diff options
author | Balint Matyi <Balint.Matyi@arm.com> | 2020-05-22 08:52:32 +0100 |
---|---|---|
committer | Tamas Ban <tamas.ban@arm.com> | 2020-06-04 12:42:26 +0000 |
commit | 95f58eb16648c2122d853e584d52f048f0275a30 (patch) | |
tree | d85c60f043c57f48d7cf3318f58f8638445a61f3 /test | |
parent | 15b3130cd27a6644409c6f22a41b70945a7af690 (diff) | |
download | trusted-firmware-m-95f58eb16648c2122d853e584d52f048f0275a30.tar.gz |
Test: Add attestation claim value check switch
Control checking for hard-coded claim values in the attestation suite
by introducing the 'ATTEST_CLAIM_VALUE_CHECK' flag. When set to 'ON',
the test will check if the claim values match the constant values found
in 'platform/ext/common/template/attest_hal.c'.
Signed-off-by: Balint Matyi <Balint.Matyi@arm.com>
Change-Id: I22ab1471609d6b931deaf97f31cb3a0dcd83fda0
Diffstat (limited to 'test')
-rw-r--r-- | test/suites/attestation/CMakeLists.inc | 9 | ||||
-rw-r--r-- | test/suites/attestation/attest_token_test_values.h | 52 |
2 files changed, 44 insertions, 17 deletions
diff --git a/test/suites/attestation/CMakeLists.inc b/test/suites/attestation/CMakeLists.inc index 76935fa643..4c9478f462 100644 --- a/test/suites/attestation/CMakeLists.inc +++ b/test/suites/attestation/CMakeLists.inc @@ -28,6 +28,10 @@ if (NOT DEFINED ATTEST_INCLUDE_TEST_CODE) message(FATAL_ERROR "Incomplete build configuration: ATTEST_INCLUDE_TEST_CODE is undefined. ") endif() +if (NOT DEFINED ATTEST_CLAIM_VALUE_CHECK) + message(FATAL_ERROR "Incomplete build configuration: ATTEST_CLAIM_VALUE_CHECK is undefined. ") +endif() + if (NOT DEFINED ENABLE_ATTESTATION_SERVICE_TESTS) message(FATAL_ERROR "Incomplete build configuration: ENABLE_ATTESTATION_SERVICE_TESTS is undefined. ") elseif(ENABLE_ATTESTATION_SERVICE_TESTS) @@ -52,6 +56,11 @@ elseif(ENABLE_ATTESTATION_SERVICE_TESTS) set_property(SOURCE ${ATTEST_TEST_SRC_NS} APPEND PROPERTY COMPILE_DEFINITIONS INCLUDE_TEST_CODE) endif() + if (ATTEST_CLAIM_VALUE_CHECK) + set_property(SOURCE ${ATTEST_TEST_SRC_S} APPEND PROPERTY COMPILE_DEFINITIONS CLAIM_VALUE_CHECK) + set_property(SOURCE ${ATTEST_TEST_SRC_NS} APPEND PROPERTY COMPILE_DEFINITIONS CLAIM_VALUE_CHECK) + endif() + #Setting include directories embedded_include_directories(PATH ${TFM_ROOT_DIR} ABSOLUTE) embedded_include_directories(PATH ${TFM_ROOT_DIR}/interface/include ABSOLUTE) diff --git a/test/suites/attestation/attest_token_test_values.h b/test/suites/attestation/attest_token_test_values.h index 591052479b..c8ecb21ac4 100644 --- a/test/suites/attestation/attest_token_test_values.h +++ b/test/suites/attestation/attest_token_test_values.h @@ -2,7 +2,7 @@ * attest_token_test_values.h * * Copyright (c) 2019, Laurence Lundblade. - * Copyright (c) 2019, Arm Limited. + * Copyright (c) 2019-2020, Arm Limited. * * SPDX-License-Identifier: BSD-3-Clause * @@ -107,6 +107,11 @@ */ #define TOKEN_TEST_REQUIRE_UEID true /* Mandatory claim */ +/* If defined, check for the constant values defined in + * platform/ext/common/template/attest_hal.c + */ +#ifdef CLAIM_VALUE_CHECK + /* A 32 byte mostly random value. Binary. * platform/ext/common/template/attest_hal.c */ @@ -120,13 +125,11 @@ },\ 32\ } -#define TOKEN_TEST_REQUIRE_BOOT_SEED true /* Mandatory claim */ /* A text string in EAN 13 format * platform/ext/common/template/attest_hal.c */ #define TOKEN_TEST_VALUE_HW_VERSION "060456527282910010" /* Hard-coded value */ -#define TOKEN_TEST_REQUIRE_HW_VERSION false /* Optional claim */ /* A 32 byte mostly random value. Binary. * platform/ext/common/template/attest_hal.c @@ -141,29 +144,45 @@ },\ 32\ } -#define TOKEN_TEST_REQUIRE_IMPLEMENTATION_ID true /* Mandatory claim */ - -/* A small unsigned integer - * platform/ext/common/template/attest_hal.c - */ -#define TOKEN_TEST_VALUE_SECURITY_LIFECYCLE INT32_MAX /* Value not checked */ -#define TOKEN_TEST_REQUIRE_SECURITY_LIFECYCLE true /* Mandatory claim */ - -/* An integer (can be positive or negative */ -#define TOKEN_TEST_VALUE_CLIENT_ID 0 /* Invalid value to trigger check */ -#define TOKEN_TEST_REQUIRE_CLIENT_ID true /* Mandatory claim */ /* Text string naming the profile definition: * platform/ext/common/template/attest_hal.c */ #define TOKEN_TEST_VALUE_PROFILE_DEFINITION "PSA_IOT_PROFILE_1" -#define TOKEN_TEST_REQUIRE_PROFILE_DEFINITION false /* Optional field */ /* Text string with verification URL or similar * platform/ext/common/template/attest_hal.c */ #define TOKEN_TEST_VALUE_ORIGINATION "www.trustedfirmware.org" -#define TOKEN_TEST_REQUIRE_ORIGINATION false /* Optional field */ + +/* A small unsigned integer + * platform/ext/common/template/attest_hal.c + */ +#define TOKEN_TEST_VALUE_SECURITY_LIFECYCLE 0x3000u +#else +/* Do not check for the constant values defined in + * platform/ext/common/template/attest_hal.c + */ + +#define TOKEN_TEST_VALUE_BOOT_SEED NULL_Q_USEFUL_BUF_C +#define TOKEN_TEST_VALUE_HW_VERSION NULL +#define TOKEN_TEST_VALUE_IMPLEMENTATION_ID NULL_Q_USEFUL_BUF_C +#define TOKEN_TEST_VALUE_PROFILE_DEFINITION NULL +#define TOKEN_TEST_VALUE_ORIGINATION NULL +#define TOKEN_TEST_VALUE_SECURITY_LIFECYCLE INT32_MAX + +#endif /* CLAIM_VALUE_CHECK */ + +#define TOKEN_TEST_REQUIRE_BOOT_SEED true /* Mandatory claim */ +#define TOKEN_TEST_REQUIRE_HW_VERSION false /* Optional claim */ +#define TOKEN_TEST_REQUIRE_IMPLEMENTATION_ID true /* Mandatory claim */ +#define TOKEN_TEST_REQUIRE_PROFILE_DEFINITION false /* Optional field */ +#define TOKEN_TEST_REQUIRE_ORIGINATION false /* Optional field */ +#define TOKEN_TEST_REQUIRE_SECURITY_LIFECYCLE true /* Mandatory claim */ + +/* An integer (can be positive or negative) */ +#define TOKEN_TEST_VALUE_CLIENT_ID 0 /* Invalid value to trigger check */ +#define TOKEN_TEST_REQUIRE_CLIENT_ID true /* Mandatory claim */ /** * \c TOKEN_TEST_REQUIRED_NUM_SWC can be either 0, 1, 2 or \c @@ -260,7 +279,6 @@ */ #define TOKEN_TEST_REQUIRE_SWC2_MEASUREMENT_VAL true /* Mandatory field */ - /* Text string */ #define TOKEN_TEST_VALUE_SWC2_VERSION NULL /* Value not checked */ /* This field must be mandatory to ensure PSA compliance - |