SST: Add asset authentication token in the APIs
This patch adds asset authentication token in the APIs to be used in
the future for asset key derivation. It also updates all files which
depend on these APIs and their documentation
Change-Id: I53e193b3dd3151798588c5515cd5198270836acf
Signed-off-by: Marc Moreno <marc.morenoberengue@arm.com>
diff --git a/interface/include/tfm_sst_api.h b/interface/include/tfm_sst_api.h
index 8447bd4..58d9333 100644
--- a/interface/include/tfm_sst_api.h
+++ b/interface/include/tfm_sst_api.h
@@ -19,40 +19,78 @@
* without setting any data in the asset.
*
* \param[in] asset_uuid Asset UUID
+ * \param[in] token Must be set to NULL, reserved for future use.
+ * Pointer to the asset token to be used to generate
+ * the asset key to encrypt and decrypt the asset
+ * data. This is an optional parameter that has to
+ * be NULL in case the token is not provied.
+ * \param[in] token_size Must be set to 0, reserved for future use.
+ * Token size. In case the token is not provided
+ * the token size has to be 0.
*
* \return Returns an TFM_SST_ERR_SUCCESS if asset is created correctly.
* Otherwise, error code as specified in \ref tfm_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_create(uint32_t asset_uuid);
+enum tfm_sst_err_t tfm_sst_create(uint32_t asset_uuid,
+ const uint8_t* token,
+ uint32_t token_size);
/**
* \brief Gets asset's information referenced by asset UUID.
*
* \param[in] asset_uuid Asset UUID
+ * \param[in] token Must be set to NULL, reserved for future use.
+ * Pointer to the asset token to be used to generate
+ * the asset key to encrypt and decrypt the asset
+ * data. This is an optional parameter that has to
+ * be NULL in case the token is not provied.
+ * \param[in] token_size Must be set to 0, reserved for future use.
+ * Token size. In case the token is not provided
+ * the token size has to be 0.
* \param[out] info Pointer to store the asset's information
* \ref tfm_sst_asset_info_t
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t tfm_sst_get_info(uint32_t asset_uuid,
+ const uint8_t* token,
+ uint32_t token_size,
struct tfm_sst_asset_info_t *info);
/**
* \brief Gets asset's attributes referenced by asset UUID.
*
* \param[in] asset_uuid Asset UUID
+ * \param[in] token Must be set to NULL, reserved for future use.
+ * Pointer to the asset token to be used to generate
+ * the asset key to encrypt and decrypt the asset
+ * data. This is an optional parameter that has to
+ * be NULL in case the token is not provied.
+ * \param[in] token_size Must be set to 0, reserved for future use.
+ * Token size. In case the token is not provided
+ * the token size has to be 0.
* \param[out] attrs Pointer to store the asset's attributes
* \ref tfm_sst_asset_attrs_t
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t tfm_sst_get_attributes(uint32_t asset_uuid,
+ const uint8_t* token,
+ uint32_t token_size,
struct tfm_sst_asset_attrs_t *attrs);
/**
* \brief Sets asset's attributes referenced by asset UUID.
*
* \param[in] asset_uuid Asset UUID
+ * \param[in] token Must be set to NULL, reserved for future use.
+ * Pointer to the asset token to be used to generate
+ * the asset key to encrypt and decrypt the asset
+ * data. This is an optional parameter that has to
+ * be NULL in case the token is not provied.
+ * \param[in] token_size Must be set to 0, reserved for future use.
+ * Token size. In case the token is not provided
+ * the token size has to be 0.
* \param[in] attrs Pointer to new the asset's attributes
* \ref tfm_sst_asset_attrs_t
*
@@ -60,40 +98,72 @@
*/
enum tfm_sst_err_t tfm_sst_set_attributes(
uint32_t asset_uuid,
+ const uint8_t* token,
+ uint32_t token_size,
const struct tfm_sst_asset_attrs_t *attrs);
/**
* \brief Reads asset's data from asset referenced by asset UUID.
*
* \param[in] asset_uuid Asset UUID
+ * \param[in] token Must be set to NULL, reserved for future use.
+ * Pointer to the asset token to be used to generate
+ * the asset key to encrypt and decrypt the asset
+ * data. This is an optional parameter that has to
+ * be NULL in case the token is not provied.
+ * \param[in] token_size Must be set to 0, reserved for future use.
+ * Token size. In case the token is not provided
+ * the token size has to be 0.
* \param[out] data Pointer to data vector \ref tfm_sst_buf_t to store
* data, size and offset
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t tfm_sst_read(uint32_t asset_uuid,
+ const uint8_t* token,
+ uint32_t token_size,
struct tfm_sst_buf_t* data);
/**
* \brief Writes data into an asset referenced by asset UUID.
*
* \param[in] asset_uuid Asset UUID
+ * \param[in] token Must be set to NULL, reserved for future use.
+ * Pointer to the asset token to be used to generate
+ * the asset key to encrypt and decrypt the asset
+ * data. This is an optional parameter that has to
+ * be NULL in case the token is not provied.
+ * \param[in] token_size Must be set to 0, reserved for future use.
+ * Token size. In case the token is not provided
+ * the token size has to be 0.
* \param[in] data Pointer to data vector \ref tfm_sst_buf_t which
* contains the data to write
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t tfm_sst_write(uint32_t asset_uuid,
+ const uint8_t* token,
+ uint32_t token_size,
struct tfm_sst_buf_t* data);
/**
* \brief Deletes the asset referenced by the asset UUID.
*
* \param[in] asset_uuid Asset UUID
+ * \param[in] token Must be set to NULL, reserved for future use.
+ * Pointer to the asset token to be used to generate
+ * the asset key to encrypt and decrypt the asset
+ * data. This is an optional parameter that has to
+ * be NULL in case the token is not provied.
+ * \param[in] token_size Must be set to 0, reserved for future use.
+ * Token size. In case the token is not provided
+ * the token size has to be 0.
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_delete(uint32_t asset_uuid);
+enum tfm_sst_err_t tfm_sst_delete(uint32_t asset_uuid,
+ const uint8_t* token,
+ uint32_t token_size);
#ifdef __cplusplus
}
diff --git a/interface/include/tfm_sst_defs.h b/interface/include/tfm_sst_defs.h
index 52e41b3..5e1f869 100644
--- a/interface/include/tfm_sst_defs.h
+++ b/interface/include/tfm_sst_defs.h
@@ -54,6 +54,24 @@
};
/*!
+ * \struct tfm_sst_token_t
+ *
+ * \brief Structure to store the asset's token.
+ *
+ */
+struct tfm_sst_token_t {
+ const uint8_t *token; /*!< Pointer to the asset's token to be used to
+ * generate the asset key to encrypt and decrypt
+ * the asset data. This is an optional parameter
+ * that has to be NULL in case the token is not
+ * provied.
+ */
+ uint32_t token_size; /*!< Token size. In case the token is not provided
+ * the token size has to be 0.
+ */
+};
+
+/*!
* \struct tfm_sst_buf_t
*
* \brief Structure to store data information to read/write from/to asset.
diff --git a/interface/include/tfm_sst_svc_handler.h b/interface/include/tfm_sst_svc_handler.h
index a43e545..0cfb4ed 100644
--- a/interface/include/tfm_sst_svc_handler.h
+++ b/interface/include/tfm_sst_svc_handler.h
@@ -18,80 +18,94 @@
* \brief SVC funtion to allocate space for the asset, referenced by asset
* UUID, without setting any data in the asset.
*
- * \param[in] asset_uuid Asset UUID
+ * \param[in] asset_uuid Asset UUID \ref tfm_sst_asset_id_t
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
*
* \return Returns an TFM_SST_ERR_SUCCESS if asset is created correctly.
* Otherwise, error code as specified in \ref tfm_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_svc_create(uint32_t asset_uuid);
+enum tfm_sst_err_t tfm_sst_svc_create(uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token);
/**
* \brief SVC funtion to get asset's information referenced by asset UUID.
*
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[out] info Pointer to store the asset's information
* \ref tfm_sst_asset_info_t
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t tfm_sst_svc_get_info(uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_asset_info_t *info);
/**
* \brief SVC funtion to get asset's attributes referenced by asset UUID.
*
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[out] attrs Pointer to store the asset's attributes
* \ref tfm_sst_asset_attrs_t
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t tfm_sst_svc_get_attributes(uint32_t asset_uuid,
- struct tfm_sst_asset_attrs_t *attrs);
+ const struct tfm_sst_token_t *s_token,
+ struct tfm_sst_asset_attrs_t *attrs);
/**
* \brief SVC funtion to set asset's attributes referenced by asset UUID.
*
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[in] attrs Pointer to new the asset's attributes
* \ref tfm_sst_asset_attrs_t
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t tfm_sst_svc_set_attributes(uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
const struct tfm_sst_asset_attrs_t *attrs);
/**
* \brief SVC funtion to read asset's data from asset referenced by asset UUID.
*
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[out] data Pointer to data vector \ref tfm_sst_buf_t to store
* data, size and offset
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t tfm_sst_svc_read(uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t* data);
/**
* \brief SVC funtion to write data into an asset referenced by asset UUID.
*
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[in] data Pointer to data vector \ref tfm_sst_buf_t which
* contains the data to write
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t tfm_sst_svc_write(uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t* data);
/**
* \brief SVC funtion to delete the asset referenced by the asset UUID.
*
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_svc_delete(uint32_t asset_uuid);
+enum tfm_sst_err_t tfm_sst_svc_delete(uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token);
#ifdef __cplusplus
}
diff --git a/interface/include/tfm_sst_veneers.h b/interface/include/tfm_sst_veneers.h
index 033f1cb..95a6b17 100644
--- a/interface/include/tfm_sst_veneers.h
+++ b/interface/include/tfm_sst_veneers.h
@@ -19,7 +19,8 @@
* without setting any data in the asset.
*
* \param[in] app_id Application ID
- * \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
+ * \param[in] asset_uuid Asset UUID \ref tfm_sst_asset_id_t
*
* \return Returns TFM_SST_ERR_SUCCESS if the asset has been created correctly.
* If SST area is not prepared, it returns
@@ -27,47 +28,55 @@
* TFM_SST_ERR_STORAGE_SYSTEM_FULL. If application id doesn't have the
* write rights, it returns TFM_SST_ERR_PERMS_NOT_ALLOWED.
*/
-enum tfm_sst_err_t tfm_sst_veneer_create(uint32_t app_id, uint32_t asset_uuid);
+enum tfm_sst_err_t tfm_sst_veneer_create(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token);
+
/**
* \brief Gets asset's information referenced by asset UUID.
*
* \param[in] app_id Application ID
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[out] info Pointer to store the asset's information
* \ref tfm_sst_asset_info_t
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t tfm_sst_veneer_get_info(uint32_t app_id, uint32_t asset_uuid,
- struct tfm_sst_asset_info_t *info);
+ const struct tfm_sst_token_t *s_token,
+ struct tfm_sst_asset_info_t *info);
/**
* \brief Gets asset's attributes referenced by asset UUID.
*
* \param[in] app_id Application ID
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[out] attrs Pointer to store the asset's attributes
* \ref tfm_sst_asset_attrs_t
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t tfm_sst_veneer_get_attributes(uint32_t app_id,
- uint32_t asset_uuid,
- struct tfm_sst_asset_attrs_t *attrs);
+ uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
+ struct tfm_sst_asset_attrs_t *attrs);
/**
* \brief Sets asset's attributes referenced by asset UUID.
*
* \param[in] app_id Application ID
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[in] attrs Pointer to new the asset's attributes
* \ref tfm_sst_asset_attrs_t
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t tfm_sst_veneer_set_attributes(uint32_t app_id,
- uint32_t asset_uuid,
+ uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
const struct tfm_sst_asset_attrs_t *attrs);
/**
@@ -75,40 +84,46 @@
*
* \param[in] app_id Application ID
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[in/out] data Pointer to data vector \ref tfm_sst_buf_t to
* store data, size and offset
*
* \return Returns the number of bytes written or a castable \ref tfm_sst_err_t
* value
*/
-enum tfm_sst_err_t tfm_sst_veneer_read(uint32_t app_id,
- uint32_t asset_uuid,
+enum tfm_sst_err_t tfm_sst_veneer_read(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t *data);
+
/**
* \brief Writes data into an asset referenced by asset UUID.
*
* \param[in] app_id Application ID
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[in] data Pointer to data vector \ref tfm_sst_buf_t which
* contains the data to write
*
* \return Returns the number of bytes written or a castable \ref tfm_sst_err_t
* value
*/
-enum tfm_sst_err_t tfm_sst_veneer_write(uint32_t app_id,
- uint32_t asset_uuid,
+enum tfm_sst_err_t tfm_sst_veneer_write(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t *data);
+
/**
* \brief Deletes the asset referenced by the asset UUID.
