Add stubs for unsupported PSA Crypto API client operations
The psa-api-test/crypto deployment (formally called ts-arch-test)
is modified to use PSA API client methods instead of MbedTLS
directly. This change is the first step to adding missing
operations that the PSA arch tests exercise.
Signed-off-by: Julian Hall <julian.hall@arm.com>
Change-Id: I6179c389d3176e649290e373ddfa9d9f8974770c
diff --git a/components/app/arch-test-runner/arch_test_runner.c b/components/app/arch-test-runner/arch_test_runner.c
deleted file mode 100644
index be80214..0000000
--- a/components/app/arch-test-runner/arch_test_runner.c
+++ /dev/null
@@ -1,23 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <stdint.h>
-#include <psa/crypto.h>
-#include <service_locator.h>
-
-int32_t val_entry(void);
-
-int main(int argc, char *argv[])
-{
- int rval = -1;
-
- psa_crypto_init();
- service_locator_init();
-
- rval = val_entry();
-
- return rval;
-}
diff --git a/components/app/arch-test-runner/component.cmake b/components/app/arch-test-runner/component.cmake
deleted file mode 100644
index 3f99593..0000000
--- a/components/app/arch-test-runner/component.cmake
+++ /dev/null
@@ -1,13 +0,0 @@
-#-------------------------------------------------------------------------------
-# Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-#
-# SPDX-License-Identifier: BSD-3-Clause
-#
-#-------------------------------------------------------------------------------
-if (NOT DEFINED TGT)
- message(FATAL_ERROR "mandatory parameter TGT is not defined.")
-endif()
-
-target_sources(${TGT} PRIVATE
- "${CMAKE_CURRENT_LIST_DIR}/arch_test_runner.c"
- )
diff --git a/components/service/crypto/client/psa/component.cmake b/components/service/crypto/client/psa/component.cmake
index 8d7fa99..ca158d5 100644
--- a/components/service/crypto/client/psa/component.cmake
+++ b/components/service/crypto/client/psa/component.cmake
@@ -11,9 +11,12 @@
target_sources(${TGT} PRIVATE
"${CMAKE_CURRENT_LIST_DIR}/psa_crypto_client.c"
"${CMAKE_CURRENT_LIST_DIR}/psa_crypto_client_key_attributes.c"
+ "${CMAKE_CURRENT_LIST_DIR}/psa_get_key_attributes.c"
"${CMAKE_CURRENT_LIST_DIR}/psa_asymmetric_decrypt.c"
"${CMAKE_CURRENT_LIST_DIR}/psa_asymmetric_encrypt.c"
"${CMAKE_CURRENT_LIST_DIR}/psa_destroy_key.c"
+ "${CMAKE_CURRENT_LIST_DIR}/psa_copy_key.c"
+ "${CMAKE_CURRENT_LIST_DIR}/psa_purge_key.c"
"${CMAKE_CURRENT_LIST_DIR}/psa_export_key.c"
"${CMAKE_CURRENT_LIST_DIR}/psa_export_public_key.c"
"${CMAKE_CURRENT_LIST_DIR}/psa_generate_key.c"
@@ -21,4 +24,10 @@
"${CMAKE_CURRENT_LIST_DIR}/psa_import_key.c"
"${CMAKE_CURRENT_LIST_DIR}/psa_sign_hash.c"
"${CMAKE_CURRENT_LIST_DIR}/psa_verify_hash.c"
+ "${CMAKE_CURRENT_LIST_DIR}/psa_hash.c"
+ "${CMAKE_CURRENT_LIST_DIR}/psa_mac.c"
+ "${CMAKE_CURRENT_LIST_DIR}/psa_key_derivation.c"
+ "${CMAKE_CURRENT_LIST_DIR}/psa_key_agreement.c"
+ "${CMAKE_CURRENT_LIST_DIR}/psa_cipher.c"
+ "${CMAKE_CURRENT_LIST_DIR}/psa_aead.c"
)
diff --git a/components/service/crypto/client/psa/psa_aead.c b/components/service/crypto/client/psa/psa_aead.c
new file mode 100644
index 0000000..3e05ca6
--- /dev/null
+++ b/components/service/crypto/client/psa/psa_aead.c
@@ -0,0 +1,43 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <string.h>
+#include <stdlib.h>
+#include <psa/crypto.h>
+#include "psa_crypto_client.h"
+#include <protocols/rpc/common/packed-c/status.h>
+#include <protocols/service/crypto/packed-c/opcodes.h>
+#include <common/tlv/tlv.h>
+
+psa_status_t psa_aead_encrypt(psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *nonce,
+ size_t nonce_length,
+ const uint8_t *additional_data,
+ size_t additional_data_length,
+ const uint8_t *plaintext,
+ size_t plaintext_length,
+ uint8_t *ciphertext,
+ size_t ciphertext_size,
+ size_t *ciphertext_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_aead_decrypt(psa_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *nonce,
+ size_t nonce_length,
+ const uint8_t *additional_data,
+ size_t additional_data_length,
+ const uint8_t *ciphertext,
+ size_t ciphertext_length,
+ uint8_t *plaintext,
+ size_t plaintext_size,
+ size_t *plaintext_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
diff --git a/components/service/crypto/client/psa/psa_asymmetric_decrypt.c b/components/service/crypto/client/psa/psa_asymmetric_decrypt.c
index a997051..abd8a7c 100644
--- a/components/service/crypto/client/psa/psa_asymmetric_decrypt.c
+++ b/components/service/crypto/client/psa/psa_asymmetric_decrypt.c
@@ -26,6 +26,9 @@
