COSE: Remove tests using short-circuit option
Remove T_COSE_OPT_SHORT_CIRCUIT_SIG as this option is now only
supported with the Test crypto adaptor layer of t_cose.
The T_COSE_OPT_SHORT_CIRCUIT_TAG option is not supported anymore,
it was removed from t_cose with adding COSE_Mac0 support:
https://github.com/laurencelundblade/t_cose/pull/80
Remove test functions and test cases relying on the above modifiers:
- minimal_test(),
- decode_test_short_circuit_sig(),
- decode_test_symmetric_iat_short_circuit_tag().
Change-Id: If7a9262efdc1711bc722b4950092983f47d26758
Signed-off-by: David Vincze <david.vincze@arm.com>
diff --git a/tests_reg/test/secure_fw/suites/attestation/attest_token_decode.h b/tests_reg/test/secure_fw/suites/attestation/attest_token_decode.h
index 42682f7..dce754f 100644
--- a/tests_reg/test/secure_fw/suites/attestation/attest_token_decode.h
+++ b/tests_reg/test/secure_fw/suites/attestation/attest_token_decode.h
@@ -207,11 +207,8 @@
* token and its payload is remembered in the \ref
* attest_token_decode_context \c me so the \c
* attest_token_decode_get_xxx() functions can be called to get the
- * various claims out of it.
- *
- * Generally, a public key has to be configured for this to work. It
- * can however validate short-circuit signatures even if one is not
- * set.
+ * various claims out of it. A public key must be configured for
+ * this to work, see attest_token_decode_set_pub_key_select().
*
* The code for any error that occurs during validation is remembered
* in decode context. The \c attest_token_decode_get_xxx() functions
diff --git a/tests_reg/test/secure_fw/suites/attestation/attest_token_decode_asymmetric.c b/tests_reg/test/secure_fw/suites/attestation/attest_token_decode_asymmetric.c
index d86a189..4b499af 100644
--- a/tests_reg/test/secure_fw/suites/attestation/attest_token_decode_asymmetric.c
+++ b/tests_reg/test/secure_fw/suites/attestation/attest_token_decode_asymmetric.c
@@ -31,15 +31,12 @@
{
enum t_cose_err_t t_cose_error;
enum attest_token_err_t return_value;
- int32_t t_cose_options = 0;
struct t_cose_sign1_verify_ctx verify_ctx;
struct t_cose_key attest_key;
/* Run the signature verification */
- if(me->options & TOKEN_OPT_SHORT_CIRCUIT_SIGN) {
- t_cose_options |= T_COSE_OPT_ALLOW_SHORT_CIRCUIT;
- }
- t_cose_sign1_verify_init(&verify_ctx, t_cose_options);
+
+ t_cose_sign1_verify_init(&verify_ctx, 0);
attest_key.key.handle = TFM_BUILTIN_KEY_ID_IAK;
diff --git a/tests_reg/test/secure_fw/suites/attestation/attest_token_decode_symmetric.c b/tests_reg/test/secure_fw/suites/attestation/attest_token_decode_symmetric.c
index 72522fb..29db6c7 100644
--- a/tests_reg/test/secure_fw/suites/attestation/attest_token_decode_symmetric.c
+++ b/tests_reg/test/secure_fw/suites/attestation/attest_token_decode_symmetric.c
@@ -74,16 +74,11 @@
{
enum t_cose_err_t t_cose_error;
enum attest_token_err_t return_value;
- int32_t t_cose_options = 0;
struct t_cose_mac_validate_ctx validate_ctx;
struct t_cose_key attest_key;
psa_key_handle_t key_handle = TFM_BUILTIN_KEY_ID_IAK;
- if (me->options & TOKEN_OPT_SHORT_CIRCUIT_SIGN) {
- t_cose_options |= T_COSE_OPT_ALLOW_SHORT_CIRCUIT;
- }
-
- t_cose_mac_validate_init(&validate_ctx, t_cose_options);
+ t_cose_mac_validate_init(&validate_ctx, 0);
attest_key.key.handle = (uint64_t)key_handle;
t_cose_mac_set_validate_key(&validate_ctx, attest_key);
diff --git a/tests_reg/test/secure_fw/suites/attestation/attest_token_test.c b/tests_reg/test/secure_fw/suites/attestation/attest_token_test.c
index 22eeb50..a08b17f 100644
--- a/tests_reg/test/secure_fw/suites/attestation/attest_token_test.c
+++ b/tests_reg/test/secure_fw/suites/attestation/attest_token_test.c
@@ -109,40 +109,6 @@
}
#ifdef INCLUDE_TEST_CODE
-static const uint8_t expected_minimal_token_bytes[] = {MINIMAL_TOKEN};
-/*
- * Public function. See token_test.h
- */
-int_fast16_t minimal_test()
-{
- int_fast16_t return_value = 0;
- Q_USEFUL_BUF_MAKE_STACK_UB(token_storage,
- sizeof(expected_minimal_token_bytes));
- struct q_useful_buf_c completed_token;
- struct q_useful_buf_c expected_token;
-
- return_value =
- token_main_alt(TOKEN_OPT_SHORT_CIRCUIT_SIGN |
- TOKEN_OPT_OMIT_CLAIMS,
- TOKEN_TEST_VALUE_NONCE,
- token_storage,
- &completed_token);
- if(return_value) {
- goto Done;
- }
-
- expected_token =
- Q_USEFUL_BUF_FROM_BYTE_ARRAY_LITERAL(expected_minimal_token_bytes);
-
- if(q_useful_buf_compare(completed_token, expected_token)) {
- return_value = -3;
- }
-
-Done:
- return return_value;
-}
-
-
/*
* Public function. See token_test.h
*/
@@ -150,26 +116,18 @@
{
int_fast16_t return_value = 0;
size_t length;
- struct q_useful_buf_c expected_token;
struct q_useful_buf_c nonce;
nonce = TOKEN_TEST_VALUE_NONCE;
- expected_token =
- Q_USEFUL_BUF_FROM_BYTE_ARRAY_LITERAL(expected_minimal_token_bytes);
-
return_value = psa_initial_attest_get_token_size(nonce.len,
&length);
/*
- * It is not possible to predict the size of the token returned
- * here because options like TOKEN_OPT_OMIT_CLAIMS and
- * TOKEN_OPT_SHORT_CIRCUIT_SIGN cannot be passed to limit what it
- * does. Instead check to see if the size is in a reasonable
- * range. The minimal_test() will actually check the size for
- * exactitude because it can pass those options,
+ * It is not possible to predict the exact size of the token returned
+ * here. Instead check to see if the size is in a reasonable range.