*
* \param[in] app_id Application ID
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
*
* \return Returns TFM_SST_ERR_PERMS_NOT_ALLOWED if the asset can't be deleted
* to by this app ID. Returns TFM_SST_ERR_ASSET_REF_INVALID, if asset
* no longer exists. Otherwise, TFM_SST_ERR_SUCCESS.
*/
-enum tfm_sst_err_t tfm_sst_veneer_delete(uint32_t app_id, uint32_t asset_uuid);
+enum tfm_sst_err_t tfm_sst_veneer_delete(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token);
#ifdef __cplusplus
}
diff --git a/interface/src/tfm_sst_api.c b/interface/src/tfm_sst_api.c
index d363c0a..ab47fd8 100644
--- a/interface/src/tfm_sst_api.c
+++ b/interface/src/tfm_sst_api.c
@@ -8,70 +8,125 @@
#include "tfm_sst_defs.h"
#include "tfm_ns_lock.h"
-enum tfm_sst_err_t tfm_sst_create(uint32_t asset_uuid)
+enum tfm_sst_err_t tfm_sst_create(uint32_t asset_uuid, const uint8_t* token,
+ uint32_t token_size)
{
+ struct tfm_sst_token_t s_token;
+
+ /* Pack the token information in the token structure */
+ s_token.token = token;
+ s_token.token_size = token_size;
+
return tfm_ns_lock_svc_dispatch(SVC_TFM_SST_CREATE,
asset_uuid,
- 0,
+ (uint32_t)&s_token,
0,
0);
}
enum tfm_sst_err_t tfm_sst_get_info(uint32_t asset_uuid,
+ const uint8_t* token,
+ uint32_t token_size,
struct tfm_sst_asset_info_t *info)
{
+ struct tfm_sst_token_t s_token;
+
+ /* Pack the token information in the token structure */
+ s_token.token = token;
+ s_token.token_size = token_size;
+
return tfm_ns_lock_svc_dispatch(SVC_TFM_SST_GET_INFO,
asset_uuid,
+ (uint32_t)&s_token,
(uint32_t)info,
- 0,
0);
}
enum tfm_sst_err_t tfm_sst_get_attributes(uint32_t asset_uuid,
+ const uint8_t* token,
+ uint32_t token_size,
struct tfm_sst_asset_attrs_t *attrs)
{
+ struct tfm_sst_token_t s_token;
+
+ /* Pack the token information in the token structure */
+ s_token.token = token;
+ s_token.token_size = token_size;
+
return tfm_ns_lock_svc_dispatch(SVC_TFM_SST_GET_ATTRIBUTES,
asset_uuid,
+ (uint32_t)&s_token,
(uint32_t)attrs,
- 0,
0);
}
enum tfm_sst_err_t tfm_sst_set_attributes(uint32_t asset_uuid,
+ const uint8_t* token,
+ uint32_t token_size,
const struct tfm_sst_asset_attrs_t *attrs)
{
+ struct tfm_sst_token_t s_token;
+
+ /* Pack the token information in the token structure */
+ s_token.token = token;
+ s_token.token_size = token_size;
+
return tfm_ns_lock_svc_dispatch(SVC_TFM_SST_SET_ATTRIBUTES,
asset_uuid,
+ (uint32_t)&s_token,
(uint32_t)attrs,
- 0,
0);
}
enum tfm_sst_err_t tfm_sst_read(uint32_t asset_uuid,
+ const uint8_t* token,
+ uint32_t token_size,
struct tfm_sst_buf_t* data)
{
+ struct tfm_sst_token_t s_token;
+
+ /* Pack the token information in the token structure */
+ s_token.token = token;
+ s_token.token_size = token_size;
+
return tfm_ns_lock_svc_dispatch(SVC_TFM_SST_READ,
asset_uuid,
+ (uint32_t)&s_token,
(uint32_t)data,
- 0,
0);
}
enum tfm_sst_err_t tfm_sst_write(uint32_t asset_uuid,
+ const uint8_t* token,
+ uint32_t token_size,
struct tfm_sst_buf_t* data)
{
+ struct tfm_sst_token_t s_token;
+
+ /* Pack the token information in the token structure */
+ s_token.token = token;
+ s_token.token_size = token_size;
+
return tfm_ns_lock_svc_dispatch(SVC_TFM_SST_WRITE,
asset_uuid,
+ (uint32_t)&s_token,
(uint32_t)data,
- 0,
0);
}
-enum tfm_sst_err_t tfm_sst_delete(uint32_t asset_uuid)
+enum tfm_sst_err_t tfm_sst_delete(uint32_t asset_uuid,
+ const uint8_t* token,
+ uint32_t token_size)
{
+ struct tfm_sst_token_t s_token;
+
+ /* Pack the token information in the token structure */
+ s_token.token = token;
+ s_token.token_size = token_size;
+
return tfm_ns_lock_svc_dispatch(SVC_TFM_SST_DELETE,
asset_uuid,
- 0,
+ (uint32_t)&s_token,
0,
0);
}
diff --git a/interface/src/tfm_sst_svc_handler.c b/interface/src/tfm_sst_svc_handler.c
index beab20d..8277169c 100644
--- a/interface/src/tfm_sst_svc_handler.c
+++ b/interface/src/tfm_sst_svc_handler.c
@@ -11,70 +11,77 @@
#include "tfm_id_mngr.h"
/* SVC function implementations */
-enum tfm_sst_err_t tfm_sst_svc_create(uint32_t asset_uuid)
+enum tfm_sst_err_t tfm_sst_svc_create(uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token)
{
uint32_t app_id;
app_id = tfm_sst_get_cur_id();
- return tfm_sst_veneer_create(app_id, asset_uuid);
+ return tfm_sst_veneer_create(app_id, asset_uuid, s_token);
}
enum tfm_sst_err_t tfm_sst_svc_get_info(uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_asset_info_t *info)
{
uint32_t app_id;
app_id = tfm_sst_get_cur_id();
- return tfm_sst_veneer_get_info(app_id, asset_uuid, info);
+ return tfm_sst_veneer_get_info(app_id, asset_uuid, s_token, info);
}
enum tfm_sst_err_t tfm_sst_svc_get_attributes(uint32_t asset_uuid,
- struct tfm_sst_asset_attrs_t *attrs)
+ const struct tfm_sst_token_t *s_token,
+ struct tfm_sst_asset_attrs_t *attrs)
{
uint32_t app_id;
app_id = tfm_sst_get_cur_id();
- return tfm_sst_veneer_get_attributes(app_id, asset_uuid, attrs);
+ return tfm_sst_veneer_get_attributes(app_id, asset_uuid, s_token, attrs);
}
enum tfm_sst_err_t tfm_sst_svc_set_attributes(uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
const struct tfm_sst_asset_attrs_t *attrs)
{
uint32_t app_id;
app_id = tfm_sst_get_cur_id();
- return tfm_sst_veneer_set_attributes(app_id, asset_uuid, attrs);
+ return tfm_sst_veneer_set_attributes(app_id, asset_uuid, s_token, attrs);
}
enum tfm_sst_err_t tfm_sst_svc_read(uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t* data)
{
uint32_t app_id;
app_id = tfm_sst_get_cur_id();
- return tfm_sst_veneer_read(app_id, asset_uuid, data);
+ return tfm_sst_veneer_read(app_id, asset_uuid, s_token, data);
}
enum tfm_sst_err_t tfm_sst_svc_write(uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t* data)
{
uint32_t app_id;
app_id = tfm_sst_get_cur_id();
- return tfm_sst_veneer_write(app_id, asset_uuid, data);
+ return tfm_sst_veneer_write(app_id, asset_uuid, s_token, data);
}
-enum tfm_sst_err_t tfm_sst_svc_delete(uint32_t asset_uuid)
+enum tfm_sst_err_t tfm_sst_svc_delete(uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token)
{
uint32_t app_id;
app_id = tfm_sst_get_cur_id();
- return tfm_sst_veneer_delete(app_id, asset_uuid);
+ return tfm_sst_veneer_delete(app_id, asset_uuid, s_token);
}
diff --git a/secure_fw/ns_callable/tfm_sst_veneers.c b/secure_fw/ns_callable/tfm_sst_veneers.c
index 6d6027d..15f838b 100644
--- a/secure_fw/ns_callable/tfm_sst_veneers.c
+++ b/secure_fw/ns_callable/tfm_sst_veneers.c
@@ -12,59 +12,66 @@
#include "secure_fw/spm/spm_partition_defs.h"
__tfm_secure_gateway_attributes__
-enum tfm_sst_err_t tfm_sst_veneer_create(uint32_t app_id, uint32_t asset_uuid)
+enum tfm_sst_err_t tfm_sst_veneer_create(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token)
{
TFM_CORE_SFN_REQUEST(TFM_SP_STORAGE_ID, sst_am_create,
- app_id, asset_uuid, 0, 0);
+ app_id, asset_uuid, s_token, 0);
}
__tfm_secure_gateway_attributes__
enum tfm_sst_err_t tfm_sst_veneer_get_info(uint32_t app_id, uint32_t asset_uuid,
- struct tfm_sst_asset_info_t *info)
+ const struct tfm_sst_token_t *s_token,
+ struct tfm_sst_asset_info_t *info)
{
TFM_CORE_SFN_REQUEST(TFM_SP_STORAGE_ID, sst_am_get_info,
- app_id, asset_uuid, info, 0);
+ app_id, asset_uuid, s_token, info);
}
__tfm_secure_gateway_attributes__
enum tfm_sst_err_t tfm_sst_veneer_get_attributes(uint32_t app_id,
uint32_t asset_uuid,
- struct tfm_sst_asset_attrs_t *attrs)
+ const struct tfm_sst_token_t *s_token,
+ struct tfm_sst_asset_attrs_t *attrs)
{
TFM_CORE_SFN_REQUEST(TFM_SP_STORAGE_ID, sst_am_get_attributes,
- app_id, asset_uuid, attrs, 0);
+ app_id, asset_uuid, s_token, attrs);
}
__tfm_secure_gateway_attributes__
enum tfm_sst_err_t tfm_sst_veneer_set_attributes(uint32_t app_id,
uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
const struct tfm_sst_asset_attrs_t *attrs)
{
TFM_CORE_SFN_REQUEST(TFM_SP_STORAGE_ID, sst_am_set_attributes,
- app_id, asset_uuid, attrs, 0);
+ app_id, asset_uuid, s_token, attrs);
}
__tfm_secure_gateway_attributes__
enum tfm_sst_err_t tfm_sst_veneer_read(uint32_t app_id,
uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t *data)
{
TFM_CORE_SFN_REQUEST(TFM_SP_STORAGE_ID, sst_am_read, app_id,
- asset_uuid, data, 0);
+ asset_uuid, s_token, data);
}
__tfm_secure_gateway_attributes__
enum tfm_sst_err_t tfm_sst_veneer_write(uint32_t app_id,
uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t *data)
{
TFM_CORE_SFN_REQUEST(TFM_SP_STORAGE_ID, sst_am_write, app_id,
- asset_uuid, data, 0);
+ asset_uuid, s_token, data);
}
__tfm_secure_gateway_attributes__
-enum tfm_sst_err_t tfm_sst_veneer_delete(uint32_t app_id, uint32_t asset_uuid)
+enum tfm_sst_err_t tfm_sst_veneer_delete(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token)
{
TFM_CORE_SFN_REQUEST(TFM_SP_STORAGE_ID, sst_am_delete, app_id,
- asset_uuid, 0, 0);
+ asset_uuid, s_token, 0);
}
diff --git a/secure_fw/services/secure_storage/sst_asset_management.c b/secure_fw/services/secure_storage/sst_asset_management.c
index e38b67b..3acf6ce 100644
--- a/secure_fw/services/secure_storage/sst_asset_management.c
+++ b/secure_fw/services/secure_storage/sst_asset_management.c
@@ -268,8 +268,8 @@
return bound_check;
}
-enum tfm_sst_err_t sst_am_get_info(uint32_t app_id,
- uint32_t asset_uuid,
+enum tfm_sst_err_t sst_am_get_info(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_asset_info_t *info)
{
enum tfm_sst_err_t bound_check;
@@ -290,7 +290,7 @@
return TFM_SST_ERR_ASSET_NOT_FOUND;
}
- err = sst_object_get_info(asset_uuid, &tmp_info);
+ err = sst_object_get_info(asset_uuid, s_token, &tmp_info);
if (err == TFM_SST_ERR_SUCCESS) {
/* Use tmp_info to not leak information in case the previous function
* returns and error. It avoids to leak information in case of error.
