Merge pull request #268 from microbuilder/apitests_compiler
cmake: api-tests: Allow CROSS_COMPILE to set C compiler
diff --git a/README.md b/README.md
index b530859..1724607 100755
--- a/README.md
+++ b/README.md
@@ -34,6 +34,8 @@
### PSA APIs
The test suite for this specification is located in the api-tests directory of this repository. See [PSA APIs Tests Readme](api-tests/README.md) file for more details.
+### Secure Debug
+The test suite for this specification is located in the secure-debug directory of this repository. See [Secure Debug Readme](secure-debug/README.md) file for more details.
## License
@@ -49,4 +51,4 @@
--------------
-*Copyright (c) 2018-2020, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-specs/attestation/v1.0.2/doc/IHI0085-PSA_Attestation_API-1.0.2.pdf b/api-specs/attestation/v1.0.2/doc/IHI0085-PSA_Attestation_API-1.0.2.pdf
new file mode 100644
index 0000000..0c014aa
--- /dev/null
+++ b/api-specs/attestation/v1.0.2/doc/IHI0085-PSA_Attestation_API-1.0.2.pdf
Binary files differ
diff --git a/api-tests/CMakeLists.txt b/api-tests/CMakeLists.txt
index 02f46d2..af7dfb1 100644
--- a/api-tests/CMakeLists.txt
+++ b/api-tests/CMakeLists.txt
@@ -1,5 +1,5 @@
#/** @file
-# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -107,6 +107,7 @@
GNUARM
ARMCLANG
HOST_GCC
+ GCC_LINUX
)
# list of supported CROSS_COMPILE toolchains
@@ -119,6 +120,7 @@
armv8m_ml
armv8m_bl
armv7m
+ armv8a
)
# list of VERBOSE options
@@ -131,6 +133,38 @@
list(APPEND PLATFORM_PSA_ISOLATION_LEVEL_OPTIONS 1 2 3)
endif()
+# list of available spec version
+if("${SUITE}" STREQUAL "STORAGE" OR ${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE" OR ${SUITE} STREQUAL "PROTECTED_STORAGE")
+list(APPEND PSA_SPEC_VERSION
+ 1.0-BETA2
+ 1.0
+)
+elseif("${SUITE}" STREQUAL "CRYPTO")
+list(APPEND PSA_SPEC_VERSION
+ 1.0-BETA1
+ 1.0-BETA2
+ 1.0-BETA3
+)
+elseif("${SUITE}" STREQUAL "INITIAL_ATTESTATION")
+list(APPEND PSA_SPEC_VERSION
+ 1.0-BETA0
+ 1.0.0
+ 1.0.1
+ 1.0.2
+)
+elseif("${SUITE}" STREQUAL "IPC")
+list(APPEND PSA_SPEC_VERSION
+ 1.0
+ 1.1
+)
+
+endif()
+
+#list of values available for connection based
+if(${SUITE} STREQUAL "IPC")
+list(APPEND PSA_STATELESS_ROT 0 1)
+endif()
+
message(STATUS "[PSA] : ----------Process input arguments- start-------------")
# Check for TARGET command line argument
@@ -182,9 +216,9 @@
set(PSA_TARGET_PAL_NSPE_LIB pal_nspe)
set(PSA_TARGET_VAL_NSPE_LIB val_nspe)
set(PSA_TARGET_TEST_COMBINE_LIB test_combine)
-set(PSA_TARGET_DRIVER_PARTITION_LIB driver_partition)
-set(PSA_TARGET_CLIENT_PARTITION_LIB client_partition)
-set(PSA_TARGET_SERVER_PARTITION_LIB server_partition)
+set(PSA_TARGET_DRIVER_PARTITION_LIB tfm_psa_rot_partition_driver_partition)
+set(PSA_TARGET_CLIENT_PARTITION_LIB tfm_app_rot_partition_client_partition)
+set(PSA_TARGET_SERVER_PARTITION_LIB tfm_app_rot_partition_server_partition)
if(${SUITE} STREQUAL "IPC")
set(PSA_SUITE_DIR ${PSA_ROOT_DIR}/ff/${SUITE_LOWER})
set(PSA_SUITE_OUT_DIR ${CMAKE_CURRENT_BINARY_DIR}/ff/${SUITE_LOWER})
@@ -203,12 +237,67 @@
set(DATABASE_TABLE_NAME target_database)
set(DATABASE_TABLE_SECTION_NAME "NOSECTION")
set(TARGET_HEADER_GEN_INCLUDE_PATHS "${PSA_ROOT_DIR}/val/nspe|${PSA_ROOT_DIR}/val/common|${PSA_ROOT_DIR}/platform/targets/common/nspe|${PSA_ROOT_DIR}/platform/targets/common/nspe/crypto|${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe")
-if(${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE")
- set(TESTSUITE_DB ${PSA_SUITE_DIR}/its_testsuite.db)
-elseif((${SUITE} STREQUAL "PROTECTED_STORAGE") OR (${SUITE} STREQUAL "STORAGE"))
- set(TESTSUITE_DB ${PSA_SUITE_DIR}/ps_testsuite.db)
+if(NOT DEFINED SPEC_VERSION)
+ if(${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE")
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/its_testsuite.db)
+ elseif((${SUITE} STREQUAL "PROTECTED_STORAGE") OR (${SUITE} STREQUAL "STORAGE"))
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/ps_testsuite.db)
+ else()
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/testsuite.db)
+ endif()
else()
- set(TESTSUITE_DB ${PSA_SUITE_DIR}/testsuite.db)
+ if(${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE")
+ if(${SPEC_VERSION} STREQUAL "1.0-BETA2")
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/its_1.0-beta2_testsuite.db)
+ endif()
+ if(${SPEC_VERSION} STREQUAL "1.0")
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/its_1.0_testsuite.db)
+ endif()
+ elseif((${SUITE} STREQUAL "PROTECTED_STORAGE") OR (${SUITE} STREQUAL "STORAGE"))
+ if(${SPEC_VERSION} STREQUAL "1.0-BETA2")
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/ps_1.0-beta2_testsuite.db)
+ endif()
+ if(${SPEC_VERSION} STREQUAL "1.0")
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/ps_1.0_testsuite.db)
+ endif()
+ elseif(${SUITE} STREQUAL "CRYPTO")
+ if(${SPEC_VERSION} STREQUAL "1.0-BETA1")
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/1.0-beta1_testsuite.db)
+ endif()
+ if(${SPEC_VERSION} STREQUAL "1.0-BETA2")
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/1.0-beta2_testsuite.db)
+ endif()
+ if(${SPEC_VERSION} STREQUAL "1.0-BETA3")
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/1.0-beta3_testsuite.db)
+ endif()
+ elseif(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ if(${SPEC_VERSION} STREQUAL "1.0-BETA0")
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/1.0-beta0_testsuite.db)
+ endif()
+ if(${SPEC_VERSION} STREQUAL "1.0.0")
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/1.0.0_testsuite.db)
+ endif()
+ if(${SPEC_VERSION} STREQUAL "1.0.1")
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/1.0.1_testsuite.db)
+ endif()
+ if(${SPEC_VERSION} STREQUAL "1.0.2")
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/1.0.2_testsuite.db)
+ endif()
+ elseif(${SUITE} STREQUAL "IPC")
+ if(${SPEC_VERSION} STREQUAL "1.1")
+ if(DEFINED STATELESS_ROT_TESTS)
+ if(${STATELESS_ROT_TESTS} EQUAL 1)
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/stateless_rot_testsuite.db)
+ else()
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/testsuite.db)
+ endif()
+ else()
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/testsuite.db)
+ endif()
+ else()
+ set(TESTSUITE_DB ${PSA_SUITE_DIR}/testsuite.db)
+ endif()
+ endif()
endif()
set(PSA_TESTLIST_FILE ${CMAKE_CURRENT_BINARY_DIR}/${SUITE_LOWER}_testlist.txt)
set(PSA_TEST_ENTRY_LIST_INC ${CMAKE_CURRENT_BINARY_DIR}/test_entry_list.inc)
@@ -345,6 +434,55 @@
endif()
endif()
+if(NOT DEFINED SPEC_VERSION)
+ message(STATUS "[PSA] : Default spec version")
+else()
+ if(NOT ${SPEC_VERSION} IN_LIST PSA_SPEC_VERSION)
+ message(FATAL_ERROR "[PSA] : Error: Unsupported value for -DSPEC_VERSION=${SPEC_VERSION}, supported values are : ${PSA_SPEC_VERSION} for ${SUITE}")
+ else()
+ message(STATUS "[PSA] : Testing ${SUITE} for spec version ${SPEC_VERSION}")
+ endif()
+endif()
+
+if(DEFINED STATELESS_ROT_TESTS)
+ if(NOT ${STATELESS_ROT_TESTS} IN_LIST PSA_STATELESS_ROT)
+ message(FATAL_ERROR "[PSA] : Error: Unsupported value for -DSTATELESS_ROT_TESTS=${STATELESS_ROT_TESTS}, supported values are : ${PSA_STATELESS_ROT}")
+ elseif(${STATELESS_ROT_TESTS} EQUAL 1)
+ message(STATUS "[PSA] : Testing ${SUITE} for stateless rot")
+ elseif(${STATELESS_ROT_TESTS} EQUAL 0)
+ message(STATUS "[PSA] : Testing ${SUITE} for connection based")
+ endif()
+
+ if(NOT DEFINED SPEC_VERSION)
+ message(FATAL_ERROR "[PSA] : Error: SPEC_VERSION is require for STATELESS_ROT_TESTS.")
+ elseif(${SUITE} STREQUAL "IPC")
+ if(${SPEC_VERSION} STREQUAL "1.0")
+ message(FATAL_ERROR "[PSA] : Error: STATELESS_ROT_TESTS is only valid for SPEC_VERSION=1.1.")
+ elseif(${SPEC_VERSION} STREQUAL "1.1")
+ add_definitions(-DSPEC_VERSION=11)
+ if(${STATELESS_ROT_TESTS} EQUAL 1)
+ add_definitions(-DSTATELESS_ROT=1)
+ elseif(${STATELESS_ROT_TESTS} EQUAL 0)
+ add_definitions(-DSTATELESS_ROT=0)
+ endif()
+ endif()
+ else()
+ message(FATAL_ERROR "[PSA] : Error: STATELESS_ROT_TESTS is only applicable to IPC Test Suite.")
+ endif()
+else()
+ add_definitions(-DSTATELESS_ROT=0)
+ if(DEFINED SPEC_VERSION)
+ if(${SUITE} STREQUAL "IPC")
+ if(${SPEC_VERSION} STREQUAL "1.0")
+ add_definitions(-DSPEC_VERSION=10)
+ endif()
+ if(${SPEC_VERSION} STREQUAL "1.1")
+ add_definitions(-DSPEC_VERSION=11)
+ endif()
+ endif()
+ endif()
+endif()
+
message(STATUS "[PSA] : ----------Process input arguments- complete-------------")
@@ -452,9 +590,9 @@
# Check for supported toolchain/s
if(${TOOLCHAIN} IN_LIST PSA_TOOLCHAIN_SUPPORT)
if (DEFINED CROSS_COMPILE)
- if(CROSS_COMPILE AND NOT (${TOOLCHAIN} IN_LIST CROSS_COMPILE_TOOLCHAIN_SUPPORT))
+ if(${CROSS_COMPILE} AND NOT (${TOOLCHAIN} IN_LIST CROSS_COMPILE_TOOLCHAIN_SUPPORT))
message(FATAL_ERROR "[PSA] : Error: CROSS_COMPILE not supported for this toolchain, supported toolchain are : ${CROSS_COMPILE_TOOLCHAIN_SUPPORT}")
- endif()
+ endif()
endif()
include(${PSA_ROOT_DIR}/tools/cmake/compiler/${TOOLCHAIN}.cmake)
else()
diff --git a/api-tests/dev_apis/README.md b/api-tests/dev_apis/README.md
index e554d7d..36af1cb 100644
--- a/api-tests/dev_apis/README.md
+++ b/api-tests/dev_apis/README.md
@@ -14,14 +14,14 @@
For more information on the architecture test suite framework and methodology to run the tests, refer to the [Validation Methodology](../docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf) document.
## This release
- - Code Quality : REL v1.1
+ - Code Quality : REL v1.2
- This release contains following PSA Functional APIs tests: <br />
| Test Category | Specification Version |
|--------------------------|--------------------------------------|
-| Crypto | [PSA Crypto API 1.0-Beta3](../../api-specs/crypto/v1.0-beta3/doc/) |
+| Crypto | [PSA Crypto API 1.0.0](../../api-specs/crypto/v1.0.0/doc/) |
| Storage (PS and ITS) | [PSA Storage API 1.0.0](../../api-specs/storage/v1.0/doc/) |
-| Attestation | [PSA Attestation API 1.0.0](../../api-specs/attestation/v1.0/doc/) |
+| Attestation | [PSA Attestation API 1.0.2](../../api-specs/attestation/v1.0.2/doc/) |
## Release Tags
@@ -30,6 +30,7 @@
| Release version | Release tag | PSA Crypto API | PSA Storage API | PSA Attestation API |
|-----------------|---------------|----------------|-----------------|---------------------|
+| REL v1.2 | [v21.07_API1.2_ADAC_ALPHA](https://github.com/ARM-software/psa-arch-tests/tree//api-tests/dev_apis) | 1.0.0 | 1.0.0 | 1.0.2 |
| REL v1.1 | [v20.11_API1.1](https://github.com/ARM-software/psa-arch-tests/tree/v20.11_API1.1/api-tests/dev_apis) | 1.0-Beta3 | 1.0.0 | 1.0.0 |
| REL v1.0 | [v20.03_API1.0](https://github.com/ARM-software/psa-arch-tests/tree/v20.03_API1.0/api-tests/dev_apis) | 1.0-Beta3 | 1.0.0 | 1.0.0 |
| v0.9 | [v19.06_API0.9](https://github.com/ARM-software/psa-arch-tests/tree/v19.06_API0.9/api-tests/dev_apis) | 1.0-Beta2 | 1.0-Beta2 | 1.0-Beta0 |
@@ -63,14 +64,19 @@
- -G"<generator_name>" : "Unix Makefiles" to generate Makefiles for Linux and Cygwin. "MinGW Makefiles" to generate Makefiles for cmd.exe on Windows <br />
- -DTARGET=<platform_name> is the same as the name of the target-specific directory created in the **platform/targets/** directory. The current release has been tested on **tgt_dev_apis_tfm_an521**, **tgt_dev_apis_tfm_musca_b1** and **tgt_dev_apis_tfm_musca_a** platforms. Refer [Test_failure analysis](../docs/test_failure_analysis.md) document to know the reason for any known test fail.<br />
-- -DTOOLCHAIN=<tool_chain> Compiler toolchain to be used for test suite compilation. Supported values are GNUARM (GNU Arm Embedded), ARMCLANG (ARM Compiler 6.x) and HOST_GCC. Default is GNUARM.<br />
-- -DCPU_ARCH=<cpu_architecture_version> is the Arm Architecture version name for which the tests should be compiled. Supported CPU arch are armv8m_ml, armv8m_bl and armv7m. Default is empty. This option is unused when TOOLCHAIN type is HOST_GCC.<br />
+- -DTOOLCHAIN=<tool_chain> Compiler toolchain to be used for test suite compilation. Supported values are GNUARM (GNU Arm Embedded), ARMCLANG (ARM Compiler 6.x) , HOST_GCC and GCC_LINUX . Default is GNUARM.<br />
+- -DCPU_ARCH=<cpu_architecture_version> is the Arm Architecture version name for which the tests should be compiled. Supported CPU arch are armv8m_ml, armv8m_bl, armv7m and armv8a. Default is empty. This option is unused when TOOLCHAIN type is HOST_GCC.<br />
- -DSUITE=<suite_name> is the test suite name. Supported values are CRYPTO, INITIAL_ATTESTATION, STORAGE(INTERNAL_TRUSTED_STORAGE and PROTECTED_STORAGE), INTERNAL_TRUSTED_STORAGE and PROTECTED_STORAGE .<br />
- -DVERBOSE=<verbose_level>. Print verbosity level. Default is 3. Supported print levels are 1(INFO & above), 2(DEBUG & above), 3(TEST & above), 4(WARN & ERROR) and 5(ERROR).
- -DBUILD=<BUILD_DIR> : To select the build directory to keep output files. Default is BUILD/ inside current directory.
- -DWATCHDOG_AVAILABLE=<0|1>: Test harness may require to access watchdog timer to recover system hang. 0 means skip watchdog programming in the test suite and 1 means program the watchdog. Default is 1. Note, watchdog must be available for the tests which check the PSA API behaviour on the system reset.
- -DSUITE_TEST_RANGE="<test_start_number>;<test_end_number>" is to select range of tests for build. All tests under -DSUITE are considered by default if not specified.
- -DTFM_PROFILE=<profile_small/profile_medium> is to work with TFM defined Pofile Small/Medium definitions. Supported values are profile_small and profile_medium. Unless specified Default Profile is used.
+- -DSPEC_VERSION=<spec_version> is test suite specification version. Which will build for given specified spec_version. Supported values for CRYPTO test suite are 1.0-BETA1, 1.0-BETA2, 1.0-BETA3 , for INITIAL_ATTESATATION test suite are 1.0-BETA0, 1.0.0, 1.0.1, 1.0.2, for STORAGE, INTERNAL_TRUSTED_STORAGE, PROTECTED_STORAGE test suite are 1.0-BETA2, 1.0 . Default is empty. <br/>
+ If -DSPEC_VERSION option is not given it will build for latest version of testsuite.