*/
- if(length < expected_token.len || length > 10000) {
+ if(length < MINIMAL_TOKEN_SIZE || length > 10000) {
return_value = -1;
}
@@ -189,18 +147,15 @@
* incorrectly generated token may overwrite and corrupt the data following
* this buffer.
*/
- Q_USEFUL_BUF_MAKE_STACK_UB(token_storage,
- sizeof(expected_minimal_token_bytes));
+ Q_USEFUL_BUF_MAKE_STACK_UB(token_storage, MINIMAL_TOKEN_SIZE);
struct q_useful_buf_c completed_token;
struct q_useful_buf_c nonce;
-
nonce = TOKEN_TEST_VALUE_NONCE;
/* Fake the size and cheat the token generation process. */
- token_storage.len = sizeof(expected_minimal_token_bytes) - 1;
+ token_storage.len = MINIMAL_TOKEN_SIZE - 1;
- return_value = token_main_alt(TOKEN_OPT_SHORT_CIRCUIT_SIGN |
- TOKEN_OPT_OMIT_CLAIMS,
+ return_value = token_main_alt(TOKEN_OPT_OMIT_CLAIMS,
nonce,
token_storage,
&completed_token);
@@ -757,14 +712,10 @@
* Modes for decode_test_internal()
*/
enum decode_test_mode_t {
- /** See documentation for decode_test_short_circuit_sig() */
- SHORT_CIRCUIT_SIGN,
/** See documentation for decode_test_normal_sig() */
NORMAL_SIGN,
/** See documentation for decode_test_symmetric_initial_attest() */
COSE_MAC0,
- /** See documentation for decode_test_symmetric_iat_short_circuit_tag() */
- COSE_MAC0_SHORT_CIRCUIT_TAG
};
/**
@@ -774,7 +725,7 @@
*
* \return 0 for success, test failure code otherwise.
*
- * See decode_test_normal_sig() and decode_test_short_circuit_sig().
+ * See decode_test_normal_sig().
*/
static int_fast16_t decode_test_internal(enum decode_test_mode_t mode)
{
@@ -791,11 +742,6 @@
uint32_t token_decode_options;
switch(mode) {
- case SHORT_CIRCUIT_SIGN:
- token_encode_options = TOKEN_OPT_SHORT_CIRCUIT_SIGN;
- token_decode_options = TOKEN_OPT_SHORT_CIRCUIT_SIGN;
- break;
-
case NORMAL_SIGN:
token_encode_options = 0;
token_decode_options = 0;
@@ -806,11 +752,6 @@
token_decode_options = 0;
break;
- case COSE_MAC0_SHORT_CIRCUIT_TAG:
- token_encode_options = TOKEN_OPT_SHORT_CIRCUIT_SIGN;
- token_decode_options = TOKEN_OPT_SHORT_CIRCUIT_SIGN;
- break;
-
default:
return_value = -1000;
goto Done;
@@ -906,24 +847,10 @@
{
return decode_test_internal(COSE_MAC0);
}
-
-int_fast16_t decode_test_symmetric_iat_short_circuit_tag(void)
-{
- return decode_test_internal(COSE_MAC0_SHORT_CIRCUIT_TAG);
-}
#else /* SYMMETRIC_INITIAL_ATTESTATION */
/*
* Public function. See token_test.h
*/
-int_fast16_t decode_test_short_circuit_sig(void)
-{
- return decode_test_internal(SHORT_CIRCUIT_SIGN);
-}
-
-
-/*
- * Public function. See token_test.h
- */
int_fast16_t decode_test_normal_sig(void)
{
return decode_test_internal(NORMAL_SIGN);
diff --git a/tests_reg/test/secure_fw/suites/attestation/attest_token_test.h b/tests_reg/test/secure_fw/suites/attestation/attest_token_test.h
index 37b12e0..ce3847e 100644
--- a/tests_reg/test/secure_fw/suites/attestation/attest_token_test.h
+++ b/tests_reg/test/secure_fw/suites/attestation/attest_token_test.h
@@ -37,14 +37,6 @@
/**
- * \brief Minimal token creation test using a short-circuit signature.