@@ -303,8 +303,8 @@
return err;
}
-enum tfm_sst_err_t sst_am_get_attributes(uint32_t app_id,
- uint32_t asset_uuid,
+enum tfm_sst_err_t sst_am_get_attributes(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_asset_attrs_t *attrs)
{
uint8_t all_perms = SST_PERM_REFERENCE | SST_PERM_READ | SST_PERM_WRITE;
@@ -325,7 +325,7 @@
return TFM_SST_ERR_ASSET_NOT_FOUND;
}
- err = sst_object_get_attributes(asset_uuid, &tmp_attrs);
+ err = sst_object_get_attributes(asset_uuid, s_token, &tmp_attrs);
if (err == TFM_SST_ERR_SUCCESS) {
/* Use tmp_attrs to not leak information incase the previous function
* returns and error. It avoids to leak information in case of error.
@@ -338,8 +338,8 @@
return err;
}
-enum tfm_sst_err_t sst_am_set_attributes(uint32_t app_id,
- uint32_t asset_uuid,
+enum tfm_sst_err_t sst_am_set_attributes(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
const struct tfm_sst_asset_attrs_t *attrs)
{
uint8_t all_perms = SST_PERM_REFERENCE | SST_PERM_READ | SST_PERM_WRITE;
@@ -370,12 +370,13 @@
/* FIXME: Check which bit attributes have been changed and check if those
* can be modified or not.
*/
- err = sst_object_set_attributes(asset_uuid, attrs);
+ err = sst_object_set_attributes(asset_uuid, s_token, attrs);
return err;
}
-enum tfm_sst_err_t sst_am_create(uint32_t app_id, uint32_t asset_uuid)
+enum tfm_sst_err_t sst_am_create(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token)
{
enum tfm_sst_err_t err;
struct sst_asset_policy_t *db_entry;
@@ -385,12 +386,14 @@
return TFM_SST_ERR_ASSET_NOT_FOUND;
}
- err = sst_object_create(asset_uuid, db_entry->type, db_entry->max_size);
+ err = sst_object_create(asset_uuid, s_token, db_entry->type,
+ db_entry->max_size);
return err;
}
enum tfm_sst_err_t sst_am_read(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t *data)
{
struct tfm_sst_buf_t local_data;
@@ -416,13 +419,14 @@
}
#endif
- err = sst_object_read(asset_uuid, local_data.data,
+ err = sst_object_read(asset_uuid, s_token, local_data.data,
local_data.offset, local_data.size);
return err;
}
enum tfm_sst_err_t sst_am_write(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
const struct tfm_sst_buf_t *data)
{
struct tfm_sst_buf_t local_data;
@@ -456,13 +460,14 @@
}
#endif
- err = sst_object_write(asset_uuid, local_data.data,
+ err = sst_object_write(asset_uuid, s_token, local_data.data,
local_data.offset, local_data.size);
return err;
}
-enum tfm_sst_err_t sst_am_delete(uint32_t app_id, uint32_t asset_uuid)
+enum tfm_sst_err_t sst_am_delete(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token)
{
enum tfm_sst_err_t err;
struct sst_asset_policy_t *db_entry;
@@ -472,7 +477,7 @@
return TFM_SST_ERR_ASSET_NOT_FOUND;
}
- err = sst_object_delete(asset_uuid);
+ err = sst_object_delete(asset_uuid, s_token);
return err;
}
diff --git a/secure_fw/services/secure_storage/sst_asset_management.h b/secure_fw/services/secure_storage/sst_asset_management.h
index 44a7a00..34ff46e 100644
--- a/secure_fw/services/secure_storage/sst_asset_management.h
+++ b/secure_fw/services/secure_storage/sst_asset_management.h
@@ -51,25 +51,27 @@
* without setting any data in the asset.
*
* \param[in] app_id Application ID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[in] asset_uuid Asset UUID
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
-enum tfm_sst_err_t sst_am_create(uint32_t app_id,
- uint32_t asset_uuid);
+enum tfm_sst_err_t sst_am_create(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token);
/**
* \brief Gets the asset's info referenced by asset UUID.
*
* \param[in] app_id Application ID
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[out] info Pointer to store the asset's information
* \ref tfm_sst_asset_info_t
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
-enum tfm_sst_err_t sst_am_get_info(uint32_t app_id,
- uint32_t asset_uuid,
+enum tfm_sst_err_t sst_am_get_info(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_asset_info_t *info);
/**
@@ -77,13 +79,14 @@
*
* \param[in] app_id Application ID
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[out] attrs Pointer to store the asset's attributes
* \ref tfm_sst_asset_attrs_t
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
-enum tfm_sst_err_t sst_am_get_attributes(uint32_t app_id,
- uint32_t asset_uuid,
+enum tfm_sst_err_t sst_am_get_attributes(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_asset_attrs_t *attrs);
/**
@@ -91,13 +94,14 @@
*
* \param[in] app_id Application ID
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[in] attrs Pointer to new the asset's attributes
* \ref tfm_sst_asset_attrs_t
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
-enum tfm_sst_err_t sst_am_set_attributes(uint32_t app_id,
- uint32_t asset_uuid,
+enum tfm_sst_err_t sst_am_set_attributes(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
const struct tfm_sst_asset_attrs_t *attrs);
/**
@@ -105,13 +109,14 @@
*
* \param[in] app_id Application ID
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[out] data Pointer to data vector \ref tfm_sst_buf_t to store
* data, size and offset
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
-enum tfm_sst_err_t sst_am_read(uint32_t app_id,
- uint32_t asset_uuid,
+enum tfm_sst_err_t sst_am_read(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t *data);
/**
@@ -119,13 +124,14 @@
*
* \param[in] app_id Application ID
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[in] data Pointer to data vector \ref tfm_sst_buf_t which
* contains the data to write
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
-enum tfm_sst_err_t sst_am_write(uint32_t app_id,
- uint32_t asset_uuid,
+enum tfm_sst_err_t sst_am_write(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token,
const struct tfm_sst_buf_t *data);
/**
@@ -133,10 +139,12 @@
*
* \param[in] app_id Application ID
* \param[in] asset_uuid Asset UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
-enum tfm_sst_err_t sst_am_delete(uint32_t app_id, uint32_t asset_uuid);
+enum tfm_sst_err_t sst_am_delete(uint32_t app_id, uint32_t asset_uuid,
+ const struct tfm_sst_token_t *s_token);
#ifdef __cplusplus
}
diff --git a/secure_fw/services/secure_storage/sst_encrypted_object.c b/secure_fw/services/secure_storage/sst_encrypted_object.c
index 2be6a13..99cd7f3 100644
--- a/secure_fw/services/secure_storage/sst_encrypted_object.c
+++ b/secure_fw/services/secure_storage/sst_encrypted_object.c
@@ -136,10 +136,16 @@
}
enum tfm_sst_err_t sst_encrypted_object_create(uint32_t uuid,
- struct sst_object_t *obj)
+ const struct tfm_sst_token_t *s_token,
+ struct sst_object_t *obj)
{
enum tfm_sst_err_t err;
+ /* FIXME: The token structure needs to be used when the key derivation
+ * mechanism is in place to generate the specific object key.
+ */
+ (void)s_token;
+
/* Create an object in the object system */
err = sst_core_object_create(uuid,
SST_ENCRYPTED_SIZE(obj->header.info.size_max));
@@ -165,18 +171,25 @@
* \brief Reads and decrypts data from the object referenced by the object
* UUID into the sst_plaintext_buf buffer.
*
- * \param[in] uuid Object UUID
- * \param[out] obj Pointer to the object structure to fill in
+ * \param[in] uuid Object UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
+ * \param[out] obj Pointer to the object structure to fill in
*
* \return Returns error code specified in \ref tfm_sst_err_t
*/
static enum tfm_sst_err_t sst_read_encrypted_object(uint32_t uuid,
- struct sst_object_t *obj)
+ const struct tfm_sst_token_t *s_token,
+ struct sst_object_t *obj)
{
enum tfm_sst_err_t err;
struct sst_core_obj_info_t obj_info;
uint32_t plaintext_size;
+ /* FIXME: The token structure needs to be used when the key derivation
+ * mechanism is in place to generate the specific object key.
+ */
+ (void)s_token;
+
/* Get the current size of the encrypted object in the object system */
err = sst_core_object_get_info(uuid, &obj_info);
if (err != TFM_SST_ERR_SUCCESS) {
@@ -207,11 +220,12 @@
}
enum tfm_sst_err_t sst_encrypted_object_read(uint32_t uuid,
- struct sst_object_t *obj)
+ const struct tfm_sst_token_t *s_token,
+ struct sst_object_t *obj)
{
enum tfm_sst_err_t err;
- err = sst_read_encrypted_object(uuid, obj);
+ err = sst_read_encrypted_object(uuid, s_token, obj);
if (err != TFM_SST_ERR_SUCCESS) {
return err;
}
@@ -220,10 +234,16 @@
}
enum tfm_sst_err_t sst_encrypted_object_write(uint32_t uuid,
- struct sst_object_t *obj)
+ const struct tfm_sst_token_t *s_token,
+ struct sst_object_t *obj)
{
enum tfm_sst_err_t err;
+ /* FIXME: The token structure needs to be used when the key derivation
+ * mechanism is in place to generate the specific object key.
+ */
+ (void)s_token;
+
/* Encrypt the object data */
err = sst_object_auth_encrypt(obj->header.info.size_current, obj);
if (err != TFM_SST_ERR_SUCCESS) {
diff --git a/secure_fw/services/secure_storage/sst_encrypted_object.h b/secure_fw/services/secure_storage/sst_encrypted_object.h
index 48cdecf..b0d63f4 100644
--- a/secure_fw/services/secure_storage/sst_encrypted_object.h
+++ b/secure_fw/services/secure_storage/sst_encrypted_object.h
@@ -19,8 +19,9 @@
/**
* \brief Creates a new encrypted object.
*
- * \param[in] uuid Object UUID
- * \param[in/out] obj Pointer to the object structure to be created.
+ * \param[in] uuid Object UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
+ * \param[in/out] obj Pointer to the object structure to be created.
*
* Note: The function will use obj to store the encrypted data before write it
* into the flash to reduce the memory requirements and the number of
@@ -30,24 +31,28 @@
* \return Returns error code specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t sst_encrypted_object_create(uint32_t uuid,
- struct sst_object_t *obj);
+ const struct tfm_sst_token_t *s_token,
+ struct sst_object_t *obj);
/**
* \brief Reads object referenced by the object UUID
*
- * \param[in] uuid Object UUID
- * \param[out] obj Pointer to the object structure to fill in
+ * \param[in] uuid Object UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
+ * \param[out] obj Pointer to the object structure to fill in
*
* \return Returns error code specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t sst_encrypted_object_read(uint32_t uuid,
- struct sst_object_t *obj);
+ const struct tfm_sst_token_t *s_token,
+ struct sst_object_t *obj);
/**
* \brief Writes object referenced by the object UUID.
*
- * \param[in] uuid Object UUID
- * \param[in/out] obj Pointer to the object structure to write.
+ * \param[in] uuid Object UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
+ * \param[in/out] obj Pointer to the object structure to write.
*
* Note: The function will use obj to store the encrypted data before write it
* into the flash to reduce the memory requirements and the number of
@@ -57,7 +62,8 @@
* \return Returns error code specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t sst_encrypted_object_write(uint32_t uuid,
- struct sst_object_t *obj);
+ const struct tfm_sst_token_t *s_token,
+ struct sst_object_t *obj);
#ifdef __cplusplus
}
diff --git a/secure_fw/services/secure_storage/sst_object_system.c b/secure_fw/services/secure_storage/sst_object_system.c
index 62c77f9..ff54401 100644
--- a/secure_fw/services/secure_storage/sst_object_system.c
+++ b/secure_fw/services/secure_storage/sst_object_system.c
@@ -66,11 +66,17 @@
return err;
}
-enum tfm_sst_err_t sst_object_read(uint32_t uuid, uint8_t *data,
- uint32_t offset, uint32_t size)
+enum tfm_sst_err_t sst_object_read(uint32_t uuid,
+ const struct tfm_sst_token_t *s_token,
+ uint8_t *data, uint32_t offset,
+ uint32_t size)
{
enum tfm_sst_err_t err = TFM_SST_ERR_SYSTEM_ERROR;
+#ifndef SST_ENCRYPTION
+ (void)s_token;
+#endif
+
#ifndef SST_ENABLE_PARTIAL_ASSET_RW
(void)offset;
#endif
@@ -79,11 +85,10 @@
sst_global_lock();
#ifdef SST_ENCRYPTION
- err = sst_encrypted_object_read(uuid, &g_sst_object);
+ err = sst_encrypted_object_read(uuid, s_token, &g_sst_object);
#else
/* Read object header */
- err = sst_core_object_read(uuid,
- (uint8_t *)&g_sst_object.header,
+ err = sst_core_object_read(uuid, (uint8_t *)&g_sst_object.header,
SST_OBJECT_START_POSITION,
SST_OBJECT_HEADER_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
@@ -116,7 +121,6 @@
sst_utils_memcpy(data, g_sst_object.data, size);
#endif
-
sst_global_unlock();
}
@@ -124,10 +128,15 @@
}
enum tfm_sst_err_t sst_object_create(uint32_t uuid,
+ const struct tfm_sst_token_t *s_token,
uint32_t type, uint32_t size)
{
enum tfm_sst_err_t err = TFM_SST_ERR_SYSTEM_ERROR;
+#ifndef SST_ENCRYPTION
+ (void)s_token;
+#endif
+
if (sst_system_ready == SST_SYSTEM_READY) {
sst_global_lock();
/* Check if it already exists */
@@ -137,20 +146,18 @@
sst_object_init_object(uuid, type, size, &g_sst_object);
#ifdef SST_ENCRYPTION
- err = sst_encrypted_object_create(uuid, &g_sst_object);
+ err = sst_encrypted_object_create(uuid, s_token, &g_sst_object);
#else
/* FixMe: This is an inefficient way to write the object header.