+ For every spec version corresponds test list will be in spec_version_testsuite.db file in api-tests/dev_apis/test_suite_name/ folder.
+- -DCOMPILER_NAME=<compiler_name> Compiler name to be use for selecting compiler. Supported values are gcc. By defualt it will take gcc if not specified.
+ Note: -DCOMPILER_NAME only applicable for linux i.e. -DTOOLCHAIN=GCC_LINUX and DTARGET=tgt_dev_apis_linux.
- -DPSA_INCLUDE_PATHS="<include_path1>;<include_path2>;...;<include_pathn>" is an additional directory to be included into the compiler search path.You must provide Functional APIs header files implementation to the test suite build system using this option. For example, to compile Crypto tests, the include path must point to the path where **psa/crypto.h** is located in your build system. Bydefault, PSA_INCLUDE_PATHS accepts absolute path. However, relative path can be provided using below format:<br />
```
-DPSA_INCLUDE_PATHS=`readlink -f <relative_include_path>`
@@ -123,4 +129,4 @@
--------------
-*Copyright (c) 2018-2020, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/dev_apis/crypto/1.0-beta1_testsuite.db b/api-tests/dev_apis/crypto/1.0-beta1_testsuite.db
new file mode 100644
index 0000000..ebaae99
--- /dev/null
+++ b/api-tests/dev_apis/crypto/1.0-beta1_testsuite.db
@@ -0,0 +1,85 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of crypto suite
+
+(START)
+
+test_c001
+test_c002
+test_c003
+test_c004
+test_c005
+test_c006
+test_c007
+test_c008
+test_c009
+test_c010
+test_c011
+test_c012
+test_c013
+test_c014
+test_c015
+test_c016
+test_c017
+test_c018
+test_c019
+test_c020
+test_c021
+test_c022
+test_c023
+test_c024
+test_c025
+test_c026
+test_c027
+test_c028
+test_c029
+test_c030
+test_c031
+test_c032
+test_c033
+test_c034
+test_c035
+test_c036
+test_c037
+test_c038
+test_c039
+test_c040
+test_c041
+test_c042
+test_c043
+test_c044
+test_c045
+test_c046
+test_c047
+test_c048
+test_c049
+test_c050
+test_c051
+test_c052
+test_c053
+test_c054
+test_c055
+test_c056
+test_c057
+test_c058
+test_c059
+test_c060
+test_c061
+
+(END)
diff --git a/api-tests/dev_apis/crypto/1.0-beta2_testsuite.db b/api-tests/dev_apis/crypto/1.0-beta2_testsuite.db
new file mode 100644
index 0000000..ebaae99
--- /dev/null
+++ b/api-tests/dev_apis/crypto/1.0-beta2_testsuite.db
@@ -0,0 +1,85 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of crypto suite
+
+(START)
+
+test_c001
+test_c002
+test_c003
+test_c004
+test_c005
+test_c006
+test_c007
+test_c008
+test_c009
+test_c010
+test_c011
+test_c012
+test_c013
+test_c014
+test_c015
+test_c016
+test_c017
+test_c018
+test_c019
+test_c020
+test_c021
+test_c022
+test_c023
+test_c024
+test_c025
+test_c026
+test_c027
+test_c028
+test_c029
+test_c030
+test_c031
+test_c032
+test_c033
+test_c034
+test_c035
+test_c036
+test_c037
+test_c038
+test_c039
+test_c040
+test_c041
+test_c042
+test_c043
+test_c044
+test_c045
+test_c046
+test_c047
+test_c048
+test_c049
+test_c050
+test_c051
+test_c052
+test_c053
+test_c054
+test_c055
+test_c056
+test_c057
+test_c058
+test_c059
+test_c060
+test_c061
+
+(END)
diff --git a/api-tests/dev_apis/crypto/1.0-beta3_testsuite.db b/api-tests/dev_apis/crypto/1.0-beta3_testsuite.db
new file mode 100644
index 0000000..ebaae99
--- /dev/null
+++ b/api-tests/dev_apis/crypto/1.0-beta3_testsuite.db
@@ -0,0 +1,85 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of crypto suite
+
+(START)
+
+test_c001
+test_c002
+test_c003
+test_c004
+test_c005
+test_c006
+test_c007
+test_c008
+test_c009
+test_c010
+test_c011
+test_c012
+test_c013
+test_c014
+test_c015
+test_c016
+test_c017
+test_c018
+test_c019
+test_c020
+test_c021
+test_c022
+test_c023
+test_c024
+test_c025
+test_c026
+test_c027
+test_c028
+test_c029
+test_c030
+test_c031
+test_c032
+test_c033
+test_c034
+test_c035
+test_c036
+test_c037
+test_c038
+test_c039
+test_c040
+test_c041
+test_c042
+test_c043
+test_c044
+test_c045
+test_c046
+test_c047
+test_c048
+test_c049
+test_c050
+test_c051
+test_c052
+test_c053
+test_c054
+test_c055
+test_c056
+test_c057
+test_c058
+test_c059
+test_c060
+test_c061
+
+(END)
diff --git a/api-tests/dev_apis/crypto/1.0.0_testsuite.db b/api-tests/dev_apis/crypto/1.0.0_testsuite.db
new file mode 100644
index 0000000..562cedf
--- /dev/null
+++ b/api-tests/dev_apis/crypto/1.0.0_testsuite.db
@@ -0,0 +1,87 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of crypto suite
+
+(START)
+
+test_c001
+test_c002
+test_c003
+test_c004
+test_c005
+test_c006
+test_c007
+test_c008
+test_c009
+test_c010
+test_c011
+test_c012
+test_c013
+test_c014
+test_c015
+test_c016
+test_c017
+test_c018
+test_c019
+test_c020
+test_c021
+test_c022
+test_c023
+test_c024
+test_c025
+test_c026
+test_c027
+test_c028
+test_c029
+test_c030
+test_c031
+test_c032
+test_c033
+test_c034
+test_c035
+test_c036
+test_c037
+test_c038
+test_c039
+test_c040
+test_c041
+test_c042
+test_c043
+test_c044
+test_c045
+test_c046
+test_c047
+test_c048
+test_c049
+test_c050
+test_c051
+test_c052
+test_c053
+test_c054
+test_c055
+test_c056
+test_c057
+test_c058
+test_c059
+test_c060
+test_c061
+test_c062
+test_c063
+
+(END)
diff --git a/api-tests/dev_apis/crypto/common/test_crypto_common.c b/api-tests/dev_apis/crypto/common/test_crypto_common.c
index 579f3ac..a97b7df 100644
--- a/api-tests/dev_apis/crypto/common/test_crypto_common.c
+++ b/api-tests/dev_apis/crypto/common/test_crypto_common.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -24,6 +24,10 @@
0x01, 0x03, 0x0E, 0x0F, 0x1F, 0x3F, 0xEF, 0XFF,
0x02, 0x0A, 0x2A, 0xAA, 0x04, 0x24, 0x88, 0x03,
0x33, 0x77, 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8,
+ 0xFC, 0xFE, 0xFF, 0xC0, 0xF0, 0xFC, 0xE0, 0xEE,
+ 0x01, 0x03, 0x0E, 0x0F, 0x1F, 0x3F, 0xEF, 0XFF,
+ 0x02, 0x0A, 0x2A, 0xAA, 0x04, 0x24, 0x88, 0x03,
+ 0x33, 0x77, 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8,
0xFC, 0xFE, 0xFF, 0xC0, 0xF0, 0xFC, 0xE0, 0xEE};
const uint8_t rsa_128_key_pair[] = {
@@ -421,6 +425,53 @@
0xD6, 0xFE, 0x52, 0x4C, 0xD3, 0x78, 0xEB, 0xE2, 0xC2, 0xAF, 0x80, 0xF6, 0xAF, 0xFC, 0x0F, 0xB0,
0x4B, 0xEA, 0x36, 0x0C, 0x92, 0xE5, 0x64, 0x4A, 0x60, 0x41, 0xB2, 0xF4, 0x53, 0x49, 0xD4, 0x22};
+const uint8_t signature_4[] = {
+ 0x42, 0x4A, 0xC6, 0x17, 0x69, 0x09, 0x5F, 0xD5, 0x31, 0x89, 0xF8, 0x33, 0x6E, 0x03, 0x66, 0x1B,
+ 0x24, 0x3F, 0xE8, 0xBA, 0x84, 0x61, 0x07, 0x3F, 0xF1, 0x2E, 0x6C, 0x53, 0xF2, 0x3F, 0x0F, 0x14,
+ 0xFC, 0xD6, 0x38, 0x93, 0x01, 0x8A, 0x8A, 0x96, 0xF6, 0x92, 0xE7, 0x8D, 0x25, 0x6C, 0xD5, 0x4D,
+ 0xD1, 0xCC, 0x86, 0xBD, 0x1D, 0xD4, 0xFC, 0xB2, 0xC3, 0x39, 0x7E, 0x9C, 0x4C, 0xDC, 0x99, 0x18,
+ 0x5C, 0xCE, 0x7D, 0xF7, 0x1A, 0xE3, 0x31, 0x95, 0xE1, 0x50, 0xFF, 0x13, 0xB1, 0x68, 0x9B, 0x0B,
+ 0x4A, 0x5C, 0x1F, 0x13, 0x2A, 0x29, 0x53, 0x86, 0x5E, 0xE4, 0x5F, 0xC6, 0x1C, 0xD4, 0x22, 0xF7,
+ 0x1F, 0x25, 0x4A, 0xDA, 0x31, 0xB9, 0xFF, 0x70, 0x35, 0x08, 0x3C, 0x40, 0x5B, 0xED, 0x10, 0xAC,
+ 0x2A, 0x85, 0xBE, 0x64, 0x33, 0xEC, 0xC5, 0x3C, 0x2D, 0x6E, 0xEA, 0xE5, 0x18, 0xD0, 0xB7, 0x6A};
+
+const uint8_t signature_4_invalid[] = {
+ 0x42, 0x4A, 0xC6, 0x17, 0x69, 0x09, 0x5F, 0xD5, 0x31, 0x89, 0xF8, 0x33, 0x6E, 0x03, 0x66, 0x1B,
+ 0x24, 0x3F, 0xE8, 0xBA, 0x84, 0x63, 0x07, 0x3F, 0xF1, 0x2E, 0x6C, 0x53, 0xF2, 0x3F, 0x0F, 0x14,
+ 0xFC, 0xD6, 0x38, 0x93, 0x01, 0x8A, 0x8A, 0x96, 0xF6, 0x92, 0xE7, 0x8D, 0x25, 0x6C, 0xD5, 0x4D,
+ 0xD1, 0xCC, 0x86, 0xBD, 0x1D, 0xD4, 0xFC, 0xB2, 0xC3, 0x39, 0x7E, 0x9C, 0x4C, 0xDC, 0x99, 0x18,
+ 0x5C, 0xCE, 0x7D, 0xF7, 0x1A, 0xE3, 0x31, 0x95, 0xE1, 0x50, 0xFF, 0x13, 0xB1, 0x68, 0x9B, 0x0B,
+ 0x4A, 0x5C, 0x1F, 0x13, 0x2A, 0x29, 0x53, 0x86, 0x5E, 0xE4, 0x5F, 0xC6, 0x1C, 0xD4, 0x22, 0xF7,
+ 0x1F, 0x25, 0x4A, 0xDA, 0x31, 0xB9, 0xFF, 0x70, 0x35, 0x08, 0x3C, 0x40, 0x5B, 0xED, 0x10, 0xAC,
+ 0x2A, 0x85, 0xBE, 0x64, 0x33, 0xEC, 0xC5, 0x3C, 0x2D, 0x6E, 0xEA, 0xE5, 0x18, 0xD0, 0xB7, 0x6A};
+
+const uint8_t signature_5[] = {
+ 0xA8, 0x86, 0x15, 0x1A, 0x0A, 0xB6, 0xCF, 0x29, 0x9C, 0xE7, 0x11, 0x67, 0x91, 0xF3, 0x87, 0x6D,
+ 0x40, 0x88, 0x37, 0x14, 0x9B, 0xC0, 0x1F, 0x75, 0x77, 0xD3, 0xA7, 0x3A, 0xCF, 0x9C, 0xBE, 0x30,
+ 0xC2, 0xE2, 0x19, 0xF8, 0xAD, 0xF8, 0x6F, 0x7D, 0xC6, 0x4C, 0xA8, 0x03, 0xBC, 0x18, 0x5B, 0x4E,
+ 0x60, 0xD0, 0xB9, 0xFC, 0x23, 0xB0, 0x20, 0x7A, 0x84, 0x83, 0x38, 0xB8, 0xA1, 0x15, 0x81, 0xA1};
+
+const uint8_t hmac_sha224[] = {
+ 0x2D, 0x39, 0x37, 0x90, 0xE1, 0xDA, 0x9A, 0x86, 0xEC, 0x0D, 0x1B, 0x17, 0x59, 0xC1, 0x23, 0xF9,
+ 0xBA, 0xA4, 0x38, 0xF9, 0x11, 0xA7, 0x3F, 0xEA, 0x1E, 0x9E, 0xA1, 0x7D};
+
+const uint8_t hmac_sha224_invalid[] = {
+ 0x2D, 0x39, 0x37, 0x90, 0xE1, 0xDA, 0x9A, 0x86, 0xEC, 0x0D, 0x1B, 0x17, 0x59, 0xC1, 0x23, 0xF9,
+ 0xBA, 0xA4, 0x38, 0xF9, 0x11, 0xA5, 0x3F, 0xEA, 0x1E, 0x9E, 0xA1, 0x7D};
+
+const uint8_t hmac_sha256[] = {
+ 0xFA, 0xEB, 0x2B, 0x64, 0x77, 0x79, 0xEE, 0x1B, 0x5C, 0x97, 0x0B, 0xBC, 0x28, 0x0E, 0xE5, 0x1D,
+ 0xE9, 0x79, 0x22, 0x9D, 0xE8, 0x4A, 0x94, 0xA1, 0xA4, 0x2C, 0x84, 0x76, 0xD1, 0xBF, 0xE9, 0x3F};
+
+const uint8_t hmac_sha512[] = {
+ 0x46, 0x31, 0x33, 0x41, 0x39, 0xCB, 0x97, 0x3A, 0xCD, 0x7C, 0xF2, 0x2C, 0xA0, 0x89, 0x1B, 0x55,
+ 0x0F, 0x58, 0x76, 0x25, 0x9E, 0x72, 0x7C, 0x91, 0xF7, 0xEC, 0x78, 0x75, 0x2A, 0xF9, 0x52, 0x13,
+ 0x91, 0xD1, 0x35, 0x52, 0x7F, 0xF2, 0xC3, 0x67, 0x43, 0x99, 0xDC, 0x20, 0x2A, 0xC4, 0x77, 0xB4,
+ 0x4C, 0x51, 0xD0, 0xFE, 0x1D, 0xB6, 0xC8, 0x28, 0x34, 0x02, 0x6A, 0x6D, 0x8D, 0xD3, 0x20, 0xDB};
+
+const uint8_t cmac_aes_128[] = {
+};
+
/* test inputs */
const uint8_t hash_input = 0xbd;
const uint8_t input_bytes_data[INPUT_BYTES_DATA_LEN] = "abcdefghijklmnop";
diff --git a/api-tests/dev_apis/crypto/common/test_crypto_common.h b/api-tests/dev_apis/crypto/common/test_crypto_common.h
index 6f12ccc..c213b7d 100644
--- a/api-tests/dev_apis/crypto/common/test_crypto_common.h
+++ b/api-tests/dev_apis/crypto/common/test_crypto_common.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -101,6 +101,15 @@
extern const uint8_t signature_2[];
extern const uint8_t signature_2_invalid[];
extern const uint8_t signature_3[];
+extern const uint8_t signature_4[];
+extern const uint8_t signature_4_invalid[];
+extern const uint8_t signature_5[];
+
+extern const uint8_t hmac_sha224[];
+extern const uint8_t hmac_sha224_invalid[];
+extern const uint8_t hmac_sha256[];
+extern const uint8_t hmac_sha512[];
+extern const uint8_t cmac_aes_128[];
extern uint8_t expected_output[BUFFER_SIZE];
diff --git a/api-tests/dev_apis/crypto/test_c001/test_entry_c001.c b/api-tests/dev_apis/crypto/test_c001/test_entry_c001.c
index e784417..103d6ee 100644
--- a/api-tests/dev_apis/crypto/test_c001/test_entry_c001.c
+++ b/api-tests/dev_apis/crypto/test_c001/test_entry_c001.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c001.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 1)
-#define TEST_DESC "Testing psa_crypto_init API: Basic\n"
+#define TEST_DESC "Testing crypto key management APIs | UT: psa_crypto_init\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c002/test_c002.c b/api-tests/dev_apis/crypto/test_c002/test_c002.c
index 83e1740..ec0a565 100644
--- a/api-tests/dev_apis/crypto/test_c002/test_c002.c
+++ b/api-tests/dev_apis/crypto/test_c002/test_c002.c
@@ -34,7 +34,7 @@
int num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t get_attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -63,7 +63,7 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(3));
/* If failure is expected, continue with the next data set */
@@ -71,7 +71,7 @@
continue;
/* Get the attributes of the imported key and check if it matches the given value */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, key,
&get_attributes);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
@@ -84,14 +84,14 @@
/* Reset the key attributes and check if psa_import_key fails */
val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
- val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_NOT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
- TEST_ASSERT_EQUAL(key_handle, 0, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(key, 0, TEST_CHECKPOINT_NUM(9));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c002/test_data.h b/api-tests/dev_apis/crypto/test_c002/test_data.h
index b7a1fb1..0c9830f 100644
--- a/api-tests/dev_apis/crypto/test_c002/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c002/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,6 +28,7 @@
} test_data;
static const test_data check1[] = {
+#ifdef ARCH_TEST_CIPHER_MODE_CTR
#ifdef ARCH_TEST_AES_128
{
.test_desc = "Test psa_import_key 16 bytes AES\n",
@@ -64,6 +65,7 @@
.expected_status = PSA_SUCCESS
},
#endif
+#endif
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
#ifdef ARCH_TEST_RSA_2048
@@ -131,7 +133,7 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{
.test_desc = "Test psa_import_key with EC Public key\n",
- .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+ .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1),
.data = ec_key_data,
.data_length = 65,
.bits = 256,
@@ -143,7 +145,7 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
{
.test_desc = "Test psa_import_key with EC keypair\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.data = ec_key_pair,
.data_length = 28,
.bits = 224,
@@ -153,6 +155,7 @@
#endif
#endif
+#ifdef ARCH_TEST_CIPHER_MODE_CTR
#ifdef ARCH_TEST_AES
{
.test_desc = "Test psa_import_key 16 bytes AES with invalid bits\n",
@@ -194,4 +197,6 @@
.usage_flags = PSA_KEY_USAGE_EXPORT,
.expected_status = PSA_ERROR_NOT_SUPPORTED
},
+
+#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c002/test_entry_c002.c b/api-tests/dev_apis/crypto/test_c002/test_entry_c002.c
index 3dda5ab..c69a206 100644
--- a/api-tests/dev_apis/crypto/test_c002/test_entry_c002.c
+++ b/api-tests/dev_apis/crypto/test_c002/test_entry_c002.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c002.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 2)
-#define TEST_DESC "Testing crypto key management APIs\n"
+#define TEST_DESC "Testing crypto key management APIs | UT: psa_import_key\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c003/test_c003.c b/api-tests/dev_apis/crypto/test_c003/test_c003.c
index 37fb89a..8c2ec47 100644
--- a/api-tests/dev_apis/crypto/test_c003/test_c003.c
+++ b/api-tests/dev_apis/crypto/test_c003/test_c003.c
@@ -32,7 +32,7 @@
size_t expected_data_length;
int num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -62,13 +62,18 @@
val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage_flags);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes, check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, key_handle, check1[i].expected_data,
- check1[i].data_size, &expected_data_length);
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY,
+ key,
+ check1[i].expected_data,
+ check1[i].data_size,
+ &expected_data_length);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* If failure is expected, continue with the next data set */
@@ -83,11 +88,14 @@
TEST_CHECKPOINT_NUM(6));
/* Destroy the key handle and check if export key fails */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
- status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, key_handle, check1[i].expected_data,
- check1[i].data_size, &expected_data_length);
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY,
+ key,
+ check1[i].expected_data,
+ check1[i].data_size,
+ &expected_data_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(8));
}
diff --git a/api-tests/dev_apis/crypto/test_c003/test_data.h b/api-tests/dev_apis/crypto/test_c003/test_data.h
index 32241a7..d6314c8 100644
--- a/api-tests/dev_apis/crypto/test_c003/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c003/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,6 +31,7 @@
} test_data;
static const test_data check1[] = {
+#ifdef ARCH_TEST_CIPHER_MODE_CTR
#ifdef ARCH_TEST_AES_128
{
.test_desc = "Test psa_export_key 16 Byte AES\n",
@@ -75,6 +76,7 @@
.expected_status = PSA_SUCCESS
},
#endif
+#endif
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
#ifdef ARCH_TEST_RSA_2048
@@ -106,6 +108,7 @@
#endif
#endif
+#ifdef ARCH_TEST_CIPHER_MODE_CTR
#ifdef ARCH_TEST_DES_1KEY
{
.test_desc = "Test psa_export_key with DES 64 bit key\n",
@@ -150,12 +153,13 @@
.expected_status = PSA_SUCCESS
},
#endif
+#endif
#ifdef ARCH_TEST_ASYMMETRIC_ENCRYPTION