*output_length = 0; /* For failure case */
+ if (psa_crypto_client_instance.init_status != PSA_SUCCESS)
+ return psa_crypto_client_instance.init_status;
+
req_msg.id = id;
req_msg.alg = alg;
diff --git a/components/service/crypto/client/psa/psa_asymmetric_encrypt.c b/components/service/crypto/client/psa/psa_asymmetric_encrypt.c
index 881ef7b..22005fb 100644
--- a/components/service/crypto/client/psa/psa_asymmetric_encrypt.c
+++ b/components/service/crypto/client/psa/psa_asymmetric_encrypt.c
@@ -26,6 +26,9 @@
*output_length = 0; /* For failure case */
+ if (psa_crypto_client_instance.init_status != PSA_SUCCESS)
+ return psa_crypto_client_instance.init_status;
+
req_msg.id = id;
req_msg.alg = alg;
diff --git a/components/service/crypto/client/psa/psa_cipher.c b/components/service/crypto/client/psa/psa_cipher.c
new file mode 100644
index 0000000..955e747
--- /dev/null
+++ b/components/service/crypto/client/psa/psa_cipher.c
@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <string.h>
+#include <stdlib.h>
+#include <psa/crypto.h>
+#include "psa_crypto_client.h"
+#include <protocols/rpc/common/packed-c/status.h>
+#include <protocols/service/crypto/packed-c/opcodes.h>
+#include <common/tlv/tlv.h>
+
+psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
+ uint8_t *iv,
+ size_t iv_size,
+ size_t *iv_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
+ const uint8_t *iv,
+ size_t iv_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
diff --git a/components/service/crypto/client/psa/psa_copy_key.c b/components/service/crypto/client/psa/psa_copy_key.c
new file mode 100644
index 0000000..799dc93
--- /dev/null
+++ b/components/service/crypto/client/psa/psa_copy_key.c
@@ -0,0 +1,19 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <string.h>
+#include <psa/crypto.h>
+#include "psa_crypto_client.h"
+#include <protocols/rpc/common/packed-c/status.h>
+#include <protocols/service/crypto/packed-c/opcodes.h>
+
+
+psa_status_t psa_copy_key(psa_key_id_t source_key,
+ const psa_key_attributes_t *attributes,
+ psa_key_id_t *target_key)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
diff --git a/components/service/crypto/client/psa/psa_crypto_client.c b/components/service/crypto/client/psa/psa_crypto_client.c
index 41c53b3..834b5e6 100644
--- a/components/service/crypto/client/psa/psa_crypto_client.c
+++ b/components/service/crypto/client/psa/psa_crypto_client.c
@@ -8,20 +8,40 @@
#include "psa_crypto_client.h"
/* The singleton psa_crypto_client state */
-struct psa_crypto_client psa_crypto_client_instance;
+struct psa_crypto_client psa_crypto_client_instance = {
+
+ .caller = NULL,
+
+ /* To conform to PSA API, psa_crypto_init needs to be called.
+ * This state variable is used enforces this.
+ */
+ .init_status = PSA_ERROR_BAD_STATE
+};
+
+psa_status_t psa_crypto_init(void) {
+
+ /* Must be called after psa_crypto_client_init */
+ if (psa_crypto_client_instance.caller) {
+
+ psa_crypto_client_instance.init_status = PSA_SUCCESS;
+ }
+
+ return psa_crypto_client_instance.init_status;
+}
psa_status_t psa_crypto_client_init(struct rpc_caller *caller)
{
- psa_crypto_client_instance.caller = caller;
- return PSA_SUCCESS;
+ psa_crypto_client_instance.caller = caller;
+ return PSA_SUCCESS;
}
void psa_crypto_client_deinit(void)
{
- psa_crypto_client_instance.caller = NULL;
+ psa_crypto_client_instance.caller = NULL;
+ psa_crypto_client_instance.init_status = PSA_ERROR_BAD_STATE;
}
int psa_crypto_client_rpc_status(void)
{
- return psa_crypto_client_instance.rpc_status;
+ return psa_crypto_client_instance.rpc_status;
}
diff --git a/components/service/crypto/client/psa/psa_crypto_client.h b/components/service/crypto/client/psa/psa_crypto_client.h
index e161e8b..688ab85 100644
--- a/components/service/crypto/client/psa/psa_crypto_client.h
+++ b/components/service/crypto/client/psa/psa_crypto_client.h
@@ -25,6 +25,7 @@
{
struct rpc_caller *caller;
int rpc_status;
+ psa_status_t init_status;
};
extern struct psa_crypto_client psa_crypto_client_instance;
diff --git a/components/service/crypto/client/psa/psa_destroy_key.c b/components/service/crypto/client/psa/psa_destroy_key.c
index 62fac40..28bd5ab 100644
--- a/components/service/crypto/client/psa/psa_destroy_key.c
+++ b/components/service/crypto/client/psa/psa_destroy_key.c
@@ -18,6 +18,9 @@
struct ts_crypto_destroy_key_in req_msg;
size_t req_len = sizeof(struct ts_crypto_destroy_key_in);
+ if (psa_crypto_client_instance.init_status != PSA_SUCCESS)
