diff options
Diffstat (limited to 'test')
5 files changed, 164 insertions, 10 deletions
diff --git a/test/suites/attestation/CMakeLists.inc b/test/suites/attestation/CMakeLists.inc index f761640e58..1a739f2a97 100644 --- a/test/suites/attestation/CMakeLists.inc +++ b/test/suites/attestation/CMakeLists.inc @@ -36,23 +36,39 @@ if (NOT DEFINED ENABLE_ATTESTATION_SERVICE_TESTS) message(FATAL_ERROR "Incomplete build configuration: ENABLE_ATTESTATION_SERVICE_TESTS is undefined. ") elseif(ENABLE_ATTESTATION_SERVICE_TESTS) list(APPEND ATTEST_TEST_SRC_S - "${ATTESTATION_TEST_DIR}/secure/attestation_s_interface_testsuite.c" "${ATTESTATION_TEST_DIR}/attest_token_test.c" "${ATTESTATION_TEST_DIR}/attest_token_decode_common.c" - "${ATTESTATION_TEST_DIR}/attest_token_decode.c" - "${ATTESTATION_TEST_DIR}/attest_public_key.c" "${TFM_ROOT_DIR}/lib/ext/qcbor/util/qcbor_util.c" ) list(APPEND ATTEST_TEST_SRC_NS - "${ATTESTATION_TEST_DIR}/non_secure/attestation_ns_interface_testsuite.c" "${ATTESTATION_TEST_DIR}/attest_token_test.c" "${ATTESTATION_TEST_DIR}/attest_token_decode_common.c" - "${ATTESTATION_TEST_DIR}/attest_token_decode.c" - "${ATTESTATION_TEST_DIR}/attest_public_key.c" "${TFM_ROOT_DIR}/lib/ext/qcbor/util/qcbor_util.c" ) + if (SYMMETRIC_INITIAL_ATTESTATION) + list(APPEND ATTEST_TEST_SRC_S + "${ATTESTATION_TEST_DIR}/secure/symmetric_attest_s_interface_testsuite.c" + "${ATTESTATION_TEST_DIR}/attest_symmetric_iat_decode.c" + ) + list(APPEND ATTEST_TEST_SRC_NS + "${ATTESTATION_TEST_DIR}/non_secure/symmetric_attest_ns_interface_testsuite.c" + "${ATTESTATION_TEST_DIR}/attest_symmetric_iat_decode.c" + ) + else() + list(APPEND ATTEST_TEST_SRC_S + "${ATTESTATION_TEST_DIR}/secure/attestation_s_interface_testsuite.c" + "${ATTESTATION_TEST_DIR}/attest_public_key.c" + "${ATTESTATION_TEST_DIR}/attest_token_decode.c" + ) + list(APPEND ATTEST_TEST_SRC_NS + "${ATTESTATION_TEST_DIR}/non_secure/attestation_ns_interface_testsuite.c" + "${ATTESTATION_TEST_DIR}/attest_public_key.c" + "${ATTESTATION_TEST_DIR}/attest_token_decode.c" + ) + endif() + if (ATTEST_INCLUDE_TEST_CODE) set_property(SOURCE ${ATTEST_TEST_SRC_S} APPEND PROPERTY COMPILE_DEFINITIONS INCLUDE_TEST_CODE) set_property(SOURCE ${ATTEST_TEST_SRC_NS} APPEND PROPERTY COMPILE_DEFINITIONS INCLUDE_TEST_CODE) diff --git a/test/suites/attestation/attest_token_test.c b/test/suites/attestation/attest_token_test.c index cb71aaa19f..0d3aeace32 100644 --- a/test/suites/attestation/attest_token_test.c +++ b/test/suites/attestation/attest_token_test.c @@ -88,6 +88,7 @@ int token_main_alt(uint32_t option_flags, return 0; } +#ifndef SYMMETRIC_INITIAL_ATTESTATION #ifdef INCLUDE_TEST_CODE /* Remove them from release build */ /** * This is the expected output for the minimal test. It is the result @@ -238,6 +239,7 @@ int_fast16_t buffer_too_small_test() return return_value; } #endif /* INCLUDE_TEST_CODE */ +#endif /* !SYMMETRIC_INITIAL_ATTESTATION */ /** @@ -777,7 +779,6 @@ Done: return return_value; } - /** * Modes for decode_test_internal() */ @@ -785,7 +786,9 @@ enum decode_test_mode_t { /** See documentation for decode_test_short_circuit_sig() */ SHORT_CIRCUIT_SIGN, /** See documentation for decode_test_normal_sig() */ - NORMAL_SIGN + NORMAL_SIGN, + /** See documentation for decode_test_symmetric_initial_attest() */ + COSE_MAC0 }; /** @@ -822,6 +825,11 @@ static int_fast16_t decode_test_internal(enum decode_test_mode_t mode) token_decode_options = 0; break; + case COSE_MAC0: + token_encode_options = 0; + token_decode_options = 0; + break; + default: return_value = -1000; goto Done; @@ -912,7 +920,12 @@ Done: return return_value; } - +#ifdef SYMMETRIC_INITIAL_ATTESTATION +int_fast16_t decode_test_symmetric_initial_attest(void) +{ + return decode_test_internal(COSE_MAC0); +} +#else /* SYMMETRIC_INITIAL_ATTESTATION */ /* * Public function. See token_test.h */ @@ -929,3 +942,4 @@ int_fast16_t decode_test_normal_sig(void) { return decode_test_internal(NORMAL_SIGN); } +#endif /* SYMMETRIC_INITIAL_ATTESTATION */ diff --git a/test/suites/attestation/attest_token_test.h b/test/suites/attestation/attest_token_test.h index 4c66dc53cd..8bf022d620 100644 --- a/test/suites/attestation/attest_token_test.h +++ b/test/suites/attestation/attest_token_test.h @@ -59,7 +59,25 @@ int_fast16_t minimal_get_size_test(void); */ int_fast16_t buffer_too_small_test(void); - +#ifdef SYMMETRIC_INITIAL_ATTESTATION +/** + * \brief Test by