- *
- * \return non-zero on failure.
- */
-int_fast16_t minimal_test(void);
-
-
-/**
* \brief Test token size calculation.
*
* \return non-zero on failure.
@@ -78,24 +70,8 @@
*/
int_fast16_t decode_test_symmetric_initial_attest(void);
-/**
- * \brief Test by checking short-circuit tagged values of claims.
- *
- * \return non-zero on failure.
- *
- * This is an extensive test that can compare the values in the token
- * to expected valued compiled into the test app from
- * token_test_values.h. All the values represented in \ref
- * attest_token_iat_simple_t and in \ref attest_token_sw_component_t
- * are checked.
- *
- * This uses a short-circuit tag rather than real HMAC operation with
- * symmetric IAK. This tests everything in the implementation except the final
- * MAC. It can work even without HMAC integration and without
- * any keys configured.
- */
-int_fast16_t decode_test_symmetric_iat_short_circuit_tag(void);
#else /* SYMMETRIC_INITIAL_ATTESTATION */
+
/**
* \brief Test by checking signed values of claims.
*
@@ -107,33 +83,11 @@
* attest_token_iat_simple_t and in \ref attest_token_sw_component_t
* are checked.
*
- * This uses real ECDSA keys for both signing and verificaiton. It
+ * This uses real ECDSA keys for both signing and verification. It
* requires that the t_cose crypto porting layer operates correctly
- * and that all keys are present. See also
- * decode_test_short_circuit_sig().
+ * and that all keys are present.
*/
int_fast16_t decode_test_normal_sig(void);
-
-
-/**
- * \brief Test by checking short-circuit signed values of claims.
- *
- * \return non-zero on failure.
- *
- * This is an extensive test that can compare the values in the token
- * to expected valued compiled into the test app from
- * token_test_values.h. All the values represented in \ref
- * attest_token_iat_simple_t and in \ref attest_token_sw_component_t
- * are checked.
- *
- * This uses a short-circuit signature rather than real ECDSA
- * keys. This tests everything in the implementation except the final
- * signing of the final hash with ECDSA and the converse
- * verification. It is thorough test of everything by ECDSA
- * integration. It can work even without ECDSA integration and without
- * any keys configured.
- */
-int_fast16_t decode_test_short_circuit_sig(void);
#endif /* SYMMETRIC_INITIAL_ATTESTATION */
#ifdef __cplusplus
diff --git a/tests_reg/test/secure_fw/suites/attestation/attest_token_test_values.h b/tests_reg/test/secure_fw/suites/attestation/attest_token_test_values.h
index c59f96a..2533696 100644
--- a/tests_reg/test/secure_fw/suites/attestation/attest_token_test_values.h
+++ b/tests_reg/test/secure_fw/suites/attestation/attest_token_test_values.h
@@ -2,7 +2,7 @@
* attest_token_test_values.h
*
* Copyright (c) 2019, Laurence Lundblade.
- * Copyright (c) 2019-2024, Arm Limited.
+ * Copyright (c) 2019-2025, Arm Limited.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -70,197 +70,44 @@
* bytes. They length must be the number of bytes in the first.
*/
-/**
- * This is the expected output for the minimal test. It is the result
- * of creating a token with \ref TOKEN_OPT_SHORT_CIRCUIT_SIGN and \ref
- * TOKEN_OPT_OMIT_CLAIMS set. The nonce is the above constant string
- * \ref nonce_bytes. The token output is completely deterministic.
- * 17(
- * [
- * / protected / h'A10105' / {
- * \ alg \ 1:5 \ HMAC-SHA256 \
- * } /,
- * / unprotected / {},
- * / payload / h'A13A000124FF5840000000C0000000000000000000000
- * 00000000000000000000000000000000000000000000000000000000000
- * 0000000000000000000000000000000000000000' / {
- * / arm_psa_nonce / -75008: h'000000C00000000000000000000
- * 0000000000000000000000000000000000000000000000000000000
- * 0000000000000000000000000000000000000000000000,
- * } /,
- * / tag / h'966840FC0A60AE968F906D7092E57B205D3BBE83ED47EBBC2
- * AD9D1CFB41C87F3'
- * ]
- * )
- *
- * The above is in CBOR Diagnostic notation. See RFC 8152.
- */
-#define SYM_KEY_SIGNED_MINIMAL_TOKEN_PSA_IOT_1 \
- 0xD1, 0x84, 0x43, 0xA1, 0x01, 0x05, 0xA0, 0x58, \
- 0x48, 0xA1, 0x3A, 0x00, 0x01, 0x24, 0xFF, 0x58, \
- 0x40, 0x00, 0x00, 0x00, 0xC0, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x58, 0x20, 0x96, 0x68, 0x40, 0xFC, 0x0A, \
- 0x60, 0xAE, 0x96, 0x8F, 0x90, 0x6D, 0x70, 0x92, \
- 0xE5, 0x7B, 0x20, 0x5D, 0x3B, 0xBE, 0x83, 0xED, \
- 0x47, 0xEB, 0xBC, 0x2A, 0xD9, 0xD1, 0xCF, 0xB4, \
- 0x1C, 0x87, 0xF3
-
-/* The expected token in PSA_2_0_0 profile. The difference is caused because
- * the key value of the nonce claim is modifed (-75008 -> 10) to be aligned with
- * the EAT specification.