+ return psa_crypto_client_instance.init_status;
+
req_msg.id = id;
rpc_call_handle call_handle;
diff --git a/components/service/crypto/client/psa/psa_export_key.c b/components/service/crypto/client/psa/psa_export_key.c
index 3e71a05..d5c2181 100644
--- a/components/service/crypto/client/psa/psa_export_key.c
+++ b/components/service/crypto/client/psa/psa_export_key.c
@@ -27,6 +27,9 @@
*data_length = 0; /* For failure case */
+ if (psa_crypto_client_instance.init_status != PSA_SUCCESS)
+ return psa_crypto_client_instance.init_status;
+
rpc_call_handle call_handle;
uint8_t *req_buf;
diff --git a/components/service/crypto/client/psa/psa_export_public_key.c b/components/service/crypto/client/psa/psa_export_public_key.c
index 150a752..7528ff9 100644
--- a/components/service/crypto/client/psa/psa_export_public_key.c
+++ b/components/service/crypto/client/psa/psa_export_public_key.c
@@ -25,6 +25,9 @@
*data_length = 0; /* For failure case */
+ if (psa_crypto_client_instance.init_status != PSA_SUCCESS)
+ return psa_crypto_client_instance.init_status;
+
rpc_call_handle call_handle;
uint8_t *req_buf;
diff --git a/components/service/crypto/client/psa/psa_generate_key.c b/components/service/crypto/client/psa/psa_generate_key.c
index eb94b8a..7a7bca0 100644
--- a/components/service/crypto/client/psa/psa_generate_key.c
+++ b/components/service/crypto/client/psa/psa_generate_key.c
@@ -21,6 +21,9 @@
struct ts_crypto_generate_key_in req_msg;
size_t req_len = sizeof(struct ts_crypto_generate_key_in);
+ if (psa_crypto_client_instance.init_status != PSA_SUCCESS)
+ return psa_crypto_client_instance.init_status;
+
psa_crypto_client_translate_key_attributes(&req_msg.attributes, attributes);
rpc_call_handle call_handle;
diff --git a/components/service/crypto/client/psa/psa_generate_random.c b/components/service/crypto/client/psa/psa_generate_random.c
index 25fdbe2..92915db 100644
--- a/components/service/crypto/client/psa/psa_generate_random.c
+++ b/components/service/crypto/client/psa/psa_generate_random.c
@@ -18,6 +18,9 @@
struct ts_crypto_generate_random_in req_msg;
size_t req_len = sizeof(struct ts_crypto_generate_random_in);
+ if (psa_crypto_client_instance.init_status != PSA_SUCCESS)
+ return psa_crypto_client_instance.init_status;
+
req_msg.size = output_size;
rpc_call_handle call_handle;
diff --git a/components/service/crypto/client/psa/psa_get_key_attributes.c b/components/service/crypto/client/psa/psa_get_key_attributes.c
new file mode 100644
index 0000000..fcf7024
--- /dev/null
+++ b/components/service/crypto/client/psa/psa_get_key_attributes.c
@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <string.h>
+#include <psa/crypto.h>
+#include "psa_crypto_client.h"
+#include <protocols/rpc/common/packed-c/status.h>
+#include <protocols/service/crypto/packed-c/opcodes.h>
+
+
+psa_status_t psa_get_key_attributes(psa_key_id_t key,
+ psa_key_attributes_t *attributes)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
diff --git a/components/service/crypto/client/psa/psa_hash.c b/components/service/crypto/client/psa/psa_hash.c
new file mode 100644
index 0000000..12f345c
--- /dev/null
+++ b/components/service/crypto/client/psa/psa_hash.c
@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <string.h>
+#include <stdlib.h>
+#include <psa/crypto.h>
+#include "psa_crypto_client.h"
+#include <protocols/rpc/common/packed-c/status.h>
+#include <protocols/service/crypto/packed-c/opcodes.h>
+#include <protocols/service/crypto/packed-c/hash.h>
+#include <common/tlv/tlv.h>
+
+psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
+ psa_algorithm_t alg)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_hash_update(psa_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_hash_abort(psa_hash_operation_t *operation)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
+ const uint8_t *hash,
+ size_t hash_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation,
+ psa_hash_operation_t *target_operation)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_hash_compare(psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *hash,
+ size_t hash_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_hash_compute(psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
diff --git a/components/service/crypto/client/psa/psa_import_key.c b/components/service/crypto/client/psa/psa_import_key.c
index 34f1d01..399b1bc 100644
--- a/components/service/crypto/client/psa/psa_import_key.c
+++ b/components/service/crypto/client/psa/psa_import_key.c
