Index14 - Create a storage with different UID and flag value + WRITE_ONCE */ }, { - VAL_ITS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Storage should not be removed */ + VAL_ITS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index15 - Storage should not be removed */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Validate the data using get API after flag change */ + VAL_ITS_GET, PSA_SUCCESS /* Index16 - Validate the data using get API after flag change */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index17 */ }, { - VAL_ITS_GET_INFO, PSA_SUCCESS /* Call the get_info API to validate the flag change */ + VAL_ITS_GET_INFO, PSA_SUCCESS /* Index18 - Call the get_info API to validate the flag change */ }, { - 0, 0 /* Index not used as check for get info size */ + 0, 0 /* This is dummy for Index19 */ }, { - 0, 0 /* Index not used as check for get info flag */ + 0, 0 /* This is dummy for Index20 */ }, { - VAL_ITS_SET, PSA_ERROR_NOT_PERMITTED /* Try to set different size for same UID and flag value */ + VAL_ITS_SET, PSA_ERROR_NOT_PERMITTED /* Index21 - Try to set different size for same UID and + flag value */ }, { - VAL_ITS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Storage should not be removed */ + VAL_ITS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index22 - Storage should not be removed */ }, { - VAL_ITS_GET_INFO, PSA_SUCCESS /* Call the get_info API to validate the flag change */ + VAL_ITS_GET_INFO, PSA_SUCCESS /* Index23 - Call the get_info API to validate the flag change */ }, { - 0, 0 /* Index not used as check for get info size */ + 0, 0 /* This is dummy for Index24 */ }, { - 0, 0 /* Index not used as check for get info flag */ + 0, 0 /* This is dummy for Index25 */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Validate the data using get API after flag change */ + VAL_ITS_GET, PSA_SUCCESS /* Index26 - Validate the data using get API after flag change */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index27 */ }, { - VAL_ITS_SET, PSA_ERROR_NOT_PERMITTED /* Setting flag to zero for UID should fail */ + VAL_ITS_SET, PSA_ERROR_NOT_PERMITTED /* Index28 - Setting flag to zero for UID should fail */ }, { - VAL_ITS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Storage should not be removed */ + VAL_ITS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index29 - Storage should not be removed */ }, { - VAL_ITS_GET_INFO, PSA_SUCCESS /* Check that the WRITE_ONCE flag is preserved */ + VAL_ITS_GET_INFO, PSA_SUCCESS /* Index30 - Check that the WRITE_ONCE flag is preserved */ }, { - 0, 0 /* Index not used as check for get info size */ + 0, 0 /* This is dummy for Index31 */ }, { - 0, 0 /* Index not used as check for get info flag */ + 0, 0 /* This is dummy for Index32 */ }, }; #endif /* _TEST_S002_ITS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_ps_data.h index 4e7b1f70..162984e9 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_ps_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -30,103 +30,106 @@ static struct psa_storage_info_t orig_info; static struct psa_storage_info_t new_info; static const test_data s002_data[] = { { - 0, 0 /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_PS_SET, PSA_SUCCESS /* Create a valid storage with create flag value 0 */ + VAL_PS_SET, PSA_SUCCESS /* Index1 - Create a valid storage with create flag value 0 */ }, { - VAL_PS_GET_INFO, PSA_SUCCESS /* Call the get_info API to validate the attributes */ + VAL_PS_GET_INFO, PSA_SUCCESS /* Index2 - Call the get_info API to validate the attributes */ }, { - 0, 0 /* Index not used as check for get info size */ + 0, 0 /* This is dummy for Index3 */ }, { - 0, 0 /* Index not used as check for get info flag */ + 0, 0 /* This is dummy for Index4 */ }, { - VAL_PS_GET, PSA_SUCCESS /* Validate the data using get API */ + VAL_PS_GET, PSA_SUCCESS /* Index5 - Validate the data using get API */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index6 */ }, { - VAL_PS_SET, PSA_SUCCESS /* Change the flag to WRITE_ONCE using set API */ + VAL_PS_SET, PSA_SUCCESS /* Index7 - Change the flag to WRITE_ONCE using set API */ }, { - VAL_PS_GET_INFO, PSA_SUCCESS /* Call the get_info API to validate the flag change */ + VAL_PS_GET_INFO, PSA_SUCCESS /* Index8 - Call the get_info API to validate the flag change */ }, { - 0, 0 /* Index not used as check for get info size */ + 0, 0 /* This is dummy for Index9 */ }, { - 0, 0 /* Index not used as check for get info flag */ + 0, 0 /* This is dummy for Index10 */ }, { - VAL_PS_GET, PSA_SUCCESS /* Validate the data using get API after flag change */ + VAL_PS_GET, PSA_SUCCESS /* Index11 - Validate the data using get API after flag change */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index12 */ }, { - VAL_PS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Storage should not be removed after WRITE_ONCE flag */ + VAL_PS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index13 - Storage should not be removed after + WRITE_ONCE flag */ }, { - VAL_PS_SET, PSA_SUCCESS /* Create storage with different UID and flag value WRITE_ONCE */ + VAL_PS_SET, PSA_SUCCESS /* Index14 - Create a storage with different UID and flag value + WRITE_ONCE */ }, { - VAL_PS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Storage should not be removed */ + VAL_PS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index15 - Storage should not be removed */ }, { - VAL_PS_GET, PSA_SUCCESS /* Validate the data using get API after flag change */ + VAL_PS_GET, PSA_SUCCESS /* Index16 - Validate the data using get API after flag change */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index17 */ }, { - VAL_PS_GET_INFO, PSA_SUCCESS /* Call the get_info API to validate the flag change */ + VAL_PS_GET_INFO, PSA_SUCCESS /* Index18 - Call the get_info API to validate the flag change */ }, { - 0, 0 /* Index not used as check for get info size */ + 0, 0 /* This is dummy for Index19 */ }, { - 0, 0 /* Index not used as check for get info flag */ + 0, 0 /* This is dummy for Index20 */ }, { - VAL_PS_SET, PSA_ERROR_NOT_PERMITTED /* Try to set different size for same UID and flag value */ + VAL_PS_SET, PSA_ERROR_NOT_PERMITTED /* Index21 - Try to set different size for same UID and + flag value */ }, { - VAL_PS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Storage should not be removed */ + VAL_PS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index22 - Storage should not be removed */ }, { - VAL_PS_GET_INFO, PSA_SUCCESS /* Call the get_info API to validate the flag change */ + VAL_PS_GET_INFO, PSA_SUCCESS /* Index23 - Call the get_info API to validate the flag change */ }, { - 0, 0 /* Index not used as check for get info size */ + 0, 0 /* This is dummy for Index24 */ }, { - 0, 0 /* Index not used as check for get info flag */ + 0, 0 /* This is dummy for Index25 */ }, { - VAL_PS_GET, PSA_SUCCESS /* Validate the data using get API after flag change */ + VAL_PS_GET, PSA_SUCCESS /* Index26 - Validate the data using get API after flag change */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index27 */ }, { - VAL_PS_SET, PSA_ERROR_NOT_PERMITTED /* Setting flag to zero for UID should fail */ + VAL_PS_SET, PSA_ERROR_NOT_PERMITTED /* Index28 - Setting flag to zero for UID should fail */ }, { - VAL_PS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Storage should not be removed */ + VAL_PS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index29 - Storage should not be removed */ }, { - VAL_PS_GET_INFO, PSA_SUCCESS /* Check that the WRITE_ONCE flag is preserved */ + VAL_PS_GET_INFO, PSA_SUCCESS /* Index30 - Check that the WRITE_ONCE flag is preserved */ }, { - 0, 0 /* Index not used as check for get info size */ + 0, 0 /* This is dummy for Index31 */ }, { - 0, 0 /* Index not used as check for get info flag */ + 0, 0 /* This is dummy for Index32 */ }, }; #endif /* _TEST_S002_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.c b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.c index bd923dba..5bb0ccd7 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.c +++ b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or sst affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_its_data.h index 4bb3e650..095dcfe0 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_its_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_its_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -29,13 +29,13 @@ typedef struct { static const test_data s003_data[] = { { - 0, 0 /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_ITS_SET, PSA_ERROR_INSUFFICIENT_STORAGE /* Call set API till insufficent space */ + VAL_ITS_SET, PSA_ERROR_INSUFFICIENT_STORAGE /* Index1 - Call set API till insufficent space */ }, { - VAL_ITS_REMOVE, PSA_SUCCESS /* Remove the UID created */ + VAL_ITS_REMOVE, PSA_SUCCESS /* Index2 - Remove the UID created */ }, }; #endif /* _TEST_S003_ITS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_ps_data.h index d3d8806e..60e750d6 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_ps_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,13 +28,13 @@ typedef struct { static const test_data s003_data[] = { { - 0, 0 /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_PS_SET, PSA_ERROR_INSUFFICIENT_STORAGE /* Call set API till insufficent space */ + VAL_PS_SET, PSA_ERROR_INSUFFICIENT_STORAGE /* Index1 - Call set API till insufficent space */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the UID created */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index2 - Remove the UID created */ }, }; #endif /* _TEST_S003_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.c b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.c index f3c20c38..90573169 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.c +++ b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -24,7 +24,6 @@ #include "test_ps_data.h" #endif -#define TEST_BUFF_SIZE 512 #define NUM_ITERATIONS 2 #define TEST_BASE_UID_VALUE UID_BASE_VALUE + 5 @@ -34,7 +33,7 @@ client_test_t test_s003_sst_list[] = { NULL, }; -static uint8_t write_buff[TEST_BUFF_SIZE]; +static uint8_t write_buff[PLATFORM_MAX_UID_SIZE]; static char test_desc[2][80] = { "Overload storage space\n", "Overload storage again to verify all previous UID removed\n"}; @@ -53,13 +52,13 @@ int32_t psa_sst_insufficient_space(caller_security_t caller) val->print(PRINT_TEST, &test_desc[i][0], 0); for (uid = TEST_BASE_UID_VALUE; status == PSA_SUCCESS; uid++) { - val->print(PRINT_INFO, "Setting 0x%x bytes for ", TEST_BUFF_SIZE); + val->print(PRINT_INFO, "Setting 0x%x bytes for ", PLATFORM_MAX_UID_SIZE); val->print(PRINT_INFO, "UID %d\n", uid); - status = SST_FUNCTION(s003_data[1].api, uid, TEST_BUFF_SIZE, write_buff, + status = SST_FUNCTION(s003_data[1].api, uid, PLATFORM_MAX_UID_SIZE, write_buff, PSA_STORAGE_FLAG_NONE); if (status != PSA_SUCCESS) { - val->print(PRINT_INFO, "UID %d set failed due to insufficient space\n", uid); + val->print(PRINT_TEST, "UID %d set failed due to insufficient space\n", uid); break; } } diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_its_data.h index 22124d13..f92ab6df 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_its_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_its_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,37 +28,28 @@ typedef struct { static const test_data s004_data[] = { { - 0, 0 /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Create a valid storage entity */ + VAL_ITS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Validate the data using get API after set API failure */ + VAL_ITS_GET, PSA_SUCCESS /* Index2 - Validate the data using get API after set API failure */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index3 */ }, { - VAL_ITS_SET, PSA_SUCCESS /* For same UID set the length as half of previous */ + VAL_ITS_SET, PSA_SUCCESS /* Index4 - For same UID set the length as half of previous */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Call get with incorrect length */ + VAL_ITS_GET, PSA_SUCCESS /* Index5 - Call get with incorrect length */ }, { - 0, 0 /* No data should be returned */ + 0, 0 /* This is dummy for Index6 */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Call get API with correct length */ -}, -{ - 0, 0 /* No data should be returned */ -}, -{ - 0, 0 /* Check that we should not be able to access the old data */ -}, -{ - VAL_ITS_REMOVE, PSA_SUCCESS /* Remove the valid storage entity */ + VAL_ITS_REMOVE, PSA_SUCCESS /* Index7 - Remove the valid storage entity */ }, }; #endif /* _TEST_S004_ITS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_ps_data.h index 54f4d7a3..e17dfde7 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_ps_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,37 +28,28 @@ typedef struct { static const test_data s004_data[] = { { - 0, 0 /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_PS_SET, PSA_SUCCESS /* Create a valid storage entity */ + VAL_PS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity */ }, { - VAL_PS_GET, PSA_SUCCESS /* Validate the data using get API after set API failure */ + VAL_PS_GET, PSA_SUCCESS /* Index2 - Validate the data using get API after set API failure */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index3 */ }, { - VAL_PS_SET, PSA_SUCCESS /* For same UID set the length as half of previous */ + VAL_PS_SET, PSA_SUCCESS /* Index4 - For same UID set the length as half of previous */ }, { - VAL_PS_GET, PSA_SUCCESS /* Call get with incorrect length */ + VAL_PS_GET, PSA_SUCCESS /* Index5 - Call get with incorrect length */ }, { - 0, 0 /* No data should be returned */ + 0, 0 /* This is dummy for Index6 */ }, { - VAL_PS_GET, PSA_SUCCESS /* Call get API with correct length */ -}, -{ - 0, 0 /* No data should be returned */ -}, -{ - 0, 0 /* Check that we should not be able to access the old data */ -}, -{ - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the valid storage entity */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index7 - Remove the valid storage entity */ }, }; #endif /* _TEST_S004_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.c b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.c index 7e299e78..94240c0c 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.c +++ b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -39,7 +39,7 @@ static uint8_t write_buff[TEST_BUFF_SIZE] = {0x99, 0x01, 0x30, 0x50, 0x04, 0x23, int32_t psa_sst_get_data_check(caller_security_t caller) { - uint32_t status, j, p_data_length = 0; + uint32_t status, p_data_length = 0; /* Set data for UID */ status = SST_FUNCTION(s004_data[1].api, uid, TEST_BUFF_SIZE, write_buff, PSA_STORAGE_FLAG_NONE); @@ -52,35 +52,22 @@ int32_t psa_sst_get_data_check(caller_security_t caller) TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(4)); /* Call the set again for same uid and set the length as half */ + val->print(PRINT_TEST, "[Check 1] Call set API with reduced length - TEST_BUFF_SIZE/2\n", 0); status = SST_FUNCTION(s004_data[4].api, uid, TEST_BUFF_SIZE/2, write_buff, PSA_STORAGE_FLAG_NONE); TEST_ASSERT_EQUAL(status, s004_data[4].status, TEST_CHECKPOINT_NUM(5)); /* Call get function with incorrect buffer length */ - val->print(PRINT_TEST, "[Check 1] Call get API with incorrect length\n", 0); - memset(read_buff, 0, TEST_BUFF_SIZE); + val->print(PRINT_TEST, "[Check 2] Call get API with default length - TEST_BUFF_SIZE\n", 0); status = SST_FUNCTION(s004_data[5].api, uid, 0, TEST_BUFF_SIZE, read_buff, &p_data_length); TEST_ASSERT_EQUAL(status, s004_data[5].status, TEST_CHECKPOINT_NUM(6)); TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(7)); - /* Expect p_data_length = TEST_BUFF_SIZE/2, when psa get function is successful as in previous case */ - TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(8)); - - /* Call get function with CORRECT buffer length */ - status = SST_FUNCTION(s004_data[7].api, uid, 0, TEST_BUFF_SIZE/2, read_buff, &p_data_length); - TEST_ASSERT_EQUAL(status, s004_data[7].status, TEST_CHECKPOINT_NUM(9)); - TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(10)); - TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(11)); - - /* Check we should not be able to access old set data */ - val->print(PRINT_TEST, "[Check 2] Old buffer invalid after length change\n", 0); - for (j = TEST_BUFF_SIZE/2; j < TEST_BUFF_SIZE; j++) - { - TEST_ASSERT_EQUAL(read_buff[j], 0, TEST_CHECKPOINT_NUM(12)); - } + /* Expect p_data_length = TEST_BUFF_SIZE/2 */ + TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(8)); /* Remove the UID */ - status = SST_FUNCTION(s004_data[10].api, uid); - TEST_ASSERT_EQUAL(status, s004_data[10].status, TEST_CHECKPOINT_NUM(13)); + status = SST_FUNCTION(s004_data[7].api, uid); + TEST_ASSERT_EQUAL(status, s004_data[7].status, TEST_CHECKPOINT_NUM(9)); return VAL_STATUS_SUCCESS; } diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_its_data.h index ed61509f..5f985e8e 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_its_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_its_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -29,28 +29,28 @@ typedef struct { static struct psa_storage_info_t info; static const test_data s005_data[] = { { - 0, 0 /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Create a valid storage entity */ + VAL_ITS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Validate the data using get API */ + VAL_ITS_GET, PSA_SUCCESS /* Index2 - Validate the data using get API */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index3 */ }, { - VAL_ITS_GET_INFO, PSA_SUCCESS /* Validate the data attributes get_info API */ + VAL_ITS_GET_INFO, PSA_SUCCESS /* Index4 - Validate the data attributes get_info API */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index5 */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index6 */ }, { - VAL_ITS_REMOVE, PSA_SUCCESS /* Remove the valid storage entity */ + VAL_ITS_REMOVE, PSA_SUCCESS /* Index7 - Remove the valid storage entity */ }, }; #endif /* _TEST_S005_ITS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_ps_data.h index 52e35d08..ad248bd5 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_ps_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -29,28 +29,28 @@ typedef struct { static struct psa_storage_info_t info; static const test_data s005_data[] = { { - 0, 0 /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_PS_SET, PSA_SUCCESS /* Create a valid storage entity */ + VAL_PS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity */ }, { - VAL_PS_GET, PSA_SUCCESS /* Validate the data using get API */ + VAL_PS_GET, PSA_SUCCESS /* Index2 - Validate the data using get API */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index3 */ }, { - VAL_PS_GET_INFO, PSA_SUCCESS /* Validate the data attributes get_info API */ + VAL_PS_GET_INFO, PSA_SUCCESS /* Index4 - Validate the data attributes get_info API */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index5 */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index6 */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the valid storage entity */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index7 - Remove the valid storage entity */ }, }; #endif /* _TEST_S005_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_its_data.h index e52525f6..b6a3cf9d 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_its_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_its_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -29,22 +29,22 @@ typedef struct { static struct psa_storage_info_t info; static const test_data s006_data[] = { { - 0, PSA_ERROR_NOT_SUPPORTED /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Create a valid storage entity with different flag values */ + VAL_ITS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity with different flag values */ }, { - VAL_ITS_GET_INFO, PSA_SUCCESS /* Validate the flag value get_info API */ + VAL_ITS_GET_INFO, PSA_SUCCESS /* Index2 - Validate the flag value get_info API */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index3 */ }, { - VAL_ITS_REMOVE, PSA_SUCCESS /* Remove the storage entity */ + VAL_ITS_REMOVE, PSA_SUCCESS /* Index4 - Remove the storage entity */ }, { - VAL_ITS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Storage entity remove fails */ + VAL_ITS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index5 - Storage entity remove fails */ }, }; #endif /* _TEST_S006_ITS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_ps_data.h index f40f34ba..0bf7305e 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_ps_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -29,22 +29,22 @@ typedef struct { static struct psa_storage_info_t info; static const test_data s006_data[] = { { - 0, PSA_ERROR_NOT_SUPPORTED /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_PS_SET, PSA_SUCCESS /* Create a valid storage entity with different flag values */ + VAL_PS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity with different flag values */ }, { - VAL_PS_GET_INFO, PSA_SUCCESS /* Validate the flag value get_info API */ + VAL_PS_GET_INFO, PSA_SUCCESS /* Index2 - Validate the flag value get_info API */ }, { - 0, 0 /* Index not used */ + 0, 0 /* This is dummy for Index3 */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the storage entity */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index4 - Remove the storage entity */ }, { - VAL_PS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Remove the storage entity */ + VAL_PS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index5 - Storage entity remove fails */ } }; #endif /* _TEST_S006_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.c b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.c index 2adc5d5a..bda5fccd 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.c +++ b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -71,7 +71,8 @@ static int32_t psa_sst_create_storage_api(psa_storage_uid_t uid, uint32_t data_l { return test_status; } - } else if (status == s006_data[0].status) + } + else { /* Remove UID should fail */ status = SST_FUNCTION(s006_data[5].api, uid); diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_its_data.h index 6a680849..b5be47ee 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_its_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_its_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,37 +28,37 @@ typedef struct { static const test_data s007_data[] = { { - 0, 0 /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Create a valid storage entity */ + VAL_ITS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Increase the length of storage */ + VAL_ITS_SET, PSA_SUCCESS /* Index2 - Increase the length of storage */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Try to access old length */ + VAL_ITS_GET, PSA_SUCCESS /* Index3 - Try to access old length */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Try to access valid length less than set length */ + VAL_ITS_GET, PSA_SUCCESS /* Index4 - Try to access valid length less than set length */ }, { - 0, 0 /* This is dummy for index5 */ + 0, 0 /* This is dummy for Index5 */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Decrease the length of storage */ + VAL_ITS_SET, PSA_SUCCESS /* Index6 - Decrease the length of storage */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Try to access old length */ + VAL_ITS_GET, PSA_SUCCESS /* Index7 - Try to access old length */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Try to access old length */ + VAL_ITS_GET, PSA_SUCCESS /* Index8 - Try to access old length */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Try to access data with correct length */ + VAL_ITS_GET, PSA_SUCCESS /* Index9 - Try to access data with correct length */ }, { - VAL_ITS_REMOVE, PSA_SUCCESS /* Remove the storage entity */ + VAL_ITS_REMOVE, PSA_SUCCESS /* Index10 - Remove the storage entity */ }, }; #endif /* _TEST_S007_ITS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_ps_data.h index ca4fd1a6..6414d2c6 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_ps_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,37 +28,37 @@ typedef struct { static const test_data s007_data[] = { { - 0, 0 /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_PS_SET, PSA_SUCCESS /* Create a valid storage entity */ + VAL_PS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity */ }, { - VAL_PS_SET, PSA_SUCCESS /* Increase the length of storage */ + VAL_PS_SET, PSA_SUCCESS /* Index2 - Increase the length of storage */ }, { - VAL_PS_GET, PSA_SUCCESS /* Try to access old length */ + VAL_PS_GET, PSA_SUCCESS /* Index3 - Try to access old length */ }, { - VAL_PS_GET, PSA_SUCCESS /* Try to access valid length less than set length */ + VAL_PS_GET, PSA_SUCCESS /* Index4 - Try to access valid length less than set length */ }, { - 0, 0 /* This is dummy for index5 */ + 0, 0 /* This is dummy for Index5 */ }, { - VAL_PS_SET, PSA_SUCCESS /* Decrease the length of storage */ + VAL_PS_SET, PSA_SUCCESS /* Index6 - Decrease the length of storage */ }, { - VAL_PS_GET, PSA_SUCCESS /* Try to access old length */ + VAL_PS_GET, PSA_SUCCESS /* Index7 - Try to access old length */ }, { - VAL_PS_GET, PSA_SUCCESS /* Try to access old length */ + VAL_PS_GET, PSA_SUCCESS /* Index8 - Try to access old length */ }, { - VAL_PS_GET, PSA_SUCCESS /* Try to access data with correct length */ + VAL_PS_GET, PSA_SUCCESS /* Index9 - Try to access data with correct length */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the storage entity */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index10 - Remove the storage entity */ }, }; #endif /* _TEST_S007_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.c b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.c index 9caee670..610e0455 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.c +++ b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -43,55 +43,65 @@ int32_t psa_sst_get_incorrect_size(caller_security_t caller) uint32_t status = VAL_STATUS_SUCCESS, p_data_length = 0; /* Set the UID with the data_len and data_buff */ - val->print(PRINT_TEST, "Create a valid Storage\n", 0); + val->print(PRINT_TEST, "Create a valid Storage - TEST_BUFF_SIZE/2\n", 0); status = SST_FUNCTION(s007_data[1].api, uid, TEST_BUFF_SIZE/2, write_buff, PSA_STORAGE_FLAG_NONE); TEST_ASSERT_EQUAL(status, s007_data[1].status, TEST_CHECKPOINT_NUM(1)); /* Call set for same UID and increase the length */ - val->print(PRINT_TEST, "Increase the length of storage\n", 0); + val->print(PRINT_TEST, "Increase the length of storage - TEST_BUFF_SIZE\n", 0); status = SST_FUNCTION(s007_data[2].api, uid, TEST_BUFF_SIZE, write_buff, PSA_STORAGE_FLAG_NONE); TEST_ASSERT_EQUAL(status, s007_data[2].status, TEST_CHECKPOINT_NUM(2)); /* Access data using get API and old length */ - val->print(PRINT_TEST, "[Check 1] Call get API with old length\n", 0); + val->print(PRINT_TEST, "[Check 1] Call get API with old length - TEST_BUFF_SIZE/2\n", 0); status = SST_FUNCTION(s007_data[3].api, uid, 0, TEST_BUFF_SIZE/2, read_buff, &p_data_length); TEST_ASSERT_EQUAL(status, s007_data[3].status, TEST_CHECKPOINT_NUM(3)); - TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(4)); + TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(4)); + TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(5)); /* Access data using get API and valid length */ + val->print(PRINT_TEST, "[Check 2] Call get API with old length - TEST_BUFF_SIZE/4\n", 0); + memset(read_buff, 0x0, TEST_BUFF_SIZE); status = SST_FUNCTION(s007_data[4].api, uid, 0, TEST_BUFF_SIZE/4, read_buff, &p_data_length); - TEST_ASSERT_EQUAL(status, s007_data[4].status, TEST_CHECKPOINT_NUM(5)); - TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(6)); - TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(7)); + TEST_ASSERT_EQUAL(status, s007_data[4].status, TEST_CHECKPOINT_NUM(6)); + TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(7)); + TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(8)); /* Decrease the length again */ - val->print(PRINT_TEST, "Decrease the length of storage\n", 0); + val->print(PRINT_TEST, "Decrease the length of storage - TEST_BUFF_SIZE/4\n", 0); status = SST_FUNCTION(s007_data[6].api, uid, TEST_BUFF_SIZE/4, write_buff, PSA_STORAGE_FLAG_NONE); - TEST_ASSERT_EQUAL(status, s007_data[6].status, TEST_CHECKPOINT_NUM(8)); + TEST_ASSERT_EQUAL(status, s007_data[6].status, TEST_CHECKPOINT_NUM(9)); /* Access data using get API and old length */ + val->print(PRINT_TEST, "[Check 3] Call get API with old length - TEST_BUFF_SIZE/2\n", 0); + memset(read_buff, 0x0, TEST_BUFF_SIZE); status = SST_FUNCTION(s007_data[7].api, uid, 0, TEST_BUFF_SIZE/2, read_buff, &p_data_length); - TEST_ASSERT_EQUAL(status, s007_data[7].status, TEST_CHECKPOINT_NUM(9)); - TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(10)); + TEST_ASSERT_EQUAL(status, s007_data[7].status, TEST_CHECKPOINT_NUM(10)); + TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(11)); + TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(12)); /* Access data using get API and old length */ - val->print(PRINT_TEST, "[Check 2] Call get API with old length\n", 0); + val->print(PRINT_TEST, "[Check 4] Call get API with old length - TEST_BUFF_SIZE\n", 0); + memset(read_buff, 0x0, TEST_BUFF_SIZE); status = SST_FUNCTION(s007_data[8].api, uid, 0, TEST_BUFF_SIZE, read_buff, &p_data_length); - TEST_ASSERT_EQUAL(status, s007_data[8].status, TEST_CHECKPOINT_NUM(11)); - TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(12)); + TEST_ASSERT_EQUAL(status, s007_data[8].status, TEST_CHECKPOINT_NUM(13)); + TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(14)); + TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(15)); /* Access data using correct length */ - val->print(PRINT_TEST, "[Check 3] Call get API with valid length\n", 0); + val->print(PRINT_TEST, "[Check 5] Call get API with valid length - TEST_BUFF_SIZE/4\n", 0); + memset(read_buff, 0x0, TEST_BUFF_SIZE); status = SST_FUNCTION(s007_data[9].api, uid, 0, TEST_BUFF_SIZE/4, read_buff, &p_data_length); - TEST_ASSERT_EQUAL(status, s007_data[9].status, TEST_CHECKPOINT_NUM(13)); - TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(14)); + TEST_ASSERT_EQUAL(status, s007_data[9].status, TEST_CHECKPOINT_NUM(16)); + TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(17)); + TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(18)); /* Remove the UID */ status = SST_FUNCTION(s007_data[10].api, uid); - TEST_ASSERT_EQUAL(status, s007_data[10].status, TEST_CHECKPOINT_NUM(15)); + TEST_ASSERT_EQUAL(status, s007_data[10].status, TEST_CHECKPOINT_NUM(19)); return status; } diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_its_data.h index 95522c9a..f5476c3b 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_its_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_its_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,46 +28,46 @@ typedef struct { static const test_data s008_data[] = { { - 0, 0 /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Create a valid storage entity with zero flag value */ + VAL_ITS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity with zero flag value */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Call get API with offset + data_len = total_size */ + VAL_ITS_GET, PSA_SUCCESS /* Index2 - Call get API with offset + data_len = total_size */ }, { - 0, 0 /* This is dummy for index3 */ + 0, 0 /* This is dummy for Index3 */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Call get API with offset + data_len < total_size */ + VAL_ITS_GET, PSA_SUCCESS /* Index4 - Call get API with offset + data_len < total_size */ }, { - 0, 0 /* This is dummy for index5 */ + 0, 0 /* This is dummy for Index5 */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Call get API with offset = total data_size + 1 */ + VAL_ITS_GET, PSA_SUCCESS /* Index6 - Call get API with offset = total data_size + 1 */ }, { - 0, 0 /* This is dummy for index7 */ + 0, 0 /* This is dummy for Index7 */ }, { - VAL_ITS_GET, PSA_SUCCESS /* get API with offset + data_len > total data_size */ + VAL_ITS_GET, PSA_SUCCESS /* Index8 - get API with offset = total data_size */ }, { - 0, 0 /* This is dummy for index9 */ + 0, 0 /* This is dummy for Index9 */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Call get API with invalid data len and offset zero */ + VAL_ITS_GET, PSA_SUCCESS /* Index10 - Call get API with invalid data len and offset zero */ }, { - 0, 0 /* This is dummy for index11 */ + 0, 0 /* This is dummy for Index11 */ }, { - VAL_ITS_GET, PSA_ERROR_INVALID_ARGUMENT /* Call get API with offset = MAX_UINT32 */ + VAL_ITS_GET, PSA_ERROR_INVALID_ARGUMENT /* Index12 - Call get API with offset = MAX_UINT32 */ }, { - VAL_ITS_REMOVE, PSA_SUCCESS /* Remove the storage entity */ + VAL_ITS_REMOVE, PSA_SUCCESS /* Index13 - Remove the storage entity */ }, }; #endif /* _TEST_S008_ITS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_ps_data.h index 598ac992..e9945925 