- *
- * 17(
- * [
- * / protected / h'A10105' / {
- * \ alg \ 1:5 \ HMAC-SHA256 \
- * } /,
- * / unprotected / {},
- * / payload / h'A10A5840000000C000000000000000000000000000000
- * 00000000000000000000000000000000000000000000000000000000000
- * 0000000000000000000000000000000' \ {
- * / arm_psa_nonce / 10: h'000000C000000000000000000000000
- * 0000000000000000000000000000000000000000000000000000000
- * 000000000000000000000000000000000000000000,
- * } /,
- * / tag / h'AD01BB6AF91B2F13F8BF3C9BBB31079000CA8F117C800F50A
- * C56ADB0E113749D'
- * ]
- * )
- *
- * The above is in CBOR Diagnostic notation. See RFC 8152.
- */
-#define SYM_KEY_SIGNED_MINIMAL_TOKEN_PSA_2_0_0_0 \
- 0xD1, 0x84, 0x43, 0xA1, 0x01, 0x05, 0xA0, 0x58, \
- 0x44, 0xA1, 0x0A, 0x58, 0x40, 0x00, 0x00, 0x00, \
- 0xC0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x58, 0x20, 0xAD, \
- 0x01, 0xBB, 0x6A, 0xF9, 0x1B, 0x2F, 0x13, 0xF8, \
- 0xBF, 0x3C, 0x9B, 0xBB, 0x31, 0x07, 0x90, 0x00, \
- 0xCA, 0x8F, 0x11, 0x7C, 0x80, 0x0F, 0x50, 0xAC, \
- 0x56, 0xAD, 0xB0, 0xE1, 0x13, 0x74, 0x9D
-
-/**
- * This is the expected output for the minimal test. It is the result
- * of creating a token with \ref TOKEN_OPT_SHORT_CIRCUIT_SIGN and \ref
- * TOKEN_OPT_OMIT_CLAIMS set. The nonce is the above constant string
- * \ref nonce_bytes. The token output is completely deterministic.
- *
- * The implementation of TOKEN_OPT_SHORT_CIRCUIT_SIGN always uses the
- * kid
- * EF954B4BD9BDF670D0336082F5EF152AF8F35B6A6C00EFA6A9A71F49517E18C6.
- * 18(
- * [
- * h'A10126', // protected headers
- * { // unprotected headers
- * 4: h'EF954B4BD9BDF670D0336082F5EF152AF8F35B6A6C00EFA6A9
- * A71F49517E18C6'
- * },
- * h'A13A000124FF5840000000C0000000000000000000000000000000000
- * 000000000000000000000000000000000000000000000000000000000
- * 000000000000000000000000000000',
- * h'CE52E46D564F1A6DBCEE106341CC80CDC0A3480999AFA8067747CA255
- * EEDFD8BCE52E46D564F1A6DBCEE106341CC80CDC0A3480999AFA80677
- * 47CA255EEDFD8B'
- * ]
- * )
- *
- * The above is in CBOR Diagnostic notation. See RFC 8152.
- */
-#define ASYM_KEY_SIGNED_MINIMAL_TOKEN_PSA_IOT_1 \
- 0xD2, 0x84, 0x43, 0xA1, 0x01, 0x26, 0xA1, 0x04, \
- 0x58, 0x20, 0xEF, 0x95, 0x4B, 0x4B, 0xD9, 0xBD, \
- 0xF6, 0x70, 0xD0, 0x33, 0x60, 0x82, 0xF5, 0xEF, \
- 0x15, 0x2A, 0xF8, 0xF3, 0x5B, 0x6A, 0x6C, 0x00, \
- 0xEF, 0xA6, 0xA9, 0xA7, 0x1F, 0x49, 0x51, 0x7E, \
- 0x18, 0xC6, 0x58, 0x48, 0xA1, 0x3A, 0x00, 0x01, \
- 0x24, 0xFF, 0x58, 0x40, 0x00, 0x00, 0x00, 0xC0, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x58, 0x40, 0x45, 0x0B, \
- 0x2C, 0x09, 0x68, 0xA1, 0x92, 0xA8, 0x85, 0xBE, \
- 0x59, 0xE5, 0xA0, 0x9B, 0xDA, 0x4A, 0x8B, 0xA3, \
- 0xA6, 0xFC, 0x7F, 0x51, 0x90, 0x35, 0x2D, 0x3A, \
- 0x16, 0xBC, 0x30, 0x7B, 0x50, 0x3D, 0x45, 0x0B, \
- 0x2C, 0x09, 0x68, 0xA1, 0x92, 0xA8, 0x85, 0xBE, \
- 0x59, 0xE5, 0xA0, 0x9B, 0xDA, 0x4A, 0x8B, 0xA3, \
- 0xA6, 0xFC, 0x7F, 0x51, 0x90, 0x35, 0x2D, 0x3A, \
- 0x16, 0xBC, 0x30, 0x7B, 0x50, 0x3D
-
-/**
- * 18(
- * [
- * h'A10126', // protected headers
- * { // unprotected headers
- * 4: h'EF954B4BD9BDF670D0336082F5EF152AF8F35B6A6C00EFA6A9
- * A71F49517E18C6'
- * },
- * h'A10A5840000000C000000000000000000000000000000000000000000
- * 000000000000000000000000000000000000000000000000000000000
- * 0000000000000000000000',
- * h'52B1D89EB3CBA0FF57291754F54A5927116E68CA32F28967BB41B04D2
- * 167BFB352B1D89EB3CBA0FF57291754F54A5927116E68CA32F28967BB
- * 41B04D2167BFB3'
- * ]
- * )
- * The above is in CBOR Diagnostic notation. See RFC 8152.