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{
.test_desc = "Test psa_export_key with EC Public key\n",
- .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+ .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1),
.data = ec_key_data,
.data_length = 65,
.bits = 256,
@@ -170,7 +174,7 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
{
.test_desc = "Test psa_export_key with EC keypair\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.data = ec_key_pair,
.data_length = 28,
.bits = BYTES_TO_BITS(28),
@@ -183,19 +187,22 @@
#endif
#endif
+#ifdef ARCH_TEST_CIPHER_MODE_CTR
#ifdef ARCH_TEST_AES_128
+#ifdef CRYPTO_1_0
{
.test_desc = "Test psa_export_key with key policy verify\n",
.type = PSA_KEY_TYPE_AES,
.data = key_data,
.data_length = AES_16B_KEY_SIZE,
.bits = BYTES_TO_BITS(AES_16B_KEY_SIZE),
- .usage_flags = PSA_KEY_USAGE_VERIFY,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
.expected_data = expected_output,
.data_size = BUFFER_SIZE,
.expected_data_length = AES_16B_KEY_SIZE,
.expected_status = PSA_ERROR_NOT_PERMITTED
},
+#endif
{
.test_desc = "Test psa_export_key with less buffer size\n",
@@ -210,4 +217,5 @@
.expected_status = PSA_ERROR_BUFFER_TOO_SMALL
},
#endif
+#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c003/test_entry_c003.c b/api-tests/dev_apis/crypto/test_c003/test_entry_c003.c
index 0b1ed9c..432239c 100644
--- a/api-tests/dev_apis/crypto/test_c003/test_entry_c003.c
+++ b/api-tests/dev_apis/crypto/test_c003/test_entry_c003.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c003.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 3)
-#define TEST_DESC "Testing crypto key management APIs\n"
+#define TEST_DESC "Testing crypto key management APIs | UT: psa_export_key\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c004/test_c004.c b/api-tests/dev_apis/crypto/test_c004/test_c004.c
index dc821bf..e4eea02 100644
--- a/api-tests/dev_apis/crypto/test_c004/test_c004.c
+++ b/api-tests/dev_apis/crypto/test_c004/test_c004.c
@@ -33,7 +33,7 @@
const uint8_t *data;
int num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -58,18 +58,23 @@
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &attributes, check1[i].bits);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &attributes, check1[i].bits);
val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage_flags);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, key_handle,
- check1[i].expected_data, check1[i].data_size,
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY,
+ key,
+ check1[i].expected_data,
+ check1[i].data_size,
&expected_data_length);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
@@ -91,11 +96,13 @@
TEST_CHECKPOINT_NUM(6));
/* Destroy the key handle and check if export key fails */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
- status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, key_handle,
- check1[i].expected_data, check1[i].data_size,
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY,
+ key,
+ check1[i].expected_data,
+ check1[i].data_size,
&expected_data_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(9));
}
diff --git a/api-tests/dev_apis/crypto/test_c004/test_data.h b/api-tests/dev_apis/crypto/test_c004/test_data.h
index 51ab1d1..9c27436 100644
--- a/api-tests/dev_apis/crypto/test_c004/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c004/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -63,6 +63,7 @@
static const test_data check1[] = {
+#ifdef ARCH_TEST_CIPHER_MODE_CTR
#ifdef ARCH_TEST_AES_128
{
.test_desc = "Test psa_export_public_key 16 Byte AES\n",
@@ -107,6 +108,7 @@
.expected_status = PSA_ERROR_INVALID_ARGUMENT
},
#endif
+#endif
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
#ifdef ARCH_TEST_RSA_2048
@@ -138,6 +140,7 @@
#endif
#endif
+#ifdef ARCH_TEST_CIPHER_MODE_CTR
#ifdef ARCH_TEST_DES_1KEY
{
.test_desc = "Test psa_export_public_key with DES 64 bit key\n",
@@ -182,12 +185,13 @@
.expected_status = PSA_ERROR_INVALID_ARGUMENT
},
#endif
+#endif
#ifdef ARCH_TEST_ASYMMETRIC_ENCRYPTION
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{
.test_desc = "Test psa_export_public_key with EC Public key\n",
- .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+ .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1),
.data = ec_key_data,
.data_length = 65,
.bits = 256,
@@ -202,7 +206,7 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
{
.test_desc = "Test psa_export_public_key with EC keypair\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.data = ec_key_pair,
.data_length = 28,
.bits = BYTES_TO_BITS(28),
diff --git a/api-tests/dev_apis/crypto/test_c004/test_entry_c004.c b/api-tests/dev_apis/crypto/test_c004/test_entry_c004.c
index f4638b9..33c7de9 100644
--- a/api-tests/dev_apis/crypto/test_c004/test_entry_c004.c
+++ b/api-tests/dev_apis/crypto/test_c004/test_entry_c004.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c004.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 4)
-#define TEST_DESC "Testing crypto key management APIs\n"
+#define TEST_DESC "Testing crypto key management APIs | UT: psa_export_public_key\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c005/test_c005.c b/api-tests/dev_apis/crypto/test_c005/test_c005.c
index ef405ee..9ca9182 100644
--- a/api-tests/dev_apis/crypto/test_c005/test_c005.c
+++ b/api-tests/dev_apis/crypto/test_c005/test_c005.c
@@ -26,6 +26,8 @@
NULL,
};
+extern uint32_t g_test_count;
+static int32_t valid_test_input_index = -1;
int32_t psa_destroy_key_test(caller_security_t caller __UNUSED)
{
int32_t i, status;
@@ -38,7 +40,7 @@
int num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t set_attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -53,7 +55,7 @@
/* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", i+1);
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
/* Setting up the watchdog timer for each check */
@@ -61,81 +63,122 @@
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
- &set_attributes,
- check1[i].type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_BITS,
- &set_attributes,
- check1[i].bits);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
- &set_attributes,
- check1[i].usage_flags);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ID,
- &set_attributes,
- check1[i].id);
- val->crypto_function(VAL_CRYPTO_SET_KEY_LIFETIME,
- &set_attributes,
- check1[i].lifetime);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
- &set_attributes,
- check1[i].alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &set_attributes, check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &set_attributes, check1[i].bits);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &set_attributes,
+ check1[i].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ID, &set_attributes, check1[i].id);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_LIFETIME, &set_attributes, check1[i].lifetime);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &set_attributes, check1[i].alg);
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
&set_attributes,
check1[i].data,
check1[i].data_length,
- &key_handle);
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Destroy the key handle */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
- key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Getting the attributes of the destroyed key should return error */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES,
- key_handle,
- &attributes);
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, key, &attributes);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(5));
/* Check if all the attributes are erased */
- val->crypto_function(VAL_CRYPTO_GET_KEY_TYPE,
- &attributes,
- &get_type);
+ val->crypto_function(VAL_CRYPTO_GET_KEY_TYPE, &attributes, &get_type);
TEST_ASSERT_EQUAL(get_type, 0, TEST_CHECKPOINT_NUM(6));
- val->crypto_function(VAL_CRYPTO_GET_KEY_ID,
- &attributes,
- &get_id);
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ID, &attributes, &get_id);
TEST_ASSERT_EQUAL(get_id, 0, TEST_CHECKPOINT_NUM(7));
- val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME,
- &attributes,
- &get_lifetime);
+ val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, &attributes, &get_lifetime);
TEST_ASSERT_EQUAL(get_lifetime, 0, TEST_CHECKPOINT_NUM(8));
- val->crypto_function(VAL_CRYPTO_GET_KEY_USAGE_FLAGS,
- &attributes,
- &get_usage_flags);
+ val->crypto_function(VAL_CRYPTO_GET_KEY_USAGE_FLAGS, &attributes, &get_usage_flags);
TEST_ASSERT_EQUAL(get_usage_flags, 0, TEST_CHECKPOINT_NUM(9));
- val->crypto_function(VAL_CRYPTO_GET_KEY_ALGORITHM,
- &attributes,
- &get_alg);
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ALGORITHM, &attributes, &get_alg);
TEST_ASSERT_EQUAL(get_alg, 0, TEST_CHECKPOINT_NUM(10));
- val->crypto_function(VAL_CRYPTO_GET_KEY_BITS,
- &attributes,
- &get_bits);
+ val->crypto_function(VAL_CRYPTO_GET_KEY_BITS, &attributes, &get_bits);
TEST_ASSERT_EQUAL(get_bits, 0, TEST_CHECKPOINT_NUM(11));
/* Destroying an empty key handle should return error */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
- key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(12));
+ if (valid_test_input_index < 0)
+ valid_test_input_index = i;
}
return VAL_STATUS_SUCCESS;
}
+
+int32_t psa_destroy_key_test_invalid_key_identifier(caller_security_t caller __UNUSED)
+{
+ int32_t status;
+ psa_key_attributes_t set_attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_id_t key;
+
+ if (valid_test_input_index < 0)
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "Test psa_destroy_key with invalid key identifier\n", 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &set_attributes,
+ check1[valid_test_input_index].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_BITS,
+ &set_attributes,
+ check1[valid_test_input_index].bits);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &set_attributes,
+ check1[valid_test_input_index].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ID,
+ &set_attributes,
+ check1[valid_test_input_index].id);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_LIFETIME,
+ &set_attributes,
+ check1[valid_test_input_index].lifetime);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &set_attributes,
+ check1[valid_test_input_index].alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &set_attributes,
+ check1[valid_test_input_index].data,
+ check1[valid_test_input_index].data_length,
+ &key);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Destroy the key handle - with PSA_KEY_ID_NULL */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, PSA_KEY_ID_NULL);
+ TEST_ASSERT_EQUAL(status, check1[valid_test_input_index].expected_status,
+ TEST_CHECKPOINT_NUM(4));
+
+ /* Destroy the key handle */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
+ TEST_ASSERT_EQUAL(status, check1[valid_test_input_index].expected_status,
+ TEST_CHECKPOINT_NUM(5));
+
+ /* Destroy the key handle */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, PSA_KEY_ID_NULL);
+ TEST_ASSERT_EQUAL(status, check1[valid_test_input_index].expected_status,
+ TEST_CHECKPOINT_NUM(6));
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c005/test_data.h b/api-tests/dev_apis/crypto/test_c005/test_data.h
index ff7aa1c..67d4823 100644
--- a/api-tests/dev_apis/crypto/test_c005/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c005/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -32,8 +32,7 @@
static const test_data check1[] = {
-#ifdef ARCH_TEST_AES
-#ifdef ARCH_TEST_CCM
+#ifdef ARCH_TEST_CIPHER_MODE_CTR
#ifdef ARCH_TEST_AES_128
{
.test_desc = "Test psa_destroy_key 16 Byte AES\n",
@@ -42,7 +41,7 @@
.data_length = AES_16B_KEY_SIZE,
.bits = BYTES_TO_BITS(AES_16B_KEY_SIZE),
.usage_flags = PSA_KEY_USAGE_EXPORT,
- .alg = PSA_ALG_CCM,
+ .alg = PSA_ALG_CTR,
.id = 0x12,
.lifetime = PSA_KEY_LIFETIME_VOLATILE,
.expected_status = PSA_SUCCESS
@@ -57,7 +56,7 @@
.data_length = AES_24B_KEY_SIZE,
.bits = BYTES_TO_BITS(AES_24B_KEY_SIZE),
.usage_flags = PSA_KEY_USAGE_EXPORT,
- .alg = PSA_ALG_CCM,
+ .alg = PSA_ALG_CTR,
.id = 0x34,
.lifetime = PSA_KEY_LIFETIME_VOLATILE,
.expected_status = PSA_SUCCESS
@@ -72,14 +71,13 @@
.data_length = AES_32B_KEY_SIZE,
.bits = BYTES_TO_BITS(AES_32B_KEY_SIZE),
.usage_flags = PSA_KEY_USAGE_EXPORT,
- .alg = PSA_ALG_CCM,
+ .alg = PSA_ALG_CTR,
.id = 0x56,
.lifetime = PSA_KEY_LIFETIME_VOLATILE,
.expected_status = PSA_SUCCESS
},
#endif
#endif
-#endif
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
#ifdef ARCH_TEST_RSA_2048
@@ -162,7 +160,7 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{
.test_desc = "Test psa_destroy_key with EC Public key\n",
- .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+ .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1),
.data = ec_key_data,
.data_length = 65,
.bits = 256,
@@ -179,12 +177,12 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
{
.test_desc = "Test psa_destroy_key with EC keypair\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.data = ec_key_pair,
.data_length = 28,
.bits = BYTES_TO_BITS(28),
.usage_flags = PSA_KEY_USAGE_EXPORT,
- .alg = PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ .alg = PSA_ALG_ECDSA_ANY,
.id = 0x123,
.lifetime = PSA_KEY_LIFETIME_VOLATILE,
.expected_status = PSA_SUCCESS
diff --git a/api-tests/dev_apis/crypto/test_c005/test_entry_c005.c b/api-tests/dev_apis/crypto/test_c005/test_entry_c005.c
index 275f534..558eab5 100644
--- a/api-tests/dev_apis/crypto/test_c005/test_entry_c005.c
+++ b/api-tests/dev_apis/crypto/test_c005/test_entry_c005.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c005.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 5)
-#define TEST_DESC "Testing crypto key management APIs\n"
+#define TEST_DESC "Testing crypto key management APIs | UT: psa_destroy_key\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c006/test_data.h b/api-tests/dev_apis/crypto/test_c006/test_data.h
index 0df4fed..6da03eb 100644
--- a/api-tests/dev_apis/crypto/test_c006/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c006/test_data.h
@@ -154,20 +154,21 @@
.expected_hash_length = 64,
.expected_status = PSA_SUCCESS,
},
-#endif
-#ifdef ARCH_TEST_SHA256
+#ifdef ARCH_TEST_SHA512
{
.test_desc = "Test psa_hash_compute with small buffer size\n",
- .alg = PSA_ALG_SHA_256,
+ .alg = PSA_ALG_SHA_512,
.input = &hash_input,
.input_length = sizeof(hash_input),
.hash = expected_output,
- .hash_size = 30,
- .expected_hash = sha_256_hash,
- .expected_hash_length = 32,
+ .hash_size = 60,
+ .expected_hash = expected_output,
+ .expected_hash_length = 64,
.expected_status = PSA_ERROR_BUFFER_TOO_SMALL,
},
+#endif
+#endif
{
.test_desc = "Test psa_hash_compute with invalid algorithm\n",
@@ -176,9 +177,8 @@
.input_length = sizeof(hash_input),
.hash = expected_output,
.hash_size = BUFFER_SIZE,
- .expected_hash = sha_256_hash,
- .expected_hash_length = 32,
+ .expected_hash = sha_512_hash,
+ .expected_hash_length = 64,
.expected_status = PSA_ERROR_NOT_SUPPORTED,
},
-#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c006/test_entry_c006.c b/api-tests/dev_apis/crypto/test_c006/test_entry_c006.c
index b62ecdf..3a1bded 100644
--- a/api-tests/dev_apis/crypto/test_c006/test_entry_c006.c
+++ b/api-tests/dev_apis/crypto/test_c006/test_entry_c006.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c006.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 06)
-#define TEST_DESC "Testing crypto hash functions APIs\n"
+#define TEST_DESC "Testing crypto hash functions APIs | UT: psa_hash_compute\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c007/test_data.h b/api-tests/dev_apis/crypto/test_c007/test_data.h
index 7028099..45c5d34 100644
--- a/api-tests/dev_apis/crypto/test_c007/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c007/test_data.h
@@ -23,14 +23,14 @@
const uint8_t *input;
size_t input_length;
const uint8_t *hash;
- const size_t hash_length;
+ size_t hash_length;
psa_status_t expected_status;
} test_data;
static const test_data check1[] = {
#ifdef ARCH_TEST_MD2
{
- .test_desc = "Test psa_hash_compare - MD2 algorithm\n",
+ .test_desc = "Test psa_hash_compare with MD2 algorithm\n",
.alg = PSA_ALG_MD2,
.input = &hash_input,