* The create function should allow to write content
* in the object.
*/
- err = sst_core_object_create(uuid,
- SST_OBJECT_SIZE(size));
+ err = sst_core_object_create(uuid, SST_OBJECT_SIZE(size));
if (err != TFM_SST_ERR_SUCCESS) {
return err;
}
- err = sst_core_object_write(uuid,
- (uint8_t *)&g_sst_object,
+ err = sst_core_object_write(uuid, (uint8_t *)&g_sst_object,
SST_OBJECT_START_POSITION,
SST_OBJECT_HEADER_SIZE);
#endif
@@ -162,26 +169,29 @@
}
enum tfm_sst_err_t sst_object_write(uint32_t uuid,
+ const struct tfm_sst_token_t *s_token,
const uint8_t *data, uint32_t offset,
uint32_t size)
{
enum tfm_sst_err_t err = TFM_SST_ERR_SYSTEM_ERROR;
+#ifndef SST_ENCRYPTION
+ (void)s_token;
+#endif
+
#ifndef SST_ENABLE_PARTIAL_ASSET_RW
(void)offset;
#endif
-
if (sst_system_ready == SST_SYSTEM_READY) {
sst_global_lock();
/* Read the object from the object system */
#ifdef SST_ENCRYPTION
- err = sst_encrypted_object_read(uuid, &g_sst_object);
+ err = sst_encrypted_object_read(uuid, s_token, &g_sst_object);
#else
/* Read object header */
- err = sst_core_object_read(uuid,
- (uint8_t *)&g_sst_object.header,
+ err = sst_core_object_read(uuid, (uint8_t *)&g_sst_object.header,
SST_OBJECT_START_POSITION,
SST_OBJECT_HEADER_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
@@ -226,7 +236,7 @@
#endif
#ifdef SST_ENCRYPTION
- err = sst_encrypted_object_write(uuid, &g_sst_object);
+ err = sst_encrypted_object_write(uuid, s_token, &g_sst_object);
#else
err = sst_core_object_write(uuid, (uint8_t *)&g_sst_object,
SST_OBJECT_START_POSITION,
@@ -240,16 +250,21 @@
}
enum tfm_sst_err_t sst_object_get_info(uint32_t uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_asset_info_t *info)
{
enum tfm_sst_err_t err = TFM_SST_ERR_SYSTEM_ERROR;
+#ifndef SST_ENCRYPTION
+ (void)s_token;
+#endif
+
if (sst_system_ready == SST_SYSTEM_READY) {
sst_global_lock();
/* Read the object from the object system */
#ifdef SST_ENCRYPTION
- err = sst_encrypted_object_read(uuid, &g_sst_object);
+ err = sst_encrypted_object_read(uuid, s_token, &g_sst_object);
#else
err = sst_core_object_read(uuid, (uint8_t *)&g_sst_object,
SST_OBJECT_START_POSITION,
@@ -269,16 +284,21 @@
}
enum tfm_sst_err_t sst_object_get_attributes(uint32_t uuid,
- struct tfm_sst_asset_attrs_t *attrs)
+ const struct tfm_sst_token_t *s_token,
+ struct tfm_sst_asset_attrs_t *attrs)
{
enum tfm_sst_err_t err = TFM_SST_ERR_SYSTEM_ERROR;
+#ifndef SST_ENCRYPTION
+ (void)s_token;
+#endif
+
if (sst_system_ready == SST_SYSTEM_READY) {
sst_global_lock();
/* Read the object from the object system */
#ifdef SST_ENCRYPTION
- err = sst_encrypted_object_read(uuid, &g_sst_object);
+ err = sst_encrypted_object_read(uuid, s_token, &g_sst_object);
#else
err = sst_core_object_read(uuid, (uint8_t *)&g_sst_object,
SST_OBJECT_START_POSITION,
@@ -298,16 +318,21 @@
}
enum tfm_sst_err_t sst_object_set_attributes(uint32_t uuid,
+ const struct tfm_sst_token_t *s_token,
const struct tfm_sst_asset_attrs_t *attrs)
{
enum tfm_sst_err_t err = TFM_SST_ERR_SYSTEM_ERROR;
+#ifndef SST_ENCRYPTION
+ (void)s_token;
+#endif
+
if (sst_system_ready == SST_SYSTEM_READY) {
sst_global_lock();
/* Read the object from the object system */
#ifdef SST_ENCRYPTION
- err = sst_encrypted_object_read(uuid, &g_sst_object);
+ err = sst_encrypted_object_read(uuid, s_token, &g_sst_object);
#else
err = sst_core_object_read(uuid, (uint8_t *)&g_sst_object,
SST_OBJECT_START_POSITION,
@@ -322,7 +347,7 @@
attrs, TFM_SST_ASSET_ATTR_SIZE);
#ifdef SST_ENCRYPTION
- err = sst_encrypted_object_write(uuid, &g_sst_object);
+ err = sst_encrypted_object_write(uuid, s_token, &g_sst_object);
#else
err = sst_core_object_write(uuid, (uint8_t *)&g_sst_object,
SST_OBJECT_START_POSITION,
@@ -335,11 +360,13 @@
return err;
}
-enum tfm_sst_err_t sst_object_delete(uint32_t uuid)
+enum tfm_sst_err_t sst_object_delete(uint32_t uuid,
+ const struct tfm_sst_token_t *s_token)
{
enum tfm_sst_err_t err = TFM_SST_ERR_SYSTEM_ERROR;
/* FIXME: Authenticate object data to validate token before delete it. */
+ (void)s_token;
if (sst_system_ready == SST_SYSTEM_READY) {
sst_global_lock();
diff --git a/secure_fw/services/secure_storage/sst_object_system.h b/secure_fw/services/secure_storage/sst_object_system.h
index aabec84..e840901 100644
--- a/secure_fw/services/secure_storage/sst_object_system.h
+++ b/secure_fw/services/secure_storage/sst_object_system.h
@@ -27,84 +27,98 @@
/**
* \brief Creates a new object with given object UUID.
*
- * \param[in] uuid Object UUID
- * \param[in] type Object type
- * \param[in] size Object size
+ * \param[in] uuid Object UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
+ * \param[in] type Object type
+ * \param[in] size Object size
*
* \return Returns error code specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t sst_object_create(uint32_t uuid,
+ const struct tfm_sst_token_t *s_token,
uint32_t type, uint32_t size);
/**
* \brief Gets object's data referenced by object UUID, and stores it
* in the data buffer.
*
- * \param[in] uuid Object UUID
- * \param[out] data Data buffer to store the object data
- * \param[in] offset Offset from where the read is going to start
- * \param[in] size Data buffer size
+ * \param[in] uuid Object UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
+ * \param[out] data Data buffer to store the object data
+ * \param[in] offset Offset from where the read is going to start
+ * \param[in] size Data buffer size
*
* \return Returns error code specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t sst_object_read(uint32_t uuid,
+ const struct tfm_sst_token_t *s_token,
uint8_t *data, uint32_t offset,
uint32_t size);
/**
* \brief Writes data into the object referenced by object UUID.
*
- * \param[in] uuid Object UUID
- * \param[in] data Data buffer to write into object object
- * \param[in] offset Offset from where the write is going to start
- * \param[in] size Data buffer size
+ * \param[in] uuid Object UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
+ * \param[in] data Data buffer to write into object object
+ * \param[in] offset Offset from where the write is going to start
+ * \param[in] size Data buffer size
*
* \return Returns number of bytes read or a relevant error \ref tfm_sst_err_t
*/
enum tfm_sst_err_t sst_object_write(uint32_t uuid,
+ const struct tfm_sst_token_t *s_token,
const uint8_t *data, uint32_t offset,
uint32_t size);
/**
* \brief Deletes the object referenced by object UUID.
*
* \param[in] uuid Object UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
*
* \return Returns error code specified in \ref tfm_sst_err_t
*/
-enum tfm_sst_err_t sst_object_delete(uint32_t uuid);
+enum tfm_sst_err_t sst_object_delete(uint32_t uuid,
+ const struct tfm_sst_token_t *s_token);
/**
* \brief Gets the object information referenced by object UUID.
*
- * \param[in] uuid Object UUID
- * \param[out] info Pointer to store the object's information
- * \ref struct tfm_sst_asset_info_t
+ * \param[in] uuid Object UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
+ * \param[out] info Pointer to store the object's information
+ * \ref struct tfm_sst_asset_info_t
*
* \return Returns error code specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t sst_object_get_info(uint32_t uuid,
+ const struct tfm_sst_token_t *s_token,
struct tfm_sst_asset_info_t *info);
/**
* \brief Gets the object attributes referenced by object UUID.
*
- * \param[in] uuid Object UUID
- * \param[out] attrs Pointer to store the object's attributes
- * \ref tfm_sst_asset_attrs_t
+ * \param[in] uuid Object UUID
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
+ * \param[out] attrs Pointer to store the object's attributes
+ * \ref tfm_sst_asset_attrs_t
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t sst_object_get_attributes(uint32_t uuid,
- struct tfm_sst_asset_attrs_t *attrs);
+ const struct tfm_sst_token_t *s_token,
+ struct tfm_sst_asset_attrs_t *attrs);
/**
* \brief Sets the specific object attributes referenced by object UUID.