@@ -24,6 +24,9 @@
size_t req_fixed_len = sizeof(struct ts_crypto_import_key_in);
size_t req_len = req_fixed_len + tlv_required_space(data_length);
+ if (psa_crypto_client_instance.init_status != PSA_SUCCESS)
+ return psa_crypto_client_instance.init_status;
+
psa_crypto_client_translate_key_attributes(&req_msg.attributes, attributes);
struct tlv_record key_record;
diff --git a/components/service/crypto/client/psa/psa_key_agreement.c b/components/service/crypto/client/psa/psa_key_agreement.c
new file mode 100644
index 0000000..5ccafb4
--- /dev/null
+++ b/components/service/crypto/client/psa/psa_key_agreement.c
@@ -0,0 +1,24 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <string.h>
+#include <stdlib.h>
+#include <psa/crypto.h>
+#include "psa_crypto_client.h"
+#include <protocols/rpc/common/packed-c/status.h>
+#include <protocols/service/crypto/packed-c/opcodes.h>
+#include <common/tlv/tlv.h>
+
+psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
+ psa_key_id_t private_key,
+ const uint8_t *peer_key,
+ size_t peer_key_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
diff --git a/components/service/crypto/client/psa/psa_key_derivation.c b/components/service/crypto/client/psa/psa_key_derivation.c
new file mode 100644
index 0000000..8c31006
--- /dev/null
+++ b/components/service/crypto/client/psa/psa_key_derivation.c
@@ -0,0 +1,83 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <string.h>
+#include <stdlib.h>
+#include <psa/crypto.h>
+#include "psa_crypto_client.h"
+#include <protocols/rpc/common/packed-c/status.h>
+#include <protocols/service/crypto/packed-c/opcodes.h>
+#include <common/tlv/tlv.h>
+
+psa_status_t psa_key_derivation_setup(
+ psa_key_derivation_operation_t *operation,
+ psa_algorithm_t alg)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_key_derivation_get_capacity(
+ const psa_key_derivation_operation_t *operation,
+ size_t *capacity)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_key_derivation_set_capacity(
+ psa_key_derivation_operation_t *operation,
+ size_t capacity)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_key_derivation_input_bytes(
+ psa_key_derivation_operation_t *operation,
+ psa_key_derivation_step_t step,
+ const uint8_t *data,
+ size_t data_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_key_derivation_input_key(
+ psa_key_derivation_operation_t *operation,
+ psa_key_derivation_step_t step,
+ psa_key_id_t key)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_key_derivation_key_agreement(
+ psa_key_derivation_operation_t *operation,
+ psa_key_derivation_step_t step,
+ psa_key_id_t private_key,
+ const uint8_t *peer_key,
+ size_t peer_key_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_key_derivation_output_bytes(
+ psa_key_derivation_operation_t *operation,
+ uint8_t *output,
+ size_t output_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_key_derivation_output_key(
+ const psa_key_attributes_t *attributes,
+ psa_key_derivation_operation_t *operation,
+ psa_key_id_t *key)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_key_derivation_abort(
+ psa_key_derivation_operation_t *operation)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
diff --git a/components/service/crypto/client/psa/psa_mac.c b/components/service/crypto/client/psa/psa_mac.c
new file mode 100644
index 0000000..65cb234
--- /dev/null
+++ b/components/service/crypto/client/psa/psa_mac.c
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <string.h>
+#include <stdlib.h>
+#include <psa/crypto.h>
+#include "psa_crypto_client.h"
+#include <protocols/rpc/common/packed-c/status.h>
+#include <protocols/service/crypto/packed-c/opcodes.h>
+#include <common/tlv/tlv.h>
+
+psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
+ psa_key_id_t key,
+ psa_algorithm_t alg)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_mac_update(psa_mac_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
+ const uint8_t *mac,
+ size_t mac_length)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
+
+psa_status_t psa_mac_abort(psa_mac_operation_t *operation)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
diff --git a/components/service/crypto/client/psa/psa_purge_key.c b/components/service/crypto/client/psa/psa_purge_key.c
new file mode 100644
index 0000000..8fa3846
--- /dev/null
+++ b/components/service/crypto/client/psa/psa_purge_key.c
@@ -0,0 +1,17 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <string.h>
+#include <psa/crypto.h>