.input_length = sizeof(hash_input),
@@ -42,7 +42,7 @@
#ifdef ARCH_TEST_MD4
{
- .test_desc = "Test psa_hash_compare - MD4 algorithm\n",
+ .test_desc = "Test psa_hash_compare with MD4 algorithm\n",
.alg = PSA_ALG_MD4,
.input = &hash_input,
.input_length = sizeof(hash_input),
@@ -54,7 +54,7 @@
#ifdef ARCH_TEST_MD5
{
- .test_desc = "Test psa_hash_compare - MD5 algorithm\n",
+ .test_desc = "Test psa_hash_compare with MD5 algorithm\n",
.alg = PSA_ALG_MD5,
.input = &hash_input,
.input_length = sizeof(hash_input),
@@ -66,7 +66,7 @@
#ifdef ARCH_TEST_RIPEMD160
{
- .test_desc = "Test psa_hash_compare - RIPEMD160 algorithm\n",
+ .test_desc = "Test psa_hash_compare with RIPEMD160 algorithm\n",
.alg = PSA_ALG_RIPEMD160,
.input = &hash_input,
.input_length = sizeof(hash_input),
@@ -78,7 +78,7 @@
#ifdef ARCH_TEST_SHA1
{
- .test_desc = "Test psa_hash_compare - SHA1 algorithm\n",
+ .test_desc = "Test psa_hash_compare with SHA1 algorithm\n",
.alg = PSA_ALG_SHA_1,
.input = &hash_input,
.input_length = sizeof(hash_input),
@@ -90,7 +90,7 @@
#ifdef ARCH_TEST_SHA224
{
- .test_desc = "Test psa_hash_compare - SHA224 algorithm\n",
+ .test_desc = "Test psa_hash_compare with SHA224 algorithm\n",
.alg = PSA_ALG_SHA_224,
.input = &hash_input,
.input_length = sizeof(hash_input),
@@ -102,7 +102,7 @@
#ifdef ARCH_TEST_SHA256
{
- .test_desc = "Test psa_hash_compare - SHA256 algorithm\n",
+ .test_desc = "Test psa_hash_compare with SHA256 algorithm\n",
.alg = PSA_ALG_SHA_256,
.input = &hash_input,
.input_length = sizeof(hash_input),
@@ -114,7 +114,7 @@
#ifdef ARCH_TEST_SHA384
{
- .test_desc = "Test psa_hash_compare - SHA384 algorithm\n",
+ .test_desc = "Test psa_hash_compare with SHA384 algorithm\n",
.alg = PSA_ALG_SHA_384,
.input = &hash_input,
.input_length = sizeof(hash_input),
@@ -126,7 +126,7 @@
#ifdef ARCH_TEST_SHA512
{
- .test_desc = "Test psa_hash_compare - SHA512 algorithm\n",
+ .test_desc = "Test psa_hash_compare with SHA512 algorithm\n",
.alg = PSA_ALG_SHA_512,
.input = &hash_input,
.input_length = sizeof(hash_input),
@@ -138,7 +138,7 @@
#ifdef ARCH_TEST_SHA256
{
- .test_desc = "Test psa_hash_compare - incorrect hash\n",
+ .test_desc = "Test psa_hash_compare with incorrect hash\n",
.alg = PSA_ALG_SHA_256,
.input = &hash_input,
.input_length = sizeof(hash_input),
@@ -148,7 +148,7 @@
},
{
- .test_desc = "Test psa_hash_compare - incorrect hash length\n",
+ .test_desc = "Test psa_hash_compare with incorrect hash length\n",
.alg = PSA_ALG_SHA_256,
.input = &hash_input,
.input_length = sizeof(hash_input)/sizeof(uint8_t),
@@ -158,7 +158,7 @@
},
{
- .test_desc = "Test psa_hash_compare - invalid algorithm\n",
+ .test_desc = "Test psa_hash_compare with invalid algorithm\n",
.alg = PSA_HASH_ALG_INVALID,
.input = &hash_input,
.input_length = sizeof(hash_input),
diff --git a/api-tests/dev_apis/crypto/test_c007/test_entry_c007.c b/api-tests/dev_apis/crypto/test_c007/test_entry_c007.c
index 3992711..090b28f 100644
--- a/api-tests/dev_apis/crypto/test_c007/test_entry_c007.c
+++ b/api-tests/dev_apis/crypto/test_c007/test_entry_c007.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c007.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 07)
-#define TEST_DESC "Testing crypto hash functions APIs\n"
+#define TEST_DESC "Testing crypto hash functions APIs | UT: psa_hash_compare\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c008/test_entry_c008.c b/api-tests/dev_apis/crypto/test_c008/test_entry_c008.c
index 594e384..872e9ea 100644
--- a/api-tests/dev_apis/crypto/test_c008/test_entry_c008.c
+++ b/api-tests/dev_apis/crypto/test_c008/test_entry_c008.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c008.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 8)
-#define TEST_DESC "Testing crypto key derivation APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs | UT: psa_key_derivation_setup\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c009/test_entry_c009.c b/api-tests/dev_apis/crypto/test_c009/test_entry_c009.c
index bf04626..48e7f73 100644
--- a/api-tests/dev_apis/crypto/test_c009/test_entry_c009.c
+++ b/api-tests/dev_apis/crypto/test_c009/test_entry_c009.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c009.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 9)
-#define TEST_DESC "Testing crypto key derivation APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs | UT: psa_key_derivation_input_bytes\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c010/test_data.h b/api-tests/dev_apis/crypto/test_c010/test_data.h
index 4b88665..0199de4 100644
--- a/api-tests/dev_apis/crypto/test_c010/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c010/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -29,7 +29,7 @@
static const test_data check1[] = {
{
- .test_desc = "Test set/get key attributes\n",
+ .test_desc = "Test psa_key_attributes_set_get key attributes\n",
.type = PSA_KEY_TYPE_AES,
.bits = BYTES_TO_BITS(AES_16B_KEY_SIZE),
.usage_flags = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
diff --git a/api-tests/dev_apis/crypto/test_c010/test_entry_c010.c b/api-tests/dev_apis/crypto/test_c010/test_entry_c010.c
index 311a99a..d6cd9f0 100644
--- a/api-tests/dev_apis/crypto/test_c010/test_entry_c010.c
+++ b/api-tests/dev_apis/crypto/test_c010/test_entry_c010.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c010.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 10)
-#define TEST_DESC "Testing crypto key attributes APIs\n"
+#define TEST_DESC "Testing crypto key attributes APIs | UT: psa_key_attributes_set_get\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c011/test_c011.c b/api-tests/dev_apis/crypto/test_c011/test_c011.c
index d0ae92b..8f008e6 100644
--- a/api-tests/dev_apis/crypto/test_c011/test_c011.c
+++ b/api-tests/dev_apis/crypto/test_c011/test_c011.c
@@ -53,17 +53,22 @@
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Start a multipart hash operation */
- status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, check1[i].alg);
+ status = val->crypto_function(VAL_CRYPTO_HASH_SETUP,
+ &operation,
+ check1[i].alg);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(3));
if (check1[i].expected_status == PSA_SUCCESS)
{
/* Start a multipart hash operation */
- status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, check1[i].alg);
+ status = val->crypto_function(VAL_CRYPTO_HASH_SETUP,
+ &operation,
+ check1[i].alg);
TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(4));
/*Abort the hash operation */
- status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
}
}
diff --git a/api-tests/dev_apis/crypto/test_c011/test_entry_c011.c b/api-tests/dev_apis/crypto/test_c011/test_entry_c011.c
index 5b3b48c..647e11a 100644
--- a/api-tests/dev_apis/crypto/test_c011/test_entry_c011.c
+++ b/api-tests/dev_apis/crypto/test_c011/test_entry_c011.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c011.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 11)
-#define TEST_DESC "Testing crypto hash functions APIs\n"
+#define TEST_DESC "Testing crypto hash functions APIs | UT: psa_hash_setup\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c012/test_c012.c b/api-tests/dev_apis/crypto/test_c012/test_c012.c
index b7ce6f7..d588d45 100644
--- a/api-tests/dev_apis/crypto/test_c012/test_c012.c
+++ b/api-tests/dev_apis/crypto/test_c012/test_c012.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/api-tests/dev_apis/crypto/test_c012/test_entry_c012.c b/api-tests/dev_apis/crypto/test_c012/test_entry_c012.c
index bbd47c8..a52c2d9 100644
--- a/api-tests/dev_apis/crypto/test_c012/test_entry_c012.c
+++ b/api-tests/dev_apis/crypto/test_c012/test_entry_c012.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c012.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 12)
-#define TEST_DESC "Testing crypto hash functions APIs\n"
+#define TEST_DESC "Testing crypto hash functions APIs | UT: psa_hash_update\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c013/test_entry_c013.c b/api-tests/dev_apis/crypto/test_c013/test_entry_c013.c
index d746370..7de76a5 100644
--- a/api-tests/dev_apis/crypto/test_c013/test_entry_c013.c
+++ b/api-tests/dev_apis/crypto/test_c013/test_entry_c013.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c013.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 13)
-#define TEST_DESC "Testing crypto hash functions APIs\n"
+#define TEST_DESC "Testing crypto hash functions APIs | UT: psa_hash_verify\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c014/test_c014.c b/api-tests/dev_apis/crypto/test_c014/test_c014.c
index 968f33a..84845ae 100644
--- a/api-tests/dev_apis/crypto/test_c014/test_c014.c
+++ b/api-tests/dev_apis/crypto/test_c014/test_c014.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/api-tests/dev_apis/crypto/test_c014/test_c014.h b/api-tests/dev_apis/crypto/test_c014/test_c014.h
index f58bf45..9342aa9 100644
--- a/api-tests/dev_apis/crypto/test_c014/test_c014.h
+++ b/api-tests/dev_apis/crypto/test_c014/test_c014.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -30,5 +30,4 @@
int32_t psa_hash_finish_inactive_operation_handle(caller_security_t caller);
int32_t psa_hash_finish_invalid_hash_buffer_size(caller_security_t caller);
extern void crypto_common_exit_action(void);
-
#endif /* _TEST_C014_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c014/test_entry_c014.c b/api-tests/dev_apis/crypto/test_c014/test_entry_c014.c
index a7bd954..a00512c 100644
--- a/api-tests/dev_apis/crypto/test_c014/test_entry_c014.c
+++ b/api-tests/dev_apis/crypto/test_c014/test_entry_c014.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c014.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 14)
-#define TEST_DESC "Testing crypto hash functions APIs\n"
+#define TEST_DESC "Testing crypto hash functions APIs | UT: psa_hash_finish\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c015/test_c015.c b/api-tests/dev_apis/crypto/test_c015/test_c015.c
index 88c708f..8d6fbff 100644
--- a/api-tests/dev_apis/crypto/test_c015/test_c015.c
+++ b/api-tests/dev_apis/crypto/test_c015/test_c015.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/api-tests/dev_apis/crypto/test_c015/test_entry_c015.c b/api-tests/dev_apis/crypto/test_c015/test_entry_c015.c
index 667bd67..f7d3df2 100644
--- a/api-tests/dev_apis/crypto/test_c015/test_entry_c015.c
+++ b/api-tests/dev_apis/crypto/test_c015/test_entry_c015.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c015.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 15)
-#define TEST_DESC "Testing crypto hash functions APIs\n"
+#define TEST_DESC "Testing crypto hash functions APIs | UT: psa_hash_abort\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c016/test_c016.c b/api-tests/dev_apis/crypto/test_c016/test_c016.c
index eeca485..cde0940 100644
--- a/api-tests/dev_apis/crypto/test_c016/test_c016.c
+++ b/api-tests/dev_apis/crypto/test_c016/test_c016.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -37,7 +37,7 @@
int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t get_attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -66,14 +66,14 @@
val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].alg);
/* Generate the key */
- status = val->crypto_function(VAL_CRYPTO_GENERATE_KEY, &attributes, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_GENERATE_KEY, &attributes, &key);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(3));
if (check1[i].expected_status != PSA_SUCCESS)
continue;
/* Get the attributes of the imported key and check if it matches the given value */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, key,
&get_attributes);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
@@ -90,7 +90,7 @@
TEST_ASSERT_EQUAL(get_alg, check1[i].alg, TEST_CHECKPOINT_NUM(8));
/* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, key_handle, expected_output,
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, key, expected_output,
BUFFER_SIZE, &expected_data_length);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
@@ -103,7 +103,7 @@
val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &get_attributes);
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
}
diff --git a/api-tests/dev_apis/crypto/test_c016/test_data.h b/api-tests/dev_apis/crypto/test_c016/test_data.h
index 287a8da..5a9b92e 100644
--- a/api-tests/dev_apis/crypto/test_c016/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c016/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,8 +28,7 @@
} test_data;
static const test_data check1[] = {
-#ifdef ARCH_TEST_AES
-#ifdef ARCH_TEST_CCM
+#ifdef ARCH_TEST_CIPHER_MODE_CTR
#ifdef ARCH_TEST_AES_128
{
.test_desc = "Test psa_generate_key 16 Byte AES\n",
@@ -65,10 +64,7 @@
.expected_status = PSA_SUCCESS
},
#endif
-#endif
-#endif
-#ifdef ARCH_TEST_CIPHER_MODE_CTR
#ifdef ARCH_TEST_DES_1KEY
{
.test_desc = "Test psa_generate_key with DES 64 bit key\n",
@@ -112,7 +108,7 @@
{
.test_desc = "Test psa_generate_key with RSA 2048 Keypair\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
- .usage_flags = PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
+ .usage_flags = PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
.bits = 2048,
.expected_range = {1190, 1194},
@@ -126,9 +122,9 @@
#ifdef ARCH_TEST_ASYMMETRIC_ENCRYPTION
{
.test_desc = "Test psa_generate_key with ECC KeyPair\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.usage_flags = PSA_KEY_USAGE_EXPORT,
- .alg = PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ .alg = PSA_ALG_ECDSA_ANY,
.bits = 224,
.expected_range = {28, 28},
.expected_status = PSA_SUCCESS
@@ -141,7 +137,7 @@
{
.test_desc = "Test psa_generate_key with RSA 2048 Public key\n",
.type = PSA_KEY_TYPE_RSA_PUBLIC_KEY,
- .usage_flags = PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
+ .usage_flags = PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
.bits = 2048,
.expected_range = {1190, 1194},
@@ -150,14 +146,11 @@
#endif
#endif
-#ifdef ARCH_TEST_AES
-#ifdef ARCH_TEST_CCM
-#ifdef ARCH_TEST_AES_128
{
.test_desc = "Test psa_generate_key with invalid key type\n",
.type = 0,
.usage_flags = PSA_KEY_USAGE_EXPORT,
- .alg = PSA_ALG_CCM,
+ .alg = PSA_ALG_CTR,
.bits = BYTES_TO_BITS(AES_16B_KEY_SIZE),
.expected_range = {AES_16B_KEY_SIZE, AES_16B_KEY_SIZE},
.expected_status = PSA_ERROR_NOT_SUPPORTED
@@ -167,12 +160,9 @@
.test_desc = "Test psa_generate_key with invalid usage flags\n",
.type = PSA_KEY_TYPE_AES,
.usage_flags = PSA_KEY_USAGE_INVALID,
- .alg = PSA_ALG_CCM,
+ .alg = PSA_ALG_CTR,
.bits = BYTES_TO_BITS(AES_16B_KEY_SIZE),
.expected_range = {AES_16B_KEY_SIZE, AES_16B_KEY_SIZE},
.expected_status = PSA_ERROR_INVALID_ARGUMENT
},
-#endif
-#endif
-#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c016/test_entry_c016.c b/api-tests/dev_apis/crypto/test_c016/test_entry_c016.c
index 346048d..13809e1 100644
--- a/api-tests/dev_apis/crypto/test_c016/test_entry_c016.c
+++ b/api-tests/dev_apis/crypto/test_c016/test_entry_c016.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c016.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 16)
-#define TEST_DESC "Testing crypto generator functions APIs\n"
+#define TEST_DESC "Testing crypto generator functions APIs | UT: psa_generate_key\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c017/test_entry_c017.c b/api-tests/dev_apis/crypto/test_c017/test_entry_c017.c
index 7e585b3..a3af265 100644
--- a/api-tests/dev_apis/crypto/test_c017/test_entry_c017.c
+++ b/api-tests/dev_apis/crypto/test_c017/test_entry_c017.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c017.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 17)
-#define TEST_DESC "Testing crypto generation APIs\n"
+#define TEST_DESC "Testing crypto generation APIs | UT: psa_generate_random\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c018/test_c018.c b/api-tests/dev_apis/crypto/test_c018/test_c018.c
index d4477c8..39eaacd 100644
--- a/api-tests/dev_apis/crypto/test_c018/test_c018.c
+++ b/api-tests/dev_apis/crypto/test_c018/test_c018.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -37,7 +37,7 @@
int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -67,7 +67,7 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
if (check1[i].expected_status == PSA_SUCCESS)
@@ -76,7 +76,7 @@
* failure.