*
- * \param[in] uuid Object UUID \ref tfm_sst_asset_id_t
- * \param[in] attrs Pointer to new the object's attributes
- * \ref tfm_sst_asset_attrs_t
+ * \param[in] uuid Object UUID \ref tfm_sst_token_t
+ * \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
+ * \param[in] attrs Pointer to new the object's attributes
+ * \ref tfm_sst_asset_attrs_t
*
* \return Returns error code as specified in \ref tfm_sst_err_t
*/
enum tfm_sst_err_t sst_object_set_attributes(uint32_t uuid,
+ const struct tfm_sst_token_t *s_token,
const struct tfm_sst_asset_attrs_t *attrs);
/**
diff --git a/test/suites/sst/non_secure/sst_ns_interface_testsuite.c b/test/suites/sst/non_secure/sst_ns_interface_testsuite.c
index 57964c4..201d4f9 100644
--- a/test/suites/sst/non_secure/sst_ns_interface_testsuite.c
+++ b/test/suites/sst/non_secure/sst_ns_interface_testsuite.c
@@ -22,6 +22,10 @@
#define READ_BUF_SIZE 14UL
#define WRITE_BUF_SIZE 5UL
+/* Define default asset's token */
+#define ASSET_TOKEN NULL
+#define ASSET_TOKEN_SIZE 0
+
/* Memory bounds to check */
#define ROM_ADDR_LOCATION 0x00000000
#define DEV_ADDR_LOCATION 0x40000000
@@ -190,28 +194,28 @@
enum tfm_sst_err_t err;
/* Checks write permissions in create function */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_C");
return;
}
/* Attempts to create the asset a second time */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Should not fail to create an already-created asset");
return;
}
/* Calls create with invalid asset ID */
- err = tfm_sst_create(INVALID_ASSET_ID);
+ err = tfm_sst_create(INVALID_ASSET_ID, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Create should fail for invalid ASSET ID");
return;
}
/* Calls delete asset to clean up SST area for next test */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -229,7 +233,7 @@
enum tfm_sst_err_t err;
/* Calls create function with an invalid thread name */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Create should not succeed with an invalid thread name");
return;
@@ -286,7 +290,7 @@
enum tfm_sst_err_t err;
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_C");
return;
@@ -295,7 +299,7 @@
/* Calls get information with valid application ID and
* attributes struct pointer
*/
- err = tfm_sst_get_info(asset_uuid,
+ err = tfm_sst_get_info(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&asset_info);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Thread_C should read the information of this asset");
@@ -314,7 +318,9 @@
}
/* Calls get_attributes with invalid asset ID */
- err = tfm_sst_get_info(INVALID_ASSET_ID, &asset_info);
+ err = tfm_sst_get_info(INVALID_ASSET_ID, ASSET_TOKEN,
+ ASSET_TOKEN_SIZE, &asset_info);
+
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Get information function should fail for an invalid "
"asset ID");
@@ -322,7 +328,7 @@
}
/* Deletes asset to clean up the SST area for the next test */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail");
return;
@@ -339,7 +345,7 @@
const uint32_t asset_uuid = SST_ASSET_ID_SHA224_HASH;
enum tfm_sst_err_t err;
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail");
return;
@@ -357,7 +363,7 @@
struct tfm_sst_asset_info_t asset_info;
enum tfm_sst_err_t err;
- err = tfm_sst_get_info(asset_uuid,
+ err = tfm_sst_get_info(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&asset_info);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Get info should not succeed with invalid thread name");
@@ -375,7 +381,7 @@
const uint32_t asset_uuid = SST_ASSET_ID_SHA224_HASH;
enum tfm_sst_err_t err;
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -414,14 +420,14 @@
enum tfm_sst_err_t err;
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_C");
return;
}
/* Calls get information with a null struct info pointer */
- err = tfm_sst_get_info(asset_uuid, NULL);
+ err = tfm_sst_get_info(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, NULL);
if (err != TFM_SST_ERR_PARAM_ERROR) {
TEST_FAIL("Get info function should fail for a null "
"struct attributes pointer");
@@ -429,7 +435,7 @@
}
/* Calls delete asset to clean up SST area for next test */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -452,7 +458,7 @@
uint8_t wrt_data[WRITE_BUF_SIZE] = "DATA";
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_C");
return;
@@ -464,7 +470,7 @@
io_data.offset = 0;
/* Writes data in the asset */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should work correctly");
return;
@@ -473,7 +479,7 @@
/* Calls get information with valid application ID and
* attributes struct pointer
*/
- err = tfm_sst_get_info(asset_uuid,
+ err = tfm_sst_get_info(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&asset_info);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Thread_C should read the information of this asset");
@@ -487,7 +493,7 @@
}
/* Calls write function with invalid application ID */
- err = tfm_sst_write(INVALID_ASSET_ID,
+ err = tfm_sst_write(INVALID_ASSET_ID, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Invalid asset ID should not write in the asset");
@@ -495,7 +501,7 @@
}
/* Deletes asset to clean up the SST area for the next test */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail");
return;
@@ -512,7 +518,7 @@
const uint32_t asset_uuid = SST_ASSET_ID_AES_KEY_192;
enum tfm_sst_err_t err;
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail");
return;
@@ -530,7 +536,7 @@
enum tfm_sst_err_t err;
struct tfm_sst_buf_t io_data;
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should not succeed with an invalid thread name");
return;
@@ -547,7 +553,7 @@
const uint32_t asset_uuid = SST_ASSET_ID_AES_KEY_192;
enum tfm_sst_err_t err;
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -589,14 +595,14 @@
struct tfm_sst_buf_t io_data;
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_C");
return;
}
/* Calls write function with tfm_sst_buf_t pointer set to NULL */
- err = tfm_sst_write(asset_uuid, NULL);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, NULL);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should fail with tfm_sst_buf_t pointer set to NULL");
return;
@@ -608,14 +614,14 @@
io_data.offset = 0;
/* Calls write function with data pointer set to NULL */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should fail with data pointer set to NULL");
return;
}
/* Calls delete asset to clean up SST area for next test */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -636,7 +642,7 @@
uint8_t wrt_data[SST_ASSET_MAX_SIZE_AES_KEY_192] = {0};
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_C");
return;
@@ -647,7 +653,7 @@
io_data.size = BUFFER_PLUS_PADDING_SIZE;
io_data.offset = 0;
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_PARAM_ERROR) {
TEST_FAIL("Writing beyond end of asset should not succeed");
return;
@@ -657,14 +663,14 @@
io_data.size = 1;
io_data.offset = SST_ASSET_MAX_SIZE_AES_KEY_192;
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_PARAM_ERROR) {
TEST_FAIL("Write to an offset beyond end of asset should not succeed");
return;
}
/* Calls delete asset to clean up SST area for next test */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -687,7 +693,7 @@
uint8_t read_data[READ_BUF_SIZE] = "XXXXXXXXXXXXX";
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_C");
return;
@@ -699,7 +705,7 @@
io_data.offset = 0;
/* Writes data in the asset */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should work correctly");
return;
@@ -711,7 +717,7 @@
io_data.offset = 0;
/* Read data from the asset */
- err = tfm_sst_read(asset_uuid, &io_data);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Read should work correctly");
return;
@@ -734,7 +740,7 @@
}
/* Calls read with invalid asset ID */
- err = tfm_sst_read(INVALID_ASSET_ID,
+ err = tfm_sst_read(INVALID_ASSET_ID, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read should fail when read is called with an invalid "
@@ -743,7 +749,7 @@
}
/* Deletes asset to clean up the SST area for the next test */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail");
return;
@@ -760,7 +766,7 @@
const uint32_t asset_uuid = SST_ASSET_ID_AES_KEY_192;
enum tfm_sst_err_t err;
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail");
return;
@@ -784,7 +790,7 @@
io_data.size = 1;
io_data.offset = 0;
- err = tfm_sst_read(asset_uuid, &io_data);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read should not succeed with an invalid thread name");
return;
@@ -801,7 +807,7 @@
const uint32_t asset_uuid = SST_ASSET_ID_AES_KEY_192;
enum tfm_sst_err_t err;
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail");
return;
@@ -843,14 +849,14 @@
struct tfm_sst_buf_t io_data;
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_C");
return;
}
/* Calls read with null tfm_sst_buf_t pointer */
- err = tfm_sst_read(asset_uuid, NULL);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, NULL);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read with tfm_sst_buf_t pointer set to NULL should fail");
return;
@@ -861,14 +867,14 @@
io_data.offset = 0;
/* Calls read with null read data pointer */
- err = tfm_sst_read(asset_uuid, &io_data);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read with read data pointer set to NULL should fail");
return;
}
/* Calls delete asset to clean up SST area for next test */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -891,7 +897,7 @@
uint8_t read_data[READ_BUF_SIZE] = "XXXXXXXXXXXXX";
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_C");
return;
@@ -903,14 +909,14 @@
io_data.offset = 0;
/* Writes data in the asset */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should work correctly");
return;
}
/* Gets current asset information */
- err = tfm_sst_get_info(asset_uuid,
+ err = tfm_sst_get_info(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&asset_info);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Thread_C should read the information of this asset");
@@ -928,7 +934,7 @@
io_data.size = WRITE_BUF_SIZE + 1;
io_data.offset = 0;
- err = tfm_sst_read(asset_uuid, &io_data);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_PARAM_ERROR) {
TEST_FAIL("Read beyond current size should not succeed");
return;
@@ -938,7 +944,7 @@
io_data.size = 1;
io_data.offset = asset_info.size_current;
- err = tfm_sst_read(asset_uuid, &io_data);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_PARAM_ERROR) {
TEST_FAIL("Read from an offset beyond current size should not succeed");
return;
@@ -957,15 +963,15 @@
const uint32_t asset_uuid = SST_ASSET_ID_SHA224_HASH;
enum tfm_sst_err_t err;
- /* Creates assset 1 */
- err = tfm_sst_create(asset_uuid);
+ /* Creates assset */
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_B");
return;
}
/* Calls delete asset */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should not fail as thread has"
" write permissions");
@@ -973,14 +979,14 @@
}
/* Calls delete with a deleted asset ID */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("The delete action should fail as asset was deleted");
return;
}
/* Calls delete asset with invalid asset ID */
- err = tfm_sst_delete(INVALID_ASSET_ID);
+ err = tfm_sst_delete(INVALID_ASSET_ID, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("The delete action should fail as asset ID is not valid");
return;
@@ -997,7 +1003,7 @@
const uint32_t asset_uuid = SST_ASSET_ID_AES_KEY_192;
enum tfm_sst_err_t err;
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail");
return;
@@ -1014,7 +1020,7 @@
const uint32_t asset_uuid = SST_ASSET_ID_AES_KEY_192;
enum tfm_sst_err_t err;
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Delete should not succeed with an invalid thread name");
return;
@@ -1031,7 +1037,7 @@
const uint32_t asset_uuid = SST_ASSET_ID_AES_KEY_192;
enum tfm_sst_err_t err;
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail");
return;
@@ -1074,7 +1080,7 @@
enum tfm_sst_err_t err;
/* Creates asset 2 first to locate it at the beginning of the data block */
- err = tfm_sst_create(asset_uuid_2);
+ err = tfm_sst_create(asset_uuid_2, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_C");
return;
@@ -1091,7 +1097,7 @@
uint8_t wrt_data[BUF_SIZE_SHA224] = WRITE_DATA_SHA224_1;
/* Creates asset 1 */
- err = tfm_sst_create(asset_uuid_1);
+ err = tfm_sst_create(asset_uuid_1, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_B");
return;
@@ -1103,7 +1109,7 @@
io_data.offset = 0;
/* Writes data into asset 1 */
- err = tfm_sst_write(asset_uuid_1, &io_data);
+ err = tfm_sst_write(asset_uuid_1, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should not fail for Thread_B");
return;
@@ -1120,7 +1126,7 @@
/* Deletes asset 2. After the delete call, asset 1 should be at the
* beginning of the block.
*/
- err = tfm_sst_delete(asset_uuid_2);
+ err = tfm_sst_delete(asset_uuid_2, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -1145,7 +1151,7 @@
/* If the compact worked as expected, the test should be able to read back
* the data from asset 1 correctly.