+#include "psa_crypto_client.h"
+#include <protocols/rpc/common/packed-c/status.h>
+#include <protocols/service/crypto/packed-c/opcodes.h>
+
+
+psa_status_t psa_purge_key(psa_key_id_t key)
+{
+ return PSA_ERROR_NOT_SUPPORTED;
+}
diff --git a/components/service/crypto/client/psa/psa_sign_hash.c b/components/service/crypto/client/psa/psa_sign_hash.c
index 2c9e0c5..810f5f2 100644
--- a/components/service/crypto/client/psa/psa_sign_hash.c
+++ b/components/service/crypto/client/psa/psa_sign_hash.c
@@ -24,6 +24,9 @@
*signature_length = 0; /* For failure case */
+ if (psa_crypto_client_instance.init_status != PSA_SUCCESS)
+ return psa_crypto_client_instance.init_status;
+
req_msg.id = id;
req_msg.alg = alg;
diff --git a/components/service/crypto/client/psa/psa_verify_hash.c b/components/service/crypto/client/psa/psa_verify_hash.c
index 66a87fd..4f74737 100644
--- a/components/service/crypto/client/psa/psa_verify_hash.c
+++ b/components/service/crypto/client/psa/psa_verify_hash.c
@@ -24,6 +24,9 @@
size_t req_len = req_fixed_len +
tlv_required_space(hash_length) + tlv_required_space(signature_length);
+ if (psa_crypto_client_instance.init_status != PSA_SUCCESS)
+ return psa_crypto_client_instance.init_status;
+
req_msg.id = id;
req_msg.alg = alg;
diff --git a/components/service/crypto/include/component.cmake b/components/service/crypto/include/component.cmake
index 041f7d5..c49869b 100644
--- a/components/service/crypto/include/component.cmake
+++ b/components/service/crypto/include/component.cmake
@@ -12,3 +12,6 @@
PRIVATE
"${CMAKE_CURRENT_LIST_DIR}"
)
+
+# Advertise this component as the provider of the PSA Crypto header files
+set(PSA_CRYPTO_API_INCLUDE "${CMAKE_CURRENT_LIST_DIR}" CACHE STRING "PSA Crypto API include path")
diff --git a/components/service/crypto/test/service/psa_crypto_api/psa_crypto_api_tests.cpp b/components/service/crypto/test/service/psa_crypto_api/psa_crypto_api_tests.cpp
index dae0b72..507005f 100644
--- a/components/service/crypto/test/service/psa_crypto_api/psa_crypto_api_tests.cpp
+++ b/components/service/crypto/test/service/psa_crypto_api/psa_crypto_api_tests.cpp
@@ -5,6 +5,7 @@
*/
#include "psa_crypto_api_client.h"
+#include <psa/crypto.h>
#include <service/crypto/client/psa/psa_crypto_client.h>
#include <service/crypto/test/service/crypto_service_scenarios.h>
#include <protocols/rpc/common/packed-c/encoding.h>
@@ -34,6 +35,8 @@
CHECK_TRUE(m_rpc_session_handle);
psa_crypto_client_init(caller);
+ psa_crypto_init();
+
m_scenarios = new crypto_service_scenarios(new psa_crypto_api_client());
}
diff --git a/deployments/psa-api-test/arch_test_runner.c b/deployments/psa-api-test/arch_test_runner.c
new file mode 100644
index 0000000..90ca304
--- /dev/null
+++ b/deployments/psa-api-test/arch_test_runner.c
@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stdint.h>
+#include <stdio.h>
+#include <service_locator.h>
+#include "service_under_test.h"
+
+int32_t val_entry(void);
+
+int main(int argc, char *argv[])
+{
+ int rval = -1;
+
+ service_locator_init();
+
+ rval = locate_service_under_test();
+
+ if (!rval) {
+
+ rval = val_entry();
+
+ relinquish_service_under_test();
+ }
+ else {
+
+ printf("Failed to locate service under test. Error code: %d\n", rval);
+ }
+
+ return rval;
+}
diff --git a/deployments/ts-arch-test/crypto/arm-linux/CMakeLists.txt b/deployments/psa-api-test/crypto/arm-linux/CMakeLists.txt
similarity index 80%
rename from deployments/ts-arch-test/crypto/arm-linux/CMakeLists.txt
rename to deployments/psa-api-test/crypto/arm-linux/CMakeLists.txt
index 8d58643..ea1b460 100644
--- a/deployments/ts-arch-test/crypto/arm-linux/CMakeLists.txt
+++ b/deployments/psa-api-test/crypto/arm-linux/CMakeLists.txt
@@ -8,17 +8,17 @@
include(../../../deployment.cmake REQUIRED)
#-------------------------------------------------------------------------------
-# The CMakeLists.txt for building the ts-arch-test deployment for arm-linux
+# The CMakeLists.txt for building the psa-api-test deployment for arm-linux
#
# Used for building and running psa arch tests on an Arm based Linux device
#-------------------------------------------------------------------------------
include(${TS_ROOT}/environments/arm-linux/env.cmake)
project(trusted-services LANGUAGES CXX C)
-add_executable(ts-arch-test)
-target_include_directories(ts-arch-test PRIVATE "${TOP_LEVEL_INCLUDE_DIRS}")
+add_executable(psa-api-test)
+target_include_directories(psa-api-test PRIVATE "${TOP_LEVEL_INCLUDE_DIRS}")