*/
status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_KEY, &operation,
- check1[i].step, key_handle);
+ check1[i].step, key);
TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(4));
}
@@ -87,7 +87,7 @@
/* Provide an input for key derivation or key agreement */
status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_KEY, &operation,
- check1[i].step, key_handle);
+ check1[i].step, key);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
if (check1[i].expected_status != PSA_SUCCESS)
@@ -99,12 +99,12 @@
continue;
}
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
/* Provide an input for key derivation or key agreement */
status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_KEY, &operation,
- check1[i].step, key_handle);
+ check1[i].step, key);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(9));
/* Abort the key derivation operation */
@@ -114,7 +114,7 @@
/* Reset the key attributes and check if psa_import_key fails */
val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_ERROR_NOT_SUPPORTED, TEST_CHECKPOINT_NUM(11));
if (valid_test_input_index < 0)
@@ -128,7 +128,7 @@
{
int32_t status;
psa_key_derivation_operation_t operation;
- psa_key_handle_t key_handle = 11;
+ psa_key_id_t key = 11;
if (valid_test_input_index < 0)
return RESULT_SKIP(VAL_STATUS_NO_TESTS);
@@ -153,7 +153,7 @@
/* Provide an input for key derivation or key agreement */
status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_KEY, &operation,
- check1[valid_test_input_index].step, key_handle);
+ check1[valid_test_input_index].step, key);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
/* Abort the key derivation operation */
diff --git a/api-tests/dev_apis/crypto/test_c018/test_entry_c018.c b/api-tests/dev_apis/crypto/test_c018/test_entry_c018.c
index a03a215..f5617df 100644
--- a/api-tests/dev_apis/crypto/test_c018/test_entry_c018.c
+++ b/api-tests/dev_apis/crypto/test_c018/test_entry_c018.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c018.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 18)
-#define TEST_DESC "Testing crypto key derivation APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs | UT: psa_key_derivation_input_key\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c019/test_c019.c b/api-tests/dev_apis/crypto/test_c019/test_c019.c
index 62bdf65..b59ba2c 100644
--- a/api-tests/dev_apis/crypto/test_c019/test_c019.c
+++ b/api-tests/dev_apis/crypto/test_c019/test_c019.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -37,7 +37,7 @@
int32_t i, status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -65,7 +65,7 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set up a key agreement operation */
@@ -76,7 +76,7 @@
status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT,
&operation,
check1[i].step,
- key_handle,
+ key,
check1[i].peer_key,
check1[i].peer_key_length);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
@@ -88,8 +88,11 @@
/* Reset the key attributes and check if psa_import_key fails */
val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
+
/* Destroy a key and restore the slot to its default state */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
if (valid_test_input_index < 0)
@@ -103,7 +106,7 @@
{
int32_t status;
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
- psa_key_handle_t key_handle = 8;
+ psa_key_id_t key = 8;
if (valid_test_input_index < 0)
return RESULT_SKIP(VAL_STATUS_NO_TESTS);
@@ -127,7 +130,7 @@
status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT,
&operation,
check1[valid_test_input_index].step,
- key_handle,
+ key,
check1[valid_test_input_index].peer_key,
check1[valid_test_input_index].peer_key_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
diff --git a/api-tests/dev_apis/crypto/test_c019/test_data.h b/api-tests/dev_apis/crypto/test_c019/test_data.h
index 7d32078..72ff7cd 100644
--- a/api-tests/dev_apis/crypto/test_c019/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c019/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -36,7 +36,7 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{
.test_desc = "Test psa_key_derivation_key_agreement - ECDH SECP256R1\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.data = ecdh_secp_256_r1_prv_key,
.data_length = ECDH_SECP_256_R1_PRV_KEY_LEN,
.usage_flags = PSA_KEY_USAGE_DERIVE,
@@ -49,7 +49,7 @@
{
.test_desc = "Test psa_key_derivation_key_agreement - Invalid step\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.data = ecdh_secp_256_r1_prv_key,
.data_length = ECDH_SECP_256_R1_PRV_KEY_LEN,
.usage_flags = PSA_KEY_USAGE_DERIVE,
@@ -65,7 +65,7 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP384R1
{
.test_desc = "Test psa_key_derivation_key_agreement - ECDH SECP384R1\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1),
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.data = ecdh_secp_384_r1_prv_key,
.data_length = ECDH_SECP_384_R1_PRV_KEY_LEN,
.usage_flags = PSA_KEY_USAGE_DERIVE,
@@ -80,7 +80,7 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{
.test_desc = "Test psa_key_derivation_key_agreement - Invalid usage\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.data = ecdh_secp_256_r1_prv_key,
.data_length = ECDH_SECP_256_R1_PRV_KEY_LEN,
.usage_flags = PSA_KEY_USAGE_ENCRYPT,
@@ -98,7 +98,7 @@
#ifdef ARCH_TEST_HKDF
{
.test_desc = "Test psa_key_derivation_key_agreement - KDF not a key agreement alg\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.data = ecdh_secp_256_r1_prv_key,
.data_length = ECDH_SECP_256_R1_PRV_KEY_LEN,
.usage_flags = PSA_KEY_USAGE_DERIVE,
@@ -114,7 +114,7 @@
#ifdef ARCH_TEST_ECDH
{
.test_desc = "Test psa_key_derivation_key_agreement - Public key of different curve\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.data = ecdh_secp_256_r1_prv_key,
.data_length = ECDH_SECP_256_R1_PRV_KEY_LEN,
.usage_flags = PSA_KEY_USAGE_DERIVE,
@@ -127,7 +127,7 @@
{
.test_desc = "Test psa_key_derivation_key_agreement - Pub key instead of Prv key\n",
- .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+ .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1),
.data = ecdh_secp_256_r1_pub_key,
.data_length = ECDH_SECP_256_R1_PUB_KEY_LEN,
.usage_flags = PSA_KEY_USAGE_DERIVE,
diff --git a/api-tests/dev_apis/crypto/test_c019/test_entry_c019.c b/api-tests/dev_apis/crypto/test_c019/test_entry_c019.c
index 7c9deb6..0e2a56e 100644
--- a/api-tests/dev_apis/crypto/test_c019/test_entry_c019.c
+++ b/api-tests/dev_apis/crypto/test_c019/test_entry_c019.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c019.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 19)
-#define TEST_DESC "Testing crypto key derivation APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs | UT: psa_key_derivation_key_agreement\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c020/test_c020.c b/api-tests/dev_apis/crypto/test_c020/test_c020.c
index 12c2bfc..6145d40 100644
--- a/api-tests/dev_apis/crypto/test_c020/test_c020.c
+++ b/api-tests/dev_apis/crypto/test_c020/test_c020.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -33,7 +33,7 @@
int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_derivation_operation_t operation;
- psa_key_handle_t handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -62,7 +62,7 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Start the key derivation operation */
@@ -79,14 +79,14 @@
for (inIdx = 0; inIdx < DERIVATION_INPUT_CNT; inIdx++)
{
if ((check1[i].derv_inputs[inIdx].step == 0) &&
- (check1[i].derv_inputs[inIdx].data == NULL) &&
- (check1[i].derv_inputs[inIdx].data_length == 0))
+ (check1[i].derv_inputs[inIdx].data == NULL) &&
+ (check1[i].derv_inputs[inIdx].data_length == 0))
continue;
if (check1[i].derv_inputs[inIdx].step == PSA_KEY_DERIVATION_INPUT_SECRET)
{
status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_KEY, &operation,
- check1[i].derv_inputs[inIdx].step, handle);
+ check1[i].derv_inputs[inIdx].step, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
} else {
status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES, &operation,
@@ -102,7 +102,7 @@
check1[i].output, check1[i].output_length);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(8));
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
/* Reset the key attributes */
diff --git a/api-tests/dev_apis/crypto/test_c020/test_entry_c020.c b/api-tests/dev_apis/crypto/test_c020/test_entry_c020.c
index a70c09c..e295265 100644
--- a/api-tests/dev_apis/crypto/test_c020/test_entry_c020.c
+++ b/api-tests/dev_apis/crypto/test_c020/test_entry_c020.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c020.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 20)
-#define TEST_DESC "Testing crypto key derivation APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs | UT: psa_key_derivation_output_bytes\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c021/test_c021.c b/api-tests/dev_apis/crypto/test_c021/test_c021.c
index 1c3421e..477ff16 100644
--- a/api-tests/dev_apis/crypto/test_c021/test_c021.c
+++ b/api-tests/dev_apis/crypto/test_c021/test_c021.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -39,11 +39,11 @@
int32_t status;
int i;
int num_checks = sizeof(check1)/sizeof(check1[0]);
- psa_key_handle_t key_handle[2];
+ psa_key_id_t keys[2];
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t derv_attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
- psa_key_handle_t tdata_key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -74,7 +74,7 @@
{
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &tdata_key_handle);
+ check1[i].key_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
}
@@ -93,7 +93,7 @@
{
/* Provide an input for key derivation or key agreement */
status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_KEY, &operation,
- check1[i].step, tdata_key_handle);
+ check1[i].step, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
}
else
@@ -103,6 +103,12 @@
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
}
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES, &operation,
+ check1[i].info.step,
+ check1[i].info.data,
+ check1[i].info.data_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
/* Setup the attributes for the key */
val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &derv_attributes, check1[i].derive_key_type);
val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &derv_attributes, check1[i].derive_key_bits);
@@ -113,37 +119,37 @@
/* Derive a key from an ongoing key derivation operation */
status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY, &derv_attributes,
- &operation, &key_handle[SLOT_1]);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(8));
+ &operation, &keys[SLOT_1]);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(9));
if (check1[i].step == PSA_KEY_DERIVATION_INPUT_SECRET)
{
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, tdata_key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
}
if (check1[i].expected_status != PSA_SUCCESS)
{
status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
continue;
}
/* Read some key from a key derivation operation with no data in the operation */
status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY, &derv_attributes,
- &operation, &key_handle[SLOT_2]);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INSUFFICIENT_DATA, TEST_CHECKPOINT_NUM(11));
+ &operation, &keys[SLOT_2]);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INSUFFICIENT_DATA, TEST_CHECKPOINT_NUM(12));
/* Abort the derivation operation */
status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(13));
/* Expect bad state when derivation is called on an aborted operation */
status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY, &derv_attributes,
- &operation, &key_handle[SLOT_2]);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(13));
+ &operation, &keys[SLOT_2]);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(14));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c021/test_data.h b/api-tests/dev_apis/crypto/test_c021/test_data.h
index 706f8e3..4d09ab3 100644
--- a/api-tests/dev_apis/crypto/test_c021/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c021/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,6 +17,13 @@
#include "val_crypto.h"
+#include "test_crypto_common.h"
+typedef struct {
+ psa_key_derivation_step_t step;
+ const uint8_t *data;
+ size_t data_length;
+} key_derivation_input_t;
+
typedef struct {
char test_desc[75];
psa_key_type_t key_type;
@@ -32,6 +39,7 @@
size_t derive_key_bits;
psa_key_usage_t derive_usage;
psa_algorithm_t derive_key_alg;
+ key_derivation_input_t info;
psa_status_t expected_status;
} test_data;
@@ -44,9 +52,14 @@
PSA_KEY_DERIVATION_INPUT_SECRET, 32, {0}, 0,
PSA_KEY_TYPE_AES, BYTES_TO_BITS(AES_32B_KEY_SIZE), PSA_KEY_USAGE_EXPORT,
PSA_ALG_CTR,
+ {
+ .step = PSA_KEY_DERIVATION_INPUT_INFO,
+ .data = input_info,
+ .data_length = INPUT_INFO_LEN
+ },
PSA_SUCCESS
},
-
+#if 0
{"Test psa_key_derivation_output_key - Info\n", PSA_KEY_TYPE_DERIVE,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9, 0x77},
@@ -97,8 +110,8 @@
AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE,
PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
PSA_KEY_DERIVATION_INPUT_SECRET, 256, {0}, 0,
- PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1), 256, PSA_KEY_USAGE_EXPORT,
- PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1), 256, PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_ECDSA_ANY,
PSA_ERROR_NOT_SUPPORTED
},
@@ -108,8 +121,8 @@
AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE,
PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
PSA_KEY_DERIVATION_INPUT_SECRET, 224, {0}, 0,
- PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1), 224, PSA_KEY_USAGE_EXPORT,
- PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1), 224, PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_ECDSA_ANY,
PSA_SUCCESS
},
@@ -130,7 +143,7 @@
AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE,
PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
PSA_KEY_DERIVATION_INPUT_SECRET, 256, {0}, 0,
- PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1), 2046, PSA_KEY_USAGE_EXPORT,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1), 2046, PSA_KEY_USAGE_EXPORT,
PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
PSA_SUCCESS
},
@@ -145,4 +158,5 @@
PSA_ALG_CTR,
PSA_ERROR_NOT_SUPPORTED
},
+#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c021/test_entry_c021.c b/api-tests/dev_apis/crypto/test_c021/test_entry_c021.c
index ee4fcfd..900bedb 100644
--- a/api-tests/dev_apis/crypto/test_c021/test_entry_c021.c
+++ b/api-tests/dev_apis/crypto/test_c021/test_entry_c021.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c021.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 21)
-#define TEST_DESC "Testing crypto key derivation APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs | UT: psa_key_derivation_output_key\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c022/test_entry_c022.c b/api-tests/dev_apis/crypto/test_c022/test_entry_c022.c
index 5de2354..0c97c60 100644
--- a/api-tests/dev_apis/crypto/test_c022/test_entry_c022.c
+++ b/api-tests/dev_apis/crypto/test_c022/test_entry_c022.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c022.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 22)
-#define TEST_DESC "Testing crypto key derivation APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs | UT: psa_key_derivation_abort\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c023/test_entry_c023.c b/api-tests/dev_apis/crypto/test_c023/test_entry_c023.c
index 2f9becc..e743ed5 100644
--- a/api-tests/dev_apis/crypto/test_c023/test_entry_c023.c
+++ b/api-tests/dev_apis/crypto/test_c023/test_entry_c023.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c023.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 23)
-#define TEST_DESC "Testing crypto key derivation APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs | UT: psa_key_derivation_set_get_capacity\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c024/test_c024.c b/api-tests/dev_apis/crypto/test_c024/test_c024.c
index 120269a..853027b 100644
--- a/api-tests/dev_apis/crypto/test_c024/test_c024.c
+++ b/api-tests/dev_apis/crypto/test_c024/test_c024.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -32,7 +32,7 @@
size_t get_ciphertext_length;
int num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -63,12 +63,12 @@
&attributes,
check1[i].data,
check1[i].data_length,
- &handle);
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Process an authenticated encryption operation */
status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT,
- handle,
+ key,
check1[i].alg,
check1[i].nonce,
check1[i].nonce_length,
@@ -84,7 +84,7 @@
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
continue;
@@ -99,7 +99,7 @@
get_ciphertext_length, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
/* Reset the key attributes and check if psa_import_key fails */
@@ -108,12 +108,12 @@
&attributes,
check1[i].data,
check1[i].data_length,
- &handle);
+ &key);
TEST_ASSERT_EQUAL(status, PSA_ERROR_NOT_SUPPORTED, TEST_CHECKPOINT_NUM(9));
/* Process an authenticated encryption operation on a destroyed key*/
status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT,
- handle,
+ key,
check1[i].alg,
check1[i].nonce,
check1[i].nonce_length,
diff --git a/api-tests/dev_apis/crypto/test_c024/test_data.h b/api-tests/dev_apis/crypto/test_c024/test_data.h
index be83dc2..a1a65b7 100644
--- a/api-tests/dev_apis/crypto/test_c024/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c024/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -86,7 +86,7 @@
.data = key_data,
.data_length = AES_16B_KEY_SIZE,
.usage_flags = PSA_KEY_USAGE_ENCRYPT,
- .alg = PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+ .alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
.nonce = nonce,
.nonce_length = 13,
.additional_data = additional_data,
@@ -254,7 +254,7 @@
.data = key_data,
.data_length = AES_16B_KEY_SIZE,
.usage_flags = PSA_KEY_USAGE_ENCRYPT,
- .alg = PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 0),
+ .alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0),
.nonce = nonce,
.nonce_length = 13,
.additional_data = additional_data,
diff --git a/api-tests/dev_apis/crypto/test_c024/test_entry_c024.c b/api-tests/dev_apis/crypto/test_c024/test_entry_c024.c
index bca49c9..1649d10 100644
--- a/api-tests/dev_apis/crypto/test_c024/test_entry_c024.c
+++ b/api-tests/dev_apis/crypto/test_c024/test_entry_c024.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c024.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 24)
-#define TEST_DESC "Testing crypto AEAD APIs\n"
+#define TEST_DESC "Testing crypto AEAD APIs | UT: psa_aead_encrypt\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c025/test_c025.c b/api-tests/dev_apis/crypto/test_c025/test_c025.c
index 3b3f909..bcca35a 100644
--- a/api-tests/dev_apis/crypto/test_c025/test_c025.c
+++ b/api-tests/dev_apis/crypto/test_c025/test_c025.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -32,7 +32,7 @@
size_t expected_plaintext_length;
int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -60,11 +60,11 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Process an authenticated decryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT, key_handle, check1[i].alg,
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT, key, check1[i].alg,
check1[i].nonce, check1[i].nonce_length,
check1[i].additional_data, check1[i].additional_data_length,
check1[i].ciphertext, check1[i].ciphertext_length,
@@ -75,7 +75,7 @@
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
continue;
@@ -90,17 +90,17 @@
expected_plaintext_length, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
/* Reset the key attributes and check if psa_import_key fails */
val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_ERROR_NOT_SUPPORTED, TEST_CHECKPOINT_NUM(9));
/* Process an authenticated decryption operation on a destroyed key handle */
- status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT, key_handle, check1[i].alg,
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT, key, check1[i].alg,
check1[i].nonce, check1[i].nonce_length,
check1[i].additional_data, check1[i].additional_data_length,
check1[i].ciphertext, check1[i].ciphertext_length,
diff --git a/api-tests/dev_apis/crypto/test_c025/test_data.h b/api-tests/dev_apis/crypto/test_c025/test_data.h
index 19074d3..4b82019 100644
--- a/api-tests/dev_apis/crypto/test_c025/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c025/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -86,7 +86,7 @@
.data = key_data,
.data_length = AES_16B_KEY_SIZE,
.usage_flags = PSA_KEY_USAGE_DECRYPT,
- .alg = PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+ .alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
.nonce = nonce,
.nonce_length = 13,
.additional_data = additional_data,
@@ -294,7 +294,7 @@
.data = key_data,
.data_length = AES_16B_KEY_SIZE,
.usage_flags = PSA_KEY_USAGE_DECRYPT,
- .alg = PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 0),
+ .alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0),
.nonce = nonce,
.nonce_length = 13,
.additional_data = additional_data,
diff --git a/api-tests/dev_apis/crypto/test_c025/test_entry_c025.c b/api-tests/dev_apis/crypto/test_c025/test_entry_c025.c
index 9c3ac1d..4997626 100644
--- a/api-tests/dev_apis/crypto/test_c025/test_entry_c025.c