*/
- err = tfm_sst_read(asset_uuid_1, &io_data);
+ err = tfm_sst_read(asset_uuid_1, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Read should not fail for Thread_B");
return;
@@ -1157,7 +1163,7 @@
}
/* Calls delete asset */
- err = tfm_sst_delete(asset_uuid_1);
+ err = tfm_sst_delete(asset_uuid_1, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -1199,7 +1205,7 @@
uint8_t wrt_data[WRITE_BUF_SIZE] = "DATA";
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_C");
return;
@@ -1211,7 +1217,7 @@
io_data.offset = 0;
/* Writes data in the asset */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should work correctly");
return;
@@ -1225,7 +1231,7 @@
for (i = 0; i < WRITE_BUF_SIZE; i++) {
/* Read data from the asset */
- err = tfm_sst_read(asset_uuid, &io_data);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
#ifdef SST_ENABLE_PARTIAL_ASSET_RW
if (err != TFM_SST_ERR_SUCCESS) {
#else
@@ -1265,7 +1271,7 @@
}
/* Calls delete asset */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -1286,7 +1292,7 @@
uint8_t wrt_data[BUF_SIZE_SHA224] = {0};
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_B");
return;
@@ -1298,14 +1304,14 @@
io_data.offset = 0;
/* Writes data in the asset */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_PARAM_ERROR) {
TEST_FAIL("Should have failed asset write of too large");
return;
}
/* Calls delete asset */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -1328,7 +1334,7 @@
uint8_t wrt_data2[WRITE_BUF_SIZE+1] = "World";
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_B");
return;
@@ -1340,7 +1346,7 @@
io_data.offset = 0;
/* Writes data in the asset */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data 1 failed");
return;
@@ -1352,7 +1358,7 @@
io_data.offset = WRITE_BUF_SIZE;
/* Writes data 2 in the asset */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data 2 failed");
return;
@@ -1364,7 +1370,7 @@
io_data.offset = 0;
/* Reads back the data */
- err = tfm_sst_read(asset_uuid, &io_data);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Incorrect number of bytes read back");
return;
@@ -1376,7 +1382,7 @@
}
/* Calls delete asset */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -1398,7 +1404,7 @@
uint8_t wrt_data2[BUF_SIZE_SHA224] = WRITE_DATA_SHA224_2;
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_B");
return;
@@ -1410,7 +1416,7 @@
io_data.offset = 0;
/* Writes data in the asset */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data 1 failed");
return;
@@ -1422,7 +1428,7 @@
io_data.offset = WRITE_BUF_SIZE;
/* Writes data in the asset */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_PARAM_ERROR) {
TEST_FAIL("Write data 2 should have failed as this write tries to "
"write more bytes that the max size");
@@ -1435,7 +1441,7 @@
io_data.offset = WRITE_BUF_SIZE;
/* Writes data in the asset */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data 3 failed");
return;
@@ -1447,7 +1453,7 @@
io_data.offset = 0;
/* Read back the data */
- err = tfm_sst_read(asset_uuid, &io_data);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Incorrect number of bytes read back");
return;
@@ -1459,7 +1465,7 @@
}
/* Calls delete asset */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -1477,7 +1483,7 @@
enum tfm_sst_err_t err;
/* Creates asset 1 */
- err = tfm_sst_create(asset_uuid_1);
+ err = tfm_sst_create(asset_uuid_1, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_C");
return;
@@ -1492,7 +1498,7 @@
enum tfm_sst_err_t err;
/* Creates asset 2 */
- err = tfm_sst_create(asset_uuid_2);
+ err = tfm_sst_create(asset_uuid_2, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_B");
return;
@@ -1514,7 +1520,7 @@
io_data.offset = 0;
/* Writes data in asset 1 */
- err = tfm_sst_write(asset_uuid_1, &io_data);
+ err = tfm_sst_write(asset_uuid_1, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data should work for Thread_C");
return;
@@ -1536,7 +1542,7 @@
io_data.size = 2;
io_data.offset = 0;
- err = tfm_sst_write(asset_uuid_2, &io_data);
+ err = tfm_sst_write(asset_uuid_2, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data should work for Thread_B");
return;
@@ -1558,7 +1564,7 @@
io_data.offset = WRITE_BUF_SIZE;
/* Writes data 3 in asset 1 */
- err = tfm_sst_write(asset_uuid_1, &io_data);
+ err = tfm_sst_write(asset_uuid_1, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data should work for Thread_C");
return;
@@ -1580,7 +1586,7 @@
io_data.offset = 2;
/* Writes data 4 in asset 2 */
- err = tfm_sst_write(asset_uuid_2, &io_data);
+ err = tfm_sst_write(asset_uuid_2, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data should work for Thread_B");
return;
@@ -1603,7 +1609,7 @@
io_data.offset = 0;
/* Read back the asset 1 */
- err = tfm_sst_read(asset_uuid_1, &io_data);
+ err = tfm_sst_read(asset_uuid_1, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Read should not fail for Thread_C");
return;
@@ -1630,7 +1636,7 @@
io_data.offset = 0;
/* Read back the asset 1 */
- err = tfm_sst_read(asset_uuid_2, &io_data);
+ err = tfm_sst_read(asset_uuid_2, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Incorrect number of bytes read back");
return;
@@ -1642,7 +1648,7 @@
}
/* Calls delete asset */
- err = tfm_sst_delete(asset_uuid_2);
+ err = tfm_sst_delete(asset_uuid_2, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -1657,7 +1663,7 @@
enum tfm_sst_err_t err;
/* Calls delete asset 1 */
- err = tfm_sst_delete(asset_uuid_1);
+ err = tfm_sst_delete(asset_uuid_1, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -1722,7 +1728,7 @@
struct tfm_sst_buf_t io_data;
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_B");
return;
@@ -1734,21 +1740,21 @@
io_data.offset = 0;
/* Calls write with a ROM address location */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should fail for an illegal location");
return;
}
/* Calls read with a ROM address location */
- err = tfm_sst_read(asset_uuid, &io_data);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read should fail for an illegal location");
return;
}
/* Deletes asset to clean up the SST area */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail");
return;
@@ -1767,7 +1773,7 @@
struct tfm_sst_buf_t io_data;
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_B");
return;
@@ -1779,21 +1785,21 @@
io_data.offset = 0;
/* Calls write with a device address location */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should fail for an illegal location");
return;
}
/* Calls read with a device address location */
- err = tfm_sst_read(asset_uuid, &io_data);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read should fail for an illegal location");
return;
}
/* Deletes asset to clean up the SST area */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail");
return;
@@ -1812,7 +1818,7 @@
struct tfm_sst_buf_t io_data;
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_B");
return;
@@ -1824,21 +1830,21 @@
io_data.offset = 0;
/* Calls write with a non-existing address location */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should fail for an illegal location");
return;
}
/* Calls read with a non-existing address location */
- err = tfm_sst_read(asset_uuid, &io_data);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read should fail for an illegal location");
return;
}
/* Deletes asset to clean up the SST area */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail");
return;
@@ -1857,7 +1863,7 @@
struct tfm_sst_buf_t io_data;
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_B");
return;
@@ -1869,21 +1875,21 @@
io_data.offset = 0;
/* Calls write with a secure address location */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should fail for an illegal location");
return;
}
/* Calls read with a secure address location */
- err = tfm_sst_read(asset_uuid, &io_data);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read should fail for an illegal location");
return;
}
/* Deletes asset to clean up the SST area */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail");
return;
@@ -1907,7 +1913,7 @@
uint8_t wrt_data_2[2] = "B";
/* Creates asset */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_C");
return;
@@ -1919,13 +1925,13 @@
io_data.offset = 0;
/* Write data in the asset */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("First write should not fail");
return;
}
- err = tfm_sst_get_info(asset_uuid,
+ err = tfm_sst_get_info(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&asset_info);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Thread_C should read the information of this asset");
@@ -1944,13 +1950,13 @@
io_data.offset = 1;
/* Write data in the asset */
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Second write should not fail");
return;
}
- err = tfm_sst_get_info(asset_uuid,
+ err = tfm_sst_get_info(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&asset_info);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Thread_C should read the information of this asset");
@@ -1968,7 +1974,7 @@
io_data.offset = 0;
/* Calls read with a non-existing address location */
- err = tfm_sst_read(asset_uuid, &io_data);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Read should not fail");
return;
@@ -1987,7 +1993,7 @@
io_data.size = 1;
io_data.offset = (asset_info.size_current + 1);
- err = tfm_sst_write(asset_uuid, &io_data);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &io_data);
if (err != TFM_SST_ERR_PARAM_ERROR) {
TEST_FAIL("Write must fail if the offset is bigger than the current"
" asset's size");
@@ -2011,7 +2017,7 @@
.validity.end = 0 };
enum tfm_sst_err_t err;
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail");
return;
@@ -2022,14 +2028,14 @@
wrt_attrs.validity.start = 0;
wrt_attrs.validity.end = 0;
- err = tfm_sst_set_attributes(asset_uuid,
+ err = tfm_sst_set_attributes(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&wrt_attrs);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Set attributes should not fail");
return;
}
- err = tfm_sst_get_attributes(asset_uuid,
+ err = tfm_sst_get_attributes(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&read_attrs);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Get attributes should not fail");
diff --git a/test/suites/sst/non_secure/sst_policy_testsuite.c b/test/suites/sst/non_secure/sst_policy_testsuite.c
index 4378317..686d5cc 100644
--- a/test/suites/sst/non_secure/sst_policy_testsuite.c
+++ b/test/suites/sst/non_secure/sst_policy_testsuite.c
@@ -14,6 +14,10 @@
#include "test/framework/helpers.h"
#include "tfm_sst_api.h"
+/* Define default asset's token */
+#define ASSET_TOKEN NULL
+#define ASSET_TOKEN_SIZE 0
+
/* The tests in this test suite cover access to an asset when the application
* has:
* - REFERENCE/READ/WRITE permissions,
@@ -133,7 +137,7 @@
uint8_t read_data[READ_BUF_SIZE] = READ_DATA;
/* The create function requires WRITE permission */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_C");
return;
@@ -145,7 +149,7 @@
buf.offset = 0;
/* The write function requires WRITE permission */
- err = tfm_sst_write(asset_uuid, &buf);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &buf);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should not fail for Thread_C");
return;
@@ -157,7 +161,7 @@
buf.offset = 0;
/* The read function requires READ permission */
- err = tfm_sst_read(asset_uuid, &buf);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &buf);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Read should not fail for Thread_C");
return;
@@ -170,7 +174,7 @@
}
/* The get information function requires any permission other than NONE */
- err = tfm_sst_get_info(asset_uuid,
+ err = tfm_sst_get_info(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&asset_info);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Get information should not fail for Thread_C");
@@ -208,7 +212,7 @@
uint8_t read_data[READ_BUF_SIZE] = READ_DATA;
/* Create should fail as Thread_A does not have WRITE permission */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Create should not succeed for Thread_A");
return;
@@ -221,7 +225,7 @@
buf.offset = 1;
/* Write should fail as Thread_A does not have WRITE permission */
- err = tfm_sst_write(asset_uuid, &buf);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &buf);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should not succeed for Thread_A");
return;
@@ -233,7 +237,7 @@
buf.offset = 0;
/* Read should fail as Thread_A does not have READ permission */
- err = tfm_sst_read(asset_uuid, &buf);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &buf);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read should not succeed for Thread_A");
return;
@@ -246,7 +250,7 @@
}
/* Get information should succeed as Thread_A has at least one permission */
- err = tfm_sst_get_info(asset_uuid,
+ err = tfm_sst_get_info(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&asset_info);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Get information should not fail for Thread_A");
@@ -265,7 +269,7 @@
}
/* Delete should fail as Thread_A does not have WRITE permission */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Delete should not succeed for Thread_A");
return;
@@ -291,7 +295,7 @@
uint8_t read_data[READ_BUF_SIZE] = READ_DATA;
/* Create should fail as Thread_B does not have WRITE permission */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Create should not succeed for Thread_B");
return;
@@ -304,7 +308,7 @@
buf.offset = 2;
/* Write should fail as Thread_B does not have WRITE permission */
- err = tfm_sst_write(asset_uuid, &buf);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &buf);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should not succeed for Thread_B");
return;
@@ -316,7 +320,7 @@
buf.offset = 0;
/* Read should succeed as Thread_B has READ permission */
- err = tfm_sst_read(asset_uuid, &buf);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &buf);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Read should not fail for Thread_B");
return;
@@ -331,7 +335,7 @@
}
/* Get attributes should succeed as Thread_B has at least one permission */
- err = tfm_sst_get_info(asset_uuid,
+ err = tfm_sst_get_info(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&asset_info);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Get information should not fail for Thread_B");
@@ -350,7 +354,7 @@
}
/* Delete should fail as Thread_B does not have WRITE permission */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Delete should not succeed for Thread_B");
return;
@@ -374,8 +378,7 @@
const uint32_t asset_uuid = SST_ASSET_ID_AES_KEY_192;
enum tfm_sst_err_t err;
- /* The delete function requires WRITE permission */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail for Thread_C");
return;
@@ -401,7 +404,7 @@
uint8_t read_data[READ_BUF_SIZE] = READ_DATA;
/* Create should succeed as Thread_B has WRITE permission */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_B");
return;
@@ -413,7 +416,7 @@
buf.offset = 0;
/* Write should succeed as Thread_B has WRITE permission */
- err = tfm_sst_write(asset_uuid, &buf);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &buf);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should not fail for Thread_B");
return;
@@ -425,7 +428,7 @@
buf.offset = 0;
/* Read should succeed as Thread_B has READ permission */
- err = tfm_sst_read(asset_uuid, &buf);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &buf);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Read should not fail for Thread_B");
return;
@@ -438,7 +441,7 @@
}
/* Get information should succeed as Thread_B has at least one permission */
- err = tfm_sst_get_info(asset_uuid,
+ err = tfm_sst_get_info(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&asset_info);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Get information should not fail for Thread_B");
@@ -476,7 +479,7 @@
uint8_t read_data[READ_BUF_SIZE] = READ_DATA;
/* Create should fail as Thread_A has no permissions */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Create should not succeed for Thread_A");
return;
@@ -492,7 +495,7 @@
* permissions even if it has a valid asset ID. So the write should fail as
* Thread_A has no permissions.
*/
- err = tfm_sst_write(asset_uuid, &buf);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &buf);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should not succeed for Thread_A");
return;
@@ -504,7 +507,7 @@
buf.offset = 0;
/* Read should fail as Thread_A has no permissions */
- err = tfm_sst_read(asset_uuid, &buf);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &buf);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read should not succeed for Thread_A");
return;
@@ -517,7 +520,7 @@
}
/* Get information should fail as Thread_A has no permissions */
- err = tfm_sst_get_info(asset_uuid,
+ err = tfm_sst_get_info(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&asset_info);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Get information should not succeed for Thread_A");
@@ -536,7 +539,7 @@
}
/* Delete should fail as Thread_A has no permissions */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Delete should not succeed for Thread_A");
return;
@@ -561,7 +564,7 @@
enum tfm_sst_err_t err;
/* Delete should succeed as Thread_B has WRITE permission */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail for Thread_B");
return;
@@ -587,7 +590,7 @@
uint8_t read_data[READ_BUF_SIZE] = READ_DATA;
/* Create should succeed as Thread_C has WRITE permission */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for Thread_C");
return;
@@ -599,7 +602,7 @@
buf.offset = 0;
/* Write should succeed as Thread_C has WRITE permission */
- err = tfm_sst_write(asset_uuid, &buf);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &buf);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should not fail for Thread_C");
return;
@@ -611,7 +614,7 @@
buf.offset = 0;
/* Read should fail as Thread_C does not have READ permission */
- err = tfm_sst_read(asset_uuid, &buf);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &buf);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read should not succeed for Thread_C");
return;
@@ -624,7 +627,7 @@
}
/* Get information should succeed as Thread_C has at least one permission */
- err = tfm_sst_get_info(asset_uuid,
+ err = tfm_sst_get_info(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&asset_info);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Get information should not fail for Thread_C");
@@ -663,7 +666,7 @@
uint8_t read_data[READ_BUF_SIZE] = READ_DATA;
/* Create should fail as Thread_A has no permissions */
- err = tfm_sst_create(asset_uuid);
+ err = tfm_sst_create(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Create should not succeed for Thread_A");
return;
@@ -679,7 +682,7 @@
* permissions even if it has a valid asset ID. So the write should fail as
* Thread_A has no permissions.