#-------------------------------------------------------------------------------
# Extend with components that are common across all deployments of
-# ts-arch-test/crypto
+# psa-api-test/crypto
#-------------------------------------------------------------------------------
-include(../crypto-arch-test.cmake REQUIRED)
+include(../crypto-api-test.cmake REQUIRED)
diff --git a/deployments/ts-arch-test/crypto/crypto-arch-test.cmake b/deployments/psa-api-test/crypto/crypto-api-test.cmake
similarity index 74%
rename from deployments/ts-arch-test/crypto/crypto-arch-test.cmake
rename to deployments/psa-api-test/crypto/crypto-api-test.cmake
index 93ade3b..5ad0930 100644
--- a/deployments/ts-arch-test/crypto/crypto-arch-test.cmake
+++ b/deployments/psa-api-test/crypto/crypto-api-test.cmake
@@ -15,21 +15,23 @@
# Crypto specific components
#
#-------------------------------------------------------------------------------
+add_components(
+ TARGET "psa-api-test"
+ BASE_DIR ${TS_ROOT}
+ COMPONENTS
+ "components/service/crypto/include"
+ "components/service/crypto/client/psa"
+)
-# Configuration for mbedcrypto
-set(MBEDTLS_USER_CONFIG_FILE
- "${TS_ROOT}/components/service/crypto/client/cpp/config_mbedtls_user.h"
- CACHE STRING "Configuration file for mbedcrypto")
-
-# Mbed TLS provides libmbedcrypto
-include(${TS_ROOT}/external/MbedTLS/MbedTLS.cmake)
-target_link_libraries(ts-arch-test PRIVATE mbedcrypto)
+target_sources(psa-api-test PRIVATE
+ ${TS_ROOT}/deployments/psa-api-test/crypto/crypto_locator.c
+)
# Export psa crypto API
list(APPEND PSA_ARCH_TESTS_EXTERNAL_INCLUDE_PATHS ${PSA_CRYPTO_API_INCLUDE})
#-------------------------------------------------------------------------------
# Extend with components that are common across all deployments of
-# ts-arch-test
+# psa-api-test
#-------------------------------------------------------------------------------
-include(../../ts-arch-test.cmake REQUIRED)
+include(../../psa-api-test.cmake REQUIRED)
diff --git a/deployments/psa-api-test/crypto/crypto_locator.c b/deployments/psa-api-test/crypto/crypto_locator.c
new file mode 100644
index 0000000..8571b23
--- /dev/null
+++ b/deployments/psa-api-test/crypto/crypto_locator.c
@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stddef.h>
+#include <service_locator.h>
+#include <service/crypto/client/psa/psa_crypto_client.h>
+#include <protocols/rpc/common/packed-c/encoding.h>
+#include "../service_under_test.h"
+
+/* RPC context */
+static rpc_session_handle session_handle = NULL;
+static struct service_context *crypto_service_context = NULL;
+
+
+int locate_service_under_test(void)
+{
+ int status = -1;
+
+ if (!session_handle && !crypto_service_context) {
+
+ struct rpc_caller *caller;
+
+ crypto_service_context =
+ service_locator_query("sn:trustedfirmware.org:crypto:0", &status);
+
+ if (crypto_service_context) {
+
+ session_handle =
+ service_context_open(crypto_service_context, TS_RPC_ENCODING_PACKED_C, &caller);
+
+ if (session_handle) {
+
+ psa_crypto_client_init(caller);
+ status = 0;
+ }
+ else {
+
+ status = -1;
+ relinquish_service_under_test();
+ }
+ }
+ }
+
+ return status;
+}
+
+void relinquish_service_under_test(void)
+{
+ psa_crypto_client_deinit();
+
+ if (crypto_service_context && session_handle) {
+
+ service_context_close(crypto_service_context, session_handle);
+ session_handle = NULL;
+ }
+
+ if (crypto_service_context) {
+
+ service_context_relinquish(crypto_service_context);
+ crypto_service_context = NULL;
+ }
+}
diff --git a/deployments/psa-api-test/crypto/linux-pc/CMakeLists.txt b/deployments/psa-api-test/crypto/linux-pc/CMakeLists.txt
new file mode 100644
index 0000000..1737976
--- /dev/null
+++ b/deployments/psa-api-test/crypto/linux-pc/CMakeLists.txt
@@ -0,0 +1,32 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+cmake_minimum_required(VERSION 3.16)
+include(../../../deployment.cmake REQUIRED)
+
+# Prevents symbols in the psa-api-test executable overriding symbols with
+# with same name in libts during dyanmic linking performed by the program
+# loader. This avoid psa crypto api symbols provided by the mbedcrypto
+# library from being overridden by the same symbols in the psa-api-test
+# executable.
+set(CMAKE_C_VISIBILITY_PRESET hidden)
+
+#-------------------------------------------------------------------------------
+# The CMakeLists.txt for building the psa-api-test deployment for linux-pc
+#
+# Used for building and running psa arch tests in a native PC enviroment.
