From ff488365b396e40f9936f98c5c03471ec76894e1 Mon Sep 17 00:00:00 2001 From: Vinay Kumar Kotegowder Date: Fri, 28 Feb 2020 15:19:57 +0530 Subject: [PATCH] Platform changes : Alignment to TF-M for GMAC support. README updates. Signed-off-by: Vinay Kumar Kotegowder --- api-tests/docs/sw_requirements.md | 7 +++-- .../nspe/crypto/pal_crypto_config.h | 2 +- .../nspe/crypto/pal_crypto_config.h | 2 +- .../pal_attestation_intf.c | 29 ++++++++++++------- .../nspe/crypto/pal_crypto_config.h | 2 +- .../nspe/crypto/pal_crypto_intf.c | 1 + .../pal_attestation_intf.c | 29 ++++++++++++------- .../nspe/crypto/pal_crypto_config.h | 2 +- .../nspe/crypto/pal_crypto_intf.c | 1 + .../pal_attestation_intf.c | 29 ++++++++++++------- .../initial_attestation/pal_attestation_eat.h | 4 +-- .../pal_attestation_intf.c | 29 ++++++++++++------- .../nspe/crypto/pal_crypto_config.h | 2 +- .../nspe/crypto/pal_crypto_intf.c | 3 +- .../initial_attestation/pal_attestation_eat.h | 4 +-- .../pal_attestation_intf.c | 29 ++++++++++++------- .../nspe/crypto/pal_crypto_config.h | 2 +- .../pal_attestation_intf.c | 27 +++++++++++------ 18 files changed, 131 insertions(+), 73 deletions(-) diff --git a/api-tests/docs/sw_requirements.md b/api-tests/docs/sw_requirements.md index 7e71f5e6..e05e2532 100644 --- a/api-tests/docs/sw_requirements.md +++ b/api-tests/docs/sw_requirements.md @@ -1,11 +1,12 @@ # Architecture Test Suite Software Requirements -Before starting the test suite build, ensure that the following requirements are met:
+Current release has been tested againt the below tools versions:
- Host Operating System : Ubuntu 16.04, Windows 10 -- Scripting tools : Python 3.1.7 -- Compiler toolchain : GNU Arm Embedded Toolchain 6.3.1, Arm Compiler v6.7, GCC 5.4.0 32-Bit (Linux Host), MinGW 6.3.0 32-Bit (Windows Host) +- Scripting tools : Python 3.7.1 +- Host Compiler toolchain : GCC 5.4.0 32-Bit (Linux Host) or MinGW 6.3.0 32-Bit (Windows Host) +- Cross Compiler toolchain : GNU Arm Embedded Toolchain 6.3.1, 7.3.1 or Arm Compiler 6.11 - Build tools : CMake 3.10 **Note**: To compile the test suite code, at least one of the above supported compiler toolchains diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_config.h index 4c398143..b55309b7 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_config.h +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_config.h @@ -262,7 +262,7 @@ * Comment macros to disable the types */ #define ARCH_TEST_CMAC -#define ARCH_TEST_GMAC +//#define ARCH_TEST_GMAC #define ARCH_TEST_HMAC /** diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_config.h index 4c398143..b55309b7 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_config.h +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_config.h @@ -262,7 +262,7 @@ * Comment macros to disable the types */ #define ARCH_TEST_CMAC -#define ARCH_TEST_GMAC +//#define ARCH_TEST_GMAC #define ARCH_TEST_HMAC /** diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_intf.c index 83c1ebda..dd41690e 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_intf.c +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_intf.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -26,8 +26,11 @@ **/ int32_t pal_attestation_function(int type, va_list valist) { - uint8_t *challenge, *token; - size_t challenge_size, *token_size, verify_token_size, token_buffer_size; + uint8_t *challenge, *token; + size_t challenge_size, *token_size, token_buffer_size; + int32_t cose_algorithm_id; + struct q_useful_buf buffer_for_hash; + struct q_useful_buf_c *hash, payload, protected_headers, token_hash, signature; switch (type) { @@ -43,13 +46,19 @@ int32_t pal_attestation_function(int type, va_list valist) challenge_size = va_arg(valist, size_t); token_size = va_arg(valist, size_t*); return psa_initial_attest_get_token_size(challenge_size, token_size); - case PAL_INITIAL_ATTEST_VERIFY_TOKEN: - challenge = va_arg(valist, uint8_t*); - challenge_size = va_arg(valist, size_t); - token = va_arg(valist, uint8_t*); - verify_token_size = va_arg(valist, size_t); - return pal_initial_attest_verify_token(challenge, challenge_size, - token, verify_token_size); + case PAL_INITIAL_ATTEST_COMPUTE_HASH: + cose_algorithm_id = va_arg(valist, int32_t); + buffer_for_hash = va_arg(valist, struct q_useful_buf); + hash = va_arg(valist, struct q_useful_buf_c*); + protected_headers = va_arg(valist, struct q_useful_buf_c); + payload = va_arg(valist, struct q_useful_buf_c); + return pal_compute_hash(cose_algorithm_id, buffer_for_hash, hash, + protected_headers, payload); + case PAL_INITIAL_ATTEST_VERIFY_WITH_PK: + cose_algorithm_id = va_arg(valist, int32_t); + token_hash = va_arg(valist, struct q_useful_buf_c); + signature = va_arg(valist, struct q_useful_buf_c); + return pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature); default: return PAL_STATUS_UNSUPPORTED_FUNC; } diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_config.h index 4c398143..b55309b7 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_config.h +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_config.h @@ -262,7 +262,7 @@ * Comment macros to disable the types */ #define ARCH_TEST_CMAC -#define ARCH_TEST_GMAC +//#define ARCH_TEST_GMAC #define ARCH_TEST_HMAC /** diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.c index f2145555..7bad480c 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.c +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.c @@ -337,6 +337,7 @@ int32_t pal_crypto_function(int type, va_list valist) ciphertext_size = va_arg(valist, size_t); return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext, ciphertext_size); +#endif case PAL_CRYPTO_ASYMMTERIC_ENCRYPT: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c index 83c1ebda..dd41690e 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -26,8 +26,11 @@ **/ int32_t pal_attestation_function(int type, va_list valist) { - uint8_t *challenge, *token; - size_t challenge_size, *token_size, verify_token_size, token_buffer_size; + uint8_t *challenge, *token; + size_t challenge_size, *token_size, token_buffer_size; + int32_t cose_algorithm_id; + struct q_useful_buf buffer_for_hash; + struct q_useful_buf_c *hash, payload, protected_headers, token_hash, signature; switch (type) { @@ -43,13 +46,19 @@ int32_t pal_attestation_function(int type, va_list valist) challenge_size = va_arg(valist, size_t); token_size = va_arg(valist, size_t*); return psa_initial_attest_get_token_size(challenge_size, token_size); - case PAL_INITIAL_ATTEST_VERIFY_TOKEN: - challenge = va_arg(valist, uint8_t*); - challenge_size = va_arg(valist, size_t); - token = va_arg(valist, uint8_t*); - verify_token_size = va_arg(valist, size_t); - return pal_initial_attest_verify_token(challenge, challenge_size, - token, verify_token_size); + case PAL_INITIAL_ATTEST_COMPUTE_HASH: + cose_algorithm_id = va_arg(valist, int32_t); + buffer_for_hash = va_arg(valist, struct q_useful_buf); + hash = va_arg(valist, struct q_useful_buf_c*); + protected_headers = va_arg(valist, struct q_useful_buf_c); + payload = va_arg(valist, struct q_useful_buf_c); + return pal_compute_hash(cose_algorithm_id, buffer_for_hash, hash, + protected_headers, payload); + case PAL_INITIAL_ATTEST_VERIFY_WITH_PK: + cose_algorithm_id = va_arg(valist, int32_t); + token_hash = va_arg(valist, struct q_useful_buf_c); + signature = va_arg(valist, struct q_useful_buf_c); + return pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature); default: return PAL_STATUS_UNSUPPORTED_FUNC; } diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_config.h index 4c398143..b55309b7 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_config.h +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_config.h @@ -262,7 +262,7 @@ * Comment macros to disable the types */ #define ARCH_TEST_CMAC -#define ARCH_TEST_GMAC +//#define ARCH_TEST_GMAC #define ARCH_TEST_HMAC /** diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c index f2145555..7bad480c 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c @@ -337,6 +337,7 @@ int32_t pal_crypto_function(int type, va_list valist) ciphertext_size = va_arg(valist, size_t); return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext, ciphertext_size); +#endif case PAL_CRYPTO_ASYMMTERIC_ENCRYPT: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c index 83c1ebda..dd41690e 100644 --- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c +++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -26,8 +26,11 @@ **/ int32_t pal_attestation_function(int type, va_list valist) { - uint8_t *challenge, *token; - size_t challenge_size, *token_size, verify_token_size, token_buffer_size; + uint8_t *challenge, *token; + size_t challenge_size, *token_size, token_buffer_size; + int32_t cose_algorithm_id; + struct q_useful_buf buffer_for_hash; + struct q_useful_buf_c *hash, payload, protected_headers, token_hash, signature; switch (type) { @@ -43,13 +46,19 @@ int32_t pal_attestation_function(int type, va_list valist) challenge_size = va_arg(valist, size_t); token_size = va_arg(valist, size_t*); return psa_initial_attest_get_token_size(challenge_size, token_size); - case PAL_INITIAL_ATTEST_VERIFY_TOKEN: - challenge = va_arg(valist, uint8_t*); - challenge_size = va_arg(valist, size_t); - token = va_arg(valist, uint8_t*); - verify_token_size = va_arg(valist, size_t); - return pal_initial_attest_verify_token(challenge, challenge_size, - token, verify_token_size); + case PAL_INITIAL_ATTEST_COMPUTE_HASH: + cose_algorithm_id = va_arg(valist, int32_t); + buffer_for_hash = va_arg(valist, struct q_useful_buf); + hash = va_arg(valist, struct q_useful_buf_c*); + protected_headers = va_arg(valist, struct q_useful_buf_c); + payload = va_arg(valist, struct q_useful_buf_c); + return pal_compute_hash(cose_algorithm_id, buffer_for_hash, hash, + protected_headers, payload); + case PAL_INITIAL_ATTEST_VERIFY_WITH_PK: + cose_algorithm_id = va_arg(valist, int32_t); + token_hash = va_arg(valist, struct q_useful_buf_c); + signature = va_arg(valist, struct q_useful_buf_c); + return pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature); default: return PAL_STATUS_UNSUPPORTED_FUNC; } diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_eat.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_eat.h index 56d624e3..ea2cf93a 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_eat.h +++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_eat.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -52,7 +52,7 @@ sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \ 2 + /* Overhead for encoding string */ \ T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \ - 3 * ( /* 3 NULL bstrs for fields not used */ \ + 3 * (/* 3 NULL bstrs for fields not used */ \ 1 /* size of a NULL bstr */ \ ) #define NULL_USEFUL_BUF_C NULLUsefulBufC diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.c index 83c1ebda..dd41690e 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.c +++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -26,8 +26,11 @@ **/ int32_t pal_attestation_function(int type, va_list valist) { - uint8_t *challenge, *token; - size_t challenge_size, *token_size, verify_token_size, token_buffer_size; + uint8_t *challenge, *token; + size_t challenge_size, *token_size, token_buffer_size; + int32_t cose_algorithm_id; + struct q_useful_buf buffer_for_hash; + struct q_useful_buf_c *hash, payload, protected_headers, token_hash, signature; switch (type) { @@ -43,13 +46,19 @@ int32_t pal_attestation_function(int type, va_list valist) challenge_size = va_arg(valist, size_t); token_size = va_arg(valist, size_t*); return psa_initial_attest_get_token_size(challenge_size, token_size); - case PAL_INITIAL_ATTEST_VERIFY_TOKEN: - challenge = va_arg(valist, uint8_t*); - challenge_size = va_arg(valist, size_t); - token = va_arg(valist, uint8_t*); - verify_token_size = va_arg(valist, size_t); - return pal_initial_attest_verify_token(challenge, challenge_size, - token, verify_token_size); + case PAL_INITIAL_ATTEST_COMPUTE_HASH: + cose_algorithm_id = va_arg(valist, int32_t); + buffer_for_hash = va_arg(valist, struct q_useful_buf); + hash = va_arg(valist, struct q_useful_buf_c*); + protected_headers = va_arg(valist, struct q_useful_buf_c); + payload = va_arg(valist, struct q_useful_buf_c); + return pal_compute_hash(cose_algorithm_id, buffer_for_hash, hash, + protected_headers, payload); + case PAL_INITIAL_ATTEST_VERIFY_WITH_PK: + cose_algorithm_id = va_arg(valist, int32_t); + token_hash = va_arg(valist, struct q_useful_buf_c); + signature = va_arg(valist, struct q_useful_buf_c); + return pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature); default: return PAL_STATUS_UNSUPPORTED_FUNC; } diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config.h index 4c398143..b55309b7 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config.h +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config.h @@ -262,7 +262,7 @@ * Comment macros to disable the types */ #define ARCH_TEST_CMAC -#define ARCH_TEST_GMAC +//#define ARCH_TEST_GMAC #define ARCH_TEST_HMAC /** diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.c index 1e61e8c3..7bad480c 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.c +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -337,6 +337,7 @@ int32_t pal_crypto_function(int type, va_list valist) ciphertext_size = va_arg(valist, size_t); return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext, ciphertext_size); +#endif case PAL_CRYPTO_ASYMMTERIC_ENCRYPT: key_handle = (psa_key_handle_t)va_arg(valist, int); alg = va_arg(valist, psa_algorithm_t); diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.h index 56d624e3..ea2cf93a 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.h +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.h @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -52,7 +52,7 @@ sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \ 2 + /* Overhead for encoding string */ \ T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \ - 3 * ( /* 3 NULL bstrs for fields not used */ \ + 3 * (/* 3 NULL bstrs for fields not used */ \ 1 /* size of a NULL bstr */ \ ) #define NULL_USEFUL_BUF_C NULLUsefulBufC diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c index 83c1ebda..dd41690e 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c @@ -1,5 +1,5 @@ /** @file - * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved. * SPDX-License-Identifier : Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -26,8 +26,11 @@ **/ int32_t pal_attestation_function(int type, va_list valist) { - uint8_t *challenge, *token; - size_t challenge_size, *token_size, verify_token_size, token_buffer_size; + uint8_t *challenge, *token; + size_t challenge_size, *token_size, token_buffer_size; + int32_t cose_algorithm_id; + struct q_useful_buf buffer_for_hash; + struct q_useful_buf_c *hash, payload, protected_headers, token_hash, signature; switch (type) { @@ -43,13 +46,19 @@ int32_t pal_attestation_function(int type, va_list valist) challenge_size = va_arg(valist, size_t); token_size = va_arg(valist, size_t*); return psa_initial_attest_get_token_size(challenge_size, token_size); - case PAL_INITIAL_ATTEST_VERIFY_TOKEN: - challenge = va_arg(valist, uint8_t*); - challenge_size = va_arg(valist, size_t); - token = va_arg(valist, uint8_t*); - verify_token_size = va_arg(valist, size_t); - return pal_initial_attest_verify_token(challenge, challenge_size, - token, verify_token_size); + case PAL_INITIAL_ATTEST_COMPUTE_HASH: + cose_algorithm_id = va_arg(valist, int32_t); + buffer_for_hash = va_arg(valist, struct q_useful_buf); + hash = va_arg(valist, struct q_useful_buf_c*); + protected_headers = va_arg(valist, struct q_useful_buf_c); + payload = va_arg(valist, struct q_useful_buf_c); + return pal_compute_hash(cose_algorithm_id, buffer_for_hash, hash, + protected_headers, payload); + case PAL_INITIAL_ATTEST_VERIFY_WITH_PK: + cose_algorithm_id = va_arg(valist, int32_t); + token_hash = va_arg(valist, struct q_useful_buf_c); + signature = va_arg(valist, struct q_useful_buf_c); + return pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature); default: return PAL_STATUS_UNSUPPORTED_FUNC; } diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config.h index 1518e910..c80bc664 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config.h +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config.h @@ -262,7 +262,7 @@ * Comment macros to disable the types */ #define ARCH_TEST_CMAC -#define ARCH_TEST_GMAC +//#define ARCH_TEST_GMAC #define ARCH_TEST_HMAC /** diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c index 00bff8b5..009b79f1 100644 --- a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c +++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c @@ -26,8 +26,11 @@ **/ int32_t pal_attestation_function(int type, va_list valist) { - uint8_t *challenge, *token; - size_t challenge_size, *token_size, verify_token_size, token_buffer_size; + uint8_t *challenge, *token; + size_t challenge_size, *token_size, token_buffer_size; + int32_t cose_algorithm_id; + struct q_useful_buf buffer_for_hash; + struct q_useful_buf_c *hash, payload, protected_headers, token_hash, signature; switch (type) { @@ -43,13 +46,19 @@ int32_t pal_attestation_function(int type, va_list valist) challenge_size = va_arg(valist, size_t); token_size = va_arg(valist, size_t*); return psa_initial_attest_get_token_size(challenge_size, token_size); - case PAL_INITIAL_ATTEST_VERIFY_TOKEN: - challenge = va_arg(valist, uint8_t*); - challenge_size = va_arg(valist, size_t); - token = va_arg(valist, uint8_t*); - verify_token_size = va_arg(valist, size_t); - return pal_initial_attest_verify_token(challenge, challenge_size, - token, verify_token_size); + case PAL_INITIAL_ATTEST_COMPUTE_HASH: + cose_algorithm_id = va_arg(valist, int32_t); + buffer_for_hash = va_arg(valist, struct q_useful_buf); + hash = va_arg(valist, struct q_useful_buf_c*); + protected_headers = va_arg(valist, struct q_useful_buf_c); + payload = va_arg(valist, struct q_useful_buf_c); + return pal_compute_hash(cose_algorithm_id, buffer_for_hash, hash, + protected_headers, payload); + case PAL_INITIAL_ATTEST_VERIFY_WITH_PK: + cose_algorithm_id = va_arg(valist, int32_t); + token_hash = va_arg(valist, struct q_useful_buf_c); + signature = va_arg(valist, struct q_useful_buf_c); + return pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature); default: return PAL_STATUS_UNSUPPORTED_FUNC; }