aboutsummaryrefslogtreecommitdiff
path: root/test/suites/attestation/attest_token_test.h
blob: 8bf022d62032756ff2a784a9c862b7b405077cdc (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
/*
 * attest_token_test.h
 *
 * Copyright (c) 2018-2019, Laurence Lundblade.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 *
 * See BSD-3-Clause license in README.md
 */

#ifndef __ATTEST_TOKEN_TEST_H__
#define __ATTEST_TOKEN_TEST_H__

#include <stdint.h>

#ifdef __cplusplus
extern "C" {
#endif

/**
 * \file attest_token_test.h
 *
 * \brief Entry points for attestation token tests.
 *
 * Errors codes are in the range of [-32767,32767] so
 * int_fast16_t is used so they will work nice
 * even on 16-bit machines. Plain old int could
 * also be used, but many compilers make it
 * 32-bits for backwards compatibility with
 * SW that assume it is always 32 bits and
 * it isn't efficient.  (This code has probably
 * not yet been tested on a 16-bit machines).
 *
 * https://stackoverflow.com/questions/30942107/
 * whats-the-difference-between-int-and-int-fast16-t
 */


/**
 * \brief Minimal token creation test using a short-circuit signature.
 *
 * \return non-zero on failure.
 */
int_fast16_t minimal_test(void);


/**
 * \brief Test token size calculation.
 *
 * \return non-zero on failure.
 */
int_fast16_t minimal_get_size_test(void);


/**
 * \brief Pass too small a buffer and confirm correct error result.
 *
 * \return non-zero on failure.
 */
int_fast16_t buffer_too_small_test(void);

#ifdef SYMMETRIC_INITIAL_ATTESTATION
/**
 * \brief Test by checking token generated by symmetric key algorithms based
 *        Initial Attestation.
 *
 * \return non-zero on failure.
 *
 * This is an extensive test that can compare the values in the token
 * to expected valued compiled into the test app from
 * token_test_values.h. All the values represented in \ref
 * attest_token_iat_simple_t and in \ref attest_token_sw_component_t
 * are checked.
 *
 * The generated token will be decoded.
 * The tag in COSE_Mac0 structure will be verified in secure side when
 * INCLUDE_TEST_CODE is enabled.
 */
int_fast16_t decode_test_symmetric_initial_attest(void);
#else /* SYMMETRIC_INITIAL_ATTESTATION */
/**
 * \brief Test by checking signed values of claims.
 *
 * \return non-zero on failure.
 *
 * This is an extensive test that can compare the values in the token
 * to expected valued compiled into the test app from
 * token_test_values.h. All the values represented in \ref
 * attest_token_iat_simple_t and in \ref attest_token_sw_component_t
 * are checked.
 *
 * This uses real ECDSA keys for both signing and verificaiton.  It
 * requires that the t_cose crypto porting layer operates correctly
 * and that all keys are present. See also
 * decode_test_short_circuit_sig().
 */
int_fast16_t decode_test_normal_sig(void);


/**
 * \brief Test by checking short-circuit signed values of claims.
 *
 * \return non-zero on failure.
 *
 * This is an extensive test that can compare the values in the token
 * to expected valued compiled into the test app from
 * token_test_values.h. All the values represented in \ref
 * attest_token_iat_simple_t and in \ref attest_token_sw_component_t
 * are checked.
 *
 * This uses a short-circuit signature rather than real ECDSA
 * keys. This tests everything in the implementation except the final
 * signing of the final hash with ECDSA and the converse
 * verification. It is thorough test of everything by ECDSA
 * integration. It can work even without ECDSA integration and without
 * any keys configured.
 */
int_fast16_t decode_test_short_circuit_sig(void);
#endif /* SYMMETRIC_INITIAL_ATTESTATION */

#ifdef __cplusplus
}
#endif

#endif /* __TOKEN_TEST_H__ */