+++ b/api-tests/dev_apis/crypto/test_c025/test_entry_c025.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c025.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 25)
-#define TEST_DESC "Testing crypto AEAD APIs\n"
+#define TEST_DESC "Testing crypto AEAD APIs | UT: psa_aead_decrypt\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c026/test_c026.c b/api-tests/dev_apis/crypto/test_c026/test_c026.c
index 6a349e1..c599951 100644
--- a/api-tests/dev_apis/crypto/test_c026/test_c026.c
+++ b/api-tests/dev_apis/crypto/test_c026/test_c026.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,15 +28,15 @@
};
extern uint32_t g_test_count;
-
-static psa_mac_operation_t operation;
+static int32_t valid_test_input_index = -1;
int32_t psa_mac_sign_setup_test(caller_security_t caller __UNUSED)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_mac_operation_t operation=PSA_MAC_OPERATION_INIT;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -52,31 +52,45 @@
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- memset(&operation, 0, sizeof(operation));
+
+ val->crypto_function(VAL_CRYPTO_MAC_OPERATION_INIT,
+ &operation);
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Start a multipart MAC calculation operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
- key_handle, check1[i].key_alg);
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP,
+ &operation,
+ key,
+ check1[i].alg);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Whether setup succeeded or failed, abort must succeed.
Abort a MAC operation
*/
- status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* If setup failed, reproduce the failure, so that the caller can
@@ -84,17 +98,24 @@
*/
if (check1[i].expected_status != PSA_SUCCESS)
{
- status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
- key_handle, check1[i].key_alg);
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP,
+ &operation,
+ key,
+ check1[i].alg);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
}
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
- /* Reset the key attributes and check if psa_import_key fails */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ &attributes);
+
+ if (valid_test_input_index < 0)
+ valid_test_input_index = i;
}
return VAL_STATUS_SUCCESS;
@@ -102,34 +123,46 @@
int32_t psa_mac_sign_setup_negative_test(caller_security_t caller __UNUSED)
{
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- int32_t i, status;
- psa_key_handle_t key_handle = 11;
+ int32_t status;
+ psa_key_id_t key = 11;
+ psa_mac_operation_t operation=PSA_MAC_OPERATION_INIT;
+
+ if (valid_test_input_index < 0)
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
- for (i = 0; i < num_checks; i++)
- {
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- val->print(PRINT_TEST, "[Check %d] Test psa_mac_sign_setup invalid key handle\n",
- g_test_count++);
- /* Start a multipart MAC verification operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
- key_handle, check2[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+ val->print(PRINT_TEST, "[Check %d] Test psa_mac_sign_setup invalid key handle\n",
+ g_test_count++);
- val->print(PRINT_TEST, "[Check %d] Test psa_mac_sign_setup zero as key handle\n",
- g_test_count++);
- /* Start a multipart MAC verification operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
- 0, check2[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
- }
+ val->crypto_function(VAL_CRYPTO_MAC_OPERATION_INIT,
+ &operation);
+
+ /* Start a multipart MAC verification operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP,
+ &operation,
+ key,
+ check1[valid_test_input_index].alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_mac_sign_setup zero as key handle\n",
+ g_test_count++);
+
+ val->crypto_function(VAL_CRYPTO_MAC_OPERATION_INIT,
+ &operation);
+
+ /* Start a multipart MAC verification operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP,
+ &operation,
+ 0,
+ check1[valid_test_input_index].alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c026/test_data.h b/api-tests/dev_apis/crypto/test_c026/test_data.h
index 306522a..50221af 100644
--- a/api-tests/dev_apis/crypto/test_c026/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c026/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,142 +15,135 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- uint8_t key_data[64];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
+ psa_key_type_t type;
+ const uint8_t *data;
+ size_t data_length;
+ psa_key_usage_t usage_flags;
+ psa_algorithm_t alg;
psa_status_t expected_status;
} test_data;
static const test_data check1[] = {
+#ifdef CRYPTO_1_0
#ifdef ARCH_TEST_HMAC
#ifdef ARCH_TEST_SHA256
-{"Test psa_mac_sign_setup 64 Byte HMAC\n", PSA_KEY_TYPE_HMAC,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
- 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
- 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
- 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
- 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
- 64, PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_256),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_sign_setup - HMAC - SHA256\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .data = key_data,
+ .data_length = 64,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
#ifdef ARCH_TEST_AES_128
#ifdef ARCH_TEST_CMAC
-{"Test psa_mac_sign_setup 16 Byte AES - CMAC\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0x00},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_sign_setup - CMAC - AES\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_CMAC,
+ .expected_status = PSA_SUCCESS
},
#endif
-
-#ifdef ARCH_TEST_GMAC
-{"Test psa_mac_sign_setup 16 Byte AES - GMAC\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0x00},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_SIGN, PSA_ALG_GMAC,
- PSA_ERROR_NOT_SUPPORTED
-},
#endif
-#ifdef ARCH_TEST_CMAC
#ifdef ARCH_TEST_HMAC
-{"Test psa_mac_sign_setup incompactible HMAC for CMAC\n", PSA_KEY_TYPE_HMAC,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
- PSA_ERROR_NOT_SUPPORTED
+#ifdef ARCH_TEST_CMAC
+{
+ .test_desc = "Test psa_mac_sign_setup - Incompatible HMAC for CMAC\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .data = key_data,
+ .data_length = 64,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_CMAC,
+ .expected_status = PSA_ERROR_NOT_SUPPORTED
},
#endif
-
-{"Test psa_mac_sign_setup invalid usage\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CMAC,
- PSA_ERROR_NOT_PERMITTED
-},
#endif
#ifdef ARCH_TEST_HMAC
#ifdef ARCH_TEST_SHA256
-{"Test psa_mac_sign_setup invalid key type\n", PSA_KEY_TYPE_RAW_DATA,
-{0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B,
- 0x0B, 0x0B, 0x0B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_256),
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_mac_sign_setup - Invalid usage flag\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .data = key_data,
+ .data_length = 64,
+ .usage_flags = PSA_KEY_USAGE_EXPORT,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ .expected_status = PSA_ERROR_NOT_PERMITTED
},
-#endif
+
+{
+ .test_desc = "Test psa_mac_sign_setup - Invalid key type\n",
+ .type = PSA_KEY_TYPE_RAW_DATA,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
+},
#endif
#endif
#ifdef ARCH_TEST_HMAC
#ifdef ARCH_TEST_SHA256
#ifdef ARCH_TEST_TRUNCATED_MAC
-{"Test psa_mac_sign_setup truncated MAC too large\n", PSA_KEY_TYPE_HMAC,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
- 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
- 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
- 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
- 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
- 64, PSA_KEY_USAGE_SIGN, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33),
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_mac_sign_setup - Truncated MAC too large\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .data = key_data,
+ .data_length = 64,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33),
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
},
-{"Test psa_mac_sign_setup truncated MAC too small\n", PSA_KEY_TYPE_HMAC,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
- 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
- 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
- 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
- 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
- 64, PSA_KEY_USAGE_SIGN, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1),
- PSA_ERROR_NOT_SUPPORTED
+{
+ .test_desc = "Test psa_mac_sign_setup - Truncated MAC too small\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .data = key_data,
+ .data_length = 64,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1),
+ .expected_status = PSA_ERROR_NOT_SUPPORTED
},
#endif
#endif
-#ifdef ARCH_TEST_AES_128
-{"Test psa_mac_sign_setup bad algorithm (unknown MAC algorithm)\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0x00},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(0),
- PSA_ERROR_NOT_SUPPORTED
+{
+ .test_desc = "Test psa_mac_sign_setup - Unknown MAC algorithm\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .data = key_data,
+ .data_length = 64,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_HMAC(0),
+ .expected_status = PSA_ERROR_NOT_SUPPORTED
},
#endif
-#endif
#ifdef ARCH_TEST_AES_128
#ifdef ARCH_TEST_CBC_NO_PADDING
-{"Test psa_mac_sign_setup bad algorithm (not a MAC algorithm)\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0x00},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_SIGN, PSA_ALG_CBC_NO_PADDING,
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_mac_sign_setup - Bad algorithm (not a MAC algorithm)\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_CBC_NO_PADDING,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
},
#endif
#endif
-};
+#endif
-static const test_data check2[] = {
-#ifdef ARCH_TEST_HMAC
-#ifdef ARCH_TEST_SHA256
-{"Test psa_mac_sign_setup 64 negative case\n", PSA_KEY_TYPE_HMAC,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
- 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
- 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
- 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
- 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
- 64, PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_256),
- PSA_SUCCESS
-},
-#endif
-#endif
};
-;
diff --git a/api-tests/dev_apis/crypto/test_c026/test_entry_c026.c b/api-tests/dev_apis/crypto/test_c026/test_entry_c026.c
index f1fcea6..77d7456 100644
--- a/api-tests/dev_apis/crypto/test_c026/test_entry_c026.c
+++ b/api-tests/dev_apis/crypto/test_c026/test_entry_c026.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c026.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 26)
-#define TEST_DESC "Testing crypto MAC APIs\n"
+#define TEST_DESC "Testing crypto MAC APIs | UT: psa_mac_sign_setup\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c027/test_c027.c b/api-tests/dev_apis/crypto/test_c027/test_c027.c
index 9518070..f92ca14 100644
--- a/api-tests/dev_apis/crypto/test_c027/test_c027.c
+++ b/api-tests/dev_apis/crypto/test_c027/test_c027.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,21 +23,18 @@
const client_test_t test_c027_crypto_list[] = {
NULL,
psa_mac_update_test,
- psa_mac_update_invalid_operator_test,
NULL,
};
extern uint32_t g_test_count;
-static uint8_t data[BUFFER_SIZE];
int32_t psa_mac_update_test(caller_security_t caller __UNUSED)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
- size_t length;
- psa_mac_operation_t operation;
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_mac_operation_t operation=PSA_MAC_OPERATION_INIT;
+ psa_key_attributes_t attributes=PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -51,95 +48,83 @@
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "[Check %d] ", i+1);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- memset(&operation, 0, sizeof(operation));
- memset(data, 0, sizeof(data));
+ val->crypto_function(VAL_CRYPTO_KEY_ATTRIBUTES_INIT,
+ &attributes);
+ val->crypto_function(VAL_CRYPTO_MAC_OPERATION_INIT,
+ &operation);
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
- /* Start a multipart MAC calculation operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
- key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ if (check1[i].operation_state) {
+ /* Start a multipart MAC calculation operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP,
+ &operation,
+ key,
+ check1[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ }
/* Add a message fragment to a multipart MAC operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation, check1[i].data,
- check1[i].data_size);
+ status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE,
+ &operation,
+ check1[i].input,
+ check1[i].input_length >> 1);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Abort a MAC operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
continue;
}
- /* Finish the calculation of the MAC of a message */
- status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_FINISH, &operation, data,
- sizeof(data), &length);
+ /* Add a message fragment to the same multipart MAC operation*/
+ status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE,
+ &operation,
+ check1[i].input + (check1[i].input_length >> 1),
+ check1[i].input_length >> 1);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
- /* Add a message fragment to the same multipart MAC operation*/
- status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation, check1[i].data,
- check1[i].data_size);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(9));
-
/* Abort a MAC operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT,
+ &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
- }
-
- return VAL_STATUS_SUCCESS;
-}
-
-int32_t psa_mac_update_invalid_operator_test(caller_security_t caller __UNUSED)
-{
- int32_t i, status;
- psa_mac_operation_t operation[] = {psa_mac_operation_init(), PSA_MAC_OPERATION_INIT, {0} };
- int32_t operation_count = sizeof(operation)/sizeof(operation[0]);
-
- memset(data, 0, sizeof(data));
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, "Test psa_mac_update without mac setup\n", 0);
-
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
-
- for (i = 0; i < operation_count; i++)
- {
-
- /* Start a multipart MAC calculation for each operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation[i], data,
- sizeof(data)/sizeof(data[0]));
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(2));
-
- /* Abort the MAC operations */
- status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation[i]);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c027/test_c027.h b/api-tests/dev_apis/crypto/test_c027/test_c027.h
index bdcf1d7..ec1a715 100644
--- a/api-tests/dev_apis/crypto/test_c027/test_c027.h
+++ b/api-tests/dev_apis/crypto/test_c027/test_c027.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,9 +25,6 @@
extern val_api_t *val;
extern psa_api_t *psa;
extern const client_test_t test_c027_crypto_list[];
-
-int32_t psa_mac_update_test(caller_security_t caller);
-int32_t psa_mac_update_invalid_operator_test(caller_security_t caller);
extern void crypto_common_exit_action(void);
-
+int32_t psa_mac_update_test(caller_security_t caller);
#endif /* _TEST_C027_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c027/test_data.h b/api-tests/dev_apis/crypto/test_c027/test_data.h
index 35eebf6..6025948 100644
--- a/api-tests/dev_apis/crypto/test_c027/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c027/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,55 +15,85 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- uint8_t key_data[64];
- uint32_t key_length;
- uint8_t data[64];
- size_t data_size;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
+ psa_key_type_t type;
+ psa_key_usage_t usage_flags;
+ psa_algorithm_t alg;
+ const uint8_t *data;
+ size_t data_length;
+ const uint8_t *input;
+ size_t input_length;
+ uint32_t operation_state;
psa_status_t expected_status;
} test_data;
static const test_data check1[] = {
+#ifdef CRYPTO_1_0
#ifdef ARCH_TEST_HMAC
#ifdef ARCH_TEST_SHA256
-{"Test psa_mac_update 64 Byte HMAC SHA256\n", PSA_KEY_TYPE_HMAC,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
- 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
- 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
- 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
- 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
- 64, "hello world", 11, PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_256),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_update - HMAC - SHA256 - 64 Byte\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ .data = key_data,
+ .data_length = 64,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
#ifdef ARCH_TEST_AES_128
#ifdef ARCH_TEST_CMAC
-{"Test psa_mac_update 16 Byte AES - CMAC\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0x00},
- AES_16B_KEY_SIZE, "hello world", 11, PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_update - CMAC - AES - 16 Byte\n",
+ .type = PSA_KEY_TYPE_AES,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_CMAC,
+ .data = key_data,
+ .data_length = 16,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
#ifdef ARCH_TEST_HMAC
#ifdef ARCH_TEST_SHA512
-{"Test psa_mac_update 32 Byte HMAC SHA512\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b},
- 32, "hello world", 11, PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_512),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_update - HMAC - SHA512 - 32 Byte\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_512),
+ .data = key_data,
+ .data_length = 32,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
+
+{
+ .test_desc = "Test psa_mac_update - HMAC - SHA512 - Invalid operation state\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_512),
+ .data = key_data,
+ .data_length = 32,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .operation_state = 0,
+ .expected_status = PSA_ERROR_BAD_STATE
+},
+#endif
#endif
#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c027/test_entry_c027.c b/api-tests/dev_apis/crypto/test_c027/test_entry_c027.c
index 7856607..f5eba20 100644
--- a/api-tests/dev_apis/crypto/test_c027/test_entry_c027.c
+++ b/api-tests/dev_apis/crypto/test_c027/test_entry_c027.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c027.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 27)
-#define TEST_DESC "Testing crypto MAC APIs\n"
+#define TEST_DESC "Testing crypto MAC APIs | UT: psa_mac_update\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c028/test_c028.c b/api-tests/dev_apis/crypto/test_c028/test_c028.c
index 8bcbf71..3aa058b 100644
--- a/api-tests/dev_apis/crypto/test_c028/test_c028.c
+++ b/api-tests/dev_apis/crypto/test_c028/test_c028.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,16 +28,16 @@
extern uint32_t g_test_count;
-static uint8_t data[BUFFER_SIZE];
+
int32_t psa_mac_sign_finish_test(caller_security_t caller __UNUSED)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
- size_t length;
- psa_mac_operation_t operation;
+ size_t mac_length;
+ psa_mac_operation_t operation=PSA_MAC_OPERATION_INIT;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -51,75 +51,102 @@
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "[Check %d] ", i+1);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- memset(&operation, 0, sizeof(operation));
- memset(data, 0, sizeof(data));
+
+ val->crypto_function(VAL_CRYPTO_KEY_ATTRIBUTES_INIT,
+ &attributes);
+ val->crypto_function(VAL_CRYPTO_MAC_OPERATION_INIT,
+ &operation);
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
- /* Start a multipart MAC calculation operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
- key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ if (check1[i].operation_state) {
+ /* Start a multipart MAC calculation operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP,
+ &operation,
+ key,
+ check1[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
- /* Add a message fragment to a multipart MAC operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation, check1[i].data,
- check1[i].data_size);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ /* Add a message fragment to a multipart MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE,
+ &operation,
+ check1[i].input,
+ check1[i].input_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ }
/* Finish the calculation of the MAC of a message */
- status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_FINISH, &operation, data,
- check1[i].mac_size, &length);
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_FINISH,
+ &operation,
+ check1[i].mac,
+ check1[i].mac_size,
+ &mac_length);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Abort a MAC operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
continue;
}
/* Check if the MAC length matches with the expected length */
- TEST_ASSERT_EQUAL(length, check1[i].expected_length, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(mac_length, check1[i].expected_mac_length, TEST_CHECKPOINT_NUM(9));
/* Check if the MAC data matches with the expected data */
- TEST_ASSERT_MEMCMP(check1[i].expected_data, data, length, TEST_CHECKPOINT_NUM(10));
-
- memset(data, 0, sizeof(data));
+ TEST_ASSERT_MEMCMP(check1[i].mac, check1[i].expected_mac, mac_length,
+ TEST_CHECKPOINT_NUM(10));
/* Calling mac finish twice in a row.