checking token generated by symmetric key algorithms based + * Initial Attestation. + * + * \return non-zero on failure. + * + * This is an extensive test that can compare the values in the token + * to expected valued compiled into the test app from + * token_test_values.h. All the values represented in \ref + * attest_token_iat_simple_t and in \ref attest_token_sw_component_t + * are checked. + * + * The generated token will be decoded. + * The tag in COSE_Mac0 structure will be verified in secure side when + * INCLUDE_TEST_CODE is enabled. + */ +int_fast16_t decode_test_symmetric_initial_attest(void); +#else /* SYMMETRIC_INITIAL_ATTESTATION */ /** * \brief Test by checking signed values of claims. * @@ -98,6 +116,7 @@ int_fast16_t decode_test_normal_sig(void); * any keys configured. */ int_fast16_t decode_test_short_circuit_sig(void); +#endif /* SYMMETRIC_INITIAL_ATTESTATION */ #ifdef __cplusplus } diff --git a/test/suites/attestation/non_secure/symmetric_attest_ns_interface_testsuite.c b/test/suites/attestation/non_secure/symmetric_attest_ns_interface_testsuite.c new file mode 100644 index 0000000000..cd208c6d03 --- /dev/null +++ b/test/suites/attestation/non_secure/symmetric_attest_ns_interface_testsuite.c @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include "attestation_ns_tests.h" +#include "psa/initial_attestation.h" +#include "secure_fw/partitions/initial_attestation/attestation.h" +#include "../attestation_tests_common.h" +#include "../attest_token_test_values.h" +#include "../attest_token_test.h" + +/* Define test suite for attestation service tests */ +/* List of tests */ +static void tfm_attest_test_2001(struct test_result_t *ret); + +static struct test_t attestation_interface_tests[] = { + {&tfm_attest_test_2001, "TFM_ATTEST_TEST_2001", + "Symmetric key algorithm based Initial Attestation test", {0} }, +}; + +void +register_testsuite_ns_attestation_interface(struct test_suite_t *p_test_suite) +{ + uint32_t list_size; + + list_size = (sizeof(attestation_interface_tests) / + sizeof(attestation_interface_tests[0])); + + set_testsuite("Symmetric key algorithm based Initial Attestation Service " + "non-secure interface tests (TFM_ATTEST_TEST_2XXX)", + attestation_interface_tests, list_size, p_test_suite); +} + +/*! + * \brief Get an IAT with symmetric key algorithm based Initial Attestation. + */ +static void tfm_attest_test_2001(struct test_result_t *ret) +{ + int32_t err; + + err = decode_test_symmetric_initial_attest(); + if (err != 0) { + TEST_LOG("tfm_attest_test_2001() returned: %d\r\n", err); + TEST_FAIL("Attest token tfm_attest_test_2001() has failed"); + return; + } + + ret->val = TEST_PASSED; +} diff --git a/test/suites/attestation/secure/symmetric_attest_s_interface_testsuite.c b/test/suites/attestation/secure/symmetric_attest_s_interface_testsuite.c new file mode 100644 index 0000000000..43f0419a6f --- /dev/null +++ b/test/suites/attestation/secure/symmetric_attest_s_interface_testsuite.c @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include "attestation_s_tests.h" +#include "psa/initial_attestation.h" +#include "secure_fw/partitions/initial_attestation/attestation.h" +#include "../attestation_tests_common.h" +#include "../attest_token_test_values.h" +#include "../attest_token_test.h" + +/* Define test suite for attestation service tests */ +/* List of tests */ +static void tfm_attest_test_1001(struct test_result_t *ret); + + +static struct test_t attestation_interface_tests[] = { + {&tfm_attest_test_1001, "TFM_ATTEST_TEST_1001", + "Symmetric key algorithm based Initial Attestation test", {0} }, +}; + +void +register_testsuite_s_attestation_interface(struct test_suite_t *p_test_suite) +{ + uint32_t list_size; + + list_size = (sizeof(attestation_interface_tests) / + sizeof(attestation_interface_tests[0])); + + set_testsuite("Symmetric key algorithm based Initial Attestation Service " + "secure interface tests (TFM_ATTEST_TEST_1XXX)", + attestation_interface_tests, list_size, p_test_suite); +} + +/*! + * \brief Get an IAT with symmetric key algorithm based Initial Attestation. + */ +static void tfm_attest_test_1001(struct test_result_t *ret) +{ + int32_t err; + + err = decode_test_symmetric_initial_attest(); + if (err != 0) { + TEST_LOG("tfm_attest_test_1001() returned: %d\r\n", err); + TEST_FAIL("Attest token tfm_attest_test_1001() has failed"); + return; + } + + ret->val = TEST_PASSED; +} |