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_ps_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,46 +28,46 @@ typedef struct { static const test_data s008_data[] = { { - 0, 0 /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_PS_SET, PSA_SUCCESS /* Create a valid storage entity with zero flag value */ + VAL_PS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity with zero flag value */ }, { - VAL_PS_GET, PSA_SUCCESS /* Call get API with offset + data_len = total_size */ + VAL_PS_GET, PSA_SUCCESS /* Index2 - Call get API with offset + data_len = total_size */ }, { - 0, 0 /* This is dummy for index3 */ + 0, 0 /* This is dummy for Index3 */ }, { - VAL_PS_GET, PSA_SUCCESS /* Call get API with offset + data_len < total_size */ + VAL_PS_GET, PSA_SUCCESS /* Index4 - Call get API with offset + data_len < total_size */ }, { - 0, 0 /* This is dummy for index5 */ + 0, 0 /* This is dummy for Index5 */ }, { - VAL_PS_GET, PSA_SUCCESS/* Call get API with offset = total data_size + 1 */ + VAL_PS_GET, PSA_SUCCESS/* Index6 - Call get API with offset = total data_size + 1 */ }, { - 0, 0 /* This is dummy for index7 */ + 0, 0 /* This is dummy for Index7 */ }, { - VAL_PS_GET, PSA_SUCCESS /* Call get API with offset + data_len > total data_size */ + VAL_PS_GET, PSA_SUCCESS /* Index8 - get API with offset = total data_size */ }, { - 0, 0 /* This is dummy for index9 */ + 0, 0 /* This is dummy for Index9 */ }, { - VAL_PS_GET, PSA_SUCCESS /* Call get API with invalid data len and offset zero */ + VAL_PS_GET, PSA_SUCCESS /* Index10 - Call get API with invalid data len and offset zero */ }, { - 0, 0 /* This is dummy for index11 */ + 0, 0 /* This is dummy for Index11 */ }, { - VAL_PS_GET, PSA_ERROR_INVALID_ARGUMENT /* Call get API with offset = MAX_UINT32 */ + VAL_PS_GET, PSA_ERROR_INVALID_ARGUMENT /* Index12 - Call get API with offset = MAX_UINT32 */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the storage entity */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index13 - Remove the storage entity */ }, }; #endif /* _TEST_S008_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.c b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.c index 25783625..32ddfc50 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.c +++ b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -54,29 +54,27 @@ int32_t psa_sst_invalid_offset_failure(caller_security_t caller) TEST_ASSERT_EQUAL(read_buff[j], 0x00, TEST_CHECKPOINT_NUM(10)); } - /* Case where offset = data_size , data_len= 1 Also check nothing is returned in read buff*/ + /* Case where offset = data_size , data_len= 1 Also check nothing is returned in read buff */ + memset(read_buff, 0xCD, TEST_BUFF_SIZE); + p_data_length = 0xFF; status = SST_FUNCTION(s008_data[8].api, uid, TEST_BUFF_SIZE, 1, read_buff, &p_data_length); TEST_ASSERT_EQUAL(status, s008_data[8].status, TEST_CHECKPOINT_NUM(11)); TEST_ASSERT_EQUAL(p_data_length, 0, TEST_CHECKPOINT_NUM(12)); - for (j = 0; j < TEST_BUFF_SIZE; j++) - { - TEST_ASSERT_EQUAL(read_buff[j], 0x00, TEST_CHECKPOINT_NUM(13)); - } - /* Case where offset = 0 , data_len > data_size Also check nothing is returned in read buff*/ + /* Case where offset = 0, data_len > data_size, check if just data_size is returned */ status = SST_FUNCTION(s008_data[10].api, uid, 0, TEST_BUFF_SIZE+1, read_buff, &p_data_length); - TEST_ASSERT_EQUAL(status, s008_data[10].status, TEST_CHECKPOINT_NUM(14)); - TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(15)); - TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(16)); + TEST_ASSERT_EQUAL(status, s008_data[10].status, TEST_CHECKPOINT_NUM(13)); + TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(14)); + TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(15)); /* Try to access data with offset as MAX_UINT32 and length less than buffer size */ status = SST_FUNCTION(s008_data[12].api, uid, TEST_MAX_UINT32, TEST_BUFF_SIZE/2, read_buff, &p_data_length); - TEST_ASSERT_EQUAL(status, s008_data[12].status, TEST_CHECKPOINT_NUM(17)); + TEST_ASSERT_EQUAL(status, s008_data[12].status, TEST_CHECKPOINT_NUM(16)); /* Remove the UID */ status = SST_FUNCTION(s008_data[13].api, uid); - TEST_ASSERT_EQUAL(status, s008_data[13].status, TEST_CHECKPOINT_NUM(18)); + TEST_ASSERT_EQUAL(status, s008_data[13].status, TEST_CHECKPOINT_NUM(17)); return VAL_STATUS_SUCCESS; } diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_its_data.h index 8bd31aa0..606f02e7 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_its_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_its_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -29,40 +29,40 @@ typedef struct { static struct psa_storage_info_t info; static const test_data s009_data[] = { { - 0, 0 /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Call set API with NULL write buffer and 0 length */ + VAL_ITS_SET, PSA_SUCCESS /* Index1 - Call set API with NULL write buffer and 0 length */ }, { - VAL_ITS_GET_INFO, PSA_SUCCESS /* Verify UID is created */ + VAL_ITS_GET_INFO, PSA_SUCCESS /* Index2 - Verify UID is created */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Call get API with NULL write buffer and 0 length */ + VAL_ITS_GET, PSA_SUCCESS /* Index3 - Call get API with NULL write buffer and 0 length */ }, { - VAL_ITS_REMOVE, PSA_SUCCESS /* Remove the storage entity */ + VAL_ITS_REMOVE, PSA_SUCCESS /* Index4 - Remove the storage entity */ }, { - VAL_ITS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Verify UID is removed */ + VAL_ITS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index5 - Verify UID is removed */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Create storage of zero size and valid write buffer */ + VAL_ITS_SET, PSA_SUCCESS /* Index6 - Create storage of zero size and valid write buffer */ }, { - VAL_ITS_GET_INFO, PSA_SUCCESS /* Call get_info API to check data size */ + VAL_ITS_GET_INFO, PSA_SUCCESS /* Index7 - Call get_info API to check data size */ }, { - 0, 0 /* This is dummy for index8 */ + 0, 0 /* This is dummy for Index8 */ }, { - VAL_ITS_GET, PSA_SUCCESS /* Call get API with 0 length and NULL read buffer */ + VAL_ITS_GET, PSA_SUCCESS /* Index9 - Call get API with 0 length and NULL read buffer */ }, { - VAL_ITS_SET, PSA_SUCCESS /* Increase the asset size */ + VAL_ITS_SET, PSA_SUCCESS /* Index10 - Increase the asset size */ }, { - VAL_ITS_REMOVE, PSA_SUCCESS /* Remove the storage entity */ + VAL_ITS_REMOVE, PSA_SUCCESS /* Index11 - Remove the storage entity */ }, }; #endif /* _TEST_S009_ITS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_ps_data.h index 45680dcc..efc8a2ce 100755 --- a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_ps_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -29,40 +29,40 @@ typedef struct { static struct psa_storage_info_t info; static const test_data s009_data[] = { { - 0, 0 /* This is dummy for index0 */ + 0, 0 /* This is dummy for Index0 */ }, { - VAL_PS_SET, PSA_SUCCESS /* Call set API with NULL write buffer and 0 length */ + VAL_PS_SET, PSA_SUCCESS /* Index1 - Call set API with NULL write buffer and 0 length */ }, { - VAL_PS_GET_INFO, PSA_SUCCESS /* Verify UID is created */ + VAL_PS_GET_INFO, PSA_SUCCESS /* Index2 - Verify UID is created */ }, { - VAL_PS_GET, PSA_SUCCESS /* Call get API with NULL write buffer and 0 length */ + VAL_PS_GET, PSA_SUCCESS /* Index3 - Call get API with NULL write buffer and 0 length */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the storage entity */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index4 - Remove the storage entity */ }, { - VAL_PS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Verify UID is removed */ + VAL_PS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index5 - Verify UID is removed */ }, { - VAL_PS_SET, PSA_SUCCESS /* Create storage of zero size and valid write buffer */ + VAL_PS_SET, PSA_SUCCESS /* Index6 - Create storage of zero size and valid write buffer */ }, { - VAL_PS_GET_INFO, PSA_SUCCESS /* Call get_info API to check data size */ + VAL_PS_GET_INFO, PSA_SUCCESS /* Index7 - Call get_info API to check data size */ }, { - 0, 0 /* This is dummy for index8 */ + 0, 0 /* This is dummy for Index8 */ }, { - VAL_PS_GET, PSA_SUCCESS /* Call get API with 0 length and NULL read buffer */ + VAL_PS_GET, PSA_SUCCESS /* Index9 - Call get API with 0 length and NULL read buffer */ }, { - VAL_PS_SET, PSA_SUCCESS /* Increase the asset size */ + VAL_PS_SET, PSA_SUCCESS /* Index10 - Increase the asset size */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the storage entity */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index11 - Remove the storage entity */ }, }; #endif /* _TEST_S009_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s010/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s010/test_its_data.h index fde1c760..8dd4cb87 100644 --- a/api-tests/dev_apis/internal_trusted_storage/test_s010/test_its_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s010/test_its_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,13 +28,15 @@ typedef struct { static const test_data s010_data[] = { { - VAL_ITS_SET, PSA_ERROR_INVALID_ARGUMENT /* Create with UID value zero should fail */ + VAL_ITS_SET, PSA_ERROR_INVALID_ARGUMENT /* Index0 - Create with UID value zero should fail */ }, { - VAL_ITS_GET_INFO, PSA_ERROR_INVALID_ARGUMENT /* Call to get_info API for UID 0 should fail */ + VAL_ITS_GET_INFO, PSA_ERROR_INVALID_ARGUMENT /* Index1 - Call to get_info API for UID 0 + should fail */ }, { - VAL_ITS_REMOVE, PSA_ERROR_INVALID_ARGUMENT /* Call to remove API UID value zero should fail */ + VAL_ITS_REMOVE, PSA_ERROR_INVALID_ARGUMENT /* Index2 - Call to remove API UID value zero + should fail */ }, }; #endif /* _TEST_S010_ITS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s010/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s010/test_ps_data.h index 5d8f2d01..2c7f1493 100644 --- a/api-tests/dev_apis/internal_trusted_storage/test_s010/test_ps_data.h +++ b/api-tests/dev_apis/internal_trusted_storage/test_s010/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,13 +28,15 @@ typedef struct { static const test_data s010_data[] = { { - VAL_PS_SET, PSA_ERROR_INVALID_ARGUMENT /* Create with UID value zero should fail */ + VAL_PS_SET, PSA_ERROR_INVALID_ARGUMENT /* Index0 - Create with UID value zero should fail */ }, { - VAL_PS_GET_INFO, PSA_ERROR_INVALID_ARGUMENT /* Call to get_info API for UID 0 should fail */ + VAL_PS_GET_INFO, PSA_ERROR_INVALID_ARGUMENT /* Index1 - Call to get_info API for UID 0 + should fail */ }, { - VAL_PS_REMOVE, PSA_ERROR_INVALID_ARGUMENT /* Call to remove API UID value zero should fail */ + VAL_PS_REMOVE, PSA_ERROR_INVALID_ARGUMENT /* Index2 - Call to remove API UID value zero + should fail */ }, }; #endif /* _TEST_S010_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/protected_storage/test_p011/test_ps_data.h b/api-tests/dev_apis/protected_storage/test_p011/test_ps_data.h index b93309da..97ac2dc3 100644 --- a/api-tests/dev_apis/protected_storage/test_p011/test_ps_data.h +++ b/api-tests/dev_apis/protected_storage/test_p011/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,49 +28,53 @@ typedef struct { static const test_data p011_data[] = { { - VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Check if optional PS API supported */ + VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Index0 - Check if optional PS API + supported */ }, { - VAL_PS_SET_EXTENDED, PSA_ERROR_DOES_NOT_EXIST /* Call set_extended call for non-existing UID */ + VAL_PS_SET_EXTENDED, PSA_ERROR_DOES_NOT_EXIST /* Index1 - Call set_extended call for + non-existing UID */ }, { - VAL_PS_SET, PSA_SUCCESS /* Create valid storage using set API */ + VAL_PS_SET, PSA_SUCCESS /* Index2 - Create valid storage using set API */ }, { - VAL_PS_CREATE, PSA_ERROR_INVALID_ARGUMENT /* Create API for present UID with different length */ + VAL_PS_CREATE, PSA_ERROR_INVALID_ARGUMENT /* Index3 - Create API for present UID with different + length */ }, { - VAL_PS_CREATE, PSA_ERROR_INVALID_ARGUMENT /* Call create API for to set WRITE_ONCE flag */ + VAL_PS_CREATE, PSA_ERROR_INVALID_ARGUMENT /* Index4 - Call create API for to set WRITE_ONCE flag */ }, { - VAL_PS_GET_INFO, PSA_SUCCESS /* Validate existing UID attributes maintained */ + VAL_PS_GET_INFO, PSA_SUCCESS /* Index5 - Validate existing UID attributes maintained */ }, { - 0, 0 /* This is dummy for index6 */ + 0, 0 /* This is dummy for Index6 */ }, { - 0, 0 /* This is dummy for index7 */ + 0, 0 /* This is dummy for Index7 */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the UID */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index8 - Remove the UID */ }, { - VAL_PS_CREATE, PSA_SUCCESS /* Create valid storage using create API */ + VAL_PS_CREATE, PSA_SUCCESS /* Index9 - Create valid storage using create API */ }, { - VAL_PS_CREATE, PSA_ERROR_INVALID_ARGUMENT /* Again call create API with different length */ + VAL_PS_CREATE, PSA_ERROR_INVALID_ARGUMENT /* Index10 - Again call create API with different + length */ }, { - VAL_PS_GET, PSA_SUCCESS /* Validate the storage is empty */ + VAL_PS_GET, PSA_SUCCESS /* Index11 - Validate the storage is empty */ }, { - 0, 0 /* This is dummy for index12 */ + 0, 0 /* This is dummy for Index12 */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the UID */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index13 - Remove the UID */ }, { - VAL_PS_SET_EXTENDED, PSA_ERROR_DOES_NOT_EXIST /* Set_extended call for removed UID */ + VAL_PS_SET_EXTENDED, PSA_ERROR_DOES_NOT_EXIST /* Index14 - Set_extended call for removed UID */ } }; #endif /* _TEST_P011_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/protected_storage/test_p012/test_ps_data.h b/api-tests/dev_apis/protected_storage/test_p012/test_ps_data.h index c73dbacd..1372ab79 100644 --- a/api-tests/dev_apis/protected_storage/test_p012/test_ps_data.h +++ b/api-tests/dev_apis/protected_storage/test_p012/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,49 +28,53 @@ typedef struct { static const test_data p012_data[] = { { - VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Check if optional PS API supported */ + VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Index0 -Check if optional PS API + supported */ }, { - VAL_PS_CREATE, PSA_SUCCESS /* Create valid storage */ + VAL_PS_CREATE, PSA_SUCCESS /* Index1 - Create valid storage */ }, { - VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Set data using set_extended API */ + VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Index2 - Set data using set_extended API */ }, { - VAL_PS_SET_EXTENDED, PSA_ERROR_INVALID_ARGUMENT /* Set_extended with invalid offset + length */ + VAL_PS_SET_EXTENDED, PSA_ERROR_INVALID_ARGUMENT /* Index3 - Set_extended with invalid offset + + length */ }, { - VAL_PS_SET_EXTENDED, PSA_ERROR_INVALID_ARGUMENT /* Set_extended call with invalid offset */ + VAL_PS_SET_EXTENDED, PSA_ERROR_INVALID_ARGUMENT /* Index4 - Set_extended call with invalid + offset */ }, { - VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Set_extended call with valid offset and zero length */ + VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Index5 - Set_extended call with valid offset and zero length */ }, { - VAL_PS_SET_EXTENDED, PSA_ERROR_INVALID_ARGUMENT /* Set_extended with invalid offset + length */ + VAL_PS_SET_EXTENDED, PSA_ERROR_INVALID_ARGUMENT /* Index6 - Set_extended with invalid offset + + length */ }, { - VAL_PS_SET_EXTENDED, PSA_ERROR_INVALID_ARGUMENT /* Set_extended with invalid length */ + VAL_PS_SET_EXTENDED, PSA_ERROR_INVALID_ARGUMENT /* Index7 - Set_extended with invalid length */ }, { - VAL_PS_SET, PSA_SUCCESS /* Write data using set API */ + VAL_PS_SET, PSA_SUCCESS /* Index8 - Write data using set API */ }, { - VAL_PS_GET, PSA_SUCCESS /* Check data validity using get API */ + VAL_PS_GET, PSA_SUCCESS /* Index9 - Check data validity using get API */ }, { - 0, 0 /* This is dummy for index10 */ + 0, 0 /* This is dummy for Index10 */ }, { - VAL_PS_CREATE, PSA_ERROR_INVALID_ARGUMENT /* Create call with UID 0 */ + VAL_PS_CREATE, PSA_ERROR_INVALID_ARGUMENT /* Index11 - Create call with UID 0 */ }, { - VAL_PS_SET_EXTENDED, PSA_ERROR_INVALID_ARGUMENT /* Call set_extended with UID 0 */ + VAL_PS_SET_EXTENDED, PSA_ERROR_INVALID_ARGUMENT /* Index12 - Call set_extended with UID 0 */ }, { - VAL_PS_REMOVE, PSA_ERROR_INVALID_ARGUMENT /* Call remove with UID 0 */ + VAL_PS_REMOVE, PSA_ERROR_INVALID_ARGUMENT /* Index13 - Call remove with UID 0 */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove with UID */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index14 - Remove with UID */ }, }; #endif /* _TEST_P012_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/protected_storage/test_p013/test_p013.c b/api-tests/dev_apis/protected_storage/test_p013/test_p013.c index a5ca6127..d4d5026e 100644 --- a/api-tests/dev_apis/protected_storage/test_p013/test_p013.c +++ b/api-tests/dev_apis/protected_storage/test_p013/test_p013.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -53,7 +53,7 @@ static int32_t psa_sst_set_extended_create_success() /* Call the get_info function to match attributes */ status = SST_FUNCTION(p013_data[3].api, p_uid, &info); TEST_ASSERT_EQUAL(status, p013_data[3].status, TEST_CHECKPOINT_NUM(3)); - TEST_ASSERT_EQUAL(info.flags, 0, TEST_CHECKPOINT_NUM(4)); + TEST_ASSERT_EQUAL(info.flags, PSA_STORAGE_FLAG_NONE, TEST_CHECKPOINT_NUM(4)); TEST_ASSERT_EQUAL(info.size, 0, TEST_CHECKPOINT_NUM(5)); /* Remove the storage */ diff --git a/api-tests/dev_apis/protected_storage/test_p013/test_ps_data.h b/api-tests/dev_apis/protected_storage/test_p013/test_ps_data.h index 68954e00..b2c58faf 100644 --- a/api-tests/dev_apis/protected_storage/test_p013/test_ps_data.h +++ b/api-tests/dev_apis/protected_storage/test_p013/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,67 +28,70 @@ typedef struct { static const test_data p013_data[] = { { - VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Check if optional PS API supported */ + VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Index0 - Check if optional PS API + supported */ }, { - VAL_PS_CREATE, PSA_SUCCESS /* Create storage of zero length */ + VAL_PS_CREATE, PSA_SUCCESS /* Index1 - Create storage of zero length */ }, { - VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Call set_extended with zero length */ + VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Index2 - Call set_extended with zero length */ }, { - VAL_PS_GET_INFO, PSA_SUCCESS /* Validate the storage attributes */ + VAL_PS_GET_INFO, PSA_SUCCESS /* Index3 - Validate the storage attributes */ }, { - 0, 0 /* This is dummy for index4 */ + 0, 0 /* This is dummy for Index4 */ }, { - 0, 0 /* This is dummy for index5 */ + 0, 0 /* This is dummy for Index5 */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the UID */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index6 - Remove the UID */ }, { - VAL_PS_CREATE, PSA_SUCCESS /* Create storage of non-zero length */ + VAL_PS_CREATE, PSA_SUCCESS /* Index7 - Create storage of non-zero length */ }, { - VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Call set_extended to write data in first half of buffer */ + VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Index8 - Call set_extended to write data in first half of + buffer */ }, { - VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Call set_extended to write data in second half of buffer */ + VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Index9 - Call set_extended to write data in second half of + buffer */ }, { - VAL_PS_GET, PSA_SUCCESS /* Validate the data stored */ + VAL_PS_GET, PSA_SUCCESS /* Index10 - Validate the data stored */ }, { - 0, 0 /* This is dummy for index11 */ + 0, 0 /* This is dummy for Index11 */ }, { - 0, 0 /* This is dummy for index12 */ + 0, 0 /* This is dummy for Index12 */ }, { - VAL_PS_SET, PSA_SUCCESS /* Overwrite data with set API */ + VAL_PS_SET, PSA_SUCCESS /* Index13 - Overwrite data with set API */ }, { - VAL_PS_GET, PSA_SUCCESS /* Validate the data written */ + VAL_PS_GET, PSA_SUCCESS /* Index14 - Validate the data written */ }, { - 0, 0 /* This is dummy for index15 */ + 0, 0 /* This is dummy for Index15 */ }, { - VAL_PS_CREATE, PSA_SUCCESS /* Call Create API for existing UID with same parameters */ + VAL_PS_CREATE, PSA_SUCCESS /* Index16 - Call Create API for existing UID with same parameters */ }, { - VAL_PS_GET, PSA_SUCCESS /* Validate the data */ + VAL_PS_GET, PSA_SUCCESS /* Index17 - Validate the data */ }, { - 0, 0 /* This is dummy for index18 */ + 0, 0 /* This is dummy for Index18 */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the UID */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index19 - Remove the UID */ }, { - VAL_PS_GET, PSA_ERROR_DOES_NOT_EXIST /* Check no duplicate entry of UID present */ + VAL_PS_GET, PSA_ERROR_DOES_NOT_EXIST /* Index20 - Check no duplicate entry of UID present */ } }; #endif /* _TEST_P013_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/protected_storage/test_p014/test_ps_data.h b/api-tests/dev_apis/protected_storage/test_p014/test_ps_data.h index 421e0cdc..0ee29e45 100644 --- a/api-tests/dev_apis/protected_storage/test_p014/test_ps_data.h +++ b/api-tests/dev_apis/protected_storage/test_p014/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,28 +28,28 @@ typedef struct { static const test_data p014_data[] = { { - VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Check if Optional API supported */ + VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Index0 -Check if Optional API supported */ }, { - VAL_PS_CREATE, PSA_ERROR_NOT_SUPPORTED /* Create API call should fail */ + VAL_PS_CREATE, PSA_ERROR_NOT_SUPPORTED /* Index1 - Create API call should fail */ }, { - VAL_PS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* UID should not exist */ + VAL_PS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index2 - UID should not exist */ }, { - VAL_PS_SET, PSA_SUCCESS /* Create storage of non-zero length */ + VAL_PS_SET, PSA_SUCCESS /* Index3 - Create storage of non-zero length */ }, { - VAL_PS_SET_EXTENDED, PSA_ERROR_NOT_SUPPORTED /* Set_extended API call should fail */ + VAL_PS_SET_EXTENDED, PSA_ERROR_NOT_SUPPORTED /* Index4 - Set_extended API call should fail */ }, { - VAL_PS_GET, PSA_SUCCESS /* Validate the data should not changed */ + VAL_PS_GET, PSA_SUCCESS /* Index5 - Validate the data should not changed */ }, { - 0, 0 /* Unused Index */ + 0, 0 /* Unused Index6 */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the UID */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index7 - Remove the UID */ }, }; #endif /* _TEST_P014_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/protected_storage/test_p015/test_ps_data.h b/api-tests/dev_apis/protected_storage/test_p015/test_ps_data.h index 3a044880..716e4d36 100644 --- a/api-tests/dev_apis/protected_storage/test_p015/test_ps_data.h +++ b/api-tests/dev_apis/protected_storage/test_p015/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,10 +28,11 @@ typedef struct { static const test_data p015_data[] = { { - VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Check if optional PS API supported */ + VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Index0 - Check if optional PS API + supported */ }, { - VAL_PS_CREATE, PSA_ERROR_NOT_SUPPORTED /* Call create API with write_once flag */ + VAL_PS_CREATE, PSA_ERROR_NOT_SUPPORTED /* Index1 - Call create API with write_once flag */ }, }; #endif /* _TEST_P015_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/protected_storage/test_p016/test_p016.c b/api-tests/dev_apis/protected_storage/test_p016/test_p016.c index 4b79931a..d9d953a3 100644 --- a/api-tests/dev_apis/protected_storage/test_p016/test_p016.c +++ b/api-tests/dev_apis/protected_storage/test_p016/test_p016.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -103,7 +103,7 @@ int32_t psa_sst_optional_api_sst_capacity_check(caller_security_t caller) if (status != p016_data[0].status) { - val->print(PRINT_INFO, "Test Case skipped as Optional PS APIs not are supported.\n", 0); + val->print(PRINT_TEST, "Test Case skipped as Optional PS APIs not are supported.\n", 0); return RESULT_SKIP(VAL_STATUS_UNSUPPORTED); } else { val->print(PRINT_TEST, "Optional PS APIs are supported.\n", 0); diff --git a/api-tests/dev_apis/protected_storage/test_p016/test_ps_data.h b/api-tests/dev_apis/protected_storage/test_p016/test_ps_data.h index 45bc101a..7f167875 100644 --- a/api-tests/dev_apis/protected_storage/test_p016/test_ps_data.h +++ b/api-tests/dev_apis/protected_storage/test_p016/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,16 +28,17 @@ typedef struct { static const test_data p016_data[] = { { - VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Check if Optional API supported */ + VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Index0 - Check if Optional API supported */ }, { - VAL_PS_CREATE, PSA_SUCCESS /* Storage creation */ + VAL_PS_CREATE, PSA_SUCCESS /* Index1 - Storage creation */ }, { - VAL_PS_CREATE, PSA_ERROR_ALREADY_EXISTS /* Calling create API for existing UID should fail */ + VAL_PS_CREATE, PSA_ERROR_ALREADY_EXISTS /* Index2 - Calling create API for existing UID should + fail */ }, { - VAL_PS_GET_INFO, PSA_SUCCESS /* Check the storage attributes are unchanged */ + VAL_PS_GET_INFO, PSA_SUCCESS /* Index3 - Check the storage attributes are unchanged */ }, { 0, 0 /* Unused Index4 */ @@ -46,10 +47,10 @@ static const test_data p016_data[] = { 0, 0 /* Unused Index5 */ }, { - VAL_PS_SET, PSA_SUCCESS /* Set API can change capacity of storage */ + VAL_PS_SET, PSA_SUCCESS /* Index6 - Set API can change capacity of storage */ }, { - VAL_PS_GET_INFO, PSA_SUCCESS /* Check the storage attributes are changed */ + VAL_PS_GET_INFO, PSA_SUCCESS /* Index7 - Check the storage attributes are changed */ }, { 0, 0 /* Unused Index8 */ @@ -58,19 +59,21 @@ static const test_data p016_data[] = { 0, 0 /* Unused Index9 */ }, { - VAL_PS_SET_EXTENDED, PSA_ERROR_STORAGE_FAILURE /* Set_extended on old capacity should not work */ + VAL_PS_SET_EXTENDED, PSA_ERROR_STORAGE_FAILURE /* Index10 - Set_extended on old capacity should + not work */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the UID */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index11 - Remove the UID */ }, { - VAL_PS_SET, PSA_SUCCESS /* Storage creation */ + VAL_PS_SET, PSA_SUCCESS /* Index12 - Storage creation */ }, { - VAL_PS_CREATE, PSA_ERROR_ALREADY_EXISTS /* Calling create API for existing UID should fail */ + VAL_PS_CREATE, PSA_ERROR_ALREADY_EXISTS /* Index13 - Calling create API for existing UID should + fail */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the UID */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index14 - Remove the UID */ }, }; #endif /* _TEST_P016_PS_DATA_TESTS_H_ */ diff --git a/api-tests/dev_apis/protected_storage/test_p017/test_p017.c b/api-tests/dev_apis/protected_storage/test_p017/test_p017.c index 54c7b6b2..e1643c19 100644 --- a/api-tests/dev_apis/protected_storage/test_p017/test_p017.c +++ b/api-tests/dev_apis/protected_storage/test_p017/test_p017.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -81,7 +81,7 @@ int32_t psa_sst_optional_api_partial_write_check(caller_security_t caller) if (status != p017_data[0].status) { - val->print(PRINT_INFO, "Test Case skipped as Optional PS APIs not are supported.\n", 0); + val->print(PRINT_TEST, "Test Case skipped as Optional PS APIs not are supported.\n", 0); return RESULT_SKIP(VAL_STATUS_UNSUPPORTED); } else { val->print(PRINT_TEST, "Optional PS APIs are supported.\n", 0); diff --git a/api-tests/dev_apis/protected_storage/test_p017/test_ps_data.h b/api-tests/dev_apis/protected_storage/test_p017/test_ps_data.h index ae35fd75..9677e909 100644 --- a/api-tests/dev_apis/protected_storage/test_p017/test_ps_data.h +++ b/api-tests/dev_apis/protected_storage/test_p017/test_ps_data.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,31 +28,32 @@ typedef struct { static const test_data p017_data[] = { { - VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Check if Optional API supported */ + VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Index0 - Check if Optional API supported */ }, { - VAL_PS_CREATE, PSA_SUCCESS /* Storage creation */ + VAL_PS_CREATE, PSA_SUCCESS /* Index1 - Storage creation */ }, { - VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Write data in created storage */ + VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Index2 - Write data in created storage */ }, { - VAL_PS_SET_EXTENDED, PSA_ERROR_STORAGE_FAILURE /* Try to set data in noncontinous manner */ + VAL_PS_SET_EXTENDED, PSA_ERROR_STORAGE_FAILURE /* Index3 - Try to set data in noncontinous + manner */ }, { - VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Overwrite the existing data */ + VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Index4 - Overwrite the existing data */ }, { - VAL_PS_GET_INFO, PSA_SUCCESS /* Check for valid storage attributes */ + VAL_PS_GET_INFO, PSA_SUCCESS /* Index5 - Check for valid storage attributes */ }, { - 0, 0 /* Unused index */ + 0, 0 /* Unused Index6 */ }, { - 0, 0 /* Unused index */ + 0, 0 /* Unused Index7 */ }, { - VAL_PS_REMOVE, PSA_SUCCESS /* Remove the UID */ + VAL_PS_REMOVE, PSA_SUCCESS /* Index8 - Remove the UID */ }, }; #endif /* _TEST_P017_PS_DATA_TESTS_H_ */ diff --git a/api-tests/docs/porting_guide_dev_apis.md b/api-tests/docs/porting_guide_dev_apis.md index 595038e3..64407561 100644 --- a/api-tests/docs/porting_guide_dev_apis.md +++ b/api-tests/docs/porting_guide_dev_apis.md @@ -42,9 +42,9 @@ An example input configuration file is as shown. **Note**: The test suite requires access to the following peripherals: - - One UART to print NSPE and SPE messages + - One UART to print Test NSPE messages - One Watchdog timer to help recover from any fatal error conditions - - Non-volatile memory support to preserve test status over watchdog timer reset + - Non-volatile memory support to preserve test status over watchdog timer reset. Each byte of this region must be initialised to FF at power on reset. ## List of PAL APIs @@ -63,10 +63,12 @@ Since the test suite is agnostic to various system targets, you must port the fo | 09 | uint32_t pal_its_function(int type, va_list valist); | Calls the requested Internal Trusted Storage function | type : Function code
valist : Variable argument list
| | 10 | uint32_t pal_ps_function(int type, va_list valist); | Calls the requested Protected Storage function | type : Function code
valist : Variable argument list
| | 11 | int32_t pal_attestation_function(int type, va_list valist); | Calls the requested Initial Attestation function | type : Function code
valist : Variable argument list
| +| 12 | uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash, struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers, struct q_useful_buf_c payload); | Computes hash for the requested data | cose_alg_id : Algorithm ID
buffer_for_hash : Temp buffer for calculating hash

hash : Pointer to store the hash
buffer_for_hash : Temp buffer for calculating hash
protected_headers : data to be hashed
payload : Payload data
| +| 13 | uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash, struct q_useful_buf_c signature); | Function call to verify the signature using the public key | cose_algorithm_id : Algorithm ID
token_hash : Data that needs to be verified
signature : Signature to be verified against
| ## License Arm PSA test suite is distributed under Apache v2.0 License. -------------- -*Copyright (c) 2019, Arm Limited and Contributors. All rights reserved.* +*Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.* diff --git a/api-tests/docs/porting_guide_ff.md b/api-tests/docs/porting_guide_ff.md index a224d5c3..207a7192 100644 --- a/api-tests/docs/porting_guide_ff.md +++ b/api-tests/docs/porting_guide_ff.md @@ -42,9 +42,9 @@ An example input configuration file is as shown. **Note**: - The test suite requires access to the peripherals mentioned below. For IPC suite, driver functionalities are implemented as RoT-services in driver partition. Other Secure partitions and Non-secure code calls to these RoT-services to get appropriate driver services. - - One UART to print NSPE or SPE messages and to cover secure partition interrupt handling scenarios + - One UART to print Test NSPE or SPE messages and to cover secure partition interrupt handling scenarios - One Watchdog timer to help recover from any fatal error conditions - - Non-volatile memory support to preserve test status over watchdog timer reset + - Non-volatile memory support to preserve test status over watchdog timer reset. Each byte of this region must be initialised to FF at power on reset. ## List of PAL APIs diff --git a/api-tests/docs/psa_its_testlist.md b/api-tests/docs/psa_its_testlist.md index 28aaead0..5d0d8988 100644 --- a/api-tests/docs/psa_its_testlist.md +++ b/api-tests/docs/psa_its_testlist.md @@ -12,11 +12,11 @@ Following are the requirements of the Storage Test Suite.