*/
- err = tfm_sst_write(asset_uuid, &buf);
+ err = tfm_sst_write(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &buf);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should not succeed for Thread_A");
return;
@@ -691,7 +694,7 @@
buf.offset = 0;
/* Read should fail as Thread_A has no permissions */
- err = tfm_sst_read(asset_uuid, &buf);
+ err = tfm_sst_read(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE, &buf);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read should not succeed for Thread_A");
return;
@@ -704,7 +707,7 @@
}
/* Get information should fail as Thread_A has no permissions */
- err = tfm_sst_get_info(asset_uuid,
+ err = tfm_sst_get_info(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE,
&asset_info);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Get information should not succeed for Thread_A");
@@ -723,7 +726,7 @@
}
/* Delete should fail as Thread_A has no permissions */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Delete should not succeed for Thread_A");
return;
@@ -748,7 +751,7 @@
enum tfm_sst_err_t err;
/* Delete should succeed as Thread_C has WRITE permission */
- err = tfm_sst_delete(asset_uuid);
+ err = tfm_sst_delete(asset_uuid, ASSET_TOKEN, ASSET_TOKEN_SIZE);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail for Thread_C");
return;
diff --git a/test/suites/sst/secure/sst_reliability_testsuite.c b/test/suites/sst/secure/sst_reliability_testsuite.c
index 679688a..610d377 100644
--- a/test/suites/sst/secure/sst_reliability_testsuite.c
+++ b/test/suites/sst/secure/sst_reliability_testsuite.c
@@ -31,6 +31,9 @@
#define READ_DATA "######################################"
#define RESULT_DATA ("###" WRITE_DATA "###")
+/* Define default asset's token */
+static struct tfm_sst_token_t test_token = { .token = NULL, .token_size = 0};
+
/* Define test suite for SST reliability tests */
/* List of tests */
static void tfm_sst_test_3001(struct test_result_t *ret);
@@ -76,7 +79,7 @@
}
/* Checks write permissions in create function */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -94,7 +97,8 @@
io_data.offset = asset_offset;
/* Checks write permissions in the write function */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token,
+ &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should not fail for application S_APP_ID");
return;
@@ -104,7 +108,8 @@
io_data.data = &read_data[3];
/* Checks write permissions in the read function */
- err = tfm_sst_veneer_read(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token,
+ &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Application S_APP_ID must get file handle");
return;
@@ -131,7 +136,7 @@
TEST_LOG("\n");
/* Checks write permissions in delete function */
- err = tfm_sst_veneer_delete(app_id, asset_uuid);
+ err = tfm_sst_veneer_delete(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail for application S_APP_ID");
return;
@@ -156,7 +161,7 @@
}
/* Checks write permissions in create function */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -174,7 +179,7 @@
io_data.offset = 0;
/* Checks write permissions in the write function */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should not fail for application S_APP_ID");
return;
@@ -184,7 +189,7 @@
io_data.data = data + HALF_PADDING_SIZE;
/* Checks write permissions in the read function */
- err = tfm_sst_veneer_read(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Application S_APP_ID must get file handle");
return;
@@ -213,7 +218,7 @@
TEST_LOG("\n");
/* Checks write permissions in delete function */
- err = tfm_sst_veneer_delete(app_id, asset_uuid);
+ err = tfm_sst_veneer_delete(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail for application S_APP_ID");
return;
@@ -254,7 +259,7 @@
TEST_LOG(" > Iteration %d of %d\r", itr + 1, LOOP_ITERATIONS_002);
/* Checks write permissions in create function */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -266,7 +271,8 @@
io_data.offset = asset_offset;
/* Checks write permissions in the write function */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token,
+ &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should not fail for application S_APP_ID");
return;
@@ -276,7 +282,8 @@
io_data.data = &read_data[3];
/* Checks write permissions in the read function */
- err = tfm_sst_veneer_read(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token,
+ &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Application S_APP_ID must get file handle");
return;
@@ -301,7 +308,7 @@
asset_offset = 0;
/* Checks write permissions in delete function */
- err = tfm_sst_veneer_delete(app_id, asset_uuid);
+ err = tfm_sst_veneer_delete(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail for application S_APP_ID");
return;
@@ -336,7 +343,7 @@
TEST_LOG(" > Iteration %d of %d\r", itr + 1, LOOP_ITERATIONS_002);
/* Checks write permissions in create function */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -348,7 +355,7 @@
io_data.offset = 0;
/* Checks write permissions in the write function */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should not fail for application S_APP_ID");
return;
@@ -358,7 +365,7 @@
io_data.data = data + HALF_PADDING_SIZE;
/* Checks write permissions in the read function */
- err = tfm_sst_veneer_read(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Application S_APP_ID must get file handle");
return;
@@ -384,7 +391,7 @@
}
/* Checks write permissions in delete function */
- err = tfm_sst_veneer_delete(app_id, asset_uuid);
+ err = tfm_sst_veneer_delete(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Delete should not fail for application S_APP_ID");
return;
diff --git a/test/suites/sst/secure/sst_sec_interface_testsuite.c b/test/suites/sst/secure/sst_sec_interface_testsuite.c
index 91d6ce0..21b7d88 100644
--- a/test/suites/sst/secure/sst_sec_interface_testsuite.c
+++ b/test/suites/sst/secure/sst_sec_interface_testsuite.c
@@ -36,6 +36,9 @@
/* Define used for bounds checking type tests */
#define BUFFER_SIZE_PLUS_ONE (BUFFER_SIZE + 1)
+/* Define default asset's token */
+static struct tfm_sst_token_t test_token = { .token = NULL, .token_size = 0};
+
/* Define test suite for asset manager tests */
/* List of tests */
static void tfm_sst_test_2001(struct test_result_t *ret);
@@ -143,28 +146,28 @@
}
/* Checks write permissions in create function */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
}
/* Attempts to create the asset a second time */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Should not fail to create an already-created asset");
return;
}
/* Calls create with invalid asset ID */
- err = tfm_sst_veneer_create(app_id, INVALID_ASSET_ID);
+ err = tfm_sst_veneer_create(app_id, INVALID_ASSET_ID, &test_token);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Create should fail for invalid ASSET ID");
return;
}
/* Calls create with invalid application ID */
- err = tfm_sst_veneer_create(INVALID_APP_ID, asset_uuid);
+ err = tfm_sst_veneer_create(INVALID_APP_ID, asset_uuid, &test_token);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Create should fail for invalid application ID");
return;
@@ -219,7 +222,7 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -228,7 +231,7 @@
/* Calls get_attributes with valid application ID and
* attributes struct pointer
*/
- err = tfm_sst_veneer_get_info(app_id, asset_uuid, &asset_info);
+ err = tfm_sst_veneer_get_info(app_id, asset_uuid, &test_token, &asset_info);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Application S_APP_ID should be able to read the "
"information of this asset");
@@ -247,7 +250,8 @@
}
/* Calls get_attributes with invalid application ID */
- err = tfm_sst_veneer_get_info(INVALID_APP_ID, asset_uuid, &asset_info);
+ err = tfm_sst_veneer_get_info(INVALID_APP_ID, asset_uuid, &test_token,
+ &asset_info);
if (err == TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Get information function should fail for an invalid "
"application ID");
@@ -255,7 +259,8 @@
}
/* Calls get information with invalid asset ID */
- err = tfm_sst_veneer_get_info(app_id, INVALID_ASSET_ID, &asset_info);
+ err = tfm_sst_veneer_get_info(app_id, INVALID_ASSET_ID, &test_token,
+ &asset_info);
if (err == TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Get attributes function should fail for an invalid "
"asset ID");
@@ -282,14 +287,14 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
}
/* Calls get information with invalid struct attributes pointer */
- err = tfm_sst_veneer_get_info(app_id, asset_uuid, NULL);
+ err = tfm_sst_veneer_get_info(app_id, asset_uuid, &test_token, NULL);
if (err != TFM_SST_ERR_PARAM_ERROR) {
TEST_FAIL("Get information function should fail for an invalid "
"struct info pointer");
@@ -321,7 +326,7 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -333,7 +338,7 @@
io_data.offset = 0;
/* Writes data in the asset */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should work correctly");
return;
@@ -342,7 +347,7 @@
/* Calls get information with valid application ID and
* attributes struct pointer
*/
- err = tfm_sst_veneer_get_info(app_id, asset_uuid, &asset_info);
+ err = tfm_sst_veneer_get_info(app_id, asset_uuid, &test_token, &asset_info);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Application S_APP_ID should be able to read the "
"information of this asset");
@@ -356,14 +361,15 @@
}
/* Calls write function with invalid application ID */
- err = tfm_sst_veneer_write(INVALID_APP_ID, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(INVALID_APP_ID, asset_uuid, &test_token,
+ &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Invalid application ID should not write in the file");
return;
}
/* Calls write function with invalid asset ID */
- err = tfm_sst_veneer_write(app_id, INVALID_ASSET_ID, &io_data);
+ err = tfm_sst_veneer_write(app_id, INVALID_ASSET_ID, &test_token, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Invalid asset ID should not write in the file");
return;
@@ -391,14 +397,14 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
}
/* Calls write function with tfm_sst_buf_t pointer set to NULL */
- err = tfm_sst_veneer_write(app_id, asset_uuid, NULL);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, NULL);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should fail with tfm_sst_buf_t pointer set to NULL");
return;
@@ -410,7 +416,7 @@
io_data.offset = 0;
/* Calls write function with data pointer set to NULL */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should fail with data pointer set to NULL");
return;
@@ -438,7 +444,7 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -449,7 +455,7 @@
io_data.size = BUFFER_SIZE_PLUS_ONE;
io_data.offset = 0;
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err == TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Writing beyond end of asset should not succeed");
return;
@@ -459,7 +465,7 @@
io_data.size = 1;
io_data.offset = SST_ASSET_MAX_SIZE_AES_KEY_192;
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err == TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write to an offset beyond end of asset should not succeed");
return;
@@ -490,7 +496,7 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -502,7 +508,7 @@
io_data.offset = 0;
/* Writes data in the asset */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should work correctly");
return;
@@ -514,7 +520,7 @@
io_data.offset = 0;
/* Read data from the asset */
- err = tfm_sst_veneer_read(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Read should work correctly");
return;
@@ -537,7 +543,8 @@
}
/* Calls read with invalid application ID */
- err = tfm_sst_veneer_read(INVALID_APP_ID, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(INVALID_APP_ID, asset_uuid, &test_token,
+ &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read should fail when read is called with an invalid "
"application ID");
@@ -545,7 +552,7 @@
}
/* Calls read with invalid asset ID */
- err = tfm_sst_veneer_read(app_id, INVALID_ASSET_ID, &io_data);
+ err = tfm_sst_veneer_read(app_id, INVALID_ASSET_ID, &test_token, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read should fail when read is called with an invalid "
"asset ID");
@@ -574,14 +581,14 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
}
/* Calls read with invalid tfm_sst_buf_t pointer */
- err = tfm_sst_veneer_read(app_id, asset_uuid, NULL);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token, NULL);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read with tfm_sst_buf_t pointer set to NULL should fail");
return;
@@ -592,7 +599,7 @@
io_data.offset = 0;
/* Calls read with invalid data pointer */
- err = tfm_sst_veneer_read(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read with read data pointer set to NULL should fail");
return;
@@ -621,7 +628,7 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -633,14 +640,14 @@
io_data.offset = 0;
/* Writes data in the asset */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should work correctly");
return;
}
/* Gets current asset information */
- err = tfm_sst_veneer_get_info(app_id, asset_uuid, &asset_info);
+ err = tfm_sst_veneer_get_info(app_id, asset_uuid, &test_token, &asset_info);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Application S_APP_ID should be able to read the "
"information of this asset");
@@ -658,7 +665,7 @@
io_data.size = BUFFER_SIZE_PLUS_ONE;
io_data.offset = 0;
- err = tfm_sst_veneer_read(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token, &io_data);
if (err == TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Read beyond current size should not succeed");
return;
@@ -668,7 +675,7 @@
io_data.size = 1;
io_data.offset = asset_info.size_current;
- err = tfm_sst_veneer_read(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token, &io_data);
if (err == TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Read from an offset beyond current size should not succeed");
return;
@@ -703,14 +710,14 @@
}
/* Creates assset */
- err = tfm_sst_veneer_create(app_id_1, asset_uuid_1);
+ err = tfm_sst_veneer_create(app_id_1, asset_uuid_1, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
}
/* Calls delete asset with invalid application ID */
- err = tfm_sst_veneer_delete(INVALID_APP_ID, asset_uuid_1);
+ err = tfm_sst_veneer_delete(INVALID_APP_ID, asset_uuid_1, &test_token);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("The delete action should fail if an invalid application "
"ID is provided");
@@ -718,21 +725,21 @@
}
/* Calls delete asset */
- err = tfm_sst_veneer_delete(app_id_1, asset_uuid_1);
+ err = tfm_sst_veneer_delete(app_id_1, asset_uuid_1, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
}
/* Calls delete with a deleted asset ID */
- err = tfm_sst_veneer_delete(app_id_1, asset_uuid_1);
+ err = tfm_sst_veneer_delete(app_id_1, asset_uuid_1, &test_token);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("The delete action should fail as ID is not valid");
return;
}
/* Calls delete asset with invalid asset ID */
- err = tfm_sst_veneer_delete(app_id_1, INVALID_ASSET_ID);
+ err = tfm_sst_veneer_delete(app_id_1, INVALID_ASSET_ID, &test_token);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("The delete action should fail if an invalid asset ID "
"is provided");
@@ -749,14 +756,15 @@
/* Creates assset 2 first to locate it at the beginning of the
* data block
*/
- err = tfm_sst_veneer_create(app_id_2, asset_uuid_2);
+ err = tfm_sst_veneer_create(app_id_2, asset_uuid_2, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
}
/* Creates asset 1 to locate it after the asset 2 in the data block */
- err = tfm_sst_veneer_create(app_id_1, SST_ASSET_ID_SHA224_HASH);
+ err = tfm_sst_veneer_create(app_id_1, SST_ASSET_ID_SHA224_HASH,
+ &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -768,7 +776,7 @@
io_data.offset = 0;
/* Writes data in asset 1 */
- err = tfm_sst_veneer_write(app_id_1, asset_uuid_1, &io_data);
+ err = tfm_sst_veneer_write(app_id_1, asset_uuid_1, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data should work for application S_APP_ID");
return;
@@ -777,7 +785,7 @@
/* Deletes asset 2. It means that after the delete call, asset 1 should be
* at the beginning of the block.