- */
-#define ASYM_KEY_SIGNED_MINIMAL_TOKEN_PSA_2_0_0_ARM_CCA \
- 0xD2, 0x84, 0x43, 0xA1, 0x01, 0x26, 0xA1, 0x04, \
- 0x58, 0x20, 0xEF, 0x95, 0x4B, 0x4B, 0xD9, 0xBD, \
- 0xF6, 0x70, 0xD0, 0x33, 0x60, 0x82, 0xF5, 0xEF, \
- 0x15, 0x2A, 0xF8, 0xF3, 0x5B, 0x6A, 0x6C, 0x00, \
- 0xEF, 0xA6, 0xA9, 0xA7, 0x1F, 0x49, 0x51, 0x7E, \
- 0x18, 0xC6, 0x58, 0x44, 0xA1, 0x0A, 0x58, 0x40, \
- 0x00, 0x00, 0x00, 0xC0, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
- 0x58, 0x40, 0x52, 0xB1, 0xD8, 0x9E, 0xB3, 0xCB, \
- 0xA0, 0xFF, 0x57, 0x29, 0x17, 0x54, 0xF5, 0x4A, \
- 0x59, 0x27, 0x11, 0x6E, 0x68, 0xCA, 0x32, 0xF2, \
- 0x89, 0x67, 0xBB, 0x41, 0xB0, 0x4D, 0x21, 0x67, \
- 0xBF, 0xB3, 0x52, 0xB1, 0xD8, 0x9E, 0xB3, 0xCB, \
- 0xA0, 0xFF, 0x57, 0x29, 0x17, 0x54, 0xF5, 0x4A, \
- 0x59, 0x27, 0x11, 0x6E, 0x68, 0xCA, 0x32, 0xF2, \
- 0x89, 0x67, 0xBB, 0x41, 0xB0, 0x4D, 0x21, 0x67, \
- 0xBF, 0xB3
-
-/* The expected tokens in the minimal */
+/* The expected minimal token sizes */
#ifdef SYMMETRIC_INITIAL_ATTESTATION
#if ATTEST_TOKEN_PROFILE_PSA_IOT_1
- #define MINIMAL_TOKEN SYM_KEY_SIGNED_MINIMAL_TOKEN_PSA_IOT_1
+ /* Minimal tagged COSE_Mac0 structure fields and sizes
+ * (using T_COSE_ALGORITHM_HMAC256 algorithm):
+ * Header:
+ * tag+encoding: 1+1 Bytes
+ * protected: 1+3 Bytes
+ * unprotected 1 Bytes (empty)
+ * payload 2+72 Bytes
+ * tag 2+32 Bytes
+ */
+ #define MINIMAL_TOKEN_SIZE (115)
#else
- /* PSA_2_0_0 */
- #define MINIMAL_TOKEN SYM_KEY_SIGNED_MINIMAL_TOKEN_PSA_2_0_0_0
+ /* PSA_2_0_0 or ARM_CCA profiles
+ * In this case the COSE_Mac0 structure has the same fields
+ * but the payload (token information) size is 2+68 Bytes.
+ */
+ #define MINIMAL_TOKEN_SIZE (111)
#endif
#else
#if ATTEST_TOKEN_PROFILE_PSA_IOT_1
- #define MINIMAL_TOKEN ASYM_KEY_SIGNED_MINIMAL_TOKEN_PSA_IOT_1
+ /* Minimal tagged COSE_Sign1 structure fields and sizes
+ * (using T_COSE_ALGORITHM_ES256 algorithm):
+ * Header:
+ * tag+encoding: 1+1 Bytes
+ * protected: 1+3 Bytes
+ * unprotected 1 Bytes (empty)
+ * payload 2+72 Bytes
+ * tag 2+64 Bytes
+ */
+ #define MINIMAL_TOKEN_SIZE (147)
#else
- /* PSA_2_0_0 or ARM_CCA profiles */
- #define MINIMAL_TOKEN ASYM_KEY_SIGNED_MINIMAL_TOKEN_PSA_2_0_0_ARM_CCA
+ /* PSA_2_0_0 or ARM_CCA profiles
+ * In this case the COSE_Sign1 structure has the same fields
+ * but the payload (token information) size is 2+68 Bytes.