|-----------|---------------------------------------|----------------|-------------------------|---------------------|------------------------| | test_s001 | Get,get_info and remove API's call for
non-existent and removed assest | psa_its_get
psa_its_get_info
psa_its_remove
| PSA_ERROR_DOES_NOT_EXIST | 1. Call get API with UID for which no UID/Data pair is created
2. Call get_info API for which no UID/Data pair is created
3. Call remove API for which no UID/Data pair is created
4. Set valid UID/Data pair with uid1
5. Set one more set of UID/Data pair, with different uid, than previous
6. Remove the uid of step 4.
7. Call get API for removed UID/data pair
8. Call get_info API for removed UID/Data pair
9. Call remove API for removed UID/Data pair
10. Set valid UID/Data pair
11. Call get API for different uid , then created
12. Call get_info API for different uid, then created
13. Call remove API for different uid, then created
14. Remove the created UID/Data pair.
15. Remove the stray uid.
| UID value used are 5,6,7 | | test_s002 | Overwriting data for asset created with
WRITE_ONCE flag | psa_its_set
psa_its_remove
| PSA_ERROR_NOT_PERMITTED | 1. Set valid UID/data value pair , with create flag value none.
2. Call get and get_info API to validate the data, attributes associated with data
3. Call set API again with same uid and create flag PSA_PS_WRITE_ONCE_FLAG
4. Call get and get_info API to validate the data, attributes associated with data
is not changed after second set operation
5. try to remove the UID/data pair.
6. Create new UID/data value pair, with create flag PSA_PS_WRITE_ONCE_FLAG
7. Try to remove the created UID.
8. Call get and get_info API to validate the data, attributes associated with data
9. Again call SET with same UID , create flag PSA_PS_WRITE_ONCE_FLAG but
different data length
10. Try to remove the UID, PSA_ITS_ERROR_WRITE_ONCE error should be returned
11. Call get and get_info API to validate the data, attributes associated with data
| UID value used are 1 and 2 | -| test_s003 | Exhaust storage space | psa_its_set
| PSA_ERROR_INSUFFICIENT_STORAGE | 1. Create UID/data pairs, with data_len 1024 bytes. Do this with incrementing
uid values till we have INSUFFICENT_SPACE.
2. Remove all the UID/data pairs created.
3. Repeat the steps once more, to check all previous uid are removed successfully
| UID value starts from 5 and keep on incrementing till all space is exhausted | -| test_s004 | Overwriting data for asset created without WRITE_ONCE flag | psa_its_set
psa_its_get
psa_its_get_info
psa_its_remove
| PSA_SUCCESS | 1. Set a valid uid/data pair
2. Validate the data using get api
3. Change the data length to half of previous.
4. Call GET api with original data length , error should be returned and also
the return buffer should be empty
5. Call GET api with correct data_len and validate the data received.
6. Check old data cannot be accessed.
7. Call REMOVE api to delete the UID/data pair
| UID value used is 5 | +| test_s003 | Exhaust storage space | psa_its_set
| PSA_ERROR_INSUFFICIENT_STORAGE | 1. Create UID/data pairs, with data_len of PLATFORM_MAX_UID_SIZE bytes. Do this with incrementing
uid values till we have INSUFFICENT_SPACE.
2. Remove all the UID/data pairs created.
3. Repeat the steps once more, to check all previous uid are removed successfully
| UID value starts from 5 and keep on incrementing till all space is exhausted | +| test_s004 | Overwriting data for asset created without WRITE_ONCE flag | psa_its_set
psa_its_get
psa_its_get_info
psa_its_remove
| PSA_SUCCESS | 1. Set a valid uid/data pair
2. Validate the data using get api
3. Change the data length to half of previous.
4. Call GET api with original data length , expect the success result and the read buffer to match for half of original length
5. Call REMOVE api to delete the UID/data pair
| UID value used is 5 | | test_s005 | Get, get_info and remove API call for valid assest | psa_its_set
psa_its_get
psa_its_get_info
psa_its_remove
| PSA_SUCCESS | 1. Set valid UID/data pair with varying uid and data_len
2. Call GET api and validate the set data
3. Call GET info api and validate the data attributes
4. Call REMOVE api to delete the UID/data pair
| UID value used are 4 | | test_s006 | Storage asset creation with supported create flag values | psa_its_set
| PSA_ERROR_NOT_SUPPORTED | 1. Call the SET API with available create flag values
2. Call GET_INFO api and validate the flag value
3. Remove the uid/data pair
| UID value used is 5 | -| test_s007 | Get API call with length different than asset
data length | psa_its_set
| PSA_ERROR_INVALID_ARGUMENT | 1. Create valid uid/data pair.
2. Increase the length of storage.
3. Try to access the old length using get api.
4. Try to access with valid length less than stored size.
5. Decrease the length of storage.
6. Try to access the old length.
7. Remove the uid
| UID value used is 5 | +| test_s007 | Get API call with length different than asset
data length | psa_its_set
psa_its_get
| PSA_SUCCESS | 1. Create valid uid/data pair.
2. Increase the length of storage.
3. Try to access the old length using get api.
4. Try to access with valid length less than stored size.
5. Decrease the length of storage.
6. Try to access the old length.
7. Remove the uid
| UID value used is 5 | | test_s008 | Get API call with invalid offset | psa_its_get
| PSA_ERROR_INVALID_ARGUMENT | 1. Set valid UID/data pair
2. Call GET api with valid offset and offset + data_len equal to stored data size.
3. Call GET api with valid offset and offset + data_len less than stored data size.
4. Call get api with invalid offset.
5. Call get api with zero offset , but data len greater than data size.
6. Remove the uid.
| UID value used is 5 | | test_s009 | API call with NULL pointer and zero length | psa_its_get
psa_its_set
psa_its_get_info
| PSA_ERROR_DOES_NOT_EXIST | 1. Call the SET API with NULL pointer and data_len zero
2. Validate using get_info api storage should be present.
3. Call get API with NULL pointer.
4. Remove the UID.
5. Call get_info API to validate storage is removed.
6. Set storage entity with valid write_buffer , but length zero.
7. Call get_info API to validate storage attributes.
8. Call get_info api with NULL pointer and valid uid.
9. Remove the uid
| UID value used is 5
| | test_s010 | Storage assest creation with UID value 0 | psa_its_set
| PSA_ERROR_INVALID_ARGUMENT | 1. Call the SET API with UID value 0.
2. Check that storage creation fails.
| UID value used is 0
@@ -27,4 +27,4 @@ Arm PSA test suite is distributed under Apache v2.0 License. -------------- -*Copyright (c) 2019, Arm Limited and Contributors. All rights reserved.* +*Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.* diff --git a/api-tests/docs/psa_ps_testlist.md b/api-tests/docs/psa_ps_testlist.md index e12989b8..bf90b02f 100644 --- a/api-tests/docs/psa_ps_testlist.md +++ b/api-tests/docs/psa_ps_testlist.md @@ -10,22 +10,22 @@ Following are the requirements of the Storage Test Suite.
| Test | Test Scenario | API Verified | Return Value | Test Algorithm | UID Usage | |-----------|---------------------------------------|----------------|-------------------------|---------------------|------------------------| -| test_s001 | Get,get_info and remove API's call for
non-existent and removed assest | psa_its_get
psa_its_get_info
psa_its_remove
| PSA_ERROR_DOES_NOT_EXIST | 1. Call get API with UID for which no UID/Data pair is created
2. Call get_info API for which no UID/Data pair is created
3. Call remove API for which no UID/Data pair is created
4. Set valid UID/Data pair with uid1
5. Set one more set of UID/Data pair, with different uid, than previous
6. Remove the uid of step 4.
7. Call get API for removed UID/data pair
8. Call get_info API for removed UID/Data pair
9. Call remove API for removed UID/Data pair
10. Set valid UID/Data pair
11. Call get API for different uid , then created
12. Call get_info API for different uid, then created
13. Call remove API for different uid, then created
14. Remove the created UID/Data pair.
15. Remove the stray uid.
| UID value used are 5,6,7 | -| test_s002 | Overwriting data for asset created with
WRITE_ONCE flag | psa_its_set
psa_its_remove
| PSA_ERROR_NOT_PERMITTED | 1. Set valid UID/data value pair , with create flag value none.
2. Call get and get_info API to validate the data, attributes associated with data
3. Call set API again with same uid and create flag PSA_PS_WRITE_ONCE_FLAG
4. Call get and get_info API to validate the data, attributes associated with data
is not changed after second set operation
5. try to remove the UID/data pair.
6. Create new UID/data value pair, with create flag PSA_PS_WRITE_ONCE_FLAG
7. Try to remove the created UID.
8. Call get and get_info API to validate the data, attributes associated with data
9. Again call SET with same UID , create flag PSA_PS_WRITE_ONCE_FLAG but
different data length
10. Try to remove the UID, PSA_ITS_ERROR_WRITE_ONCE error should be returned
11. Call get and get_info API to validate the data, attributes associated with data
| UID value used are 1 and 2 | -| test_s003 | Exhaust storage space | psa_its_set
| PSA_ERROR_INSUFFICIENT_STORAGE | 1. Create UID/data pairs, with data_len 1024 bytes. Do this with incrementing
uid values till we have INSUFFICENT_SPACE.
2. Remove all the UID/data pairs created.
3. Repeat the steps once more, to check all previous uid are removed successfully
| UID value starts from 5 and keep on incrementing till all space is exhausted | -| test_s004 | Overwriting data for asset created without WRITE_ONCE flag | psa_its_set
psa_its_get
psa_its_get_info
psa_its_remove
| PSA_SUCCESS | 1. Set a valid uid/data pair
2. Validate the data using get api
3. Change the data length to half of previous.
4. Call GET api with original data length , error should be returned and also
the return buffer should be empty
5. Call GET api with correct data_len and validate the data received.
6. Check old data cannot be accessed.
7. Call REMOVE api to delete the UID/data pair
| UID value used is 5 | -| test_s005 | Get, get_info and remove API call for valid assest | psa_its_set
psa_its_get
psa_its_get_info
psa_its_remove
| PSA_SUCCESS | 1. Set valid UID/data pair with varying uid and data_len
2. Call GET api and validate the set data
3. Call GET info api and validate the data attributes
4. Call REMOVE api to delete the UID/data pair
| UID value used are 4 | -| test_s006 | Storage asset creation with supported create flag values | psa_its_set
| PSA_ERROR_NOT_SUPPORTED | 1. Call the SET API with available create flag values
2. Call GET_INFO api and validate the flag value
3. Remove the uid/data pair
| UID value used is 5 | -| test_s007 | Get API call with length different than asset
data length | psa_its_set
| PSA_ERROR_INVALID_ARGUMENT | 1. Create valid uid/data pair.
2. Increase the length of storage.
3. Try to access the old length using get api.
4. Try to access with valid length less than stored size.
5. Decrease the length of storage.
6. Try to access the old length.
7. Remove the uid
| UID value used is 5 | -| test_s008 | Get API call with invalid offset | psa_its_get
| PSA_ERROR_INVALID_ARGUMENT | 1. Set valid UID/data pair
2. Call GET api with valid offset and offset + data_len equal to stored data size.
3. Call GET api with valid offset and offset + data_len less than stored data size.
4. Call get api with invalid offset.
5. Call get api with zero offset , but data len greater than data size.
6. Remove the uid.
| UID value used is 5 | -| test_s009 | API call with NULL pointer and zero length | psa_its_get
psa_its_set
psa_its_get_info
| PSA_ERROR_DOES_NOT_EXIST | 1. Call the SET API with NULL pointer and data_len zero
2. Validate using get_info api storage should be present.
3. Call get API with NULL pointer.
4. Remove the UID.
5. Call get_info API to validate storage is removed.
6. Set storage entity with valid write_buffer , but length zero.
7. Call get_info API to validate storage attributes.
8. Call get_info api with NULL pointer and valid uid.
9. Remove the uid
| UID value used is 5
| -| test_s010 | Storage assest creation with UID value 0 | psa_its_set
| PSA_ERROR_INVALID_ARGUMENT | 1. Call the SET API with UID value 0.
2. Check that storage creation fails.
| UID value used is 0
-| test_p011 | Set_extended API's call for
non-existent and removed assest | psa_ps_set_extended
| PSA_ERROR_DOES_NOT_EXIST | 1. Call the SET Extended API when no uid present.
2. Create a valid storage using set.
3. Call create api with different length for existing uid.
4. Call create api to set WRITE_ONCE flag.
5. Validate data attributes are maintained.
6. Remove the uid.
7. Create valid storage using create api.
8. Try to change length using create api.
9. Validate storage is empty.
10. Again call create api with original parameters.
11. Remove the uid.
12. Check no duplicate entry present.
| UID value used is 5
| -| test_p012 | Set_extended API's call
with invalid offset | psa_ps_set_extended
| PSA_ERROR_INVALID_ARGUMENT | 1. Create a valid storage using set.
2. Set data on first half of buffer.
3. Try to set data at incorrect offset +length.
4. Try to set data at incorrect offset.
5. Try to set at correct offset but zero length buffer.
6. Try to set data at incorrect length and valid offset.
7. Overwrite the storage using set api.
8. Validate data is correctly written.
9. Call set_extended with NULL write buffer.
10. Overwrite storage using set_extended api.
11. Remove the uid.
| UID value used is 6
-| test_p013 | Create and set_extended API call for valid assest | psa_ps_set_extended
psa_ps_create | PSA_SUCCESS | 1. Create Storage of zero length using create.
2. Try to set some data in the storage created.
3. Validate the storage attributes.
4. Remove the storage.
5. Create a valid storage with non-zero length.
6. Set data in the buffer.
7. Validate the data attributes.
8. Overwrite data using set api.
9. Validate the data.
10. Call create api for existing uid with same parameters.
11. Remove the uid.
12. Check with set_extended no duplicate uid exists.
| UID value used is 4 -| test_p014 | Create and set_extended API call
when API's not supported | psa_ps_create
psa_ps_set_extended
| PSA_ERROR_NOT_SUPPORTED | Below Steps will be run only if optional API are not supported.
1. Create API call should fail.
2. Check the UID should not exist.
3. Create storage using set API.
4. Try to partially write using set_extended API.
5. Validate data is not modified.
6. Remove the uid.
| UID value used is 5 -| test_p015 | Create API call with
WRITE_ONCE flag | psa_ps_create
| PSA_ERROR_NOT_SUPPORTED | Below Step will be run only if optional API are supported.
1. Create API call with WRITE_ONCE flag should fail.
| UID value used is 5
-| test_p016 | Create API call for capacity check | psa_ps_create
psa_ps_set
psa_ps_get_info
psa_ps_set_extended
psa_ps_remove
| PSA_ERROR_ALREADY_EXISTS
PSA_ERROR_STORAGE_FAILURE | Below Steps will be run only if optional API are supported.
1. Create storage with valid UID and capacity using create
2. Check create for existing UID fails
3. Check the attributes of storage are unchanged
4. Override the storage using SET API
5. Check the attributes of storage are changed
6. Accessing old capacity with set_extended APU fails
7. Remove the storage
8. Create new storage with valid UID/data pair using set API
9. Check create API for existing UID fails
10. Remove the storage | UID value used is 5
+| test_s001 | Get,get_info and remove API's call for
non-existent and removed assest | psa_ps_get
psa_ps_get_info
psa_ps_remove
| PSA_ERROR_DOES_NOT_EXIST | 1. Call get API with UID for which no UID/Data pair is created
2. Call get_info API for which no UID/Data pair is created
3. Call remove API for which no UID/Data pair is created
4. Set valid UID/Data pair with uid1
5. Set one more set of UID/Data pair, with different uid, than previous
6. Remove the uid of step 4.
7. Call get API for removed UID/data pair
8. Call get_info API for removed UID/Data pair
9. Call remove API for removed UID/Data pair
10. Set valid UID/Data pair
11. Call get API for different uid , then created
12. Call get_info API for different uid, then created
13. Call remove API for different uid, then created
14. Remove the created UID/Data pair.
15. Remove the stray uid.
| UID value used are 5,6,7 | +| test_s002 | Overwriting data for asset created with
WRITE_ONCE flag | psa_ps_set
psa_ps_remove
| PSA_ERROR_NOT_PERMITTED | 1. Set valid UID/data value pair , with create flag value none.
2. Call get and get_info API to validate the data, attributes associated with data
3. Call set API again with same uid and create flag PSA_PS_WRITE_ONCE_FLAG
4. Call get and get_info API to validate the data, attributes associated with data
is not changed after second set operation
5. try to remove the UID/data pair.
6. Create new UID/data value pair, with create flag PSA_PS_WRITE_ONCE_FLAG
7. Try to remove the created UID.
8. Call get and get_info API to validate the data, attributes associated with data
9. Again call SET with same UID , create flag PSA_PS_WRITE_ONCE_FLAG but
different data length
10. Try to remove the UID, PSA_ITS_ERROR_WRITE_ONCE error should be returned
11. Call get and get_info API to validate the data, attributes associated with data
| UID value used are 1 and 2 | +| test_s003 | Exhaust storage space | psa_ps_set
| PSA_ERROR_INSUFFICIENT_STORAGE | 1. Create UID/data pairs, with data_len of PLATFORM_MAX_UID_SIZE bytes. Do this with incrementing
uid values till we have INSUFFICENT_SPACE.
2. Remove all the UID/data pairs created.
3. Repeat the steps once more, to check all previous uid are removed successfully
| UID value starts from 5 and keep on incrementing till all space is exhausted | +| test_s004 | Overwriting data for asset created without WRITE_ONCE flag | psa_ps_set
psa_ps_get
psa_ps_get_info
psa_ps_remove
| PSA_SUCCESS | 1. Set a valid uid/data pair
2. Validate the data using get api
3. Change the data length to half of previous.
4. Call GET api with original data length , expect the success result and the read buffer to match for half of original length
5. Call REMOVE api to delete the UID/data pair
| UID value used is 5 | +| test_s005 | Get, get_info and remove API call for valid assest | psa_ps_set
psa_ps_get
psa_ps_get_info
psa_ps_remove
| PSA_SUCCESS | 1. Set valid UID/data pair with varying uid and data_len
2. Call GET api and validate the set data
3. Call GET info api and validate the data attributes
4. Call REMOVE api to delete the UID/data pair
| UID value used are 4 | +| test_s006 | Storage asset creation with supported create flag values | psa_ps_set
| PSA_ERROR_NOT_SUPPORTED | 1. Call the SET API with available create flag values
2. Call GET_INFO api and validate the flag value
3. Remove the uid/data pair
| UID value used is 5 | +| test_s007 | Get API call with length different than asset
data length | psa_ps_set
psa_ps_get
| PSA_SUCCESS | 1. Create valid uid/data pair.
2. Increase the length of storage.
3. Try to access the old length using get api.
4. Try to access with valid length less than stored size.
5. Decrease the length of storage.
6. Try to access the old length.
7. Remove the uid
| UID value used is 5 | +| test_s008 | Get API call with invalid offset | psa_ps_get
| PSA_ERROR_INVALID_ARGUMENT | 1. Set valid UID/data pair
2. Call GET api with valid offset and offset + data_len equal to stored data size.
3. Call GET api with valid offset and offset + data_len less than stored data size.
4. Call get api with invalid offset.
5. Call get api with zero offset , but data len greater than data size.
6. Remove the uid.
| UID value used is 5 | +| test_s009 | API call with NULL pointer and zero length | psa_ps_get
psa_ps_set
psa_ps_get_info
| PSA_ERROR_DOES_NOT_EXIST | 1. Call the SET API with NULL pointer and data_len zero
2. Validate using get_info api storage should be present.
3. Call get API with NULL pointer.
4. Remove the UID.
5. Call get_info API to validate storage is removed.
6. Set storage entity with valid write_buffer , but length zero.
7. Call get_info API to validate storage attributes.
8. Call get_info api with NULL pointer and valid uid.
9. Remove the uid
| UID value used is 5
| +| test_s010 | Storage assest creation with UID value 0 | psa_ps_set
| PSA_ERROR_INVALID_ARGUMENT | 1. Call the SET API with UID value 0.
2. Check that storage creation fails.
| UID value used is 0
+| test_p011 | Set_extended API's call for
non-existent and removed assest | psa_ps_set_extended
| PSA_ERROR_DOES_NOT_EXIST | Below Steps will be run only if optional API are not supported.
1. Call the SET Extended API when no uid present.
2. Create a valid storage using set.
3. Call create api with different length for existing uid.
4. Call create api to set WRITE_ONCE flag.
5. Validate data attributes are maintained.
6. Remove the uid.
7. Create valid storage using create api.
8. Try to change length using create api.
9. Validate storage is empty.
10. Again call create api with original parameters.
11. Remove the uid.
12. Check no duplicate entry present.
| UID value used is 5
| +| test_p012 | Set_extended API's call
with invalid offset | psa_ps_set_extended
| PSA_ERROR_INVALID_ARGUMENT | Below Steps will be run only if optional API are not supported.