*/
- err = tfm_sst_veneer_delete(app_id_2, asset_uuid_2);
+ err = tfm_sst_veneer_delete(app_id_2, asset_uuid_2, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("The delete action should work correctly");
return;
@@ -793,7 +801,7 @@
io_data.offset = 0;
/* Read back the asset 1 */
- err = tfm_sst_veneer_read(app_id_1, asset_uuid_1, &io_data);
+ err = tfm_sst_veneer_read(app_id_1, asset_uuid_1, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Incorrect number of bytes read back");
return;
@@ -827,7 +835,7 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -839,7 +847,7 @@
io_data.offset = 0;
/* Writes data in the asset */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should work correctly");
return;
@@ -852,7 +860,7 @@
for (i = 0; i < WRITE_BUF_SIZE ; i++) {
/* Read data from the asset */
- err = tfm_sst_veneer_read(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token, &io_data);
#ifdef SST_ENABLE_PARTIAL_ASSET_RW
if (err != TFM_SST_ERR_SUCCESS) {
#else
@@ -913,7 +921,7 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -925,7 +933,7 @@
io_data.offset = 0;
/* Writes data in the asset */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write should work correctly");
return;
@@ -944,7 +952,7 @@
io_data.offset = 0;
/* Reads back the data after the prepare */
- err = tfm_sst_veneer_read(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Incorrect number of bytes read back");
return;
@@ -988,7 +996,7 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -1000,7 +1008,7 @@
io_data.offset = 0;
/* Writes data in the asset when data size is bigger than asset size */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err == TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Should have failed asset write of too large");
return;
@@ -1030,7 +1038,7 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -1042,7 +1050,7 @@
io_data.offset = 0;
/* Writes data in the asset */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data 1 failed");
return;
@@ -1054,7 +1062,7 @@
io_data.offset = WRITE_BUF_SIZE;
/* Writes data 2 in the asset */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data 2 failed");
return;
@@ -1066,7 +1074,7 @@
io_data.offset = 0;
/* Read back the data */
- err = tfm_sst_veneer_read(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Incorrect number of bytes read back");
return;
@@ -1103,7 +1111,7 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -1115,7 +1123,7 @@
io_data.offset = 0;
/* Writes data in the asset */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data 1 failed");
return;
@@ -1127,7 +1135,7 @@
io_data.offset = WRITE_BUF_SIZE;
/* Writes data in the asset */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err == TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data 2 should have failed as this write tries to "
"write more bytes than the max size");
@@ -1140,7 +1148,7 @@
io_data.offset = WRITE_BUF_SIZE;
/* Writes data in the asset */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data 3 failed");
return;
@@ -1152,7 +1160,7 @@
io_data.offset = 0;
/* Read back the data */
- err = tfm_sst_veneer_read(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Incorrect number of bytes read back");
return;
@@ -1191,14 +1199,14 @@
}
/* Creates asset 1 */
- err = tfm_sst_veneer_create(app_id_1, asset_uuid_1);
+ err = tfm_sst_veneer_create(app_id_1, asset_uuid_1, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
}
/* Creates asset 2 */
- err = tfm_sst_veneer_create(app_id_2, asset_uuid_2);
+ err = tfm_sst_veneer_create(app_id_2, asset_uuid_2, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -1210,7 +1218,7 @@
io_data.offset = 0;
/* Writes data in asset 1 */
- err = tfm_sst_veneer_write(app_id_1, asset_uuid_1, &io_data);
+ err = tfm_sst_veneer_write(app_id_1, asset_uuid_1, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data should work for application S_APP_ID");
return;
@@ -1222,7 +1230,7 @@
io_data.offset = 0;
/* Writes data 2 in asset 2 */
- err = tfm_sst_veneer_write(app_id_2, asset_uuid_2, &io_data);
+ err = tfm_sst_veneer_write(app_id_2, asset_uuid_2, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data should work for application S_APP_ID");
return;
@@ -1234,7 +1242,7 @@
io_data.offset = WRITE_BUF_SIZE;
/* Writes data 3 in asset 1 */
- err = tfm_sst_veneer_write(app_id_1, asset_uuid_1, &io_data);
+ err = tfm_sst_veneer_write(app_id_1, asset_uuid_1, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data should work for application S_APP_ID");
return;
@@ -1246,7 +1254,7 @@
io_data.offset = 2;
/* Writes data 4 in asset 2 */
- err = tfm_sst_veneer_write(app_id_2, asset_uuid_2, &io_data);
+ err = tfm_sst_veneer_write(app_id_2, asset_uuid_2, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Write data should work for application S_APP_ID");
return;
@@ -1258,7 +1266,7 @@
io_data.offset = 0;
/* Read back the asset 1 */
- err = tfm_sst_veneer_read(app_id_1, asset_uuid_1, &io_data);
+ err = tfm_sst_veneer_read(app_id_1, asset_uuid_1, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Incorrect number of bytes read back");
return;
@@ -1278,7 +1286,7 @@
io_data.offset = 0;
/* Read back the asset 2 */
- err = tfm_sst_veneer_read(app_id_2, asset_uuid_2, &io_data);
+ err = tfm_sst_veneer_read(app_id_2, asset_uuid_2, &test_token, &io_data);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Incorrect number of bytes read back");
return;
@@ -1310,7 +1318,7 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -1322,14 +1330,14 @@
io_data.offset = 0;
/* Calls write with a ROM address location */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should fail for an illegal location");
return;
}
/* Calls read with a ROM address location */
- err = tfm_sst_veneer_read(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read should fail for an illegal location");
return;
@@ -1355,7 +1363,7 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -1367,14 +1375,14 @@
io_data.offset = 0;
/* Calls write with a device address location */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should fail for an illegal location");
return;
}
/* Calls read with a device address location */
- err = tfm_sst_veneer_read(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read should fail for an illegal location");
return;
@@ -1400,7 +1408,7 @@
}
/* Creates asset */
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail for application S_APP_ID");
return;
@@ -1412,14 +1420,14 @@
io_data.offset = 0;
/* Calls write with a non-existing address location */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Write should fail for an illegal location");
return;
}
/* Calls read with a non-existing address location */
- err = tfm_sst_veneer_read(app_id, asset_uuid, &io_data);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token, &io_data);
if (err != TFM_SST_ERR_ASSET_NOT_FOUND) {
TEST_FAIL("Read should fail for an illegal location");
return;
@@ -1448,7 +1456,7 @@
return;
}
- err = tfm_sst_veneer_create(app_id, asset_uuid);
+ err = tfm_sst_veneer_create(app_id, asset_uuid, &test_token);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Create should not fail");
return;
@@ -1459,13 +1467,13 @@
buf.offset = 0;
/* Writes write_data_1 to the asset */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &buf);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &buf);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("First write should not fail");
return;
}
- err = tfm_sst_veneer_get_info(app_id, asset_uuid, &asset_info);
+ err = tfm_sst_veneer_get_info(app_id, asset_uuid, &test_token, &asset_info);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Get information should not fail");
return;
@@ -1484,13 +1492,13 @@
buf.offset = 1;
/* Overwrites the second character in the asset with write_data_2 */
- err = tfm_sst_veneer_write(app_id, asset_uuid, &buf);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &buf);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Second write should not fail");
return;
}
- err = tfm_sst_veneer_get_info(app_id, asset_uuid, &asset_info);
+ err = tfm_sst_veneer_get_info(app_id, asset_uuid, &test_token, &asset_info);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Get information should not fail");
return;
@@ -1506,7 +1514,7 @@
buf.size = (WRITE_BUF_SIZE - 1);
buf.offset = 0;
- err = tfm_sst_veneer_read(app_id, asset_uuid, &buf);
+ err = tfm_sst_veneer_read(app_id, asset_uuid, &test_token, &buf);
if (err != TFM_SST_ERR_SUCCESS) {
TEST_FAIL("Read should not fail");
return;
@@ -1525,7 +1533,7 @@
buf.size = 1;
buf.offset = (asset_info.size_current + 1);
- err = tfm_sst_veneer_write(app_id, asset_uuid, &buf);
+ err = tfm_sst_veneer_write(app_id, asset_uuid, &test_token, &buf);
if (err != TFM_SST_ERR_PARAM_ERROR) {
TEST_FAIL("Write must fail if the offset is bigger than the current"
" asset's size");
diff --git a/test/test_services/tfm_sst_test_service/sst_test_service.c b/test/test_services/tfm_sst_test_service/sst_test_service.c
index 4b02653..a33e033 100644
--- a/test/test_services/tfm_sst_test_service/sst_test_service.c
+++ b/test/test_services/tfm_sst_test_service/sst_test_service.c
@@ -36,19 +36,20 @@
enum tfm_sst_err_t err;
uint32_t app_id = S_APP_ID;
const uint32_t key_uuid = SST_ASSET_ID_AES_KEY_128;
+ struct tfm_sst_token_t s_token = {.token = NULL, .token_size = 0};
uint8_t key_data[SST_TEST_SERVICE_KEY_SIZE] = SST_TEST_SERVICE_KEY;
struct tfm_sst_buf_t key_buf = { key_data, SST_TEST_SERVICE_KEY_SIZE, 0 };
/* Create the key asset using our secure app ID */
- err = tfm_sst_veneer_create(app_id, key_uuid);
+ err = tfm_sst_veneer_create(app_id, key_uuid, &s_token);
if (err != TFM_SST_ERR_SUCCESS) {
return err;
}
/* Write the key to the asset using our secure app ID */
- err = tfm_sst_veneer_write(app_id, key_uuid, &key_buf);
+ err = tfm_sst_veneer_write(app_id, key_uuid, &s_token, &key_buf);
return err;
}
@@ -61,10 +62,11 @@
enum tfm_sst_err_t err;
uint32_t i;
uint8_t key_data[SST_TEST_SERVICE_KEY_SIZE];
+ struct tfm_sst_token_t s_token = {.token = NULL, .token_size = 0};
struct tfm_sst_buf_t key_buf = { key_data, SST_TEST_SERVICE_KEY_SIZE, 0 };
/* Read the key from the asset using the non-secure caller's app ID */
- err = tfm_sst_veneer_read(app_id, key_uuid, &key_buf);
+ err = tfm_sst_veneer_read(app_id, key_uuid, &s_token, &key_buf);
if (err != TFM_SST_ERR_SUCCESS) {
return err;
}
@@ -99,9 +101,10 @@
enum tfm_sst_err_t err;
uint32_t app_id = S_APP_ID;
const uint32_t key_uuid = SST_ASSET_ID_AES_KEY_128;
+ struct tfm_sst_token_t s_token = {.token = NULL, .token_size = 0};
/* Delete the key asset using our secure app ID */
- err = tfm_sst_veneer_delete(app_id, key_uuid);
+ err = tfm_sst_veneer_delete(app_id, key_uuid, &s_token);
return err;
}