* Finish the calculation of the MAC of a message using same operation
* should return error
*/
- status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_FINISH, &operation, data,
- check1[i].mac_size, &length);
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_FINISH,
+ &operation,
+ check1[i].mac,
+ check1[i].mac_size,
+ &mac_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(11));
/* Abort a MAC operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
}
diff --git a/api-tests/dev_apis/crypto/test_c028/test_data.h b/api-tests/dev_apis/crypto/test_c028/test_data.h
index e489c56..c13a006 100644
--- a/api-tests/dev_apis/crypto/test_c028/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c028/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,104 +15,158 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- uint8_t key_data[64];
- uint32_t key_length;
- uint8_t data[16];
- size_t data_size;
- uint8_t expected_data[64];
+ psa_key_type_t type;
+ psa_key_usage_t usage_flags;
+ psa_algorithm_t alg;
+ const uint8_t *data;
+ size_t data_length;
+ const uint8_t *input;
+ size_t input_length;
+ uint8_t *mac;
size_t mac_size;
- size_t expected_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
+ size_t expected_mac_length;
+ const uint8_t *expected_mac;
+ uint32_t operation_state;
psa_status_t expected_status;
} test_data;
static const test_data check1[] = {
+#ifdef CRYPTO_1_0
#ifdef ARCH_TEST_HMAC
#ifdef ARCH_TEST_SHA224
-{"Test psa_mac_sign_finish HMAC SHA 224\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
-{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
-{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
- 0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
- 0x4b, 0x22}, 64, 28,
- PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_224),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_sign_finish - HMAC - SHA224\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .data = key_data,
+ .data_length = 64,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .mac = expected_output,
+ .mac_size = BUFFER_SIZE,
+ .expected_mac_length = 28,
+ .expected_mac = hmac_sha224,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_SHA256
-{"Test psa_mac_sign_finish HMAC SHA 256\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
-{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
-{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
- 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
- 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 64, 32,
- PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_256),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_sign_finish - HMAC - SHA256\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .data = key_data,
+ .data_length = 64,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .mac = expected_output,
+ .mac_size = BUFFER_SIZE,
+ .expected_mac_length = 32,
+ .expected_mac = hmac_sha256,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_SHA512
-{"Test psa_mac_sign_finish HMAC SHA 512\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
-{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
-{0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d, 0x4f, 0xf0, 0xb4, 0x24, 0x1a,
- 0x1d, 0x6c, 0xb0, 0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78, 0x7a, 0xd0,
- 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde, 0xda, 0xa8, 0x33, 0xb7, 0xd6, 0xb8, 0xa7,
- 0x02, 0x03, 0x8b, 0x27, 0x4e, 0xae, 0xa3, 0xf4, 0xe4, 0xbe, 0x9d, 0x91, 0x4e,
- 0xeb, 0x61, 0xf1, 0x70, 0x2e, 0x69, 0x6c, 0x20, 0x3a, 0x12, 0x68, 0x54}, 64, 64,
- PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_512),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_sign_finish - HMAC - SHA512\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_512),
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .data = key_data,
+ .data_length = 64,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .mac = expected_output,
+ .mac_size = BUFFER_SIZE,
+ .expected_mac_length = 64,
+ .expected_mac = hmac_sha512,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_SHA224
-{"Test psa_mac_sign_finish HMAC SHA 224 (truncated to 8 Byte)\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
-{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
-{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68}, 64, 8,
- PSA_KEY_USAGE_SIGN, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 8),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_sign_finish - HMAC - SHA224 - Truncated 8 Byte\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .alg = PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 8),
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .data = key_data,
+ .data_length = 64,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .mac = expected_output,
+ .mac_size = BUFFER_SIZE,
+ .expected_mac_length = 8,
+ .expected_mac = hmac_sha224,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_mac_sign_finish - HMAC - SHA224 - Small output buffer\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .data = key_data,
+ .data_length = 64,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .mac = expected_output,
+ .mac_size = 27,
+ .expected_mac_length = 0,
+ .expected_mac = NULL,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{
+ .test_desc = "Test psa_mac_sign_finish - HMAC - SHA224 - Invalid operation state\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .data = key_data,
+ .data_length = 64,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .mac = expected_output,
+ .mac_size = BUFFER_SIZE,
+ .expected_mac_length = 28,
+ .expected_mac = hmac_sha224,
+ .operation_state = 0,
+ .expected_status = PSA_ERROR_BAD_STATE
},
#endif
#endif
#ifdef ARCH_TEST_AES_128
#ifdef ARCH_TEST_CMAC
-{"Test psa_mac_sign_finish CMAC AES 128\n", PSA_KEY_TYPE_AES,
-{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
- 0xcf, 0x4f, 0x3c}, 16,
-{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
-{0x9A, 0x8F, 0xFF, 0x8D, 0xA3, 0x5B, 0x97, 0xCB, 0x4C, 0x95, 0xF0, 0xFA, 0x6A,
- 0xE7, 0xE0, 0x77}, 64, 16,
- PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_sign_finish - CMAC - AES\n",
+ .type = PSA_KEY_TYPE_AES,
+ .alg = PSA_ALG_CMAC,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .mac = expected_output,
+ .mac_size = BUFFER_SIZE,
+ .expected_mac_length = 16,
+ .expected_mac = cmac_aes_128,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
-
-#ifdef ARCH_TEST_HMAC
-#ifdef ARCH_TEST_SHA256
-{"Test psa_mac_sign_finish - Small buffer size\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
-{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
-{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
- 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
- 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 31, 32,
- PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_256),
- PSA_ERROR_BUFFER_TOO_SMALL
-},
-#endif
#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c028/test_entry_c028.c b/api-tests/dev_apis/crypto/test_c028/test_entry_c028.c
index 3d27987..83c6b37 100644
--- a/api-tests/dev_apis/crypto/test_c028/test_entry_c028.c
+++ b/api-tests/dev_apis/crypto/test_c028/test_entry_c028.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c028.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 28)
-#define TEST_DESC "Testing crypto MAC APIs\n"
+#define TEST_DESC "Testing crypto MAC APIs | UT: psa_mac_sign_finish\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c029/test_c029.c b/api-tests/dev_apis/crypto/test_c029/test_c029.c
index e89db2d..c1141bf 100644
--- a/api-tests/dev_apis/crypto/test_c029/test_c029.c
+++ b/api-tests/dev_apis/crypto/test_c029/test_c029.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,15 +28,15 @@
};
extern uint32_t g_test_count;
-
-static psa_mac_operation_t operation;
+static int32_t valid_test_input_index = -1;
int32_t psa_mac_verify_setup_test(caller_security_t caller __UNUSED)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_mac_operation_t operation=PSA_MAC_OPERATION_INIT;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -52,31 +52,47 @@
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- memset(&operation, 0, sizeof(operation));
+
+ val->crypto_function(VAL_CRYPTO_KEY_ATTRIBUTES_INIT,
+ &attributes);
+ val->crypto_function(VAL_CRYPTO_MAC_OPERATION_INIT,
+ &operation);
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Start a multipart MAC verification operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP, &operation,
- key_handle, check1[i].key_alg);
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP,
+ &operation,
+ key,
+ check1[i].alg);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Whether setup succeeded or failed, abort must succeed.
* Abort a MAC operation
*/
- status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* If setup failed, reproduce the failure, so that the caller can
@@ -84,14 +100,20 @@
*/
if (check1[i].expected_status != PSA_SUCCESS)
{
- status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP, &operation,
- key_handle, check1[i].key_alg);
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP,
+ &operation,
+ key,
+ check1[i].alg);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
}
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ if (valid_test_input_index < 0)
+ valid_test_input_index = i;
}
return VAL_STATUS_SUCCESS;
@@ -99,34 +121,45 @@
int32_t psa_mac_verify_setup_negative_test(caller_security_t caller __UNUSED)
{
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- int32_t i, status;
- psa_key_handle_t key_handle = 11;
+ int32_t status;
+ psa_key_id_t key = 11;
+ psa_mac_operation_t operation;
+
+ if (valid_test_input_index < 0)
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
- for (i = 0; i < num_checks; i++)
- {
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- val->print(PRINT_TEST, "[Check %d] Test psa_mac_verify_setup invalid key handle\n",
- g_test_count++);
- /* Start a multipart MAC verification operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP, &operation,
- key_handle, check2[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+ val->print(PRINT_TEST, "[Check %d] Test psa_mac_verify_setup invalid key handle\n",
+ g_test_count++);
+ val->crypto_function(VAL_CRYPTO_MAC_OPERATION_INIT,
+ &operation);
- val->print(PRINT_TEST, "[Check %d] Test psa_mac_verify_setup zero as key handle\n",
- g_test_count++);
- /* Start a multipart MAC verification operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP, &operation,
- 0, check2[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
- }
+ /* Start a multipart MAC verification operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP,
+ &operation,
+ key,
+ check1[valid_test_input_index].alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_mac_verify_setup zero as key handle\n",
+ g_test_count++);
+
+ val->crypto_function(VAL_CRYPTO_MAC_OPERATION_INIT,
+ &operation);
+
+ /* Start a multipart MAC verification operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP,
+ &operation,
+ 0,
+ check1[valid_test_input_index].alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c029/test_data.h b/api-tests/dev_apis/crypto/test_c029/test_data.h
index 3b4b121..10358eb 100644
--- a/api-tests/dev_apis/crypto/test_c029/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c029/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,141 +15,135 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- uint8_t key_data[64];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
+ psa_key_type_t type;
+ psa_key_usage_t usage_flags;
+ psa_algorithm_t alg;
+ const uint8_t *data;
+ size_t data_length;
psa_status_t expected_status;
} test_data;
static const test_data check1[] = {
+#ifdef CRYPTO_1_0
#ifdef ARCH_TEST_HMAC
#ifdef ARCH_TEST_SHA256
-{"Test psa_mac_verify_setup 64 Byte HMAC\n", PSA_KEY_TYPE_HMAC,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
- 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
- 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
- 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
- 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
- 64, PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_256),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_verify_setup - HMAC - SHA256\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ .data = key_data,
+ .data_length = 64,
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
#ifdef ARCH_TEST_AES_128
#ifdef ARCH_TEST_CMAC
-{"Test psa_mac_verify_setup 16 Byte AES - CMAC\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0x00},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_CMAC,
- PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_GMAC
-{"Test psa_mac_verify_setup 16 Byte AES - GMAC\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0x00},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_GMAC,
- PSA_ERROR_NOT_SUPPORTED
+{
+ .test_desc = "Test psa_mac_verify_setup - CMAC - AES\n",
+ .type = PSA_KEY_TYPE_AES,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_CMAC,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
#ifdef ARCH_TEST_CMAC
#ifdef ARCH_TEST_HMAC
-{"Test psa_mac_verify_setup incompactible HMAC for CMAC\n", PSA_KEY_TYPE_HMAC,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_CMAC,
- PSA_ERROR_NOT_SUPPORTED
-},
-#endif
-
-#ifdef ARCH_TEST_AES_128
-{"Test psa_mac_verify_setup invalid usage\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CMAC,
- PSA_ERROR_NOT_PERMITTED
+{
+ .test_desc = "Test psa_mac_verify_setup - Incompatible HMAC for CMAC\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_CMAC,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .expected_status = PSA_ERROR_NOT_SUPPORTED
},
#endif
#endif
#ifdef ARCH_TEST_HMAC
#ifdef ARCH_TEST_SHA256
-{"Test psa_mac_verify_setup invalid key type\n", PSA_KEY_TYPE_RAW_DATA,
-{0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B,
- 0x0B, 0x0B, 0x0B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_256),
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_mac_verify_setup - Invalid usage flag\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ .data = key_data,
+ .data_length = 64,
+ .expected_status = PSA_ERROR_NOT_PERMITTED
+},
+
+
+{
+ .test_desc = "Test psa_mac_verify_setup - Invalid key type\n",
+ .type = PSA_KEY_TYPE_RAW_DATA,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
},
#endif
#endif
#ifdef ARCH_TEST_HMAC
#ifdef ARCH_TEST_SHA256
-{"Test psa_mac_verify_setup truncated MAC too large\n", PSA_KEY_TYPE_HMAC,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
- 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
- 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
- 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
- 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
- 64, PSA_KEY_USAGE_VERIFY, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33),
- PSA_ERROR_INVALID_ARGUMENT
+#ifdef ARCH_TEST_TRUNCATED_MAC
+{
+ .test_desc = "Test psa_mac_verify_setup - Truncated MAC too large\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33),
+ .data = key_data,
+ .data_length = 64,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
},
-{"Test psa_mac_verify_setup truncated MAC too small\n", PSA_KEY_TYPE_HMAC,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
- 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
- 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
- 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
- 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
- 64, PSA_KEY_USAGE_VERIFY, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1),
- PSA_ERROR_NOT_SUPPORTED
+{
+ .test_desc = "Test psa_mac_verify_setup - Truncated MAC too small\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1),
+ .data = key_data,
+ .data_length = 64,
+ .expected_status = PSA_ERROR_NOT_SUPPORTED
},
#endif
+#endif
-#ifdef ARCH_TEST_AES_128
-{"Test psa_mac_verify_setup bad algorithm (unknown MAC algorithm)\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0x00},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(0),
- PSA_ERROR_NOT_SUPPORTED
+{
+ .test_desc = "Test psa_mac_verify_setup - Unknown MAC algorithm\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_HMAC(0),
+ .data = key_data,
+ .data_length = 64,
+ .expected_status = PSA_ERROR_NOT_SUPPORTED
},
#endif
-#endif
#ifdef ARCH_TEST_AES_128
#ifdef ARCH_TEST_CBC_NO_PADDING
-{"Test psa_mac_verify_setup bad algorithm (not a MAC algorithm)\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0x00},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_CBC_NO_PADDING,
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_mac_verify_setup - Bad algorithm (not a MAC algorithm)\n",
+ .type = PSA_KEY_TYPE_AES,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_CBC_NO_PADDING,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
},
#endif
#endif
-};
-
-static const test_data check2[] = {
-#ifdef ARCH_TEST_HMAC
-#ifdef ARCH_TEST_SHA256
-{"Test psa_mac_verify_setup 64 negative case\n", PSA_KEY_TYPE_HMAC,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
- 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
- 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
- 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
- 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
- 64, PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_256),
- PSA_SUCCESS
-},
-#endif
#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c029/test_entry_c029.c b/api-tests/dev_apis/crypto/test_c029/test_entry_c029.c
index a958c9e..14d7392 100644
--- a/api-tests/dev_apis/crypto/test_c029/test_entry_c029.c
+++ b/api-tests/dev_apis/crypto/test_c029/test_entry_c029.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c029.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 29)
-#define TEST_DESC "Testing crypto MAC APIs\n"
+#define TEST_DESC "Testing crypto MAC APIs | UT: psa_mac_verify_setup\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c030/test_c030.c b/api-tests/dev_apis/crypto/test_c030/test_c030.c
index 42cbb97..8cbecc1 100644
--- a/api-tests/dev_apis/crypto/test_c030/test_c030.c
+++ b/api-tests/dev_apis/crypto/test_c030/test_c030.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -30,11 +30,11 @@
int32_t psa_mac_verify_finish_test(caller_security_t caller __UNUSED)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
- psa_mac_operation_t operation;
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_mac_operation_t operation=PSA_MAC_OPERATION_INIT;
+ psa_key_attributes_t attributes=PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -48,49 +48,72 @@
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "[Check %d] ", i+1);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- memset(&operation, 0, sizeof(operation));