1. Create a valid storage using set.
2. Set data on first half of buffer.
3. Try to set data at incorrect offset +length.
4. Try to set data at incorrect offset.
5. Try to set at correct offset but zero length buffer.
6. Try to set data at incorrect length and valid offset.
7. Overwrite the storage using set api.
8. Validate data is correctly written.
9. Call set_extended with NULL write buffer.
10. Overwrite storage using set_extended api.
11. Remove the uid.
| UID value used is 6
+| test_p013 | Create and set_extended API call for valid assest | psa_ps_set_extended
psa_ps_create | PSA_SUCCESS | Below Steps will be run only if optional API are not supported.
1. Create Storage of zero length using create.
2. Try to set some data in the storage created.
3. Validate the storage attributes.
4. Remove the storage.
5. Create a valid storage with non-zero length.
6. Set data in the buffer.
7. Validate the data attributes.
8. Overwrite data using set api.
9. Validate the data.
10. Call create api for existing uid with same parameters.
11. Remove the uid.
12. Check with set_extended no duplicate uid exists.
| UID value used is 4 +| test_p014 | Create and set_extended API call
when API's not supported | psa_ps_create
psa_ps_set_extended
| PSA_ERROR_NOT_SUPPORTED | Below Steps will be run only if optional API are not supported.
1. Create API call should fail.
2. Check the UID should not exist.
3. Create storage using set API.
4. Try to partially write using set_extended API.
5. Validate data is not modified.
6. Remove the uid.
| UID value used is 5 +| test_p015 | Create API call with
WRITE_ONCE flag | psa_ps_create
| PSA_ERROR_NOT_SUPPORTED | Below Step will be run only if optional API are supported.
1. Create API call with WRITE_ONCE flag should fail.
| UID value used is 5
+| test_p016 | Create API call for capacity check | psa_ps_create
psa_ps_set
psa_ps_get_info
psa_ps_set_extended
psa_ps_remove
| PSA_ERROR_ALREADY_EXISTS
PSA_ERROR_STORAGE_FAILURE | Below Steps will be run only if optional API are supported.
1. Create storage with valid UID and capacity using create
2. Check create for existing UID fails
3. Check the attributes of storage are unchanged
4. Override the storage using SET API
5. Check the attributes of storage are changed
6. Accessing old capacity with set_extended API fails
7. Remove the storage
8. Create new storage with valid UID/data pair using set API
9. Check create API for existing UID fails
10. Remove the storage | UID value used is 5
| test_p017 | Partial write check with set extended API | psa_ps_create
psa_ps_set_extended
psa_ps_get_info
psa_ps_remove
| PSA_ERROR_STORAGE_FAILURE | Below Steps will be run only if optional API are supported.
1. Create storage with valid UID and capacity using create
2. Set partial data using set extended API
3. Check set extended API fails for data with gaps
4. Set full length data using set extended API
5. Check the valid attributes of storage
6. Remove the storage
| UID value used is 5
| NA | Fatal error
| NA | PSA_ERROR_STORAGE_FAILURE | 1. The failure cause will depend on the underlying
platform and vary for each implementation.
It is skipped in current suite
| NA
| | NA | Data Corruption
| NA | PSA_ERROR_DATA_CORRUPT | 1. The failure cause will depend on the underlying
platform and vary for each implementation.
It is skipped in current suite
| NA
| @@ -36,4 +36,4 @@ Arm PSA test suite is distributed under Apache v2.0 License. -------------- -*Copyright (c) 2019, Arm Limited and Contributors. All rights reserved.* +*Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.* diff --git a/api-tests/docs/sw_requirements.md b/api-tests/docs/sw_requirements.md index 0dcf67a2..7e71f5e6 100644 --- a/api-tests/docs/sw_requirements.md +++ b/api-tests/docs/sw_requirements.md @@ -44,4 +44,4 @@ Arm PSA test suite is distributed under Apache v2.0 License. -------------- -*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.* +*Copyright (c) 2018-2020, Arm Limited and Contributors. All rights reserved.* diff --git a/api-tests/docs/test_failure_analysis.md b/api-tests/docs/test_failure_analysis.md new file mode 100644 index 00000000..405de94a --- /dev/null +++ b/api-tests/docs/test_failure_analysis.md @@ -0,0 +1,43 @@ + +# Test failure analysis document + +This file contains list of failures identified when running the PSA API tests +on tgt_dev_apis_tfm_an521, tgt_dev_apis_tfm_musca_a and tgt_dev_apis_tfm_musca_b1 +targets with TFM commit Hash - 6e7be077eabef00b4825e245604148d82b11f832. +The reason for each failing test is listed here in this file. + +## Known Failures + +| Test | Fail description | +|------|---------------------------------------------------------------------------------| +|test_c006 | psa_hash_compute is unimplemented in TFM | +|test_c007 | psa_hash_compare is unimplemented in TFM | +|test_c009 | psa_key_derivation_input_bytes returns incorrect error code | +|test_c016 | psa_generate_key generates incorrect key length for RSA | +|test_c020 | psa_key_derivation_output_bytes returns incorrect error code | +|test_c021 | psa_key_derivation_output_key returns incorrect error code | +|test_c039 | psa_asymmetric_encrypt does not have support for ECC keys | +|test_c046 | psa_mac_compute is unimplemented in TFM | +|test_c047 | psa_mac_verify is unimplemented in TFM | +|test_c048 | psa_cipher_encrypt is unimplemented in TFM | +|test_c049 | psa_cipher_decrypt is unimplemented in TFM | +|test_c050 | psa_open_key API not enabled in TFM | +|test_c051 | psa_close_key API not enabled in TFM | +|test_c052 | psa_aead_encrypt_setup is unimplemented in TFM | +|test_c053 | psa_aead_decrypt_setup is unimplemented in TFM | +|test_c054 | psa_aead_generate_nonce is unimplemented in TFM | +|test_c055 | psa_aead_set_nonce is unimplemented in TFM | +|test_c056 | psa_aead_set_lengths is unimplemented in TFM | +|test_c057 | psa_aead_update_ad is unimplemented in TFM | +|test_c058 | psa_aead_update is unimplemented in TFM | +|test_c059 | psa_aead_finish is unimplemented in TFM | +|test_c060 | psa_aead_abort is unimplemented in TFM | +|test_c061 | psa_aead_verify is unimplemented in TFM | + +## License + +Arm PSA test suite is distributed under Apache v2.0 License. + +-------------- + +*Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.* diff --git a/api-tests/ff/README.md b/api-tests/ff/README.md index 75d11971..a3a90145 100644 --- a/api-tests/ff/README.md +++ b/api-tests/ff/README.md @@ -60,16 +60,16 @@ To build the test suite for your target platform, perform the following steps.
Options information:
- -G"" : "Unix Makefiles" to generate Makefiles for Linux and Cygwin. "MinGW Makefiles" to generate Makefiles for cmd.exe on Windows
-- -DTARGET= is the same as the name of the target-specific directory created in the **platform/targets/** directory. The current release has been tested on **tgt_dev_apis_tfm_an521** and **tgt_dev_apis_tfm_musca_a** platforms.
+- -DTARGET= is the same as the name of the target-specific directory created in the **platform/targets/** directory. The current release has been tested on **tgt_dev_apis_tfm_an521**, **tgt_dev_apis_tfm_musca_b1** and **tgt_dev_apis_tfm_musca_a** platforms except for the tests written for PSA isolation level-3 and secure partition dynamic memory APIs as these features are unsupported by the mentioned platforms. However, it can still be possible to run them if the platform supports these features.
- -DTOOLCHAIN= Compiler toolchain to be used for test suite compilation. Supported values are GNUARM (GNU Arm Embedded), ARMCLANG (ARM Compiler 6.x) and HOST_GCC. Default is GNUARM.
- -DCPU_ARCH= is the Arm Architecture version name for which the tests should be compiled. Supported CPU arch are armv8m_ml, armv8m_bl and armv7m. Default is empty. This option is unused when TOOLCHAIN type is HOST_GCC.
- -DSUITE= is the suite name which is the same as the suite name available in **ff/** directory.
- -DVERBOSE=. Print verbosity level. Default is 3. Supported print levels are 1(INFO & above), 2(DEBUG & above), 3(TEST & above), 4(WARN & ERROR) and 5(ERROR). - -DBUILD= : To select the build directory to keep output files. Default is BUILD/ inside current directory. -- -DINCLUDE_PANIC_TESTS=<0|1> : The default compilation flow includes the functional API tests to build the test suite. It does not include panic tests that check for the API's PROGRAMMER ERROR conditions as defined in the PSA-FF specification. You can include the panic tests for building the test suite by setting this option to 1. +- -DINCLUDE_PANIC_TESTS=<0|1> : The default compilation flow includes the functional API tests to build the test suite. It does not include panic tests that check for the API's PROGRAMMER ERROR(Panic) conditions as defined in the PSA-FF specification. You can include the panic tests for building the test suite by setting this option to 1. - -DPLATFORM_PSA_ISOLATION_LEVEL=<1|2|3> : PSA Firmware Framwork isolation level supported by the platform. Default is highest level of isolation which is three. -- -DSP_HEAP_MEM_SUPP=<0|1> : Are dynamic memory functions available to secure partition? 0 means no and 1 means yes. -- -DWATCHDOG_AVAILABLE=<0|1>: Test harness may require to access watchdog timer to recover system hang. 0 means skip watchdog programming in the test suite and 1 means program the watchdog. Default is 1. Note, watchdog must be available for the tests which test the panic conditions. +- -DSP_HEAP_MEM_SUPP=<0|1> : Are dynamic memory functions available to secure partition? 0 means no and 1 means yes. This skips the secure partition dynamic memory functions related tests if this is marked as zero. +- -DWATCHDOG_AVAILABLE=<0|1>: Test harness may require to access watchdog timer to recover system hang. 0 means skip watchdog programming in the test suite and 1 means program the watchdog. Default is 1. Note, If the system under test doesn't support the reboot of the system when it encounters the panic situation, a watchdog must be available to the tests if INCLUDE_PANIC_TESTS set to 1. - -DPSA_INCLUDE_PATHS=";;...;" is an additional directory to be included into the compiler search path. To compile IPC tests, the include path must point to the path where **psa/client.h**, **psa/service.h**, **psa/lifecycle.h** and test partition manifest output files(**psa_manifest/sid.h**, **psa_manifest/pid.h** and **psa_manifest/.h**) are located in your build system. Bydefault, PSA_INCLUDE_PATHS accepts absolute path. However, relative path can be provided using below format:
``` -DPSA_INCLUDE_PATHS=`readlink -f ` @@ -80,7 +80,7 @@ To compile IPC tests for **tgt_ff_tfm_an521** platform, execute the following co cd api-tests mkdir BUILD cd BUILD - cmake ../ -G"Unix Makefiles" -DTARGET=tgt_ff_tfm_an521 -DCPU_ARCH=armv8m_ml -DSUITE=IPC -DPSA_INCLUDE_PATHS=";;...;" + cmake ../ -G"Unix Makefiles" -DTARGET=tgt_ff_tfm_an521 -DCPU_ARCH=armv8m_ml -DSUITE=IPC -DPLATFORM_PSA_ISOLATION_LEVEL=2 -DSP_HEAP_MEM_SUPP=0 -DPSA_INCLUDE_PATHS=";;...;" cmake --build . ``` **Note**: The default compilation flow includes the functional API tests to build the test suite. It does not include panic tests that check for the API's PROGRAMMER ERROR conditions as defined in the PSA-FF specification. You can include the panic tests for building the test suite just by passing **-DINCLUDE_PANIC_TESTS=1** to CMake. diff --git a/api-tests/ff/ipc/test_i003/test_entry_i003.c b/api-tests/ff/ipc/test_i003/test_entry_i003.c index e5131066..31b8aca6 100644 --- a/api-tests/ff/ipc/test_i003/test_entry_i003.c +++ b/api-tests/ff/ipc/test_i003/test_entry_i003.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -34,7 +34,7 @@ void test_entry(val_api_t *val_api, psa_api_t *psa_api) psa = psa_api; /* test init */ - val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT)); + val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT)); if (!IS_TEST_START(val->get_status())) { goto test_exit; diff --git a/api-tests/ff/ipc/test_i003/test_i003.c b/api-tests/ff/ipc/test_i003/test_i003.c index 0c0cb8da..d151442b 100644 --- a/api-tests/ff/ipc/test_i003/test_i003.c +++ b/api-tests/ff/ipc/test_i003/test_i003.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -159,7 +159,7 @@ int32_t client_test_call_read_and_skip(caller_security_t caller) uint64_t data3 = 0x1020304050607080; psa_handle_t handle = 0; - val->print(PRINT_TEST, "[Check 3] Test psa_write, psa_read and psa_skip\n", 0); + val->print(PRINT_TEST, "[Check 3] Test psa_call, psa_read and psa_skip\n", 0); if (val->ipc_connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION, diff --git a/api-tests/platform/manifests/driver_partition_psa.json b/api-tests/platform/manifests/driver_partition_psa.json index 2fa4550f..2b8c70c0 100644 --- a/api-tests/platform/manifests/driver_partition_psa.json +++ b/api-tests/platform/manifests/driver_partition_psa.json @@ -38,19 +38,19 @@ ], "mmio_regions" : [ { - "name": "TEST_UART_REGION", + "name": "FF_TEST_UART_REGION", "permission": "READ-WRITE" }, { - "name": "TEST_WATCHDOG_REGION", + "name": "FF_TEST_WATCHDOG_REGION", "permission": "READ-WRITE" }, { - "name": "TEST_NVMEM_REGION", + "name": "FF_TEST_NVMEM_REGION", "permission": "READ-WRITE" }, { - "name": "TEST_DRIVER_PARTITION_MMIO", + "name": "FF_TEST_DRIVER_PARTITION_MMIO", "permission": "READ-WRITE" } ], @@ -58,7 +58,7 @@ { "description": "Using UART TX interrupt to test psa_wait and psa_eoi for irq_signal", "signal": "DRIVER_UART_INTR_SIG", - "source": "UARTTX_IRQ" + "source": "FF_TEST_UART_IRQ" } ] } diff --git a/api-tests/platform/manifests/server_partition_psa.json b/api-tests/platform/manifests/server_partition_psa.json index 0608200d..5acbd735 100644 --- a/api-tests/platform/manifests/server_partition_psa.json +++ b/api-tests/platform/manifests/server_partition_psa.json @@ -61,7 +61,7 @@ ], "mmio_regions" : [ { - "name": "TEST_SERVER_PARTITION_MMIO", + "name": "FF_TEST_SERVER_PARTITION_MMIO", "permission": "READ-WRITE" } ] diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_config.h index 640f56f3..68d6739b 100644 --- a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_config.h +++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_config.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -49,6 +49,9 @@ /* Use hardcoded public key */ //#define PLATFORM_OVERRIDE_ATTEST_PK +/* Platform specific max UID's size */ +#define PLATFORM_MAX_UID_SIZE 512 + /* * Include of PSA defined Header files */ diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_intf.c index fd2e0557..9a051c95 100644 --- a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_intf.c +++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_intf.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -34,8 +34,10 @@ int32_t pal_crypto_function(int type, va_list valist) const uint8_t *nonce, *additional_data, *salt, *peer; size_t *length, size, ciphertext_size, nonce_length; size_t salt_length, peer_length, additional_data_length; +#ifdef NOT_SUPPORTED size_t *tag_length, plaintext_size; psa_aead_operation_t *aead_operation; +#endif psa_key_attributes_t *attributes; psa_key_handle_t *handle, key_handle; psa_key_type_t *key_type_out, key_type; @@ -48,6 +50,7 @@ int32_t pal_crypto_function(int type, va_list valist) psa_cipher_operation_t *cipher_operation; psa_key_derivation_operation_t *derive_operation; psa_key_derivation_step_t step; + switch (type) { case PAL_CRYPTO_INIT: @@ -169,6 +172,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_HASH_ABORT: hash_operation = va_arg(valist, psa_hash_operation_t*); return psa_hash_abort(hash_operation); +#ifdef NOT_SUPPORTED case PAL_CRYPTO_HASH_COMPUTE: alg = va_arg(valist, psa_algorithm_t); plaintext = va_arg(valist, uint8_t*); @@ -184,6 +188,7 @@ int32_t pal_crypto_function(int type, va_list valist) buffer = va_arg(valist, uint8_t*); size = va_arg(valist, size_t); return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size); +#endif case PAL_CRYPTO_HASH_CLONE: hash_operation = va_arg(valist, psa_hash_operation_t*); target_operation = va_arg(valist, psa_hash_operation_t*); @@ -220,6 +225,7 @@ int32_t pal_crypto_function(int type, va_list valist) length = va_arg(valist, size_t*); return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data, additional_data_length, ciphertext, ciphertext_size, plaintext, size, length); +#ifdef NOT_SUPPORTED case PAL_CRYPTO_AEAD_ENCRYPT_SETUP: aead_operation = va_arg(valist, psa_aead_operation_t *); key_handle = (psa_key_handle_t)va_arg(valist, int); @@ -281,6 +287,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_AEAD_ABORT: aead_operation = va_arg(valist, psa_aead_operation_t *); return psa_aead_abort(aead_operation); +#endif case PAL_CRYPTO_MAC_SIGN_SETUP: mac_operation = va_arg(valist, psa_mac_operation_t*); key_handle = (psa_key_handle_t)va_arg(valist, int); @@ -310,6 +317,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_MAC_ABORT: mac_operation = va_arg(valist, psa_mac_operation_t*); return psa_mac_abort(mac_operation); +#ifdef NOT_SUPPORTED case PAL_CRYPTO_MAC_COMPUTE: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); @@ -329,6 +337,7 @@ int32_t pal_crypto_function(int type, va_list valist) ciphertext_size = va_arg(valist, size_t); return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext, ciphertext_size); +#endif case PAL_CRYPTO_ASYMMTERIC_ENCRYPT: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); @@ -392,6 +401,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_CIPHER_ABORT: cipher_operation = va_arg(valist, psa_cipher_operation_t *); return psa_cipher_abort(cipher_operation); +#ifdef NOT_SUPPORTED case PAL_CRYPTO_CIPHER_ENCRYPT: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); @@ -412,6 +422,7 @@ int32_t pal_crypto_function(int type, va_list valist) length = va_arg(valist, size_t*); return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size, length); +#endif case PAL_CRYPTO_ASYMMTERIC_SIGN: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_config.h index 640f56f3..b8ddc57d 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_config.h +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_config.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -44,11 +44,14 @@ #endif /* PSA_CMAKE_BUILD */ /* Version of crypto spec used in attestation */ -#define CRYPTO_VERSION_BETA2 +#define CRYPTO_VERSION_BETA3 /* Use hardcoded public key */ //#define PLATFORM_OVERRIDE_ATTEST_PK +/* Platform specific max UID's size */ +#define PLATFORM_MAX_UID_SIZE 512 + /* * Include of PSA defined Header files */ diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_intf.c index fd2e0557..7bad480c 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_intf.c +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_intf.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -34,8 +34,10 @@ int32_t pal_crypto_function(int type, va_list valist) const uint8_t *nonce, *additional_data, *salt, *peer; size_t *length, size, ciphertext_size, nonce_length; size_t salt_length, peer_length, additional_data_length; +#ifdef NOT_SUPPORTED size_t *tag_length, plaintext_size; psa_aead_operation_t *aead_operation; +#endif psa_key_attributes_t *attributes; psa_key_handle_t *handle, key_handle; psa_key_type_t *key_type_out, key_type; @@ -48,6 +50,7 @@ int32_t pal_crypto_function(int type, va_list valist) psa_cipher_operation_t *cipher_operation; psa_key_derivation_operation_t *derive_operation; psa_key_derivation_step_t step; + switch (type) { case PAL_CRYPTO_INIT: @@ -169,6 +172,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_HASH_ABORT: hash_operation = va_arg(valist, psa_hash_operation_t*); return psa_hash_abort(hash_operation); +#ifdef NOT_SUPPORTED case PAL_CRYPTO_HASH_COMPUTE: alg = va_arg(valist, psa_algorithm_t); plaintext = va_arg(valist, uint8_t*); @@ -184,6 +188,7 @@ int32_t pal_crypto_function(int type, va_list valist) buffer = va_arg(valist, uint8_t*); size = va_arg(valist, size_t); return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size); +#endif case PAL_CRYPTO_HASH_CLONE: hash_operation = va_arg(valist, psa_hash_operation_t*); target_operation = va_arg(valist, psa_hash_operation_t*); @@ -220,6 +225,7 @@ int32_t pal_crypto_function(int type, va_list valist) length = va_arg(valist, size_t*); return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data, additional_data_length, ciphertext, ciphertext_size, plaintext, size, length); +#ifdef NO_SUPPORT case PAL_CRYPTO_AEAD_ENCRYPT_SETUP: aead_operation = va_arg(valist, psa_aead_operation_t *); key_handle = (psa_key_handle_t)va_arg(valist, int); @@ -281,6 +287,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_AEAD_ABORT: aead_operation = va_arg(valist, psa_aead_operation_t *); return psa_aead_abort(aead_operation); +#endif case PAL_CRYPTO_MAC_SIGN_SETUP: mac_operation = va_arg(valist, psa_mac_operation_t*); key_handle = (psa_key_handle_t)va_arg(valist, int); @@ -310,6 +317,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_MAC_ABORT: mac_operation = va_arg(valist, psa_mac_operation_t*); return psa_mac_abort(mac_operation); +#ifdef NO_SUPPORT case PAL_CRYPTO_MAC_COMPUTE: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); @@ -329,6 +337,7 @@ int32_t pal_crypto_function(int type, va_list valist) ciphertext_size = va_arg(valist, size_t); return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext, ciphertext_size); +#endif case PAL_CRYPTO_ASYMMTERIC_ENCRYPT: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); @@ -392,6 +401,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_CIPHER_ABORT: cipher_operation = va_arg(valist, psa_cipher_operation_t *); return psa_cipher_abort(cipher_operation); +#ifdef NO_SUPPORT case PAL_CRYPTO_CIPHER_ENCRYPT: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); @@ -412,6 +422,7 @@ int32_t pal_crypto_function(int type, va_list valist) length = va_arg(valist, size_t*); return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size, length); +#endif case PAL_CRYPTO_ASYMMTERIC_SIGN: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c index eec26192..91be54df 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -121,15 +121,6 @@ int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf b return status; } -/** - @brief - Computes hash for the requested data - @param - cose_alg_id : Algorithm ID - - buffer_for_hash : Temp buffer for calculating hash - - hash : Pointer to store the hash - - protected_headers : Buffer containing protected data - - payload : payload data - @return - SUCCESS/ERROR CODE -**/ uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash, struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers, struct q_useful_buf_c payload) @@ -292,6 +283,7 @@ static uint32_t pal_import_attest_key(psa_algorithm_t key_alg) psa_set_key_bits(&attributes, public_key_size); psa_set_key_usage_flags(&attributes, usage); psa_set_key_algorithm(&attributes, key_alg); + psa_set_key_bits(&attributes, 0); /* Import the public key */ status = psa_import_key(&attributes, @@ -308,7 +300,6 @@ static uint32_t pal_import_attest_key(psa_algorithm_t key_alg) return status; } - static uint32_t pal_destroy_attest_key(void) { psa_status_t status; @@ -325,13 +316,6 @@ static uint32_t pal_destroy_attest_key(void) return PAL_ATTEST_SUCCESS; } -/** - @brief - Verify the signature using the public key - @param - cose_algorithm_id : Algorithm ID - - token_hash : Data that needs to be verified - - signature : Signature to be verified against - @return - SUCCESS/ERROR CODE -**/ uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash, struct q_useful_buf_c signature) diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/target.cmake b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/target.cmake index f95c52eb..d33dcc93 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/target.cmake +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/target.cmake @@ -1,5 +1,5 @@ #/** @file -# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. +# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. # * SPDX-License-Identifier : Apache-2.0 # * # * Licensed under the Apache License, Version 2.0 (the "License"); @@ -72,8 +72,11 @@ if(${SUITE} STREQUAL "INITIAL_ATTESTATION") list(APPEND PAL_SRC_C_NSPE ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c ) - set(PSA_QCBOR_GIT_REPO_TAG 42272e466a8472948bf8fca076d113b81b99f0e0) endif() # Create NSPE library diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_config.h index 640f56f3..b8ddc57d 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_config.h +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_config.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -44,11 +44,14 @@ #endif /* PSA_CMAKE_BUILD */ /* Version of crypto spec used in attestation */ -#define CRYPTO_VERSION_BETA2 +#define CRYPTO_VERSION_BETA3 /* Use hardcoded public key */ //#define PLATFORM_OVERRIDE_ATTEST_PK +/* Platform specific max UID's size */ +#define PLATFORM_MAX_UID_SIZE 512 + /* * Include of PSA defined Header files */ diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_intf.c index fd2e0557..7bad480c 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_intf.c +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_intf.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -34,8 +34,10 @@ int32_t pal_crypto_function(int type, va_list valist) const uint8_t *nonce, *additional_data, *salt, *peer; size_t *length, size, ciphertext_size, nonce_length; size_t salt_length, peer_length, additional_data_length; +#ifdef NOT_SUPPORTED size_t *tag_length, plaintext_size; psa_aead_operation_t *aead_operation; +#endif psa_key_attributes_t *attributes; psa_key_handle_t *handle, key_handle; psa_key_type_t *key_type_out, key_type; @@ -48,6 +50,7 @@ int32_t pal_crypto_function(int type, va_list valist) psa_cipher_operation_t *cipher_operation; psa_key_derivation_operation_t *derive_operation; psa_key_derivation_step_t step; + switch (type) { case PAL_CRYPTO_INIT: @@ -169,6 +172,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_HASH_ABORT: hash_operation = va_arg(valist, psa_hash_operation_t*); return psa_hash_abort(hash_operation); +#ifdef NOT_SUPPORTED case PAL_CRYPTO_HASH_COMPUTE: alg = va_arg(valist, psa_algorithm_t); plaintext = va_arg(valist, uint8_t*); @@ -184,6 +188,7 @@ int32_t pal_crypto_function(int type, va_list valist) buffer = va_arg(valist, uint8_t*); size = va_arg(valist, size_t); return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size); +#endif case PAL_CRYPTO_HASH_CLONE: hash_operation = va_arg(valist, psa_hash_operation_t*); target_operation = va_arg(valist, psa_hash_operation_t*); @@ -220,6 +225,7 @@ int32_t pal_crypto_function(int type, va_list valist) length = va_arg(valist, size_t*); return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data, additional_data_length, ciphertext, ciphertext_size, plaintext, size, length); +#ifdef NO_SUPPORT case PAL_CRYPTO_AEAD_ENCRYPT_SETUP: aead_operation = va_arg(valist, psa_aead_operation_t *); key_handle = (psa_key_handle_t)va_arg(valist, int); @@ -281,6 +287,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_AEAD_ABORT: aead_operation = va_arg(valist, psa_aead_operation_t *); return psa_aead_abort(aead_operation); +#endif case PAL_CRYPTO_MAC_SIGN_SETUP: mac_operation = va_arg(valist, psa_mac_operation_t*); key_handle = (psa_key_handle_t)va_arg(valist, int); @@ -310,6 +317,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_MAC_ABORT: mac_operation = va_arg(valist, psa_mac_operation_t*); return psa_mac_abort(mac_operation); +#ifdef NO_SUPPORT case PAL_CRYPTO_MAC_COMPUTE: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); @@ -329,6 +337,7 @@ int32_t pal_crypto_function(int type, va_list valist) ciphertext_size = va_arg(valist, size_t); return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext, ciphertext_size); +#endif case PAL_CRYPTO_ASYMMTERIC_ENCRYPT: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); @@ -392,6 +401,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_CIPHER_ABORT: cipher_operation = va_arg(valist, psa_cipher_operation_t *); return psa_cipher_abort(cipher_operation); +#ifdef NO_SUPPORT case PAL_CRYPTO_CIPHER_ENCRYPT: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); @@ -412,6 +422,7 @@ int32_t pal_crypto_function(int type, va_list valist) length = va_arg(valist, size_t*); return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size, length); +#endif case PAL_CRYPTO_ASYMMTERIC_SIGN: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_crypto.c index 04fe5ef4..91be54df 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_crypto.c +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_crypto.