+# Tests can be run by running the built executable called "psa-api-test"
+#-------------------------------------------------------------------------------
+include(${TS_ROOT}/environments/linux-pc/env.cmake)
+project(trusted-services LANGUAGES CXX C)
+add_executable(psa-api-test)
+target_include_directories(psa-api-test PRIVATE "${TOP_LEVEL_INCLUDE_DIRS}")
+
+#-------------------------------------------------------------------------------
+# Extend with components that are common across all deployments of
+# psa-api-test/crypto
+#-------------------------------------------------------------------------------
+include(../crypto-api-test.cmake REQUIRED)
diff --git a/deployments/ts-arch-test/initial_attestation/iat-arch-test.cmake b/deployments/psa-api-test/initial_attestation/iat-api-test.cmake
similarity index 91%
rename from deployments/ts-arch-test/initial_attestation/iat-arch-test.cmake
rename to deployments/psa-api-test/initial_attestation/iat-api-test.cmake
index c672b4c..322829a 100644
--- a/deployments/ts-arch-test/initial_attestation/iat-arch-test.cmake
+++ b/deployments/psa-api-test/initial_attestation/iat-api-test.cmake
@@ -16,7 +16,7 @@
#
#-------------------------------------------------------------------------------
add_components(
- TARGET "ts-arch-test"
+ TARGET "psa-api-test"
BASE_DIR ${TS_ROOT}
COMPONENTS
"components/service/attestation/include"
@@ -29,13 +29,13 @@
# Mbed TLS provides libmbedcrypto
include(${TS_ROOT}/external/MbedTLS/MbedTLS.cmake)
-target_link_libraries(ts-arch-test PRIVATE mbedcrypto)
+target_link_libraries(psa-api-test PRIVATE mbedcrypto)
# Export psa crypto API
list(APPEND PSA_ARCH_TESTS_EXTERNAL_INCLUDE_PATHS ${PSA_CRYPTO_API_INCLUDE})
#-------------------------------------------------------------------------------
# Extend with components that are common across all deployments of
-# ts-arch-test
+# psa-api-test
#-------------------------------------------------------------------------------
-include(../../ts-arch-test.cmake REQUIRED)
+include(../../psa-api-test.cmake REQUIRED)
diff --git a/deployments/ts-arch-test/initial_attestation/linux-pc/CMakeLists.txt b/deployments/psa-api-test/initial_attestation/linux-pc/CMakeLists.txt
similarity index 75%
rename from deployments/ts-arch-test/initial_attestation/linux-pc/CMakeLists.txt
rename to deployments/psa-api-test/initial_attestation/linux-pc/CMakeLists.txt
index 7b0922d..a710924 100644
--- a/deployments/ts-arch-test/initial_attestation/linux-pc/CMakeLists.txt
+++ b/deployments/psa-api-test/initial_attestation/linux-pc/CMakeLists.txt
@@ -8,18 +8,18 @@
include(../../../deployment.cmake REQUIRED)
#-------------------------------------------------------------------------------
-# The CMakeLists.txt for building the ts-arch-test deployment for linux-pc
+# The CMakeLists.txt for building the psa-api-test deployment for linux-pc
#
# Used for building and running psa arch tests in a native PC enviroment.
-# Tests can be run by running the built executable called "ts-arch-test"
+# Tests can be run by running the built executable called "psa-api-test"
#-------------------------------------------------------------------------------
include(${TS_ROOT}/environments/linux-pc/env.cmake)
project(trusted-services LANGUAGES CXX C)
-add_executable(ts-arch-test)
-target_include_directories(ts-arch-test PRIVATE "${TOP_LEVEL_INCLUDE_DIRS}")
+add_executable(psa-api-test)
+target_include_directories(psa-api-test PRIVATE "${TOP_LEVEL_INCLUDE_DIRS}")
#-------------------------------------------------------------------------------
# Extend with components that are common across all deployments of
-# ts-arch-test/initial_attestation
+# psa-api-test/initial_attestation
#-------------------------------------------------------------------------------
-include(../iat-arch-test.cmake REQUIRED)
+include(../iat-api-test.cmake REQUIRED)
diff --git a/deployments/ts-arch-test/ts-arch-test.cmake b/deployments/psa-api-test/psa-api-test.cmake
similarity index 80%
rename from deployments/ts-arch-test/ts-arch-test.cmake
rename to deployments/psa-api-test/psa-api-test.cmake
index 9c2e778..357abd1 100644
--- a/deployments/ts-arch-test/ts-arch-test.cmake
+++ b/deployments/psa-api-test/psa-api-test.cmake
@@ -6,8 +6,8 @@
#-------------------------------------------------------------------------------
#-------------------------------------------------------------------------------
-# The base build file shared between deployments of 'ts-arch-test' for
-# different environments. Used for running PSA arch tests.
+# The base build file shared between deployments of 'psa-api-test' for
+# different environments. Used for running PSA API tests.
#-------------------------------------------------------------------------------
#-------------------------------------------------------------------------------
@@ -16,25 +16,29 @@
# deployed.
#-------------------------------------------------------------------------------
include(${TS_ROOT}/deployments/libts/libts-import.cmake)
-target_link_libraries(ts-arch-test PRIVATE libts)
+target_link_libraries(psa-api-test PRIVATE libts)
#-------------------------------------------------------------------------------
# Components that are common accross all deployments
#
#-------------------------------------------------------------------------------
add_components(
- TARGET "ts-arch-test"
+ TARGET "psa-api-test"
BASE_DIR ${TS_ROOT}
COMPONENTS
- "components/app/arch-test-runner"
+ "components/common/tlv"
"components/service/common/include"
)
+target_sources(psa-api-test PRIVATE
+ ${TS_ROOT}/deployments/psa-api-test/arch_test_runner.c
+)
+
#-------------------------------------------------------------------------------
# Export project header paths for arch tests
#
#-------------------------------------------------------------------------------
-get_target_property(_include_paths ts-arch-test INCLUDE_DIRECTORIES)
+get_target_property(_include_paths psa-api-test INCLUDE_DIRECTORIES)
list(APPEND PSA_ARCH_TESTS_EXTERNAL_INCLUDE_PATHS ${_include_paths})
#-------------------------------------------------------------------------------
@@ -44,7 +48,7 @@
# psa-arch-tests
include(${TS_ROOT}/external/psa_arch_tests/psa_arch_tests.cmake)
-target_link_libraries(ts-arch-test PRIVATE val_nspe test_combine pal_nspe)
+target_link_libraries(psa-api-test PRIVATE val_nspe test_combine pal_nspe)