+ */
+ #define MINIMAL_TOKEN_SIZE (143)
#endif
#endif
diff --git a/tests_reg/test/secure_fw/suites/attestation/non_secure/attest_asymmetric_ns_interface_testsuite.c b/tests_reg/test/secure_fw/suites/attestation/non_secure/attest_asymmetric_ns_interface_testsuite.c
index c639258..4fbfeaf 100644
--- a/tests_reg/test/secure_fw/suites/attestation/non_secure/attest_asymmetric_ns_interface_testsuite.c
+++ b/tests_reg/test/secure_fw/suites/attestation/non_secure/attest_asymmetric_ns_interface_testsuite.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -20,24 +20,18 @@
/* List of tests */
#ifdef INCLUDE_TEST_CODE
static void tfm_attest_test_1001(struct test_result_t *ret);
+#endif
static void tfm_attest_test_1002(struct test_result_t *ret);
static void tfm_attest_test_1003(struct test_result_t *ret);
-#endif
-static void tfm_attest_test_1004(struct test_result_t *ret);
-static void tfm_attest_test_1005(struct test_result_t *ret);
static struct test_t attestation_interface_tests[] = {
#ifdef INCLUDE_TEST_CODE
{&tfm_attest_test_1001, "TFM_NS_ATTEST_TEST_1001",
- "Minimal token test of attest token"},
- {&tfm_attest_test_1002, "TFM_NS_ATTEST_TEST_1002",
"Minimal token size test of attest token"},
- {&tfm_attest_test_1003, "TFM_NS_ATTEST_TEST_1003",
- "Short circuit signature test of attest token"},
#endif
- {&tfm_attest_test_1004, "TFM_NS_ATTEST_TEST_1004",
+ {&tfm_attest_test_1002, "TFM_NS_ATTEST_TEST_1002",
"ECDSA signature test of attest token"},
- {&tfm_attest_test_1005, "TFM_NS_ATTEST_TEST_1005",
+ {&tfm_attest_test_1003, "TFM_NS_ATTEST_TEST_1003",
"Negative test cases for initial attestation service"},
};
@@ -56,32 +50,10 @@
#ifdef INCLUDE_TEST_CODE
/*!
- * \brief Get minimal token, only include a hard coded challenge, but omit the
- * rest of the claims
- *
- * Calling the minimal_test, which just retrieves a specific token:
- * - only hard coded challenge is included
- * - token signature is the hash of the token concatenated twice
- */
-static void tfm_attest_test_1001(struct test_result_t *ret)
-{
- int32_t err;
-
- err = minimal_test();
- if (err != 0) {
- TEST_LOG("minimal_test() returned: %d\r\n", err);
- TEST_FAIL("Attest token minimal_test() has failed");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
-
-/*!
* \brief Get the size of the minimal token, only include a hard coded
* challenge, but omit the rest of the claims
*/
-static void tfm_attest_test_1002(struct test_result_t *ret)
+static void tfm_attest_test_1001(struct test_result_t *ret)
{
int32_t err;
@@ -94,27 +66,6 @@
ret->val = TEST_PASSED;
}
-
-/*!
- * \brief Get an IAT with short circuit signature (signature is composed of
- * hash of token). Parse the token, validate presence of claims and
- * compare them against expected values in token_test_values.h
- *
- * More info in token_test.h
- */
-static void tfm_attest_test_1003(struct test_result_t *ret)
-{
- int32_t err;
-
- err = decode_test_short_circuit_sig();
- if (err != 0) {
- TEST_LOG("decode_test_short_circuit_sig() returned: %d\r\n", err);
- TEST_FAIL("Attest token decode_test_short_circuit_sig() has failed");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
#endif /* INCLUDE_TEST_CODE */
/*!
@@ -126,7 +77,7 @@
*
* More info in token_test.h
*/
-static void tfm_attest_test_1004(struct test_result_t *ret)
+static void tfm_attest_test_1002(struct test_result_t *ret)
{
int32_t err;
@@ -148,7 +99,7 @@
* - Calling initial attestation service with smaller buffer size than the
* expected size of the token.
*/
-static void tfm_attest_test_1005(struct test_result_t *ret)
+static void tfm_attest_test_1003(struct test_result_t *ret)
{
psa_status_t err;
size_t token_buf_size = TEST_TOKEN_SIZE;
diff --git a/tests_reg/test/secure_fw/suites/attestation/non_secure/attest_symmetric_ns_interface_testsuite.c b/tests_reg/test/secure_fw/suites/attestation/non_secure/attest_symmetric_ns_interface_testsuite.c
index 0143469..28afeba 100644
--- a/tests_reg/test/secure_fw/suites/attestation/non_secure/attest_symmetric_ns_interface_testsuite.c
+++ b/tests_reg/test/secure_fw/suites/attestation/non_secure/attest_symmetric_ns_interface_testsuite.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -18,8 +18,6 @@
#ifdef INCLUDE_TEST_CODE
static void tfm_attest_test_2002(struct test_result_t *ret);
static void tfm_attest_test_2003(struct test_result_t *ret);
-static void tfm_attest_test_2004(struct test_result_t *ret);
-static void tfm_attest_test_2005(struct test_result_t *ret);
#endif
static struct test_t attestation_interface_tests[] = {
@@ -27,12 +25,8 @@
"Symmetric key algorithm based Initial Attestation test"},
#ifdef INCLUDE_TEST_CODE
{&tfm_attest_test_2002, "TFM_NS_ATTEST_TEST_2002",
- "Minimal token test of attest token"},
- {&tfm_attest_test_2003, "TFM_NS_ATTEST_TEST_2003",
"Minimal token size test of attest token"},
- {&tfm_attest_test_2004, "TFM_NS_ATTEST_TEST_2004",
- "Short circuit tag test of attest token"},
- {&tfm_attest_test_2005, "TFM_NS_ATTEST_TEST_2005",
+ {&tfm_attest_test_2003, "TFM_NS_ATTEST_TEST_2003",
"Negative test cases for initial attestation service"},
#endif
};
@@ -69,32 +63,10 @@
#ifdef INCLUDE_TEST_CODE
/*!