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -121,15 +121,6 @@ int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf b return status; } -/** - @brief - Computes hash for the requested data - @param - cose_alg_id : Algorithm ID - - buffer_for_hash : Temp buffer for calculating hash - - hash : Pointer to store the hash - - protected_headers : Buffer containing protected data - - payload : payload data - @return - SUCCESS/ERROR CODE -**/ uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash, struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers, struct q_useful_buf_c payload) @@ -292,6 +283,7 @@ static uint32_t pal_import_attest_key(psa_algorithm_t key_alg) psa_set_key_bits(&attributes, public_key_size); psa_set_key_usage_flags(&attributes, usage); psa_set_key_algorithm(&attributes, key_alg); + psa_set_key_bits(&attributes, 0); /* Import the public key */ status = psa_import_key(&attributes, @@ -324,13 +316,6 @@ static uint32_t pal_destroy_attest_key(void) return PAL_ATTEST_SUCCESS; } -/** - @brief - Verify the signature using the public key - @param - cose_algorithm_id : Algorithm ID - - token_hash : Data that needs to be verified - - signature : Signature to be verified against - @return - SUCCESS/ERROR CODE -**/ uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash, struct q_useful_buf_c signature) diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/target.cmake b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/target.cmake index f95c52eb..d33dcc93 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/target.cmake +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/target.cmake @@ -1,5 +1,5 @@ #/** @file -# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. +# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. # * SPDX-License-Identifier : Apache-2.0 # * # * Licensed under the Apache License, Version 2.0 (the "License"); @@ -72,8 +72,11 @@ if(${SUITE} STREQUAL "INITIAL_ATTESTATION") list(APPEND PAL_SRC_C_NSPE ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c ) - set(PSA_QCBOR_GIT_REPO_TAG 42272e466a8472948bf8fca076d113b81b99f0e0) endif() # Create NSPE library diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_config.h index 640f56f3..b8ddc57d 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_config.h +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_config.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -44,11 +44,14 @@ #endif /* PSA_CMAKE_BUILD */ /* Version of crypto spec used in attestation */ -#define CRYPTO_VERSION_BETA2 +#define CRYPTO_VERSION_BETA3 /* Use hardcoded public key */ //#define PLATFORM_OVERRIDE_ATTEST_PK +/* Platform specific max UID's size */ +#define PLATFORM_MAX_UID_SIZE 512 + /* * Include of PSA defined Header files */ diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.c index fd2e0557..f2145555 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.c +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -34,8 +34,10 @@ int32_t pal_crypto_function(int type, va_list valist) const uint8_t *nonce, *additional_data, *salt, *peer; size_t *length, size, ciphertext_size, nonce_length; size_t salt_length, peer_length, additional_data_length; +#ifdef NOT_SUPPORTED size_t *tag_length, plaintext_size; psa_aead_operation_t *aead_operation; +#endif psa_key_attributes_t *attributes; psa_key_handle_t *handle, key_handle; psa_key_type_t *key_type_out, key_type; @@ -48,6 +50,7 @@ int32_t pal_crypto_function(int type, va_list valist) psa_cipher_operation_t *cipher_operation; psa_key_derivation_operation_t *derive_operation; psa_key_derivation_step_t step; + switch (type) { case PAL_CRYPTO_INIT: @@ -169,6 +172,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_HASH_ABORT: hash_operation = va_arg(valist, psa_hash_operation_t*); return psa_hash_abort(hash_operation); +#ifdef NOT_SUPPORTED case PAL_CRYPTO_HASH_COMPUTE: alg = va_arg(valist, psa_algorithm_t); plaintext = va_arg(valist, uint8_t*); @@ -184,6 +188,7 @@ int32_t pal_crypto_function(int type, va_list valist) buffer = va_arg(valist, uint8_t*); size = va_arg(valist, size_t); return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size); +#endif case PAL_CRYPTO_HASH_CLONE: hash_operation = va_arg(valist, psa_hash_operation_t*); target_operation = va_arg(valist, psa_hash_operation_t*); @@ -220,6 +225,7 @@ int32_t pal_crypto_function(int type, va_list valist) length = va_arg(valist, size_t*); return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data, additional_data_length, ciphertext, ciphertext_size, plaintext, size, length); +#ifdef NO_SUPPORT case PAL_CRYPTO_AEAD_ENCRYPT_SETUP: aead_operation = va_arg(valist, psa_aead_operation_t *); key_handle = (psa_key_handle_t)va_arg(valist, int); @@ -281,6 +287,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_AEAD_ABORT: aead_operation = va_arg(valist, psa_aead_operation_t *); return psa_aead_abort(aead_operation); +#endif case PAL_CRYPTO_MAC_SIGN_SETUP: mac_operation = va_arg(valist, psa_mac_operation_t*); key_handle = (psa_key_handle_t)va_arg(valist, int); @@ -310,6 +317,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_MAC_ABORT: mac_operation = va_arg(valist, psa_mac_operation_t*); return psa_mac_abort(mac_operation); +#ifdef NO_SUPPORT case PAL_CRYPTO_MAC_COMPUTE: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); @@ -392,6 +400,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_CIPHER_ABORT: cipher_operation = va_arg(valist, psa_cipher_operation_t *); return psa_cipher_abort(cipher_operation); +#ifdef NO_SUPPORT case PAL_CRYPTO_CIPHER_ENCRYPT: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); @@ -412,6 +421,7 @@ int32_t pal_crypto_function(int type, va_list valist) length = va_arg(valist, size_t*); return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size, length); +#endif case PAL_CRYPTO_ASYMMTERIC_SIGN: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c index 04fe5ef4..91be54df 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -121,15 +121,6 @@ int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf b return status; } -/** - @brief - Computes hash for the requested data - @param - cose_alg_id : Algorithm ID - - buffer_for_hash : Temp buffer for calculating hash - - hash : Pointer to store the hash - - protected_headers : Buffer containing protected data - - payload : payload data - @return - SUCCESS/ERROR CODE -**/ uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash, struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers, struct q_useful_buf_c payload) @@ -292,6 +283,7 @@ static uint32_t pal_import_attest_key(psa_algorithm_t key_alg) psa_set_key_bits(&attributes, public_key_size); psa_set_key_usage_flags(&attributes, usage); psa_set_key_algorithm(&attributes, key_alg); + psa_set_key_bits(&attributes, 0); /* Import the public key */ status = psa_import_key(&attributes, @@ -324,13 +316,6 @@ static uint32_t pal_destroy_attest_key(void) return PAL_ATTEST_SUCCESS; } -/** - @brief - Verify the signature using the public key - @param - cose_algorithm_id : Algorithm ID - - token_hash : Data that needs to be verified - - signature : Signature to be verified against - @return - SUCCESS/ERROR CODE -**/ uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash, struct q_useful_buf_c signature) diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cmake b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cmake index 64ef4bf2..5388ca1a 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cmake +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cmake @@ -1,5 +1,5 @@ #/** @file -# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. +# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. # * SPDX-License-Identifier : Apache-2.0 # * # * Licensed under the Apache License, Version 2.0 (the "License"); @@ -72,8 +72,11 @@ if(${SUITE} STREQUAL "INITIAL_ATTESTATION") list(APPEND PAL_SRC_C_NSPE ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c ) - set(PSA_QCBOR_GIT_REPO_TAG 42272e466a8472948bf8fca076d113b81b99f0e0) endif() # Create NSPE library diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_config.h index 640f56f3..b8ddc57d 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_config.h +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_config.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -44,11 +44,14 @@ #endif /* PSA_CMAKE_BUILD */ /* Version of crypto spec used in attestation */ -#define CRYPTO_VERSION_BETA2 +#define CRYPTO_VERSION_BETA3 /* Use hardcoded public key */ //#define PLATFORM_OVERRIDE_ATTEST_PK +/* Platform specific max UID's size */ +#define PLATFORM_MAX_UID_SIZE 512 + /* * Include of PSA defined Header files */ diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c index fd2e0557..f2145555 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -34,8 +34,10 @@ int32_t pal_crypto_function(int type, va_list valist) const uint8_t *nonce, *additional_data, *salt, *peer; size_t *length, size, ciphertext_size, nonce_length; size_t salt_length, peer_length, additional_data_length; +#ifdef NOT_SUPPORTED size_t *tag_length, plaintext_size; psa_aead_operation_t *aead_operation; +#endif psa_key_attributes_t *attributes; psa_key_handle_t *handle, key_handle; psa_key_type_t *key_type_out, key_type; @@ -48,6 +50,7 @@ int32_t pal_crypto_function(int type, va_list valist) psa_cipher_operation_t *cipher_operation; psa_key_derivation_operation_t *derive_operation; psa_key_derivation_step_t step; + switch (type) { case PAL_CRYPTO_INIT: @@ -169,6 +172,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_HASH_ABORT: hash_operation = va_arg(valist, psa_hash_operation_t*); return psa_hash_abort(hash_operation); +#ifdef NOT_SUPPORTED case PAL_CRYPTO_HASH_COMPUTE: alg = va_arg(valist, psa_algorithm_t); plaintext = va_arg(valist, uint8_t*); @@ -184,6 +188,7 @@ int32_t pal_crypto_function(int type, va_list valist) buffer = va_arg(valist, uint8_t*); size = va_arg(valist, size_t); return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size); +#endif case PAL_CRYPTO_HASH_CLONE: hash_operation = va_arg(valist, psa_hash_operation_t*); target_operation = va_arg(valist, psa_hash_operation_t*); @@ -220,6 +225,7 @@ int32_t pal_crypto_function(int type, va_list valist) length = va_arg(valist, size_t*); return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data, additional_data_length, ciphertext, ciphertext_size, plaintext, size, length); +#ifdef NO_SUPPORT case PAL_CRYPTO_AEAD_ENCRYPT_SETUP: aead_operation = va_arg(valist, psa_aead_operation_t *); key_handle = (psa_key_handle_t)va_arg(valist, int); @@ -281,6 +287,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_AEAD_ABORT: aead_operation = va_arg(valist, psa_aead_operation_t *); return psa_aead_abort(aead_operation); +#endif case PAL_CRYPTO_MAC_SIGN_SETUP: mac_operation = va_arg(valist, psa_mac_operation_t*); key_handle = (psa_key_handle_t)va_arg(valist, int); @@ -310,6 +317,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_MAC_ABORT: mac_operation = va_arg(valist, psa_mac_operation_t*); return psa_mac_abort(mac_operation); +#ifdef NO_SUPPORT case PAL_CRYPTO_MAC_COMPUTE: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); @@ -392,6 +400,7 @@ int32_t pal_crypto_function(int type, va_list valist) case PAL_CRYPTO_CIPHER_ABORT: cipher_operation = va_arg(valist, psa_cipher_operation_t *); return psa_cipher_abort(cipher_operation); +#ifdef NO_SUPPORT case PAL_CRYPTO_CIPHER_ENCRYPT: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); @@ -412,6 +421,7 @@ int32_t pal_crypto_function(int type, va_list valist) length = va_arg(valist, size_t*); return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size, length); +#endif case PAL_CRYPTO_ASYMMTERIC_SIGN: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.c index 04fe5ef4..91be54df 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.c +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -121,15 +121,6 @@ int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf b return status; } -/** - @brief - Computes hash for the requested data - @param - cose_alg_id : Algorithm ID - - buffer_for_hash : Temp buffer for calculating hash - - hash : Pointer to store the hash - - protected_headers : Buffer containing protected data - - payload : payload data - @return - SUCCESS/ERROR CODE -**/ uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash, struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers, struct q_useful_buf_c payload) @@ -292,6 +283,7 @@ static uint32_t pal_import_attest_key(psa_algorithm_t key_alg) psa_set_key_bits(&attributes, public_key_size); psa_set_key_usage_flags(&attributes, usage); psa_set_key_algorithm(&attributes, key_alg); + psa_set_key_bits(&attributes, 0); /* Import the public key */ status = psa_import_key(&attributes, @@ -324,13 +316,6 @@ static uint32_t pal_destroy_attest_key(void) return PAL_ATTEST_SUCCESS; } -/** - @brief - Verify the signature using the public key - @param - cose_algorithm_id : Algorithm ID - - token_hash : Data that needs to be verified - - signature : Signature to be verified against - @return - SUCCESS/ERROR CODE -**/ uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash, struct q_useful_buf_c signature) diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/target.cmake b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/target.cmake index 64ef4bf2..5388ca1a 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/target.cmake +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/target.cmake @@ -1,5 +1,5 @@ #/** @file -# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. +# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. # * SPDX-License-Identifier : Apache-2.0 # * # * Licensed under the Apache License, Version 2.0 (the "License"); @@ -72,8 +72,11 @@ if(${SUITE} STREQUAL "INITIAL_ATTESTATION") list(APPEND PAL_SRC_C_NSPE ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c ) - set(PSA_QCBOR_GIT_REPO_TAG 42272e466a8472948bf8fca076d113b81b99f0e0) endif() # Create NSPE library diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_config.h index 640f56f3..b8ddc57d 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_config.h +++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_config.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -44,11 +44,14 @@ #endif /* PSA_CMAKE_BUILD */ /* Version of crypto spec used in attestation */ -#define CRYPTO_VERSION_BETA2 +#define CRYPTO_VERSION_BETA3 /* Use hardcoded public key */ //#define PLATFORM_OVERRIDE_ATTEST_PK +/* Platform specific max UID's size */ +#define PLATFORM_MAX_UID_SIZE 512 + /* * Include of PSA defined Header files */ diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c index 488c96b1..91be54df 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c +++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -283,6 +283,7 @@ static uint32_t pal_import_attest_key(psa_algorithm_t key_alg) psa_set_key_bits(&attributes, public_key_size); psa_set_key_usage_flags(&attributes, usage); psa_set_key_algorithm(&attributes, key_alg); + psa_set_key_bits(&attributes, 0); /* Import the public key */ status = psa_import_key(&attributes, diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/target.cfg b/api-tests/platform/targets/tgt_ff_tfm_an521/target.cfg index 9e50489d..729388ea 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_an521/target.cfg +++ b/api-tests/platform/targets/tgt_ff_tfm_an521/target.cfg @@ -1,5 +1,5 @@ ///** @file -// * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. +// * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. // * SPDX-License-Identifier : Apache-2.0 // * // * Licensed under the Apache License, Version 2.0 (the "License"); @@ -68,11 +68,11 @@ nspe_mmio.0.end = 0x00300F1F; nspe_mmio.0.permission = TYPE_READ_WRITE; server_partition_mmio.num=1; -server_partition_mmio.0.start = 0x10300F00; -server_partition_mmio.0.end = 0x10300F1F; +server_partition_mmio.0.start = 0x3801FC00; +server_partition_mmio.0.end = 0x3801FD00; server_partition_mmio.0.permission = TYPE_READ_WRITE; driver_partition_mmio.num=1; -driver_partition_mmio.0.start = 0x10300F20; -driver_partition_mmio.0.end = 0x10300F3F; +driver_partition_mmio.0.start = 0x3801FE00; +driver_partition_mmio.0.end = 0x3801FF00; driver_partition_mmio.0.permission = TYPE_READ_WRITE; diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/target.cmake b/api-tests/platform/targets/tgt_ff_tfm_an521/target.cmake index f95c52eb..d33dcc93 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_an521/target.cmake +++ b/api-tests/platform/targets/tgt_ff_tfm_an521/target.cmake @@ -1,5 +1,5 @@ #/** @file -# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. +# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. # * SPDX-License-Identifier : Apache-2.0 # * # * Licensed under the Apache License, Version 2.0 (the "License"); @@ -72,8 +72,11 @@ if(${SUITE} STREQUAL "INITIAL_ATTESTATION") list(APPEND PAL_SRC_C_NSPE ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c ) - set(PSA_QCBOR_GIT_REPO_TAG 42272e466a8472948bf8fca076d113b81b99f0e0) endif() # Create NSPE library diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_config.h index 640f56f3..b8ddc57d 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_config.h +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_config.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -44,11 +44,14 @@ #endif /* PSA_CMAKE_BUILD */ /* Version of crypto spec used in attestation */ -#define CRYPTO_VERSION_BETA2 +#define CRYPTO_VERSION_BETA3 /* Use hardcoded public key */ //#define PLATFORM_OVERRIDE_ATTEST_PK +/* Platform specific max UID's size */ +#define PLATFORM_MAX_UID_SIZE 512 + /* * Include of PSA defined Header files */ diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c index 488c96b1..91be54df 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -283,6 +283,7 @@ static uint32_t pal_import_attest_key(psa_algorithm_t key_alg) psa_set_key_bits(&attributes, public_key_size); psa_set_key_usage_flags(&attributes, usage); psa_set_key_algorithm(&attributes, key_alg); + psa_set_key_bits(&attributes, 0); /* Import the public key */ status = psa_import_key(&attributes, diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cfg b/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cfg index 3535eeec..fbf0022c 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cfg +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cfg @@ -1,5 +1,5 @@ ///** @file -// * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. +// * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. // * SPDX-License-Identifier : Apache-2.0 // * // * Licensed under the Apache License, Version 2.0 (the "License"); @@ -36,8 +36,8 @@ watchdog.0.timeout_in_micro_sec_crypto = 0x1312D00; //18.0 sec : 18 * 1000 * 100 // Range of 1KB Non-volatile memory to preserve data over reset. Ex, NVRAM and FLASH nvmem.num =1; -nvmem.0.start = 0x30017C00; // END_OF_MUSCA_SRAM_S -nvmem.0.end = 0x30017FFF; +nvmem.0.start = 0x30017800; +nvmem.0.end = 0x30017BFF; nvmem.0.permission = TYPE_READ_WRITE; // Miscellaneous - Test scatter info @@ -68,11 +68,11 @@ nspe_mmio.0.end = 0x00200F1F; nspe_mmio.0.permission = TYPE_READ_WRITE; server_partition_mmio.num=1; -server_partition_mmio.0.start = 0x10200F00; -server_partition_mmio.0.end = 0x10200F1F; +server_partition_mmio.0.start = 0x30017C00; +server_partition_mmio.0.end = 0x30017D00; server_partition_mmio.0.permission = TYPE_READ_WRITE; driver_partition_mmio.num=1; -driver_partition_mmio.0.start = 0x10200F20; -driver_partition_mmio.0.end = 0x10200F3F; +driver_partition_mmio.0.start = 0x30017E00; +driver_partition_mmio.0.end = 0x30017F00; driver_partition_mmio.0.permission = TYPE_READ_WRITE; diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cmake b/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cmake index 64ef4bf2..5388ca1a 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cmake +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cmake @@ -1,5 +1,5 @@ #/** @file -# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. +# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. # * SPDX-License-Identifier : Apache-2.0 # * # * Licensed under the Apache License, Version 2.0 (the "License"); @@ -72,8 +72,11 @@ if(${SUITE} STREQUAL "INITIAL_ATTESTATION") list(APPEND PAL_SRC_C_NSPE ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c ) - set(PSA_QCBOR_GIT_REPO_TAG 42272e466a8472948bf8fca076d113b81b99f0e0) endif() # Create NSPE library diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_empty_intf.c new file mode 100644 index 00000000..b11cae21 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_empty_intf.c @@ -0,0 +1,95 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#include "pal_common.h" +#include "pal_client_api_intf.h" + +/** + * @brief - Retrieve the version of the PSA Framework API that is implemented. + * This is a wrapper API for psa_framework_version API. + * @param - void + * @return - The PSA Framework API version. + */ + +uint32_t pal_ipc_framework_version(void) +{ + return 0; +} + +/** + * @brief - Retrieve the version of a Root of Trust Service by its SID. + * This is a wrapper API for the psa_version API. + * @param - sid The Root of Trust Service ID + * @return - version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust + * Service not present on the system. + */ + +uint32_t pal_ipc_version(uint32_t sid) +{ + return PSA_VERSION_NONE; +} + +/** + * @brief - Connect to given sid. + * This is a wrapper API for the psa_connect API. + * @param - sid : RoT service id + * @param - version : version of RoT service + * @return - psa_handle_t : return connection handle + */ + +psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version) +{ + return PSA_NULL_HANDLE; +} + +/** + * @brief Call a connected Root of Trust Service. + * This is a wrapper API for the psa_call API. + * The caller must provide an array of ::psa_invec_t structures as the input payload. + * + * @param -handle Handle for the connection. + * @param -type Request type. + * @param -in_vec Array of psa_invec structures. + * @param -in_len Number of psa_invec structures in in_vec. + * @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response. + * @param -out_len Number of psa_outvec structures in out_vec. + * @return -psa_status_t + */ + +psa_status_t pal_ipc_call(psa_handle_t handle, + int32_t type, + const psa_invec *in_vec, + size_t in_len, + psa_outvec *out_vec, + size_t out_len) +{ + return (PSA_SUCCESS - 1); +} + +/** + * @brief Close a connection to a Root of Trust Service. + * This is a wrapper API for the psa_close API. + * Sends the PSA_IPC_DISCONNECT message to the Root of Trust Service so it can clean up resources. + * + * @param handle Handle for the connection. + * @return void + */ + +void pal_ipc_close(psa_handle_t handle) +{ + return; +} diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_intf.c new file mode 100644 index 00000000..7f13ec72 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_intf.c @@ -0,0 +1,99 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#include "pal_common.h" +#include "pal_client_api_intf.h" + +/** + * @brief - Retrieve the version of the PSA Framework API that is implemented. + * This is a wrapper API for psa_framework_version API. + * @param - void + * @return - The PSA Framework API version. + * Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented. + */ + +uint32_t pal_ipc_framework_version(void) +{ + return psa_framework_version(); +} + +/** + * @brief - Retrieve the version of a Root of Trust Service by its SID. + * This is a wrapper API for the psa_version API. + * @param - sid The Root of Trust Service ID + * @return - Version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust + * Service not present on the system. + * Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented. + */ + +uint32_t pal_ipc_version(uint32_t sid) +{ + return psa_version(sid); +} + +/** + * @brief - Connect to given sid. + * This is a wrapper API for the psa_connect API. + * @param - sid : RoT service id + * @param - version : version of RoT service + * @return - psa_handle_t : return connection handle + * Note - Return PSA_NULL_HANDLE if PSA IPC is not implemented. + */ + +psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version) +{ + return psa_connect(sid, version); +} + +/** + * @brief Call a connected Root of Trust Service. + * This is a wrapper API for the psa_call API. + * The caller must provide an array of ::psa_invec_t structures as the input payload. + * + * @param -handle Handle for the connection. + * @param -type Request type. + * @param -in_vec Array of psa_invec structures. + * @param -in_len Number of psa_invec structures in in_vec. + * @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response. + * @param -out_len Number of psa_outvec structures in out_vec. + * @return -psa_status_t + * Note - Return -1 if PSA IPC is not implemented. + */ + +psa_status_t pal_ipc_call(psa_handle_t handle, + int32_t type, + const psa_invec *in_vec, + size_t in_len, + psa_outvec *out_vec, + size_t out_len) +{ + return psa_call(handle, type, in_vec, in_len, out_vec, out_len); +} + +/** + * @brief Close a connection to a Root of Trust Service. + * This is a wrapper API for the psa_close API. + * Sends the PSA_IPC_DISCONNECT message to the Root of Trust Service so it can clean up resources. + * + * @param - handle Handle for the connection. + * @return - void + */ + +void pal_ipc_close(psa_handle_t handle) +{ + psa_close(handle); +} diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_intf.h new file mode 100644 index 00000000..0f8090ad --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_intf.h @@ -0,0 +1,33 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#ifndef _PAL_CLIENT_API_H_ +#define _PAL_CLIENT_API_H_ + +#include "pal_common.h" + +uint32_t pal_ipc_framework_version(void); +uint32_t pal_ipc_version(uint32_t sid); +psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version); +psa_status_t pal_ipc_call(psa_handle_t handle, + int32_t type, + const psa_invec *in_vec, + size_t in_len, + psa_outvec *out_vec, + size_t out_len); +void pal_ipc_close(psa_handle_t handle); +#endif /* _PAL_CLIENT_API_H_ */ diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_common.