#-------------------------------------------------------------------------------
# Define install content.
@@ -53,4 +57,4 @@
if (CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT)
set(CMAKE_INSTALL_PREFIX ${CMAKE_BINARY_DIR}/install CACHE PATH "location to install build output to." FORCE)
endif()
-install(TARGETS ts-arch-test RUNTIME DESTINATION ${TS_ENV}/bin)
+install(TARGETS psa-api-test RUNTIME DESTINATION ${TS_ENV}/bin)
diff --git a/deployments/psa-api-test/service_under_test.h b/deployments/psa-api-test/service_under_test.h
new file mode 100644
index 0000000..85dc81f
--- /dev/null
+++ b/deployments/psa-api-test/service_under_test.h
@@ -0,0 +1,32 @@
+/*
+ * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef SERVICE_UNDER_TEST_H
+#define SERVICE_UNDER_TEST_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Locate and open an RPC session for the service under test. Concrete
+ * implementations of this function will locate a specific service and
+ * associate an RPC Caller with the singleton PSA API client used by
+ * the API tests.
+ */
+int locate_service_under_test(void);
+
+/**
+ * Reliquish the RPC session when the test run is complete.
+ */
+void relinquish_service_under_test(void);
+
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* SERVICE_UNDER_TEST_H */
diff --git a/deployments/ts-arch-test/crypto/linux-pc/CMakeLists.txt b/deployments/ts-arch-test/crypto/linux-pc/CMakeLists.txt
deleted file mode 100644
index f5b286e..0000000
--- a/deployments/ts-arch-test/crypto/linux-pc/CMakeLists.txt
+++ /dev/null
@@ -1,25 +0,0 @@
-#-------------------------------------------------------------------------------
-# Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-#
-# SPDX-License-Identifier: BSD-3-Clause
-#
-#-------------------------------------------------------------------------------
-cmake_minimum_required(VERSION 3.16)
-include(../../../deployment.cmake REQUIRED)
-
-#-------------------------------------------------------------------------------
-# The CMakeLists.txt for building the ts-arch-test deployment for linux-pc
-#
-# Used for building and running psa arch tests in a native PC enviroment.
-# Tests can be run by running the built executable called "ts-arch-test"
-#-------------------------------------------------------------------------------
-include(${TS_ROOT}/environments/linux-pc/env.cmake)
-project(trusted-services LANGUAGES CXX C)
-add_executable(ts-arch-test)
-target_include_directories(ts-arch-test PRIVATE "${TOP_LEVEL_INCLUDE_DIRS}")
-
-#-------------------------------------------------------------------------------
-# Extend with components that are common across all deployments of
-# ts-arch-test/crypto
-#-------------------------------------------------------------------------------
-include(../crypto-arch-test.cmake REQUIRED)
diff --git a/tools/b-test/test_data.yaml b/tools/b-test/test_data.yaml
index adfd233..1abfeb7 100644
--- a/tools/b-test/test_data.yaml
+++ b/tools/b-test/test_data.yaml
@@ -37,18 +37,18 @@
- "-GUnix Makefiles"
- "-DSP_DEV_KIT_DIR=$SP_DEV_KIT_DIR"
- "-DCMAKE_VERBOSE_MAKEFILE=y"
- - name: "ts-arch-test-crypto-pc-linux"
- src: "$TS_ROOT/deployments/ts-arch-test/crypto/linux-pc"
+ - name: "psa-api-test-crypto-pc-linux"
+ src: "$TS_ROOT/deployments/psa-api-test/crypto/linux-pc"
os_id : "GNU/Linux"
params:
- "-GUnix Makefiles"
- - name: "ts-arch-test-crypto-arm-linux"
- src: "$TS_ROOT/deployments/ts-arch-test/crypto/arm-linux"
+ - name: "psa-api-test-crypto-arm-linux"
+ src: "$TS_ROOT/deployments/psa-api-test/crypto/arm-linux"
os_id : "GNU/Linux"
params:
- "-GUnix Makefiles"
- - name: "ts-arch-test-initial_attestation-pc-linux"
- src: "$TS_ROOT/deployments/ts-arch-test/initial_attestation/linux-pc"
+ - name: "psa-api-test-initial_attestation-pc-linux"
+ src: "$TS_ROOT/deployments/psa-api-test/initial_attestation/linux-pc"
os_id : "GNU/Linux"
params:
- "-GUnix Makefiles"