aboutsummaryrefslogtreecommitdiff
path: root/test/suites/attestation/attest_token_test.h
blob: 37b12e0585c3937dcfe844f92cd34a5a56dbb646 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
/*
 * attest_token_test.h
 *
 * Copyright (c) 2018-2019, Laurence Lundblade.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 *
 * See BSD-3-Clause license in README.md
 */

#ifndef __ATTEST_TOKEN_TEST_H__
#define __ATTEST_TOKEN_TEST_H__

#include <stdint.h>

#ifdef __cplusplus
extern "C" {
#endif

/**
 * \file attest_token_test.h
 *
 * \brief Entry points for attestation token tests.
 *
 * Errors codes are in the range of [-32767,32767] so
 * int_fast16_t is used so they will work nice
 * even on 16-bit machines. Plain old int could
 * also be used, but many compilers make it
 * 32-bits for backwards compatibility with
 * SW that assume it is always 32 bits and
 * it isn't efficient.  (This code has probably
 * not yet been tested on a 16-bit machines).
 *
 * https://stackoverflow.com/questions/30942107/
 * whats-the-difference-between-int-and-int-fast16-t
 */


/**
 * \brief Minimal token creation test using a short-circuit signature.
 *
 * \return non-zero on failure.
 */
int_fast16_t minimal_test(void);


/**
 * \brief Test token size calculation.
 *
 * \return non-zero on failure.
 */
int_fast16_t minimal_get_size_test(void);


/**
 * \brief Pass too small a buffer and confirm correct error result.
 *
 * \return non-zero on failure.
 */
int_fast16_t buffer_too_small_test(void);

#ifdef SYMMETRIC_INITIAL_ATTESTATION
/**
 * \brief Test by checking token generated by symmetric key algorithms based
 *        Initial Attestation.
 *
 * \return non-zero on failure.
 *
 * This is an extensive test that can compare the values in the token
 * to expected valued compiled into the test app from
 * token_test_values.h. All the values represented in \ref
 * attest_token_iat_simple_t and in \ref attest_token_sw_component_t
 * are checked.
 *
 * The generated token will be decoded.
 * The tag in COSE_Mac0 structure will be verified in secure side when
 * INCLUDE_TEST_CODE is enabled.
 */
int_fast16_t decode_test_symmetric_initial_attest(void);

/**
 * \brief Test by checking short-circuit tagged values of claims.
 *
 * \return non-zero on failure.
 *
 * This is an extensive test that can compare the values in the token
 * to expected valued compiled into the test app from
 * token_test_values.h. All the values represented in \ref
 * attest_token_iat_simple_t and in \ref attest_token_sw_component_t
 * are checked.
 *
 * This uses a short-circuit tag rather than real HMAC operation with
 * symmetric IAK. This tests everything in the implementation except the final
 * MAC. It can work even without HMAC integration and without
 * any keys configured.
 */
int_fast16_t decode_test_symmetric_iat_short_circuit_tag(void);
#else /* SYMMETRIC_INITIAL_ATTESTATION */
/**
 * \brief Test by checking signed values of claims.
 *
 * \return non-zero on failure.
 *
 * This is an extensive test that can compare the values in the token
 * to expected valued compiled into the test app from
 * token_test_values.h. All the values represented in \ref
 * attest_token_iat_simple_t and in \ref attest_token_sw_component_t
 * are checked.
 *
 * This uses real ECDSA keys for both signing and verificaiton.  It
 * requires that the t_cose crypto porting layer operates correctly
 * and that all keys are present. See also
 * decode_test_short_circuit_sig().
 */
int_fast16_t decode_test_normal_sig(void);


/**
 * \brief Test by checking short-circuit signed values of claims.
 *
 * \return non-zero on failure.
 *
 * This is an extensive test that can compare the values in the token
 * to expected valued compiled into the test app from
 * token_test_values.h. All the values represented in \ref
 * attest_token_iat_simple_t and in \ref attest_token_sw_component_t
 * are checked.
 *
 * This uses a short-circuit signature rather than real ECDSA
 * keys. This tests everything in the implementation except the final
 * signing of the final hash with ECDSA and the converse
 * verification. It is thorough test of everything by ECDSA
 * integration. It can work even without ECDSA integration and without
 * any keys configured.
 */
int_fast16_t decode_test_short_circuit_sig(void);
#endif /* SYMMETRIC_INITIAL_ATTESTATION */

#ifdef __cplusplus
}
#endif

#endif /* __TOKEN_TEST_H__ */