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_common.h new file mode 100644 index 00000000..a628d4d7 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_common.h @@ -0,0 +1,115 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#ifndef _PAL_COMMON_H_ +#define _PAL_COMMON_H_ + +#include +#include +#include +#include +#include + +#include "pal_config.h" +#include "pal_crypto_config.h" + +/* typedef's */ +typedef uint8_t bool_t; +typedef uint32_t addr_t; +typedef uint32_t test_id_t; +typedef uint32_t block_id_t; +typedef char char8_t; +typedef uint32_t cfg_id_t; + +#define PAL_STATUS_UNSUPPORTED_FUNC 0xFF + +typedef enum { + PAL_STATUS_SUCCESS = 0x0, + PAL_STATUS_ERROR = 0x80 +} pal_status_t; + +typedef enum { + NVMEM_READ = 0x1, + NVMEM_WRITE = 0x2, +} nvmem_fn_type_t; + +typedef struct { + nvmem_fn_type_t nvmem_fn_type; + addr_t base; + uint32_t offset; + int size; +} nvmem_param_t; + +typedef enum { + WD_INIT_SEQ = 0x1, + WD_ENABLE_SEQ = 0x2, + WD_DISABLE_SEQ = 0x3, + WD_STATUS_SEQ = 0x4, +} wd_fn_type_t; + +typedef enum { + WD_LOW_TIMEOUT = 0x1, + WD_MEDIUM_TIMEOUT = 0x2, + WD_HIGH_TIMEOUT = 0x3, + WD_CRYPTO_TIMEOUT = 0x4, +} wd_timeout_type_t; + +typedef struct { + wd_fn_type_t wd_fn_type; + addr_t wd_base_addr; + uint32_t wd_time_us; + uint32_t wd_timer_tick_us; +} wd_param_t; + +typedef enum { + UART_INIT = 0x1, + UART_PRINT = 0x2, +} uart_fn_type_t; + +/* + * Redefining some of the client.h elements for compilation to go through + * when PSA IPC APIs are not implemented. + */ +#ifndef IPC + +#ifndef PSA_VERSION_NONE +#define PSA_VERSION_NONE (0) +#endif + +#ifndef PSA_SUCCESS +#define PSA_SUCCESS (0) +typedef int32_t psa_status_t; +#endif +typedef int32_t psa_handle_t; + +#ifndef PSA_NULL_HANDLE +#define PSA_NULL_HANDLE ((psa_handle_t)0) +#endif + +typedef struct psa_invec { + const void *base; + size_t len; +} psa_invec; + +typedef struct psa_outvec { + void *base; + size_t len; +} psa_outvec; + +#endif /* IPC */ + +#endif /* _PAL_COMMON_H_ */ diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_config.h new file mode 100644 index 00000000..3af5cdb6 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_config.h @@ -0,0 +1,97 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#ifndef _PAL_CONFIG_H_ +#define _PAL_CONFIG_H_ + +/* Define PSA test suite dependent macros for non-cmake build */ +#if !defined(PSA_CMAKE_BUILD) + +/* Print verbosity = TEST */ +#define VERBOSE 3 + +/* NSPE or SPE VAL build? */ +#define VAL_NSPE_BUILD + +/* NSPE or SPE TEST build? */ +#define NONSECURE_TEST_BUILD + +/* Combine test archive or binary? */ +#define TEST_COMBINE_ARCHIVE + +/* If not defined, skip watchdog programming */ +#define WATCHDOG_AVAILABLE + +/* Are Dynamic memory APIs available to secure partition? */ +#define SP_HEAP_MEM_SUPP + +/* PSA Isolation level supported by platform */ +#define PLATFORM_PSA_ISOLATION_LEVEL 3 +#endif /* PSA_CMAKE_BUILD */ + +/* Version of crypto spec used in attestation */ +#define CRYPTO_VERSION_BETA3 + +/* Use hardcoded public key */ +//#define PLATFORM_OVERRIDE_ATTEST_PK + +/* Platform specific max UID's size */ +#define PLATFORM_MAX_UID_SIZE 512 + +/* + * Include of PSA defined Header files + */ +#ifdef IPC +/* psa/client.h: Contains the PSA Client API elements */ +#include "psa/client.h" + +/* + * psa_manifest/sid.h: Macro definitions derived from manifest files that map from RoT Service + * names to Service IDs (SIDs). Partition manifest parse build tool must provide the implementation + * of this file. +*/ +#include "psa_manifest/sid.h" + +/* + * psa_manifest/pid.h: Secure Partition IDs + * Macro definitions that map from Secure Partition names to Secure Partition IDs. + * Partition manifest parse build tool must provide the implementation of this file. +*/ +#include "psa_manifest/pid.h" +#endif + +#ifdef CRYPTO +/* psa/crypto.h: Contains the PSA Crypto API elements */ +#include "psa/crypto.h" +#endif + +#ifdef INTERNAL_TRUSTED_STORAGE +/* psa/internal_trusted_storage.h: Contains the PSA ITS API elements */ +#include "psa/internal_trusted_storage.h" +#endif + +#ifdef PROTECTED_STORAGE +/* psa/protected_storage.h: Contains the PSA PS API elements */ +#include "psa/protected_storage.h" +#endif + +#ifdef INITIAL_ATTESTATION +/* psa/initial_attestation.h: Contains the PSA Initial Attestation API elements */ +#include "psa/initial_attestation.h" +#endif + +#endif /* _PAL_CONFIG_H_ */ diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_driver_ipc_intf.c new file mode 100644 index 00000000..bfe1e982 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_driver_ipc_intf.c @@ -0,0 +1,293 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#include "pal_common.h" +#include "pal_client_api_intf.h" + +/** + @brief - This function initializes the UART + @param - uart base addr + @return - SUCCESS/FAILURE +**/ +int pal_uart_init_ns(uint32_t uart_base_addr) +{ + psa_handle_t print_handle = 0; + psa_status_t status_of_call = PSA_SUCCESS; + uart_fn_type_t uart_fn = UART_INIT; + + psa_invec data[3] = {{&uart_fn, sizeof(uart_fn)}, + {&uart_base_addr, sizeof(uart_base_addr)}, + {NULL, 0} }; + + print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION); + if (PSA_HANDLE_IS_VALID(print_handle)) + { + status_of_call = pal_ipc_call(print_handle, 0, data, 3, NULL, 0); + pal_ipc_close(print_handle); + if (status_of_call != PSA_SUCCESS) + return PAL_STATUS_ERROR; + + return PAL_STATUS_SUCCESS; + } + else + { + return PAL_STATUS_ERROR; + } +} + +/** + @brief - This function parses the input string and writes bytes into UART TX FIFO + @param - str : Input String + - data : Value for format specifier + @return - SUCCESS/FAILURE +**/ + +int pal_print_ns(char *str, int32_t data) +{ + int string_len = 0; + char *p = str; + psa_handle_t print_handle = 0; + psa_status_t status_of_call = PSA_SUCCESS; + uart_fn_type_t uart_fn = UART_PRINT; + + while (*p != '\0') + { + string_len++; + p++; + } + + psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)}, + {str, string_len+1}, + {&data, sizeof(data)} }; + + print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION); + if (PSA_HANDLE_IS_VALID(print_handle)) + { + status_of_call = pal_ipc_call(print_handle, 0, data1, 3, NULL, 0); + pal_ipc_close(print_handle); + if (status_of_call != PSA_SUCCESS) + return PAL_STATUS_ERROR; + + return PAL_STATUS_SUCCESS; + } + else + { + return PAL_STATUS_ERROR; + } +} + +/** + @brief - Initializes an hardware watchdog timer + @param - base_addr : Base address of the watchdog module + - time_us : Time in micro seconds + - timer_tick_us : Number of ticks per micro second + @return - SUCCESS/FAILURE +**/ +int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us) +{ + wd_param_t wd_param; + psa_handle_t handle = 0; + psa_status_t status_of_call = PSA_SUCCESS; + + wd_param.wd_fn_type = WD_INIT_SEQ; + wd_param.wd_base_addr = base_addr; + wd_param.wd_time_us = time_us; + wd_param.wd_timer_tick_us = timer_tick_us; + psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} }; + + handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION); + if (PSA_HANDLE_IS_VALID(handle)) + { + status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0); + pal_ipc_close(handle); + if (status_of_call != PSA_SUCCESS) + return PAL_STATUS_ERROR; + + return PAL_STATUS_SUCCESS; + } + else + { + return PAL_STATUS_ERROR; + } +} + +/** + @brief - Enables a hardware watchdog timer + @param - base_addr : Base address of the watchdog module + @return - SUCCESS/FAILURE +**/ +int pal_wd_timer_enable_ns(addr_t base_addr) +{ + wd_param_t wd_param; + psa_handle_t handle = 0; + psa_status_t status_of_call = PSA_SUCCESS; + + wd_param.wd_fn_type = WD_ENABLE_SEQ; + wd_param.wd_base_addr = base_addr; + wd_param.wd_time_us = 0; + wd_param.wd_timer_tick_us = 0; + psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} }; + + handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION); + if (PSA_HANDLE_IS_VALID(handle)) + { + status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0); + pal_ipc_close(handle); + if (status_of_call != PSA_SUCCESS) + return PAL_STATUS_ERROR; + + return PAL_STATUS_SUCCESS; + } + else + { + return PAL_STATUS_ERROR; + } +} + +/** + @brief - Disables a hardware watchdog timer + @param - base_addr : Base address of the watchdog module + @return - SUCCESS/FAILURE +**/ +int pal_wd_timer_disable_ns(addr_t base_addr) +{ + wd_param_t wd_param; + psa_handle_t handle = 0; + psa_status_t status_of_call = PSA_SUCCESS; + + wd_param.wd_fn_type = WD_DISABLE_SEQ; + wd_param.wd_base_addr = base_addr; + wd_param.wd_time_us = 0; + wd_param.wd_timer_tick_us = 0; + psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} }; + + handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION); + if (PSA_HANDLE_IS_VALID(handle)) + { + status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0); + pal_ipc_close(handle); + if (status_of_call != PSA_SUCCESS) + return PAL_STATUS_ERROR; + + return PAL_STATUS_SUCCESS; + } + else + { + return PAL_STATUS_ERROR; + } +} + +/** + @brief - Reads from given non-volatile address. + @param - base : Base address of nvmem + offset : Offset + buffer : Pointer to source address + size : Number of bytes + @return - SUCCESS/FAILURE +**/ +int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size) +{ + nvmem_param_t nvmem_param; + psa_handle_t handle = 0; + psa_status_t status_of_call = PSA_SUCCESS; + + nvmem_param.nvmem_fn_type = NVMEM_READ; + nvmem_param.base = base; + nvmem_param.offset = offset; + nvmem_param.size = size; + psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)} }; + psa_outvec outvec[1] = {{buffer, size} }; + + handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION); + if (PSA_HANDLE_IS_VALID(handle)) + { + status_of_call = pal_ipc_call(handle, 0, invec, 1, outvec, 1); + pal_ipc_close(handle); + if (status_of_call != PSA_SUCCESS) + return PAL_STATUS_ERROR; + + return PAL_STATUS_SUCCESS; + } + else + { + return PAL_STATUS_ERROR; + } +} + +/** + @brief - Writes into given non-volatile address. + @param - base : Base address of nvmem + offset : Offset + buffer : Pointer to source address + size : Number of bytes + @return - SUCCESS/FAILURE +**/ +int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size) +{ + nvmem_param_t nvmem_param; + psa_handle_t handle = 0; + psa_status_t status_of_call = PSA_SUCCESS; + + nvmem_param.nvmem_fn_type = NVMEM_WRITE; + nvmem_param.base = base; + nvmem_param.offset = offset; + nvmem_param.size = size; + psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size} }; + + handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION); + if (PSA_HANDLE_IS_VALID(handle)) + { + status_of_call = pal_ipc_call(handle, 0, invec, 2, NULL, 0); + pal_ipc_close(handle); + if (status_of_call != PSA_SUCCESS) + return PAL_STATUS_ERROR; + + return PAL_STATUS_SUCCESS; + } + else + { + return PAL_STATUS_ERROR; + } +} + +/** + * @brief - This function will read peripherals using SPI commands + * @param - addr : address of the peripheral + * data : read buffer + * len : length of the read buffer in bytes + * @return - error status +**/ +int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len) +{ + return 0xFF; +} + +/** + * @brief - Terminates the simulation at the end of all tests completion. + * By default, it put cpus into power down mode. + * @param - void + * @return - void +**/ +void pal_terminate_simulation(void) +{ + /* Add logic to terminate the simluation */ + + while (1) + { + asm volatile("WFI"); + } +} diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_driver_ns_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_driver_ns_intf.c new file mode 100644 index 00000000..7ad6ce85 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_driver_ns_intf.c @@ -0,0 +1,145 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#include "pal_common.h" +#include "pal_uart.h" +#include "pal_nvmem.h" +#include "pal_wd_cmsdk.h" + +/** + @brief - This function initializes the UART + @param - uart base addr + @return - SUCCESS/FAILURE +**/ +int pal_uart_init_ns(uint32_t uart_base_addr) +{ + pal_uart_pl011_init(uart_base_addr); + return PAL_STATUS_SUCCESS; +} + +/** + @brief - This function parses the input string and writes bytes into UART TX FIFO + @param - str : Input String + - data : Value for format specifier + @return - SUCCESS/FAILURE +**/ + +int pal_print_ns(char *str, int32_t data) +{ + pal_uart_pl011_print(str, data); + return PAL_STATUS_SUCCESS; +} + +/** + @brief - Initializes an hardware watchdog timer + @param - base_addr : Base address of the watchdog module + - time_us : Time in micro seconds + - timer_tick_us : Number of ticks per micro second + @return - SUCCESS/FAILURE +**/ +int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us) +{ + return pal_wd_cmsdk_init(base_addr, time_us, timer_tick_us); +} + +/** + @brief - Enables a hardware watchdog timer + @param - base_addr : Base address of the watchdog module + @return - SUCCESS/FAILURE +**/ +int pal_wd_timer_enable_ns(addr_t base_addr) +{ + return pal_wd_cmsdk_enable(base_addr); +} + +/** + @brief - Disables a hardware watchdog timer + @param - base_addr : Base address of the watchdog module + @return - SUCCESS/FAILURE +**/ +int pal_wd_timer_disable_ns(addr_t base_addr) +{ + return pal_wd_cmsdk_disable(base_addr); +} + +/** + @brief - Reads from given non-volatile address. + @param - base : Base address of nvmem + offset : Offset + buffer : Pointer to source address + size : Number of bytes + @return - SUCCESS/FAILURE +**/ +int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size) +{ + if (nvmem_read(base, offset, buffer, size)) + { + return PAL_STATUS_SUCCESS; + } + else + { + return PAL_STATUS_ERROR; + } +} + +/** + @brief - Writes into given non-volatile address. + @param - base : Base address of nvmem + offset : Offset + buffer : Pointer to source address + size : Number of bytes + @return - SUCCESS/FAILURE +**/ +int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size) +{ + if (nvmem_write(base, offset, buffer, size)) + { + return PAL_STATUS_SUCCESS; + } + else + { + return PAL_STATUS_ERROR; + } +} + +/** + * @brief - This function will read peripherals using SPI commands + * @param - addr : address of the peripheral + * data : read buffer + * len : length of the read buffer in bytes + * @return - error status +**/ +int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len) +{ + return 0xFF; +} + +/** + * @brief - Terminates the simulation at the end of all tests completion. + * By default, it put cpus into power down mode. + * @param - void + * @return - void +**/ +void pal_terminate_simulation(void) +{ + /* Add logic to terminate the simluation */ + + while (1) + { + asm volatile("WFI"); + } +} diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config.h new file mode 100644 index 00000000..1518e910 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config.h @@ -0,0 +1,323 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +/* + * \file pal_crypto_config.h + * + * \brief Configuration options for crypto tests (set of defines) + * + * This set of compile-time options may be used to enable + * or disable features selectively for crypto test suite + */ + +#ifndef _PAL_CRYPTO_CONFIG_H_ +#define _PAL_CRYPTO_CONFIG_H_ +/** + * \def ARCH_TEST_RSA + * + * Enable the RSA public-key cryptosystem. + * By default all supported keys are enabled. + * + * Comment macros to disable the types + */ +#define ARCH_TEST_RSA +#define ARCH_TEST_RSA_1024 +#define ARCH_TEST_RSA_2048 +#define ARCH_TEST_RSA_3072 + +/** + * \def ARCH_TEST_ECC + * \def ARCH_TEST_ECC_CURVE_SECPXXXR1 + * + * Enable the elliptic curve + * Enable specific curves within the Elliptic Curve + * module. By default all supported curves are enabled. + * + * Requires: ARCH_TEST_ECC + * Comment macros to disable the curve + */ +#define ARCH_TEST_ECC +#define ARCH_TEST_ECC_CURVE_SECP192R1 +#define ARCH_TEST_ECC_CURVE_SECP224R1 +#define ARCH_TEST_ECC_CURVE_SECP256R1 +#define ARCH_TEST_ECC_CURVE_SECP384R1 + +/** + * \def ARCH_TEST_AES + * + * Enable the AES block cipher. + * By default all supported keys are enabled. + * + * Comment macros to disable the types + */ +#define ARCH_TEST_AES +#define ARCH_TEST_AES_128 +#define ARCH_TEST_AES_192 +#define ARCH_TEST_AES_256 +#define ARCH_TEST_AES_512 + +/** + * \def ARCH_TEST_DES + * + * Enable the DES block cipher. + * By default all supported keys are enabled. + * + * Comment macros to disable the types + */ +//#define ARCH_TEST_DES +//#define ARCH_TEST_DES_1KEY +//#define ARCH_TEST_DES_2KEY +//#define ARCH_TEST_DES_3KEY + +/** + * \def ARCH_TEST_RAW + * + * A "key" of this type cannot be used for any cryptographic operation. + * Applications may use this type to store arbitrary data in the keystore. + */ +#define ARCH_TEST_RAW + +/** + * \def ARCH_TEST_CIPER + * + * Enable the generic cipher layer. + */ + +#define ARCH_TEST_CIPER + +/** + * \def ARCH_TEST_ARC4 + * + * Enable the ARC4 key type. + */ +//#define ARCH_TEST_ARC4 + +/** + * \def ARCH_TEST_CIPER_MODE_CTR + * + * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. + * + * Requires: ARCH_TEST_CIPER + */ +#define ARCH_TEST_CIPER_MODE_CTR + +/** + * \def ARCH_TEST_CIPER_MODE_CFB + * + * Enable Cipher Feedback mode (CFB) for symmetric ciphers. + * + * Requires: ARCH_TEST_CIPER + */ +#define ARCH_TEST_CIPER_MODE_CFB + +/** + * \def ARCH_TEST_CIPER_MODE_CBC + * + * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. + * + * Requires: ARCH_TEST_CIPER + */ +#define ARCH_TEST_CIPER_MODE_CBC + +/** + * \def ARCH_TEST_CTR_AES + * + * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CTR + */ +#define ARCH_TEST_CTR_AES + +/** + * \def ARCH_TEST_CBC_AES + * + * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CBC + * + * Comment macros to disable the types + */ +#define ARCH_TEST_CBC_AES +#define ARCH_TEST_CBC_AES_NO_PADDING + +/** + * \def ARCH_TEST_CBC_NO_PADDING + * + * Requires: ARCH_TEST_CIPER, ARCH_TEST_CIPER_MODE_CBC + * + * Comment macros to disable the types + */ +#define ARCH_TEST_CBC_NO_PADDING + +/** + * \def ARCH_TEST_CFB_AES + * + * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CFB + */ +#define ARCH_TEST_CFB_AES + +/** + * \def ARCH_TEST_PKCS1V15_* + * + * Enable support for PKCS#1 v1.5 encoding. + * Enable support for PKCS#1 v1.5 operations. + * Enable support for RSA-OAEP + * + * Requires: ARCH_TEST_RSA, ARCH_TEST_PKCS1V15 + * + * Comment macros to disable the types + */ +#define ARCH_TEST_PKCS1V15 +#define ARCH_TEST_RSA_PKCS1V15_SIGN +#define ARCH_TEST_RSA_PKCS1V15_SIGN_RAW +#define ARCH_TEST_RSA_PKCS1V15_CRYPT +#define ARCH_TEST_RSA_OAEP + +/** + * \def ARCH_TEST_CBC_PKCS7 + * + * Requires: ARCH_TEST_CIPER_MODE_CBC + * + * Comment macros to disable the types + */ +#define ARCH_TEST_CBC_PKCS7 + +/** + * \def ARCH_TEST_ASYMMETRIC_ENCRYPTION + * + * Enable support for Asymmetric encryption algorithms + */ +#define ARCH_TEST_ASYMMETRIC_ENCRYPTION + +/** + * \def ARCH_TEST_HASH + * + * Enable the hash algorithm. + */ +#define ARCH_TEST_HASH + +/** + * \def ARCH_TEST_HMAC + * + * The key policy determines which underlying hash algorithm the key can be + * used for. + * + * Requires: ARCH_TEST_HASH + */ +#define ARCH_TEST_HMAC + +/** + * \def ARCH_TEST_MDX + * \def ARCH_TEST_SHAXXX + * + * Enable the MDX algorithm. + * Enable the SHAXXX algorithm. + * + * Requires: ARCH_TEST_HASH + * + * Comment macros to disable the types + */ +//#define ARCH_TEST_MD2 +//#define ARCH_TEST_MD4 +//#define ARCH_TEST_MD5 +//#define ARCH_TEST_RIPEMD160 +//#define ARCH_TEST_SHA1 +#define ARCH_TEST_SHA224 +#define ARCH_TEST_SHA256 +#define ARCH_TEST_SHA384 +#define ARCH_TEST_SHA512 +//#define ARCH_TEST_SHA512_224 +//#define ARCH_TEST_SHA512_256 +//#define ARCH_TEST_SHA3_224 +//#define ARCH_TEST_SHA3_256 +//#define ARCH_TEST_SHA3_384 +//#define ARCH_TEST_SHA3_512 + +/** + * \def ARCH_TEST_HKDF + * + * Enable the HKDF algorithm (RFC 5869). + * + * Requires: ARCH_TEST_HASH +*/ +#define ARCH_TEST_HKDF + +/** + * \def ARCH_TEST_xMAC + * + * Enable the xMAC (Cipher/Hash/G-based Message Authentication Code) mode for block + * ciphers. + * Requires: ARCH_TEST_AES or ARCH_TEST_DES + * + * Comment macros to disable the types + */ +#define ARCH_TEST_CMAC +#define ARCH_TEST_GMAC +#define ARCH_TEST_HMAC + +/** + * \def ARCH_TEST_CCM + * + * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. + * + * Requires: ARCH_TEST_AES + */ +#define ARCH_TEST_CCM + +/** + * \def ARCH_TEST_GCM + * + * Enable the Galois/Counter Mode (GCM) for AES. + * + * Requires: ARCH_TEST_AES + * + */ +#define ARCH_TEST_GCM + +/** + * \def ARCH_TEST_TRUNCATED_MAC + * + * Enable support for RFC 6066 truncated HMAC in SSL. + * + * Comment this macro to disable support for truncated HMAC in SSL + */ +#define ARCH_TEST_TRUNCATED_MAC + + +/** + * \def ARCH_TEST_ECDH + * + * Enable the elliptic curve Diffie-Hellman library. + * + * Requires: ARCH_TEST_ECC + */ +#define ARCH_TEST_ECDH + +/** + * \def ARCH_TEST_ECDSA + * + * Enable the elliptic curve DSA library. + * Requires: ARCH_TEST_ECC + */ +#define ARCH_TEST_ECDSA + +/** + * \def ARCH_TEST_DETERMINISTIC_ECDSA + * + * Enable deterministic ECDSA (RFC 6979). +*/ +#define ARCH_TEST_DETERMINISTIC_ECDSA + +#include "pal_crypto_config_check.h" + +#endif /* _PAL_CRYPTO_CONFIG_H_ */ diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config_check.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config_check.h new file mode 100644 index 00000000..f75cc1bc --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config_check.h @@ -0,0 +1,223 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +/** + * \file pal_crypto_config_check.h + * + * \brief Consistency checks for configuration options + * + */ + +#ifndef _PAL_CRYPTO_CONFIG_CHECK_H_ +#define _PAL_CRYPTO_CONFIG_CHECK_H_ + +#if defined(ARCH_TEST_RSA_1024) && !defined(ARCH_TEST_RSA) +#error "ARCH_TEST_RSA_1024 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_RSA_2048) && !defined(ARCH_TEST_RSA) +#error "ARCH_TEST_RSA_2048 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_RSA_3072) && !defined(ARCH_TEST_RSA) +#error "ARCH_TEST_RSA_3072 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_ECC_CURVE_SECP192R1) && !defined(ARCH_TEST_ECC) +#error "ARCH_TEST_ECC_CURVE_SECP192R1 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_ECC_CURVE_SECP224R1) && !defined(ARCH_TEST_ECC) +#error "ARCH_TEST_ECC_CURVE_SECP224R1 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_ECC_CURVE_SECP256R1) && !defined(ARCH_TEST_ECC) +#error "ARCH_TEST_ECC_CURVE_SECP256R1 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_ECC_CURVE_SECP384R1) && !defined(ARCH_TEST_ECC) +#error "ARCH_TEST_ECC_CURVE_SECP384R1 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_AES_128) && !defined(ARCH_TEST_AES) +#error "ARCH_TEST_AES_128 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_AES_256) && !defined(ARCH_TEST_AES) +#error "ARCH_TEST_AES_256 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_AES_512) && !defined(ARCH_TEST_AES) +#error "ARCH_TEST_AES_512 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_DES_1KEY) && !defined(ARCH_TEST_DES) +#error "ARCH_TEST_DES_1KEY defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_DES_2KEY) && !defined(ARCH_TEST_DES) +#error "ARCH_TEST_DES_2KEY defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_DES_3KEY) && !defined(ARCH_TEST_DES) +#error "ARCH_TEST_DES_3KEY defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_CIPER_MODE_CTR) && !defined(ARCH_TEST_CIPER) +#error "ARCH_TEST_CIPER_MODE_CTR defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_CIPER_MODE_CFB) && !defined(ARCH_TEST_CIPER) +#error "ARCH_TEST_CIPER_MODE_CFB defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_CIPER_MODE_CBC) && !defined(ARCH_TEST_CIPER) +#error "ARCH_TEST_CIPER_MODE_CBC defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_CTR_AES) &&\ + (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CTR)) +#error "ARCH_TEST_CTR_AES defined, but not all prerequisites" +#endif + +#if (defined(ARCH_TEST_CBC_AES) || defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\ + (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CBC)) +#error "ARCH_TEST_CBC_AES defined, but not all prerequisites" +#endif + +#if (defined(ARCH_TEST_CBC_NO_PADDING)) &&\ + (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_CIPER_MODE_CBC)) +#error "ARCH_TEST_CBC_NO_PADDING defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_CFB_AES) &&\ + (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CFB)) +#error "ARCH_TEST_CFB_AES defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_RSA_PKCS1V15_SIGN) &&\ + (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15)) +#error "ARCH_TEST_RSA_PKCS1V15_SIGN defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_RSA_PKCS1V15_SIGN_RAW) &&\ + (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15)) +#error "ARCH_TEST_RSA_PKCS1V15_SIGN_RAW defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_RSA_PKCS1V15_CRYPT) &&\ + (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15)) +#error "ARCH_TEST_RSA_PKCS1V15_CRYPT defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_CBC_PKCS7) && !defined(ARCH_TEST_CIPER_MODE_CBC) +#error "ARCH_TEST_CBC_PKCS7 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_HMAC) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_HMAC defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_MD2) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_MD2 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_MD4) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_MD4 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_MD5) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_MD5 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_RIPEMD160) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_RIPEMD160 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_SHA1) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_SHA1 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_SHA224) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_SHA224 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_SHA256) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_SHA256 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_SHA512) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_SHA512 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_SHA512_224) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_SHA512_224 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_SHA512_256) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_SHA512_256 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_SHA3_224) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_SHA3_224 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_SHA3_256) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_SHA3_384) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_SHA3_512) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_HKDF) && !defined(ARCH_TEST_HASH) +#error "ARCH_TEST_HKDF defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_CMAC) && !defined(ARCH_TEST_AES) +#error "ARCH_TEST_CMAC defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_GMAC) && !defined(ARCH_TEST_AES) +#error "ARCH_TEST_GMAC defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_HMAC) && !defined(ARCH_TEST_AES) +#error "ARCH_TEST_HMAC defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_CCM) && !defined(ARCH_TEST_AES) +#error "ARCH_TEST_CCM defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_GCM) && !defined(ARCH_TEST_AES) +#error "ARCH_TEST_GCM defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_ECDH) && !defined(ARCH_TEST_ECC) +#error "ARCH_TEST_ECDH defined, but not all prerequisites" +#endif + +#if defined(ARCH_TEST_ECDSA) && !defined(ARCH_TEST_ECC) +#error "ARCH_TEST_ECDSA defined, but not all prerequisites" +#endif + +#endif /* _PAL_CRYPTO_CONFIG_CHECK_H_ */ diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_empty_intf.c new file mode 100644 index 00000000..6c1e9ab7 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_empty_intf.c @@ -0,0 +1,30 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#include +#include "pal_common.h" + +/** + @brief - This API will call the requested crypto function + @param - type : function code + valist : variable argument list + @return - error status +**/ +int32_t pal_crypto_function(int type, va_list valist) +{ + return PAL_STATUS_ERROR; +} diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c new file mode 100644 index 00000000..61beb444 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c @@ -0,0 +1,516 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + + +#include "pal_crypto_intf.h" + +#define PAL_KEY_SLOT_COUNT 32 + +/** + @brief - This API will call the requested crypto function + @param - type : function code + valist : variable argument list + @return - error status +**/ +int32_t pal_crypto_function(int type, va_list valist) +{ + int i; + psa_status_t status; + uint8_t *buffer, *ciphertext, *plaintext; + const uint8_t *nonce, *additional_data, *salt, *peer; + size_t *length, size, ciphertext_size, nonce_length; + size_t salt_length, peer_length, additional_data_length; +#ifdef NOT_SUPPORTED + size_t *tag_length, plaintext_size; + psa_aead_operation_t *aead_operation; +#endif + psa_key_attributes_t *attributes; + psa_key_handle_t *handle, key_handle; + psa_key_type_t *key_type_out, key_type; + psa_key_usage_t *usage_out, usage; + psa_key_id_t *key_id_out, key_id; + psa_key_lifetime_t *key_lifetime_out, key_lifetime; + psa_algorithm_t *key_alg_out, key_alg, alg; + psa_hash_operation_t *hash_operation, *target_operation; + psa_mac_operation_t *mac_operation; + psa_cipher_operation_t *cipher_operation; + psa_key_derivation_operation_t *derive_operation; + psa_key_derivation_step_t step; + + switch (type) + { + case PAL_CRYPTO_INIT: + return psa_crypto_init(); + case PAL_CRYPTO_GENERATE_RANDOM: + buffer = va_arg(valist, uint8_t *); + size = va_arg(valist, int); + return psa_generate_random(buffer, size); + case PAL_CRYPTO_IMPORT_KEY: + attributes = va_arg(valist, psa_key_attributes_t *); + buffer = va_arg(valist, uint8_t *); + size = va_arg(valist, size_t); + handle = (psa_key_handle_t *)va_arg(valist, int *); + status = psa_import_key(attributes, buffer, size, handle); + return status; + case PAL_CRYPTO_SET_KEY_TYPE: + attributes = va_arg(valist, psa_key_attributes_t *); + key_type = va_arg(valist, psa_key_type_t); + psa_set_key_type(attributes, key_type); + return 0; + case PAL_CRYPTO_SET_KEY_BITS: + attributes = va_arg(valist, psa_key_attributes_t *); + size = va_arg(valist, size_t); + psa_set_key_bits(attributes, size); + return 0; + case PAL_CRYPTO_GET_KEY_ATTRIBUTES: + key_handle = (psa_key_handle_t)va_arg(valist, int); + attributes = va_arg(valist, psa_key_attributes_t *); + return psa_get_key_attributes(key_handle, attributes); + case PAL_CRYPTO_GET_KEY_TYPE: + attributes = va_arg(valist, psa_key_attributes_t *); + key_type_out = va_arg(valist, psa_key_type_t *); + *key_type_out = psa_get_key_type(attributes); + return 0; + case PAL_CRYPTO_EXPORT_KEY: + key_handle = (psa_key_handle_t)va_arg(valist, int); + buffer = (uint8_t *)(va_arg(valist, uint8_t *)); + size = va_arg(valist, size_t); + length = (size_t *)va_arg(valist, size_t *); + return psa_export_key(key_handle, buffer, size, length); + case PAL_CRYPTO_SET_KEY_USAGE_FLAGS: + attributes = va_arg(valist, psa_key_attributes_t *); + usage = va_arg(valist, psa_key_usage_t); + psa_set_key_usage_flags(attributes, usage); + return 0; + case PAL_CRYPTO_RESET_KEY_ATTRIBUTES: + attributes = va_arg(valist, psa_key_attributes_t *); + psa_reset_key_attributes(attributes); + return 0; + case PAL_CRYPTO_EXPORT_PUBLIC_KEY: + key_handle = (psa_key_handle_t)va_arg(valist, int); + buffer = (uint8_t *)(va_arg(valist, uint8_t *)); + size = va_arg(valist, size_t); + length = (size_t *)va_arg(valist, size_t *); + return psa_export_public_key(key_handle, buffer, size, length); + case PAL_CRYPTO_SET_KEY_ID: + attributes = va_arg(valist, psa_key_attributes_t *); + key_id = va_arg(valist, psa_key_id_t); + psa_set_key_id(attributes, key_id); + return 0; + case PAL_CRYPTO_SET_KEY_LIFETIME: + attributes = va_arg(valist, psa_key_attributes_t *); + key_lifetime = va_arg(valist, psa_key_lifetime_t); + psa_set_key_lifetime(attributes, key_lifetime); + return 0; + case PAL_CRYPTO_SET_KEY_ALGORITHM: + attributes = va_arg(valist, psa_key_attributes_t *); + key_alg = va_arg(valist, psa_algorithm_t); + psa_set_key_algorithm(attributes, key_alg); + return 0; + case PAL_CRYPTO_GET_KEY_ID: + attributes = va_arg(valist, psa_key_attributes_t *); + key_id_out = va_arg(valist, psa_key_id_t *); + *key_id_out = psa_get_key_id(attributes); + return 0; + case PAL_CRYPTO_GET_KEY_LIFETIME: + attributes = va_arg(valist, psa_key_attributes_t *); + key_lifetime_out = va_arg(valist, psa_key_lifetime_t *); + *key_lifetime_out = psa_get_key_lifetime(attributes); + return 0; + case PAL_CRYPTO_GET_KEY_USAGE_FLAGS: + attributes = va_arg(valist, psa_key_attributes_t *); + usage_out = va_arg(valist, psa_key_usage_t *); + *usage_out = psa_get_key_usage_flags(attributes); + return 0; + case PAL_CRYPTO_GET_KEY_ALGORITHM: + attributes = va_arg(valist, psa_key_attributes_t *); + key_alg_out = va_arg(valist, psa_algorithm_t *); + *key_alg_out = psa_get_key_algorithm(attributes); + return 0; + case PAL_CRYPTO_GET_KEY_BITS: + attributes = va_arg(valist, psa_key_attributes_t *); + length = va_arg(valist, size_t *); + *length = psa_get_key_bits(attributes); + return 0; + case PAL_CRYPTO_DESTROY_KEY: + key_handle = (psa_key_handle_t)va_arg(valist, int); + return psa_destroy_key(key_handle); + case PAL_CRYPTO_HASH_SETUP: + hash_operation = va_arg(valist, psa_hash_operation_t*); + alg = va_arg(valist, psa_algorithm_t); + return psa_hash_setup(hash_operation, alg); + case PAL_CRYPTO_HASH_UPDATE: + hash_operation = va_arg(valist, psa_hash_operation_t*); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + return psa_hash_update(hash_operation, buffer, size); + case PAL_CRYPTO_HASH_VERIFY: + hash_operation = va_arg(valist, psa_hash_operation_t*); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + return psa_hash_verify(hash_operation, buffer, size); + case PAL_CRYPTO_HASH_FINISH: + hash_operation = va_arg(valist, psa_hash_operation_t*); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + return psa_hash_finish(hash_operation, buffer, size, length); + case PAL_CRYPTO_HASH_ABORT: + hash_operation = va_arg(valist, psa_hash_operation_t*); + return psa_hash_abort(hash_operation); +#ifdef NOT_SUPPORTED + case PAL_CRYPTO_HASH_COMPUTE: + alg = va_arg(valist, psa_algorithm_t); + plaintext = va_arg(valist, uint8_t*); + plaintext_size = va_arg(valist, size_t); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + return psa_hash_compute(alg, plaintext, plaintext_size, buffer, size, length); + case PAL_CRYPTO_HASH_COMPARE: + alg = va_arg(valist, psa_algorithm_t); + plaintext = va_arg(valist, uint8_t*); + plaintext_size = va_arg(valist, size_t); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size); +#endif + case PAL_CRYPTO_HASH_CLONE: + hash_operation = va_arg(valist, psa_hash_operation_t*); + target_operation = va_arg(valist, psa_hash_operation_t*); + return psa_hash_clone(hash_operation, target_operation); + case PAL_CRYPTO_GENERATE_KEY: + attributes = va_arg(valist, psa_key_attributes_t *); + handle = (psa_key_handle_t *)va_arg(valist, int *); + return psa_generate_key(attributes, handle); + case PAL_CRYPTO_AEAD_ENCRYPT: + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + nonce = va_arg(valist, const uint8_t *); + nonce_length = va_arg(valist, size_t); + additional_data = va_arg(valist, const uint8_t *); + additional_data_length = va_arg(valist, size_t); + plaintext = va_arg(valist, uint8_t *); + size = va_arg(valist, size_t); + ciphertext = va_arg(valist, uint8_t *); + ciphertext_size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + return psa_aead_encrypt(key_handle, alg, nonce, nonce_length, additional_data, + additional_data_length, plaintext, size, ciphertext, ciphertext_size, length); + case PAL_CRYPTO_AEAD_DECRYPT: + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + nonce = va_arg(valist, const uint8_t *); + nonce_length = va_arg(valist, size_t); + additional_data = va_arg(valist, const uint8_t *); + additional_data_length = va_arg(valist, size_t); + ciphertext = va_arg(valist, uint8_t *); + ciphertext_size = va_arg(valist, size_t); + plaintext = va_arg(valist, uint8_t *); + size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data, + additional_data_length, ciphertext, ciphertext_size, plaintext, size, length); +#ifdef NO_SUPPORT + case PAL_CRYPTO_AEAD_ENCRYPT_SETUP: + aead_operation = va_arg(valist, psa_aead_operation_t *); + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + return psa_aead_encrypt_setup(aead_operation, key_handle, alg); + case PAL_CRYPTO_AEAD_DECRYPT_SETUP: + aead_operation = va_arg(valist, psa_aead_operation_t *); + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + return psa_aead_decrypt_setup(aead_operation, key_handle, alg); + case PAL_CRYPTO_AEAD_GENERATE_NONCE: + aead_operation = va_arg(valist, psa_aead_operation_t *); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + length = (size_t *)va_arg(valist, size_t*); + return psa_aead_generate_nonce(aead_operation, buffer, size, length); + case PAL_CRYPTO_AEAD_SET_NONCE: + aead_operation = va_arg(valist, psa_aead_operation_t *); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + return psa_aead_set_nonce(aead_operation, buffer, size); + case PAL_CRYPTO_AEAD_SET_LENGTHS: + aead_operation = va_arg(valist, psa_aead_operation_t *); + size = va_arg(valist, size_t); + plaintext_size = va_arg(valist, size_t); + return psa_aead_set_lengths(aead_operation, size, plaintext_size); + case PAL_CRYPTO_AEAD_UPDATE_AD: + aead_operation = va_arg(valist, psa_aead_operation_t *); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + return psa_aead_update_ad(aead_operation, buffer, size); + case PAL_CRYPTO_AEAD_UPDATE: + aead_operation = va_arg(valist, psa_aead_operation_t *); + plaintext = va_arg(valist, uint8_t*); + plaintext_size = va_arg(valist, size_t); + ciphertext = va_arg(valist, uint8_t*); + ciphertext_size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + return psa_aead_update(aead_operation, plaintext, plaintext_size, ciphertext, + ciphertext_size, length); + case PAL_CRYPTO_AEAD_FINISH: + aead_operation = va_arg(valist, psa_aead_operation_t *); + ciphertext = va_arg(valist, uint8_t*); + ciphertext_size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + tag_length = (size_t *)va_arg(valist, size_t*); + return psa_aead_finish(aead_operation, ciphertext, ciphertext_size, length, buffer, + size, tag_length); + case PAL_CRYPTO_AEAD_VERIFY: + aead_operation = va_arg(valist, psa_aead_operation_t *); + plaintext = va_arg(valist, uint8_t*); + plaintext_size = va_arg(valist, size_t); + length = (size_t *)va_arg(valist, size_t*); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + return psa_aead_verify(aead_operation, plaintext, plaintext_size, length, buffer, size); + case PAL_CRYPTO_AEAD_ABORT: + aead_operation = va_arg(valist, psa_aead_operation_t *); + return psa_aead_abort(aead_operation); +#endif + case PAL_CRYPTO_MAC_SIGN_SETUP: + mac_operation = va_arg(valist, psa_mac_operation_t*); + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + return psa_mac_sign_setup(mac_operation, key_handle, alg); + case PAL_CRYPTO_MAC_UPDATE: + mac_operation = va_arg(valist, psa_mac_operation_t*); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + return psa_mac_update(mac_operation, buffer, size); + case PAL_CRYPTO_MAC_SIGN_FINISH: + mac_operation = va_arg(valist, psa_mac_operation_t*); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + length = (size_t *)va_arg(valist, size_t*); + return psa_mac_sign_finish(mac_operation, buffer, size, length); + case PAL_CRYPTO_MAC_VERIFY_SETUP: + mac_operation = va_arg(valist, psa_mac_operation_t*); + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + return psa_mac_verify_setup(mac_operation, key_handle, alg); + case PAL_CRYPTO_MAC_VERIFY_FINISH: + mac_operation = va_arg(valist, psa_mac_operation_t*); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + return psa_mac_verify_finish(mac_operation, buffer, size); + case PAL_CRYPTO_MAC_ABORT: + mac_operation = va_arg(valist, psa_mac_operation_t*); + return psa_mac_abort(mac_operation); +#ifdef NO_SUPPORT + case PAL_CRYPTO_MAC_COMPUTE: + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + plaintext = va_arg(valist, uint8_t*); + plaintext_size = va_arg(valist, size_t); + ciphertext = va_arg(valist, uint8_t*); + ciphertext_size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + return psa_mac_compute(key_handle, alg, plaintext, plaintext_size, ciphertext, + ciphertext_size, length); + case PAL_CRYPTO_MAC_VERIFY: + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + plaintext = va_arg(valist, uint8_t*); + plaintext_size = va_arg(valist, size_t); + ciphertext = va_arg(valist, uint8_t*); + ciphertext_size = va_arg(valist, size_t); + return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext, + ciphertext_size); + case PAL_CRYPTO_ASYMMTERIC_ENCRYPT: + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + plaintext = va_arg(valist, uint8_t *); + size = va_arg(valist, size_t); + salt = va_arg(valist, const uint8_t *); + salt_length = va_arg(valist, size_t); + ciphertext = va_arg(valist, uint8_t *); + ciphertext_size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + return psa_asymmetric_encrypt(key_handle, alg, plaintext, size, salt, salt_length, + ciphertext, ciphertext_size, length); + case PAL_CRYPTO_ASYMMTERIC_DECRYPT: + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + plaintext = va_arg(valist, uint8_t *); + size = va_arg(valist, size_t); + salt = va_arg(valist, const uint8_t *); + salt_length = va_arg(valist, size_t); + ciphertext = va_arg(valist, uint8_t *); + ciphertext_size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + return psa_asymmetric_decrypt(key_handle, alg, plaintext, size, salt, salt_length, + ciphertext, ciphertext_size, length); + case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP: + cipher_operation = va_arg(valist, psa_cipher_operation_t *); + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + return psa_cipher_encrypt_setup(cipher_operation, key_handle, alg); + case PAL_CRYPTO_CIPHER_DECRYPT_SETUP: + cipher_operation = va_arg(valist, psa_cipher_operation_t *); + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + return psa_cipher_decrypt_setup(cipher_operation, key_handle, alg); + case PAL_CRYPTO_CIPHER_GENERATE_IV: + cipher_operation = va_arg(valist, psa_cipher_operation_t *); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + return psa_cipher_generate_iv(cipher_operation, buffer, size, length); + case PAL_CRYPTO_CIPHER_SET_IV: + cipher_operation = va_arg(valist, psa_cipher_operation_t *); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + return psa_cipher_set_iv(cipher_operation, buffer, size); + case PAL_CRYPTO_CIPHER_UPDATE: + cipher_operation = va_arg(valist, psa_cipher_operation_t *); + plaintext = va_arg(valist, uint8_t *); + size = va_arg(valist, size_t); + ciphertext = va_arg(valist, uint8_t *); + ciphertext_size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size, + length); + case PAL_CRYPTO_CIPHER_FINISH: + cipher_operation = va_arg(valist, psa_cipher_operation_t *); + ciphertext = va_arg(valist, uint8_t *); + ciphertext_size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + return psa_cipher_finish(cipher_operation, ciphertext, ciphertext_size, length); + case PAL_CRYPTO_CIPHER_ABORT: + cipher_operation = va_arg(valist, psa_cipher_operation_t *); + return psa_cipher_abort(cipher_operation); +#ifdef NO_SUPPORT + case PAL_CRYPTO_CIPHER_ENCRYPT: + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + plaintext = va_arg(valist, uint8_t *); + size = va_arg(valist, size_t); + ciphertext = va_arg(valist, uint8_t *); + ciphertext_size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + return psa_cipher_encrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size, + length); + case PAL_CRYPTO_CIPHER_DECRYPT: + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + plaintext = va_arg(valist, uint8_t *); + size = va_arg(valist, size_t); + ciphertext = va_arg(valist, uint8_t *); + ciphertext_size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size, + length); +#endif + case PAL_CRYPTO_ASYMMTERIC_SIGN: + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + ciphertext = va_arg(valist, uint8_t *); + ciphertext_size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + return psa_asymmetric_sign(key_handle, alg, buffer, size, ciphertext, ciphertext_size, + length); + case PAL_CRYPTO_ASYMMTERIC_VERIFY: + key_handle = (psa_key_handle_t)va_arg(valist, int); + alg = va_arg(valist, psa_algorithm_t); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + ciphertext = va_arg(valist, uint8_t *); + ciphertext_size = va_arg(valist, size_t); + return psa_asymmetric_verify(key_handle, alg, buffer, size, ciphertext, + ciphertext_size); + case PAL_CRYPTO_RAW_KEY_AGREEMENT: + alg = va_arg(valist, psa_algorithm_t); + key_handle = (psa_key_handle_t)va_arg(valist, int); + peer = va_arg(valist, uint8_t*); + peer_length = va_arg(valist, size_t); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + length = va_arg(valist, size_t*); + return psa_raw_key_agreement(alg, key_handle, peer, peer_length, buffer, size, length); + case PAL_CRYPTO_COPY_KEY: + key_handle = (psa_key_handle_t)va_arg(valist, int); + attributes = va_arg(valist, psa_key_attributes_t *); + handle = (psa_key_handle_t *)va_arg(valist, int *); + return psa_copy_key(key_handle, attributes, handle); + case PAL_CRYPTO_KEY_DERIVATION_SETUP: + derive_operation = va_arg(valist, psa_key_derivation_operation_t *); + alg = va_arg(valist, psa_algorithm_t); + return psa_key_derivation_setup(derive_operation, alg); + case PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES: + derive_operation = va_arg(valist, psa_key_derivation_operation_t *); + step = (psa_key_derivation_step_t)va_arg(valist, int); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + return psa_key_derivation_input_bytes(derive_operation, step, buffer, size); + case PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY: + derive_operation = va_arg(valist, psa_key_derivation_operation_t *); + step = (psa_key_derivation_step_t)va_arg(valist, int); + key_handle = (psa_key_handle_t)va_arg(valist, int); + return psa_key_derivation_input_key(derive_operation, step, key_handle); + case PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT: + derive_operation = va_arg(valist, psa_key_derivation_operation_t *); + step = (psa_key_derivation_step_t)va_arg(valist, int); + key_handle = (psa_key_handle_t)va_arg(valist, int); + peer = va_arg(valist, uint8_t*); + peer_length = va_arg(valist, size_t); + return psa_key_derivation_key_agreement(derive_operation, step, key_handle, peer, + peer_length); + case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES: + derive_operation = va_arg(valist, psa_key_derivation_operation_t *); + buffer = va_arg(valist, uint8_t*); + size = va_arg(valist, size_t); + return psa_key_derivation_output_bytes(derive_operation, buffer, size); + case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY: + attributes = va_arg(valist, psa_key_attributes_t *); + derive_operation = va_arg(valist, psa_key_derivation_operation_t *); + handle = (psa_key_handle_t *)va_arg(valist, int *); + return psa_key_derivation_output_key(attributes, derive_operation, handle); + case PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY: + derive_operation = va_arg(valist, psa_key_derivation_operation_t *); + size = va_arg(valist, size_t); + return psa_key_derivation_set_capacity(derive_operation, size); + case PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY: + derive_operation = va_arg(valist, psa_key_derivation_operation_t *); + length = va_arg(valist, size_t *); + return psa_key_derivation_get_capacity(derive_operation, length); + case PAL_CRYPTO_KEY_DERIVATION_ABORT: + derive_operation = va_arg(valist, psa_key_derivation_operation_t *); + return psa_key_derivation_abort(derive_operation); + case PAL_CRYPTO_OPEN_KEY: + key_id = va_arg(valist, psa_key_id_t); + handle = (psa_key_handle_t *)va_arg(valist, int *); + return psa_open_key(key_id, handle); + case PAL_CRYPTO_CLOSE_KEY: + key_handle = (psa_key_handle_t)va_arg(valist, int); + return psa_close_key(key_handle); + case PAL_CRYPTO_FREE: + for (i = 0; i < PAL_KEY_SLOT_COUNT; i++) + psa_destroy_key(i); + return 0; + default: + return PAL_STATUS_UNSUPPORTED_FUNC; + } +} diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_intf.h new file mode 100644 index 00000000..83071cea --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_intf.h @@ -0,0 +1,103 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#ifndef _PAL_CRYPTO_INTF_H_ +#define _PAL_CRYPTO_INTF_H_ + +#include "pal_common.h" + +enum crypto_function_code { + PAL_CRYPTO_INIT = 0x1, + PAL_CRYPTO_GENERATE_RANDOM = 0x2, + PAL_CRYPTO_IMPORT_KEY = 0x3, + PAL_CRYPTO_EXPORT_KEY = 0x4, + PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5, + PAL_CRYPTO_DESTROY_KEY = 0x6, + PAL_CRYPTO_HASH_SETUP = 0x7, + PAL_CRYPTO_HASH_UPDATE = 0x8, + PAL_CRYPTO_HASH_VERIFY = 0x9, + PAL_CRYPTO_HASH_FINISH = 0xA, + PAL_CRYPTO_HASH_ABORT = 0xB, + PAL_CRYPTO_GENERATE_KEY = 0xC, + PAL_CRYPTO_AEAD_ENCRYPT = 0xD, + PAL_CRYPTO_AEAD_DECRYPT = 0xE, + PAL_CRYPTO_MAC_SIGN_SETUP = 0xF, + PAL_CRYPTO_MAC_UPDATE = 0x10, + PAL_CRYPTO_MAC_SIGN_FINISH = 0x11, + PAL_CRYPTO_MAC_VERIFY_SETUP = 0x12, + PAL_CRYPTO_MAC_VERIFY_FINISH = 0x13, + PAL_CRYPTO_MAC_ABORT = 0x14, + PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x15, + PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x16, + PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x17, + PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x18, + PAL_CRYPTO_CIPHER_GENERATE_IV = 0x19, + PAL_CRYPTO_CIPHER_SET_IV = 0x1A, + PAL_CRYPTO_CIPHER_UPDATE = 0x1B, + PAL_CRYPTO_CIPHER_FINISH = 0x1C, + PAL_CRYPTO_CIPHER_ABORT = 0x1D, + PAL_CRYPTO_ASYMMTERIC_SIGN = 0x1E, + PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x1F, + PAL_CRYPTO_COPY_KEY = 0x20, + PAL_CRYPTO_SET_KEY_TYPE = 0x21, + PAL_CRYPTO_SET_KEY_BITS = 0x22, + PAL_CRYPTO_GET_KEY_ATTRIBUTES = 0x23, + PAL_CRYPTO_GET_KEY_TYPE = 0x24, + PAL_CRYPTO_SET_KEY_USAGE_FLAGS = 0x25, + PAL_CRYPTO_RESET_KEY_ATTRIBUTES = 0x26, + PAL_CRYPTO_SET_KEY_ID = 0x27, + PAL_CRYPTO_SET_KEY_LIFETIME = 0x28, + PAL_CRYPTO_SET_KEY_ALGORITHM = 0x29, + PAL_CRYPTO_GET_KEY_ID = 0x2A, + PAL_CRYPTO_GET_KEY_LIFETIME = 0x2B, + PAL_CRYPTO_GET_KEY_USAGE_FLAGS = 0x2C, + PAL_CRYPTO_GET_KEY_ALGORITHM = 0x2D, + PAL_CRYPTO_GET_KEY_BITS = 0x2E, + PAL_CRYPTO_HASH_COMPUTE = 0x2F, + PAL_CRYPTO_HASH_COMPARE = 0x30, + PAL_CRYPTO_KEY_DERIVATION_SETUP = 0x31, + PAL_CRYPTO_KEY_DERIVATION_ABORT = 0x32, + PAL_CRYPTO_RAW_KEY_AGREEMENT = 0x33, + PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES = 0x34, + PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY = 0x35, + PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT = 0x36, + PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES = 0x37, + PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY = 0x38, + PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY = 0x39, + PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY = 0x3A, + PAL_CRYPTO_HASH_CLONE = 0x3B, + PAL_CRYPTO_MAC_COMPUTE = 0x3C, + PAL_CRYPTO_MAC_VERIFY = 0x3D, + PAL_CRYPTO_CIPHER_ENCRYPT = 0x3F, + PAL_CRYPTO_CIPHER_DECRYPT = 0x40, + PAL_CRYPTO_OPEN_KEY = 0x41, + PAL_CRYPTO_CLOSE_KEY = 0x42, + PAL_CRYPTO_AEAD_ENCRYPT_SETUP = 0x43, + PAL_CRYPTO_AEAD_DECRYPT_SETUP = 0x44, + PAL_CRYPTO_AEAD_GENERATE_NONCE = 0x45, + PAL_CRYPTO_AEAD_SET_NONCE = 0x46, + PAL_CRYPTO_AEAD_SET_LENGTHS = 0X47, + PAL_CRYPTO_AEAD_UPDATE_AD = 0x48, + PAL_CRYPTO_AEAD_UPDATE = 0x49, + PAL_CRYPTO_AEAD_FINISH = 0x4A, + PAL_CRYPTO_AEAD_VERIFY = 0x4B, + PAL_CRYPTO_AEAD_ABORT = 0x4C, + PAL_CRYPTO_FREE = 0xFE, +}; + +int32_t pal_crypto_function(int type, va_list valist); +#endif /* _PAL_CRYPTO_INTF_H_ */ diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.c new file mode 100644 index 00000000..e7ec66b4 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.c @@ -0,0 +1,344 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#include "pal_attestation_crypto.h" + +static uint32_t public_key_registered; +static psa_key_handle_t public_key_handle; + +static inline struct q_useful_buf_c useful_buf_head(struct q_useful_buf_c buf, + size_t amount) +{ + return UsefulBuf_Head(buf, amount); +} + +static psa_algorithm_t cose_hash_alg_id_to_psa(int32_t cose_hash_alg_id) +{ + psa_algorithm_t status; + + switch (cose_hash_alg_id) + { + case COSE_ALG_SHA256_PROPRIETARY: + status = PSA_ALG_SHA_256; + break; + default: + status = PSA_ALG_MD4; + break; + } + + return status; +} + +static int32_t hash_alg_id_from_sig_alg_id(int32_t cose_sig_alg_id) +{ + switch (cose_sig_alg_id) + { + case COSE_ALGORITHM_ES256: + return COSE_ALG_SHA256_PROPRIETARY; + default: + return INT32_MAX; + } +} + +int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id) +{ + psa_algorithm_t psa_alg; + psa_status_t status = PSA_ERROR_GENERIC_ERROR; + + /* Map the algorithm ID */ + psa_alg = cose_hash_alg_id_to_psa(cose_hash_alg_id); + + /* Actually do the hash set up */ + status = psa_hash_setup(psa_hash, psa_alg); + + return status; + +} + +void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash, + struct q_useful_buf_c data_to_hash) +{ + if (data_to_hash.ptr == NULL) { + /* No data was passed in to be hashed indicating the mode of use is + * the computation of the size of hash. This mode is hashing is used + * by t_cose when it is requested to compute the size of the signed + * data it might compute, which is in turn used to compute the + * size of a would be token. When computing the size, the size + * like this, there is nothing to do in update() + */ + return; + } + + /* Actually hash the data */ + psa_hash_update(psa_hash, data_to_hash.ptr, data_to_hash.len); +} + +int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash, + struct q_useful_buf buffer_to_hold_result, + struct q_useful_buf_c *hash_result) +{ + psa_status_t status = PSA_ERROR_GENERIC_ERROR; + + /* Actually finish up the hash */ + status = psa_hash_finish(psa_hash, buffer_to_hold_result.ptr, + buffer_to_hold_result.len, &(hash_result->len)); + hash_result->ptr = buffer_to_hold_result.ptr; + + return status; + +} + +int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash, + struct q_useful_buf_c *hash) +{ + psa_status_t status = PSA_ERROR_GENERIC_ERROR; + psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT; + + status = pal_cose_crypto_hash_start(&psa_hash, COSE_ALG_SHA256_PROPRIETARY); + if (status != PSA_SUCCESS) + goto Done; + + pal_cose_crypto_hash_update(&psa_hash, bytes_to_hash); + + status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash); + if (status != PSA_SUCCESS) + goto Done; +Done: + return status; +} + +uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash, + struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers, + struct q_useful_buf_c payload) +{ + uint32_t status; + QCBOREncodeContext cbor_encode_ctx; + struct q_useful_buf_c tbs_first_part; + QCBORError qcbor_result; + int32_t hash_alg_id; + UsefulBuf_MAKE_STACK_UB (buffer_for_TBS_first_part, T_COSE_SIZE_OF_TBS); + psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT; + + /* This builds the CBOR-format to-be-signed bytes */ + QCBOREncode_Init(&cbor_encode_ctx, buffer_for_TBS_first_part); + QCBOREncode_OpenArray(&cbor_encode_ctx); + + /* context */ + QCBOREncode_AddSZString(&cbor_encode_ctx, COSE_SIG_CONTEXT_STRING_SIGNATURE1); + + /* body_protected */ + QCBOREncode_AddBytes(&cbor_encode_ctx, protected_headers); + + /* sign_protected is not used for Sign1 */ + /* external_aad */ + QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C); + + /* The short fake payload. */ + QCBOREncode_AddBytesLenOnly(&cbor_encode_ctx, payload); + QCBOREncode_CloseArray(&cbor_encode_ctx); + + /* Get the result and convert it to struct q_useful_buf_c representation */ + qcbor_result = QCBOREncode_Finish(&cbor_encode_ctx, &tbs_first_part); + if (qcbor_result) + { + /* Mainly means that the protected_headers were too big + * (which should never happen) + */ + status = PAL_ATTEST_ERR_SIGN_STRUCT; + goto Done; + } + + /* Start the hashing */ + hash_alg_id = hash_alg_id_from_sig_alg_id(cose_alg_id); + + /* Don't check hash_alg_id for failure. pal_cose_crypto_hash_start() + * will handle it properly + */ + status = pal_cose_crypto_hash_start(&psa_hash, hash_alg_id); + if (status) + goto Done; + + /* This is hashing of the first part, all the CBOR + * except the payload. + */ + pal_cose_crypto_hash_update(&psa_hash, useful_buf_head(tbs_first_part, tbs_first_part.len)); + + /* Hash the payload, the second part. */ + pal_cose_crypto_hash_update(&psa_hash, payload); + + /* Finish the hash and set up to return it */ + status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash); + +Done: + return status; +} + +static int32_t pal_attest_get_public_key(uint8_t *public_key_buff, size_t public_key_buf_size, + size_t *public_key_len, psa_ecc_curve_t *elliptic_curve_type) +{ + int32_t status = PAL_ATTEST_ERROR; + +#ifdef PLATFORM_OVERRIDE_ATTEST_PK + if (public_key_buf_size < (attest_key.pubx_key_size + attest_key.puby_key_size + 1)) + return PAL_ATTEST_ERR_SMALL_BUFFER; + + *public_key_len = (attest_key.pubx_key_size + attest_key.puby_key_size + 1); + *elliptic_curve_type = PSA_ECC_CURVE_SECP256R1; + memcpy(public_key_buff, (void *)&attest_public_key, *public_key_len); + status = PSA_SUCCESS; +#else + status = tfm_initial_attest_get_public_key(public_key_buff, + public_key_buf_size, + public_key_len, + elliptic_curve_type); +#endif + + return status; +} + +static uint32_t pal_import_attest_key(psa_algorithm_t key_alg) +{ + psa_status_t status = PAL_ATTEST_ERROR; + psa_key_usage_t usage = PSA_KEY_USAGE_VERIFY; + psa_ecc_curve_t ecc_curve; + psa_key_type_t attest_key_type; + size_t public_key_size; + uint8_t public_key_buff[ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH] = {0}; + +#if defined(CRYPTO_VERSION_BETA1) || defined(CRYPTO_VERSION_BETA2) + psa_key_policy_t policy; + + if (!public_key_registered) + { + status = pal_attest_get_public_key(public_key_buff, + sizeof(public_key_buff), + &public_key_size, + &ecc_curve); + if (status != PSA_SUCCESS) + return PAL_ATTEST_ERR_KEY_FAIL; + + if (ecc_curve == USHRT_MAX) + return PAL_ATTEST_ERROR; + + /* Set key type for public key */ + attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve); + + /* Setup the key policy for public key */ + policy = psa_key_policy_init(); + psa_key_policy_set_usage(&policy, usage, key_alg); + + status = psa_allocate_key(&public_key_handle); + if (status != PSA_SUCCESS) + return PAL_ATTEST_ERR_KEY_FAIL; + + status = psa_set_key_policy(public_key_handle, &policy); + if (status != PSA_SUCCESS) + return PAL_ATTEST_ERR_KEY_FAIL; + + /* Import the public key */ + status = psa_import_key(public_key_handle, + attest_key_type, + public_key_buff, + public_key_size); + if (status != PSA_SUCCESS) + return PAL_ATTEST_ERR_KEY_FAIL; + + public_key_registered = 1; + } + +#elif