- * \brief Get minimal token, only include a hard coded challenge, but omit the
- * rest of the claims
- *
- * Calling the minimal_test, which just retrieves a specific token:
- * - only hard coded challenge is included
- * - only mandatory claims are included
- */
-static void tfm_attest_test_2002(struct test_result_t *ret)
-{
- int32_t err;
-
- err = minimal_test();
- if (err != 0) {
- TEST_LOG("minimal_test() returned: %d\r\n", err);
- TEST_FAIL("Attest token minimal_test() has failed");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
-
-/*!
* \brief Get the size of the minimal token, only include a hard coded
* challenge, but omit the rest of the claims
*/
-static void tfm_attest_test_2003(struct test_result_t *ret)
+static void tfm_attest_test_2002(struct test_result_t *ret)
{
int32_t err;
@@ -109,26 +81,6 @@
}
/*!
- * \brief Get an IAT with short circuit tag (tag is hash of token).
- * Parse the token, validate presence of claims and verify the hash value
- *
- * More info in token_test.h
- */
-static void tfm_attest_test_2004(struct test_result_t *ret)
-{
- int32_t err;
-
- err = decode_test_symmetric_iat_short_circuit_tag();
- if (err != 0) {
- TEST_LOG("decode_test_symmetric_iat_short_circuit_tag() returned: %d\r\n", err);
- TEST_FAIL("Attest token decode_test_symmetric_iat_short_circuit_tag() has failed");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
-
-/*!
* \brief Negative tests for initial attestation service
*
* - Calling initial attestation service with bigger challenge object than
@@ -136,7 +88,7 @@
* - Calling initial attestation service with smaller buffer size than the
* expected size of the token.
*/
-static void tfm_attest_test_2005(struct test_result_t *ret)
+static void tfm_attest_test_2003(struct test_result_t *ret)
{
psa_status_t err;
size_t token_size;
diff --git a/tests_reg/test/secure_fw/suites/attestation/secure/attest_asymmetric_s_interface_testsuite.c b/tests_reg/test/secure_fw/suites/attestation/secure/attest_asymmetric_s_interface_testsuite.c
index b0a1941..013f8ce 100644
--- a/tests_reg/test/secure_fw/suites/attestation/secure/attest_asymmetric_s_interface_testsuite.c
+++ b/tests_reg/test/secure_fw/suites/attestation/secure/attest_asymmetric_s_interface_testsuite.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -19,24 +19,18 @@
/* List of tests */
#ifdef INCLUDE_TEST_CODE
static void tfm_attest_test_1001(struct test_result_t *ret);
+#endif
static void tfm_attest_test_1002(struct test_result_t *ret);
static void tfm_attest_test_1003(struct test_result_t *ret);
-#endif
-static void tfm_attest_test_1004(struct test_result_t *ret);
-static void tfm_attest_test_1005(struct test_result_t *ret);
static struct test_t attestation_interface_tests[] = {
#ifdef INCLUDE_TEST_CODE
{&tfm_attest_test_1001, "TFM_S_ATTEST_TEST_1001",
- "Minimal token test of attest token"},
- {&tfm_attest_test_1002, "TFM_S_ATTEST_TEST_1002",
"Minimal token size test of attest token"},
- {&tfm_attest_test_1003, "TFM_S_ATTEST_TEST_1003",
- "Short circuit signature test of attest token"},
#endif
- {&tfm_attest_test_1004, "TFM_S_ATTEST_TEST_1004",
+ {&tfm_attest_test_1002, "TFM_S_ATTEST_TEST_1002",
"ECDSA signature test of attest token"},
- {&tfm_attest_test_1005, "TFM_S_ATTEST_TEST_1005",
+ {&tfm_attest_test_1003, "TFM_S_ATTEST_TEST_1003",
"Negative test cases for initial attestation service"},
};
@@ -55,32 +49,10 @@
#ifdef INCLUDE_TEST_CODE
/*!
- * \brief Get minimal token, only include a hard coded challenge, but omit the
- * rest of the claims
- *
- * Calling the minimal_test, which just retrieves a specific token:
- * - only hard coded challenge is included
- * - token signature is the hash of the token concatenated twice
- */
-static void tfm_attest_test_1001(struct test_result_t *ret)
-{
- int32_t err;
-
- err = minimal_test();
- if (err != 0) {
- TEST_LOG("minimal_test() returned: %d\r\n", err);
- TEST_FAIL("Attest token minimal_test() has failed");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
-
-/*!