defined(CRYPTO_VERSION_BETA3) + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + if (!public_key_registered) + { + status = pal_attest_get_public_key(public_key_buff, + sizeof(public_key_buff), + &public_key_size, + &ecc_curve); + if (status != PSA_SUCCESS) + return PAL_ATTEST_ERR_KEY_FAIL; + + if (ecc_curve == USHRT_MAX) + return PAL_ATTEST_ERROR; + + /* Set key type for public key */ + attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve); + + /* Set the attributes for the public key */ + psa_set_key_type(&attributes, attest_key_type); + psa_set_key_bits(&attributes, public_key_size); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, key_alg); + psa_set_key_bits(&attributes, 0); + + /* Import the public key */ + status = psa_import_key(&attributes, + public_key_buff, + public_key_size, + &public_key_handle); + if (status != PSA_SUCCESS) + return PAL_ATTEST_ERR_KEY_FAIL; + + public_key_registered = 1; + } +#endif + + return status; +} + +static uint32_t pal_destroy_attest_key(void) +{ + psa_status_t status; + + if (!public_key_registered) + return PAL_ATTEST_ERR_KEY_FAIL; + + status = psa_destroy_key(public_key_handle); + if (status != PSA_SUCCESS) + return PAL_ATTEST_ERR_KEY_FAIL; + + public_key_registered = 0; + + return PAL_ATTEST_SUCCESS; +} + +uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, + struct q_useful_buf_c token_hash, + struct q_useful_buf_c signature) +{ + int32_t status = PAL_ATTEST_ERROR; + psa_algorithm_t key_alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256); + + /* Register the attestation public key */ + status = pal_import_attest_key(key_alg); + if (status != PAL_ATTEST_SUCCESS) + return status; + + /* Verify the signature */ + status = psa_asymmetric_verify(public_key_handle, + key_alg, token_hash.ptr, token_hash.len, + signature.ptr, signature.len); + if (status != PSA_SUCCESS) + return PAL_ATTEST_ERR_SIGNATURE_FAIL; + + /* Unregister the attestation public key */ + status = pal_destroy_attest_key(); + if (status != PSA_SUCCESS) + return PAL_ATTEST_ERR_KEY_FAIL; + + return PAL_ATTEST_SUCCESS; +} diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.h new file mode 100644 index 00000000..9ca96375 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.h @@ -0,0 +1,88 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#ifndef _PAL_ATTESTATION_CRYPTO_H_ +#define _PAL_ATTESTATION_CRYPTO_H_ + +#include "pal_attestation_eat.h" + +#define ATTEST_PUBLIC_KEY_SLOT 4 +#define ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH (1 + 2 * PSA_BITS_TO_BYTES(256)) + +typedef struct { + uint8_t *pubx_key; + size_t pubx_key_size; + uint8_t *puby_key; + size_t puby_key_size; +} ecc_key_t; + +struct ecc_public_key_t { + const uint8_t a; + uint8_t public_key[]; /* X-coordinate || Y-coordinate */ +}; + +static const struct ecc_public_key_t attest_public_key = { + /* Constant byte */ + 0x04, + /* X-coordinate */ + {0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6, + 0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A, + 0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D, + 0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F, + /* Y-coordinate */ + 0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF, + 0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D, + 0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08, + 0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64}, +}; + +static const uint8_t initial_attestation_public_x_key[] = { + 0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6, + 0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A, + 0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D, + 0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F +}; + +static const uint8_t initial_attestation_public_y_key[] = { + 0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF, + 0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D, + 0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08, + 0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64 +}; + +/* Initialize the structure with given public key */ +static const ecc_key_t attest_key = { + (uint8_t *)initial_attestation_public_x_key, + sizeof(initial_attestation_public_x_key), + (uint8_t *)initial_attestation_public_y_key, + sizeof(initial_attestation_public_y_key) +}; + +int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id); +void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash, + struct q_useful_buf_c data_to_hash); +int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash, + struct q_useful_buf buffer_to_hold_result, + struct q_useful_buf_c *hash_result); +int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash, + struct q_useful_buf_c *hash); +uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash, + struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers, + struct q_useful_buf_c payload); +uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash, + struct q_useful_buf_c signature); +#endif /* _PAL_ATTESTATION_CRYPTO_H_ */ diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_eat.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_eat.h new file mode 100644 index 00000000..fa61d6a3 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_eat.h @@ -0,0 +1,80 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#ifndef _PAL_ATTESTATION_EAT_H_ +#define _PAL_ATTESTATION_EAT_H_ + +#include "qcbor.h" +#include "pal_common.h" + +#define PAL_ATTEST_MIN_ERROR 30 + +#define COSE_ALGORITHM_ES256 -7 +#define COSE_ALG_SHA256_PROPRIETARY -72000 + +#define USEFUL_BUF_MAKE_STACK_UB UsefulBuf_MAKE_STACK_UB + +#define COSE_SIG_CONTEXT_STRING_SIGNATURE1 "Signature1" + +/* Private value. Intentionally not documented for Doxygen. + * This is the size allocated for the encoded protected headers. It + * needs to be big enough for make_protected_header() to succeed. It + * currently sized for one header with an algorithm ID up to 32 bits + * long -- one byte for the wrapping map, one byte for the label, 5 + * bytes for the ID. If this is made accidentially too small, QCBOR will + * only return an error, and not overrun any buffers. + * + * 9 extra bytes are added, rounding it up to 16 total, in case some + * other protected header is to be added. + */ +#define T_COSE_SIGN1_MAX_PROT_HEADER (1+1+5+9) + +/** + * This is the size of the first part of the CBOR encoded TBS + * bytes. It is around 20 bytes. See create_tbs_hash(). + */ +#define T_COSE_SIZE_OF_TBS \ + 1 + /* For opening the array */ \ + sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \ + 2 + /* Overhead for encoding string */ \ + T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \ + 3 * (/* 3 NULL bstrs for fields not used */ \ + 1 /* size of a NULL bstr */ \ + ) +#define NULL_USEFUL_BUF_C NULLUsefulBufC + +enum attestation_error_code { + PAL_ATTEST_SUCCESS = 0, + PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING = PAL_ATTEST_MIN_ERROR, + PAL_ATTEST_TOKEN_CHALLENGE_MISMATCH, + PAL_ATTEST_TOKEN_NOT_SUPPORTED, + PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS, + PAL_ATTEST_HASH_LENGTH_MISMATCH, + PAL_ATTEST_HASH_MISMATCH, + PAL_ATTEST_HASH_FAIL, + PAL_ATTEST_HASH_UNSUPPORTED, + PAL_ATTEST_HASH_BUFFER_SIZE, + PAL_ATTEST_ERR_PROTECTED_HEADERS, + PAL_ATTEST_ERR_SIGN_STRUCT, + PAL_ATTEST_ERR_KEY_FAIL, + PAL_ATTEST_ERR_SIGNATURE_FAIL, + PAL_ATTEST_ERR_CBOR_STRUCTURE, + PAL_ATTEST_ERR_SMALL_BUFFER, + PAL_ATTEST_ERROR, +}; + +#endif /* _PAL_ATTESTATION_EAT_H_ */ diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_empty_intf.c new file mode 100644 index 00000000..99c94667 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_empty_intf.c @@ -0,0 +1,30 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#include +#include "pal_common.h" + +/** + @brief - This API will call the requested attestation function + @param - type : function code + valist : variable argument list + @return - error status +**/ +int32_t pal_attestation_function(int type, va_list valist) +{ + return PAL_STATUS_ERROR; +} diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c new file mode 100644 index 00000000..00bff8b5 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c @@ -0,0 +1,56 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + + +#include "pal_attestation_intf.h" + +/** + @brief - This API will call the requested attestation function + @param - type : function code + valist : variable argument list + @return - error status +**/ +int32_t pal_attestation_function(int type, va_list valist) +{ + uint8_t *challenge, *token; + size_t challenge_size, *token_size, verify_token_size, token_buffer_size; + + switch (type) + { + case PAL_INITIAL_ATTEST_GET_TOKEN: + challenge = va_arg(valist, uint8_t*); + challenge_size = va_arg(valist, size_t); + token = va_arg(valist, uint8_t*); + token_buffer_size = va_arg(valist, size_t); + token_size = va_arg(valist, size_t*); + return psa_initial_attest_get_token(challenge, challenge_size, token, token_buffer_size, + token_size); + case PAL_INITIAL_ATTEST_GET_TOKEN_SIZE: + challenge_size = va_arg(valist, size_t); + token_size = va_arg(valist, size_t*); + return psa_initial_attest_get_token_size(challenge_size, token_size); + case PAL_INITIAL_ATTEST_VERIFY_TOKEN: + challenge = va_arg(valist, uint8_t*); + challenge_size = va_arg(valist, size_t); + token = va_arg(valist, uint8_t*); + verify_token_size = va_arg(valist, size_t); + return pal_initial_attest_verify_token(challenge, challenge_size, + token, verify_token_size); + default: + return PAL_STATUS_UNSUPPORTED_FUNC; + } +} diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.h new file mode 100644 index 00000000..235d578d --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.h @@ -0,0 +1,32 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#ifndef _PAL_ATTESTATION_INTF_H_ +#define _PAL_ATTESTATION_INTF_H_ + +#include "pal_attestation_crypto.h" + +enum attestation_function_code { + PAL_INITIAL_ATTEST_GET_TOKEN = 0x1, + PAL_INITIAL_ATTEST_GET_TOKEN_SIZE = 0x2, + PAL_INITIAL_ATTEST_VERIFY_TOKEN = 0x3, + PAL_INITIAL_ATTEST_COMPUTE_HASH = 0x4, + PAL_INITIAL_ATTEST_VERIFY_WITH_PK = 0x5, +}; + +int32_t pal_attestation_function(int type, va_list valist); +#endif /* _PAL_ATTESTATION_INTF_H_ */ diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c new file mode 100644 index 00000000..fa0ceb3b --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c @@ -0,0 +1,30 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#include +#include "pal_common.h" + +/** + @brief - This API will call the requested internal trusted storage function + @param - type : function code + valist : variable argument list + @return - error status +**/ +uint32_t pal_its_function(int type, va_list valist) +{ + return PAL_STATUS_ERROR; +} diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c new file mode 100644 index 00000000..31269ee3 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c @@ -0,0 +1,62 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + + +#include "pal_internal_trusted_storage_intf.h" + +/** + @brief - This API will call the requested internal trusted storage function + @param - type : function code + valist : variable argument list + @return - error status +**/ +uint32_t pal_its_function(int type, va_list valist) +{ + psa_storage_uid_t uid; + uint32_t data_size, offset; + const void *p_write_data; + void *p_read_data; + size_t *p_data_length; + psa_storage_create_flags_t its_create_flags; + struct psa_storage_info_t *its_p_info; + + switch (type) + { + case PAL_ITS_SET: + uid = va_arg(valist, psa_storage_uid_t); + data_size = va_arg(valist, uint32_t); + p_write_data = va_arg(valist, const void*); + its_create_flags = va_arg(valist, psa_storage_create_flags_t); + return psa_its_set(uid, data_size, p_write_data, its_create_flags); + case PAL_ITS_GET: + uid = va_arg(valist, psa_storage_uid_t); + offset = va_arg(valist, uint32_t); + data_size = va_arg(valist, uint32_t); + p_read_data = va_arg(valist, void*); + p_data_length = va_arg(valist, size_t*); + return psa_its_get(uid, offset, data_size, p_read_data, p_data_length); + case PAL_ITS_GET_INFO: + uid = va_arg(valist, psa_storage_uid_t); + its_p_info = va_arg(valist, struct psa_storage_info_t*); + return psa_its_get_info(uid, its_p_info); + case PAL_ITS_REMOVE: + uid = va_arg(valist, psa_storage_uid_t); + return psa_its_remove(uid); + default: + return PAL_STATUS_UNSUPPORTED_FUNC; + } +} diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h new file mode 100644 index 00000000..82d0ccf4 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h @@ -0,0 +1,31 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#ifndef _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_ +#define _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_ + +#include "pal_common.h" + +enum its_function_code { + PAL_ITS_SET = 0x1, + PAL_ITS_GET = 0x2, + PAL_ITS_GET_INFO = 0x3, + PAL_ITS_REMOVE = 0x4, +}; + +uint32_t pal_its_function(int type, va_list valist); +#endif /* _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_ */ diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_empty_intf.c new file mode 100644 index 00000000..bfd4b470 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_empty_intf.c @@ -0,0 +1,30 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#include +#include "pal_common.h" + +/** + @brief - This API will call the requested protected storage function + @param - type : function code + valist : variable argument list + @return - error status +**/ +uint32_t pal_ps_function(int type, va_list valist) +{ + return PAL_STATUS_ERROR; +} diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.c new file mode 100644 index 00000000..cc010272 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.c @@ -0,0 +1,77 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + + +#include "pal_protected_storage_intf.h" + +/** + @brief - This API will call the requested protected storage function + @param - type : function code + valist : variable argument list + @return - error status +**/ +uint32_t pal_ps_function(int type, va_list valist) +{ + psa_storage_uid_t uid; + uint32_t data_size, size, offset; + const void *p_write_data; + void *p_read_data; + size_t *p_data_length; + psa_storage_create_flags_t ps_create_flags; + struct psa_storage_info_t *ps_p_info; + + switch (type) + { + case PAL_PS_SET: + uid = va_arg(valist, psa_storage_uid_t); + data_size = va_arg(valist, uint32_t); + p_write_data = va_arg(valist, const void*); + ps_create_flags = va_arg(valist, psa_storage_create_flags_t); + return psa_ps_set(uid, data_size, p_write_data, ps_create_flags); + case PAL_PS_GET: + uid = va_arg(valist, psa_storage_uid_t); + offset = va_arg(valist, uint32_t); + data_size = va_arg(valist, uint32_t); + p_read_data = va_arg(valist, void*); + p_data_length = va_arg(valist, size_t*); + return psa_ps_get(uid, offset, data_size, p_read_data, p_data_length); + case PAL_PS_GET_INFO: + uid = va_arg(valist, psa_storage_uid_t); + ps_p_info = va_arg(valist, struct psa_storage_info_t*); + return psa_ps_get_info(uid, ps_p_info); + case PAL_PS_REMOVE: + uid = va_arg(valist, psa_storage_uid_t); + return psa_ps_remove(uid); + case PAL_PS_CREATE: + uid = va_arg(valist, psa_storage_uid_t); + size = va_arg(valist, uint32_t); + ps_create_flags = va_arg(valist, psa_storage_create_flags_t); + return psa_ps_create(uid, size, ps_create_flags); + case PAL_PS_SET_EXTENDED: + uid = va_arg(valist, psa_storage_uid_t); + offset = va_arg(valist, uint32_t); + data_size = va_arg(valist, uint32_t); + p_write_data = va_arg(valist, const void*); + return psa_ps_set_extended(uid, offset, data_size, p_write_data); + case PAL_PS_GET_SUPPORT: + return psa_ps_get_support(); + default: + return PAL_STATUS_UNSUPPORTED_FUNC; + } + + return PAL_STATUS_UNSUPPORTED_FUNC; +} diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.h new file mode 100644 index 00000000..53d7c6cd --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.h @@ -0,0 +1,34 @@ +/** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +**/ + +#ifndef _PAL_PROTECTED_STORAGE_INTF_H_ +#define _PAL_PROTECTED_STORAGE_INTF_H_ + +#include "pal_common.h" + +enum ps_function_code { + PAL_PS_SET = 0x1, + PAL_PS_GET = 0x2, + PAL_PS_GET_INFO = 0x3, + PAL_PS_REMOVE = 0x4, + PAL_PS_CREATE = 0x5, + PAL_PS_SET_EXTENDED = 0x6, + PAL_PS_GET_SUPPORT = 0x7, +}; + +uint32_t pal_ps_function(int type, va_list valist); +#endif /* _PAL_PROTECTED_STORAGE_INTF_H_ */ diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/spe/pal_driver_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/spe/pal_driver_intf.c new file mode 100644 index 00000000..5c6b4874 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/spe/pal_driver_intf.c @@ -0,0 +1,131 @@ + /** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + **/ + +#include "pal_driver_intf.h" + +/** + @brief - This function initializes the UART + @param - uart base addr + @return - void +**/ +void pal_uart_init(uint32_t uart_base_addr) +{ + pal_uart_pl011_init(uart_base_addr); +} + +/** + @brief - This function parses the input string and writes bytes into UART TX FIFO + @param - str : Input String + - data : Value for format specifier +**/ + +void pal_print(char *str, int32_t data) +{ + pal_uart_pl011_print(str, data); +} + + +/** + @brief - Writes into given non-volatile address. + @param - base : Base address of nvmem + offset : Offset + buffer : Pointer to source address + size : Number of bytes + @return - 1/0 +**/ +int pal_nvmem_write(addr_t base, uint32_t offset, void *buffer, int size) +{ + return nvmem_write(base, offset, buffer, size); +} + +/** + @brief - Reads from given non-volatile address. + @param - base : Base address of nvmem + offset : Offset + buffer : Pointer to source address + size : Number of bytes + @return - 1/0 +**/ +int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size) +{ + return nvmem_read(base, offset, buffer, size); +} + + +/** + @brief - Initializes an hardware watchdog timer + @param - base_addr : Base address of the watchdog module + - time_us : Time in micro seconds + - timer_tick_us : Number of ticks per micro second + @return - SUCCESS/FAILURE +**/ +int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us) +{ + return pal_wd_cmsdk_init(base_addr, time_us, timer_tick_us); + +} + +/** + @brief - Enables a hardware watchdog timer + @param - base_addr : Base address of the watchdog module + @return - SUCCESS/FAILURE +**/ +int pal_wd_timer_enable(addr_t base_addr) +{ + return pal_wd_cmsdk_enable(base_addr); +} + +/** + @brief - Disables a hardware watchdog timer + @param - base_addr : Base address of the watchdog module + @return - SUCCESS/FAILURE +**/ +int pal_wd_timer_disable(addr_t base_addr) +{ + return pal_wd_cmsdk_disable(base_addr); +} + +/** + @brief - Checks whether hardware watchdog timer is enabled + @param - base_addr : Base address of the watchdog module + @return - Enabled : 1, Disabled : 0 +**/ +int pal_wd_timer_is_enabled(addr_t base_addr) +{ + return pal_wd_cmsdk_is_enabled(base_addr); +} + +/** + @brief - Trigger interrupt for irq signal assigned to driver partition + before return to caller. + @param - void + @return - void +**/ +void pal_generate_interrupt(void) +{ + pal_uart_pl011_generate_irq(); +} + +/** + @brief - Disable interrupt that was generated using pal_generate_interrupt API. + @param - void + @return - void +**/ +void pal_disable_interrupt(void) +{ + pal_uart_pl011_disable_irq(); +} diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/spe/pal_driver_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/spe/pal_driver_intf.h new file mode 100644 index 00000000..5153aaf0 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/spe/pal_driver_intf.h @@ -0,0 +1,35 @@ + /** @file + * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. + * SPDX-License-Identifier : Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + **/ + +#ifndef _PAL_DRIVER_INTF_H_ +#define _PAL_DRIVER_INTF_H_ + +#include "pal_uart.h" +#include "pal_nvmem.h" +#include "pal_wd_cmsdk.h" + +void pal_uart_init(uint32_t uart_base_addr); +void pal_print(char *str, int32_t data); +int pal_nvmem_write(addr_t base, uint32_t offset, void *buffer, int size); +int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size); +int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us); +int pal_wd_timer_enable(addr_t base_addr); +int pal_wd_timer_disable(addr_t base_addr); +int pal_wd_timer_is_enabled(addr_t base_addr); +void pal_generate_interrupt(void); +void pal_disable_interrupt(void); +#endif /* _PAL_DRIVER_INTF_H_ */ diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cfg b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cfg new file mode 100644 index 00000000..ef21df18 --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cfg @@ -0,0 +1,78 @@ +///** @file +// * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. +// * SPDX-License-Identifier : Apache-2.0 +// * +// * Licensed under the Apache License, Version 2.0 (the "License"); +// * you may not use this file except in compliance with the License. +// * You may obtain a copy of the License at +// * +// * http://www.apache.org/licenses/LICENSE-2.0 +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the License is distributed on an "AS IS" BASIS, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the License for the specific language governing permissions and +// * limitations under the License. +//**/ + +// UART device info +uart.num=1; +uart.0.base = 0x40106000; // MUSCA_B1_UART1_NS_BASE +uart.0.size = 0xFFF; +uart.0.intr_id = 0xFF; +uart.0.permission = TYPE_READ_WRITE; + +// Watchdog device info +watchdog.num = 1; +watchdog.0.base = 0x50081000; // MUSCA_B1_CMSDK_WATCHDOG_S_BASE +watchdog.0.size = 0xFFF; +watchdog.0.intr_id = 0xFF; +watchdog.0.permission = TYPE_READ_WRITE; +watchdog.0.num_of_tick_per_micro_sec = 0x3; //(sys_feq/1000000) +watchdog.0.timeout_in_micro_sec_low = 0xF4240; //1.0 sec : 1 * 1000 * 1000 +watchdog.0.timeout_in_micro_sec_medium = 0x1E8480; //2.0 sec : 2 * 1000 * 1000 +watchdog.0.timeout_in_micro_sec_high = 0x4C4B40; //5.0 sec : 5 * 1000 * 1000 +watchdog.0.timeout_in_micro_sec_crypto = 0x1312D00; //18.0 sec : 18 * 1000 * 1000 + +// Range of 1KB Non-volatile memory to preserve data over reset. Ex, NVRAM and FLASH +nvmem.num =1; +nvmem.0.start = 0x3003F800; +nvmem.0.end = 0x3003FBFF; +nvmem.0.permission = TYPE_READ_WRITE; + +// Miscellaneous - Test scatter info +dut.num = 1; + +// Start address of 12KB NS memory for test ELF +dut.0.ns_test_addr = 0x281E0000; + +// Start address of combine_test_binary in memory. Memory can be main memory or secondary memory. +// Size of combine_test_binary = Summation of size of each test ELF file +dut.0.ns_start_addr_of_combine_test_binary = 0x281F0000; + +// Is combine_test_binary available in RAM? +dut.0.combine_test_binary_in_ram = AVAILABLE; + + +// ################################################################### +// Following Target configuration parameters are required for IPC tests +// only. Avoid updating them if you are running dev_apis tests. +// ################################################################### + +// Assign free memory range for isolation testing. Choose the addresses +// for these memory regions such that it follows below condition: +// nspe_mmio.0.start < server_partition_mmio.0.start < driver_partition_mmio.0.start. +nspe_mmio.num=1; +nspe_mmio.0.start = 0x00200F00; +nspe_mmio.0.end = 0x00200F1F; +nspe_mmio.0.permission = TYPE_READ_WRITE; + +server_partition_mmio.num=1; +server_partition_mmio.0.start = 0x3003FC00; +server_partition_mmio.0.end = 0x3003FD00; +server_partition_mmio.0.permission = TYPE_READ_WRITE; + +driver_partition_mmio.num=1; +driver_partition_mmio.0.start = 0x3003FE00; +driver_partition_mmio.0.end = 0x3003FF00; +driver_partition_mmio.0.permission = TYPE_READ_WRITE; diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cmake b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cmake new file mode 100644 index 00000000..745ef75a --- /dev/null +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cmake @@ -0,0 +1,109 @@ +#/** @file +# * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. +# * SPDX-License-Identifier : Apache-2.0 +# * +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +#**/ + +# PAL C source files part of NSPE library +list(APPEND PAL_SRC_C_NSPE ) + +# PAL ASM source files part of NSPE library +list(APPEND PAL_SRC_ASM_NSPE ) + +# PAL C source files part of SPE library - driver partition +list(APPEND PAL_SRC_C_DRIVER_SP ) + +# PAL ASM source files part of SPE library - driver partition +list(APPEND PAL_SRC_ASM_DRIVER_SP ) + + +# Listing all the sources required for given target +if(${SUITE} STREQUAL "IPC") + list(APPEND PAL_SRC_C_NSPE + # driver functionalities are implemented as RoT-services + # and secure and non-secure clients will call to these RoT-services to get appropriate driver services. + ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_intf.c + ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ipc_intf.c + ) + list(APPEND PAL_SRC_C_DRIVER_SP + # Driver files will be compiled as part of driver partition + ${PSA_ROOT_DIR}/platform/targets/${TARGET}/spe/pal_driver_intf.c + ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c + ${PSA_ROOT_DIR}/platform/drivers/uart/pl011/pal_uart.c + ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c + ) +else() + list(APPEND PAL_SRC_C_NSPE + # driver files will be compiled as part of NSPE + ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_empty_intf.c + ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ns_intf.c + ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c + ${PSA_ROOT_DIR}/platform/drivers/uart/pl011/pal_uart.c + ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c + ) +endif() +if(${SUITE} STREQUAL "CRYPTO") + list(APPEND PAL_SRC_C_NSPE + ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto/pal_crypto_intf.c + ) +endif() +if(${SUITE} STREQUAL "PROTECTED_STORAGE") + list(APPEND PAL_SRC_C_NSPE + ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage/pal_protected_storage_intf.c + ) +endif() +if(${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE") + list(APPEND PAL_SRC_C_NSPE + ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c + ) +endif() +if(${SUITE} STREQUAL "INITIAL_ATTESTATION") + list(APPEND PAL_SRC_C_NSPE + ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c + ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c + ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c + ) +endif() + +# Create NSPE library +add_library(${PSA_TARGET_PAL_NSPE_LIB} STATIC ${PAL_SRC_C_NSPE} ${PAL_SRC_ASM_NSPE}) + +# PSA Include directories +foreach(psa_inc_path ${PSA_INCLUDE_PATHS}) + target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE ${psa_inc_path}) +endforeach() + +list(APPEND PAL_DRIVER_INCLUDE_PATHS + ${PSA_ROOT_DIR}/platform/drivers/nvmem + ${PSA_ROOT_DIR}/platform/drivers/uart/pl011 + ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk +) + +target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE + ${PAL_DRIVER_INCLUDE_PATHS} + ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common + ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto + ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage + ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage + ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation +) + +if(${SUITE} STREQUAL "INITIAL_ATTESTATION") +target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE + ${PSA_QCBOR_INCLUDE_PATH} +) +endif() diff --git a/api-tests/tools/cmake/common/CMakeExternal.cmake b/api-tests/tools/cmake/common/CMakeExternal.cmake new file mode 100644 index 00000000..77d776b0 --- /dev/null +++ b/api-tests/tools/cmake/common/CMakeExternal.cmake @@ -0,0 +1,21 @@ +#/** @file +# * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved. +# * SPDX-License-Identifier : Apache-2.0 +# * +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +#**/ + +if(${SUITE} STREQUAL "INITIAL_ATTESTATION") +set(PSA_QCBOR_GIT_REPO_LINK https://github.com/laurencelundblade/QCBOR.git) +set(PSA_QCBOR_GIT_REPO_TAG 42272e466a8472948bf8fca076d113b81b99f0e0) +endif() diff --git a/api-tests/val/nspe/val_entry.h b/api-tests/val/nspe/val_entry.h index f594cc4f..8011c70c 100644 --- a/api-tests/val/nspe/val_entry.h +++ b/api-tests/val/nspe/val_entry.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -20,8 +20,8 @@ #include "val_framework.h" -#define PSA_ACS_MAJOR_VER 0 -#define PSA_ACS_MINOR_VER 9 +#define PSA_ACS_MAJOR_VER 1 +#define PSA_ACS_MINOR_VER 0 /** @brief - PSA Test Suite C main function, does VAL init and calls test dispatcher