* \brief Get the size of the minimal token, only include a hard coded
* challenge, but omit the rest of the claims
*/
-static void tfm_attest_test_1002(struct test_result_t *ret)
+static void tfm_attest_test_1001(struct test_result_t *ret)
{
int32_t err;
@@ -93,27 +65,6 @@
ret->val = TEST_PASSED;
}
-
-/*!
- * \brief Get an IAT with short circuit signature (signature is composed of
- * hash of token). Parse the token, validate presence of claims and
- * compare them against expected values in token_test_values.h
- *
- * More info in token_test.h
- */
-static void tfm_attest_test_1003(struct test_result_t *ret)
-{
- int32_t err;
-
- err = decode_test_short_circuit_sig();
- if (err != 0) {
- TEST_LOG("decode_test_short_circuit_sig() returned: %d\r\n", err);
- TEST_FAIL("Attest token decode_test_short_circuit_sig() has failed");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
#endif /* INCLUDE_TEST_CODE */
/*!
@@ -125,7 +76,7 @@
*
* More info in token_test.h
*/
-static void tfm_attest_test_1004(struct test_result_t *ret)
+static void tfm_attest_test_1002(struct test_result_t *ret)
{
int32_t err;
@@ -147,7 +98,7 @@
* - Calling initial attestation service with smaller buffer size than the
* expected size of the token.
*/
-static void tfm_attest_test_1005(struct test_result_t *ret)
+static void tfm_attest_test_1003(struct test_result_t *ret)
{
psa_status_t err;
size_t token_buf_size = TEST_TOKEN_SIZE;
diff --git a/tests_reg/test/secure_fw/suites/attestation/secure/attest_symmetric_s_interface_testsuite.c b/tests_reg/test/secure_fw/suites/attestation/secure/attest_symmetric_s_interface_testsuite.c
index 0030f98..dc7a21e 100644
--- a/tests_reg/test/secure_fw/suites/attestation/secure/attest_symmetric_s_interface_testsuite.c
+++ b/tests_reg/test/secure_fw/suites/attestation/secure/attest_symmetric_s_interface_testsuite.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -18,8 +18,6 @@
#ifdef INCLUDE_TEST_CODE
static void tfm_attest_test_2002(struct test_result_t *ret);
static void tfm_attest_test_2003(struct test_result_t *ret);
-static void tfm_attest_test_2004(struct test_result_t *ret);
-static void tfm_attest_test_2005(struct test_result_t *ret);
#endif
static struct test_t attestation_interface_tests[] = {
@@ -27,12 +25,8 @@
"Symmetric key algorithm based Initial Attestation test"},
#ifdef INCLUDE_TEST_CODE
{&tfm_attest_test_2002, "TFM_S_ATTEST_TEST_2002",
- "Minimal token test of attest token"},
- {&tfm_attest_test_2003, "TFM_S_ATTEST_TEST_2003",
"Minimal token size test of attest token"},
- {&tfm_attest_test_2004, "TFM_S_ATTEST_TEST_2004",
- "Short circuit tag test of attest token"},
- {&tfm_attest_test_2005, "TFM_S_ATTEST_TEST_2005",
+ {&tfm_attest_test_2003, "TFM_S_ATTEST_TEST_2003",
"Negative test cases for initial attestation service"},
#endif
};
@@ -69,32 +63,10 @@
#ifdef INCLUDE_TEST_CODE
/*!
- * \brief Get minimal token, only include a hard coded challenge, but omit the
- * rest of the claims
- *
- * Calling the minimal_test, which just retrieves a specific token:
- * - only hard coded challenge is included
- * - only mandatory claims are included
- */
-static void tfm_attest_test_2002(struct test_result_t *ret)
-{
- int32_t err;
-
- err = minimal_test();
- if (err != 0) {
- TEST_LOG("minimal_test() returned: %d\r\n", err);
- TEST_FAIL("Attest token minimal_test() has failed");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
-
-/*!
* \brief Get the size of the minimal token, only include a hard coded
* challenge, but omit the rest of the claims
*/
-static void tfm_attest_test_2003(struct test_result_t *ret)
+static void tfm_attest_test_2002(struct test_result_t *ret)
{
int32_t err;
@@ -109,26 +81,6 @@
}
/*!
- * \brief Get an IAT with short circuit tag (tag is hash of token).
- * Parse the token, validate presence of claims and verify the hash value
- *
- * More info in token_test.h
- */
-static void tfm_attest_test_2004(struct test_result_t *ret)
-{
- int32_t err;
-
- err = decode_test_symmetric_iat_short_circuit_tag();
- if (err != 0) {
- TEST_LOG("decode_test_symmetric_iat_short_circuit_tag() returned: %d\r\n", err);
- TEST_FAIL("Attest token decode_test_symmetric_iat_short_circuit_tag() has failed");
- return;
- }
-
- ret->val = TEST_PASSED;
-}
-
-/*!
* \brief Negative tests for initial attestation service
*
* - Calling initial attestation service with bigger challenge object than
@@ -136,7 +88,7 @@
* - Calling initial attestation service with smaller buffer size than the
* expected size of the token.
*/
-static void tfm_attest_test_2005(struct test_result_t *ret)
+static void tfm_attest_test_2003(struct test_result_t *ret)
{
psa_status_t err;
size_t token_size;