+
+ val->crypto_function(VAL_CRYPTO_KEY_ATTRIBUTES_INIT,
+ &attributes);
+ val->crypto_function(VAL_CRYPTO_MAC_OPERATION_INIT,
+ &operation);
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
- /* Start a multipart MAC calculation operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP, &operation,
- key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ if (check1[i].operation_state) {
+ /* Start a multipart MAC calculation operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP,
+ &operation,
+ key,
+ check1[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
- /* Add a message fragment to a multipart MAC operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation, check1[i].data,
- check1[i].data_size);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ /* Add a message fragment to a multipart MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE,
+ &operation,
+ check1[i].input,
+ check1[i].input_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ }
/* Finish the calculation of the MAC of a message and compare it with
* an expected value
*/
- status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_FINISH, &operation,
- check1[i].expected_mac, check1[i].mac_size);
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_FINISH,
+ &operation,
+ check1[i].mac,
+ check1[i].mac_length);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Abort a MAC operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
continue;
}
@@ -99,16 +122,20 @@
* Finish the calculation of the MAC of a message using same operation
* should return error
*/
- status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_FINISH, &operation,
- check1[i].expected_mac, check1[i].mac_size);
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_FINISH,
+ &operation,
+ check1[i].mac,
+ check1[i].mac_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(9));
/* Abort a MAC operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
}
diff --git a/api-tests/dev_apis/crypto/test_c030/test_data.h b/api-tests/dev_apis/crypto/test_c030/test_data.h
index cbe6979..708eb81 100644
--- a/api-tests/dev_apis/crypto/test_c030/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c030/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,114 +15,157 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- uint8_t key_data[64];
- uint32_t key_length;
- uint8_t data[16];
- size_t data_size;
- uint8_t expected_mac[64];
- size_t mac_size;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
+ psa_key_type_t type;
+ psa_key_usage_t usage_flags;
+ psa_algorithm_t alg;
+ const uint8_t *data;
+ size_t data_length;
+ const uint8_t *input;
+ size_t input_length;
+ const uint8_t *mac;
+ size_t mac_length;
+ uint32_t operation_state;
psa_status_t expected_status;
} test_data;
static const test_data check1[] = {
+#ifdef CRYPTO_1_0
#ifdef ARCH_TEST_HMAC
#ifdef ARCH_TEST_SHA224
-{"Test psa_mac_verify_finish - HMAC - SHA 224\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
-{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
-{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
- 0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
- 0x4b, 0x22}, 28,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_224),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_verify_finish - HMAC - SHA224\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ .data = key_data,
+ .data_length = 64,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .mac = hmac_sha224,
+ .mac_length = 28,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_SHA256
-{"Test psa_mac_verify_finish - HMAC - SHA 256\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
-{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
-{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
- 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
- 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 32,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_256),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_verify_finish - HMAC - SHA256\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ .data = key_data,
+ .data_length = 64,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .mac = hmac_sha256,
+ .mac_length = 32,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_SHA512
-{"Test psa_mac_verify_finish - HMAC - SHA 512\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
-{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
-{0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d, 0x4f, 0xf0, 0xb4, 0x24, 0x1a,
- 0x1d, 0x6c, 0xb0, 0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78, 0x7a, 0xd0,
- 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde, 0xda, 0xa8, 0x33, 0xb7, 0xd6, 0xb8, 0xa7,
- 0x02, 0x03, 0x8b, 0x27, 0x4e, 0xae, 0xa3, 0xf4, 0xe4, 0xbe, 0x9d, 0x91, 0x4e,
- 0xeb, 0x61, 0xf1, 0x70, 0x2e, 0x69, 0x6c, 0x20, 0x3a, 0x12, 0x68, 0x54}, 64,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_512),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_verify_finish - HMAC - SHA512\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_512),
+ .data = key_data,
+ .data_length = 64,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .mac = hmac_sha512,
+ .mac_length = 64,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_SHA224
-{"Test psa_mac_verify_finish - HMAC - SHA 224 (truncated to 8 Byte)\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
-{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
-{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68}, 8,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 8),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_verify_finish - HMAC - SHA224 - Truncated 8 Byte\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 8),
+ .data = key_data,
+ .data_length = 64,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .mac = hmac_sha224,
+ .mac_length = 8,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_mac_verify_finish - HMAC - SHA224 - Invalid mac length\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ .data = key_data,
+ .data_length = 64,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .mac = hmac_sha224,
+ .mac_length = 30,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_INVALID_SIGNATURE
+},
+
+{
+ .test_desc = "Test psa_mac_verify_finish - HMAC - SHA224 - Invalid expected mac\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ .data = key_data,
+ .data_length = 64,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .mac = hmac_sha224_invalid,
+ .mac_length = 28,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_INVALID_SIGNATURE
+},
+
+{
+ .test_desc = "Test psa_mac_verify_finish - HMAC - SHA224 - Invalid operation state\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ .data = key_data,
+ .data_length = 64,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .mac = hmac_sha224,
+ .mac_length = 28,
+ .operation_state = 0,
+ .expected_status = PSA_ERROR_BAD_STATE
},
#endif
#endif
#ifdef ARCH_TEST_AES_128
#ifdef ARCH_TEST_CMAC
-{"Test psa_mac_verify_finish - CMAC - AES 128\n", PSA_KEY_TYPE_AES,
-{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
- 0xcf, 0x4f, 0x3c}, 16,
-{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
-{0x9A, 0x8F, 0xFF, 0x8D, 0xA3, 0x5B, 0x97, 0xCB, 0x4C, 0x95, 0xF0, 0xFA, 0x6A,
- 0xE7, 0xE0, 0x77}, 16,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_CMAC,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_verify_finish - CMAC - AES\n",
+ .type = PSA_KEY_TYPE_AES,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_CMAC,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .input = input_bytes_data,
+ .input_length = 16,
+ .mac = cmac_aes_128,
+ .mac_length = 16,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
-
-#ifdef ARCH_TEST_HMAC
-#ifdef ARCH_TEST_SHA256
-{"Test psa_mac_verify_finish - small size buffer\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
-{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
-{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
- 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
- 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 30,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_256),
- PSA_ERROR_INVALID_SIGNATURE
-},
-
-{"Test psa_mac_verify_finish - Incorrect expected MAC\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
-{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
-{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
- 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
- 0x39, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 32,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_256),
- PSA_ERROR_INVALID_SIGNATURE
-},
-#endif
#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c030/test_entry_c030.c b/api-tests/dev_apis/crypto/test_c030/test_entry_c030.c
index bec961d..0c4d977 100644
--- a/api-tests/dev_apis/crypto/test_c030/test_entry_c030.c
+++ b/api-tests/dev_apis/crypto/test_c030/test_entry_c030.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c030.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 30)
-#define TEST_DESC "Testing crypto MAC APIs\n"
+#define TEST_DESC "Testing crypto MAC APIs | UT: psa_mac_verify_finish\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c031/test_c031.c b/api-tests/dev_apis/crypto/test_c031/test_c031.c
index f4ffff1..3701bfc 100644
--- a/api-tests/dev_apis/crypto/test_c031/test_c031.c
+++ b/api-tests/dev_apis/crypto/test_c031/test_c031.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -29,16 +29,15 @@
extern uint32_t g_test_count;
-static uint8_t data[BUFFER_SIZE];
static int32_t valid_test_input_index = -1;
int32_t psa_mac_abort_test(caller_security_t caller __UNUSED)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
- psa_mac_operation_t operation;
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_mac_operation_t operation=PSA_MAC_OPERATION_INIT;
+ psa_key_attributes_t attributes=PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_id_t key=0;
if (num_checks == 0)
{
@@ -54,37 +53,55 @@
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- memset(&operation, 0, sizeof(operation));
+
+ val->crypto_function(VAL_CRYPTO_KEY_ATTRIBUTES_INIT,
+ &attributes);
+ val->crypto_function(VAL_CRYPTO_MAC_OPERATION_INIT,
+ &operation);
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Start a multipart MAC calculation operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
- key_handle, check1[i].key_alg);
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP,
+ &operation,
+ key,
+ check1[i].alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Abort a MAC operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Multiple Abort a MAC operation should succeed */
- status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
if (valid_test_input_index < 0)
@@ -96,19 +113,17 @@
int32_t psa_mac_abort_before_finish_test(caller_security_t caller __UNUSED)
{
- size_t length;
- psa_key_handle_t key_handle = 10;
- psa_mac_operation_t operation;
- uint8_t input_data[] = {0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65};
- size_t inputdata_size = sizeof(input_data);
+ size_t mac_length;
+ psa_key_id_t key;
+ psa_mac_operation_t operation=PSA_MAC_OPERATION_INIT;
int32_t status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
if (valid_test_input_index < 0)
return RESULT_SKIP(VAL_STATUS_NO_TESTS);
- memset(data, 0, sizeof(data));
- memset(&operation, 0, sizeof(operation));
+ val->crypto_function(VAL_CRYPTO_MAC_OPERATION_INIT,
+ &operation);
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, "Test psa_mac_sign_finish after calling psa_mac_abort\n", 0);
@@ -124,33 +139,34 @@
/* Setup the attributes for the key */
val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
&attributes,
- check1[valid_test_input_index].key_type);
+ check1[valid_test_input_index].type);
val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
&attributes,
- check1[valid_test_input_index].usage);
+ check1[valid_test_input_index].usage_flags);
val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
&attributes,
- check1[valid_test_input_index].key_alg);
+ check1[valid_test_input_index].alg);
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
&attributes,
- check1[valid_test_input_index].key_data,
- check1[valid_test_input_index].key_length,
- &key_handle);
+ check1[valid_test_input_index].data,
+ check1[valid_test_input_index].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Start a multipart MAC calculation operation */
status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP,
&operation,
- key_handle,
- check1[valid_test_input_index].key_alg);
+ key,
+ check1[valid_test_input_index].alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Add a message fragment to a multipart MAC operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation,
- input_data,
- inputdata_size);
+ status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE,
+ &operation,
+ input_bytes_data,
+ 16);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Abort a MAC operation */
@@ -161,14 +177,14 @@
/* Finish the calculation of the MAC of a message */
status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_FINISH,
&operation,
- data,
+ expected_output,
BUFFER_SIZE,
- &length);
+ &mac_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
- key_handle);
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c031/test_data.h b/api-tests/dev_apis/crypto/test_c031/test_data.h
index 50590eb..86817ad 100644
--- a/api-tests/dev_apis/crypto/test_c031/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c031/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,64 +15,77 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- uint8_t key_data[64];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
+ psa_key_type_t type;
+ psa_key_usage_t usage_flags;
+ psa_algorithm_t alg;
+ const uint8_t *data;
+ size_t data_length;
psa_status_t expected_status;
} test_data;
static const test_data check1[] = {
#ifdef ARCH_TEST_HMAC
#ifdef ARCH_TEST_SHA224
-{"Test psa_mac_abort HMAC SHA 224\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
- PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_224),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_abort - HMAC - SHA224\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_SIGN_HASH,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ .data = key_data,
+ .data_length = 64,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_mac_abort - HMAC - SHA224 - Truncated 8 Byte\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_SIGN_HASH,
+ .alg = PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 8),
+ .data = key_data,
+ .data_length = 64,
+ .expected_status = PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_SHA256
-{"Test psa_mac_abort HMAC SHA 256\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
- PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_256),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_abort - HMAC - SHA256\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_SIGN_HASH,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ .data = key_data,
+ .data_length = 64,
+ .expected_status = PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_SHA512
-{"Test psa_mac_abort HMAC SHA 512\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
- PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_512),
- PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_SHA224
-{"Test psa_mac_abort HMAC SHA 224 (truncated to 8 Byte)\n", PSA_KEY_TYPE_HMAC,
-{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
- 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
- PSA_KEY_USAGE_SIGN, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 8),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_abort - HMAC - SHA512\n",
+ .type = PSA_KEY_TYPE_HMAC,
+ .usage_flags = PSA_KEY_USAGE_SIGN_HASH,
+ .alg = PSA_ALG_HMAC(PSA_ALG_SHA_512),
+ .data = key_data,
+ .data_length = 64,
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
#ifdef ARCH_TEST_AES_128
#ifdef ARCH_TEST_CMAC
-{"Test psa_mac_abort CMAC AES 128\n", PSA_KEY_TYPE_AES,
-{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
- 0xcf, 0x4f, 0x3c}, 16,
- PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_mac_abort - CMAC - AES\n",
+ .type = PSA_KEY_TYPE_AES,
+ .usage_flags = PSA_KEY_USAGE_SIGN_HASH,
+ .alg = PSA_ALG_CMAC,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
diff --git a/api-tests/dev_apis/crypto/test_c031/test_entry_c031.c b/api-tests/dev_apis/crypto/test_c031/test_entry_c031.c
index ec266aa..a089fae 100644
--- a/api-tests/dev_apis/crypto/test_c031/test_entry_c031.c
+++ b/api-tests/dev_apis/crypto/test_c031/test_entry_c031.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c031.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 31)
-#define TEST_DESC "Testing crypto MAC APIs\n"
+#define TEST_DESC "Testing crypto MAC APIs | UT: psa_mac_abort\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c032/test_c032.c b/api-tests/dev_apis/crypto/test_c032/test_c032.c
index ada4cb4..9fb5a07 100644
--- a/api-tests/dev_apis/crypto/test_c032/test_c032.c
+++ b/api-tests/dev_apis/crypto/test_c032/test_c032.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -37,7 +37,7 @@
int32_t i, status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_cipher_operation_t operation;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -68,13 +68,24 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the key for a multipart symmetric encryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
- key_handle, check1[i].alg);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+ key, check1[i].alg);
+ /* TBD Note:- these changes are done because of the spec bug : https://github.com/ARMmbed/mbedtls/pull/4582
+ * revisit the 1.0.x spec is out
+ */
+ if (PSA_ERROR_NOT_SUPPORTED == check1[i].expected_status ||
+ PSA_ERROR_INVALID_ARGUMENT == check1[i].expected_status)
+ {
+ TEST_ASSERT_DUAL(status, PSA_ERROR_NOT_SUPPORTED,
+ PSA_ERROR_INVALID_ARGUMENT, TEST_CHECKPOINT_NUM(4));
+ } else
+ {
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+ }
/* Whether setup succeeded or failed, abort must succeed.
* Abort a cipher operation
@@ -85,22 +96,36 @@
if (check1[i].expected_status != PSA_SUCCESS)
{
status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
- key_handle, check1[i].alg);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
-
+ key, check1[i].alg);
+ /* TBD Note:- these changes are done because of the spec bug : https://github.com/ARMmbed/mbedtls/pull/4582
+ * revisit the 1.0.x spec is out
+ */
+ if (PSA_ERROR_NOT_SUPPORTED == check1[i].expected_status ||
+ PSA_ERROR_INVALID_ARGUMENT == check1[i].expected_status)
+ {
+ TEST_ASSERT_DUAL(status, PSA_ERROR_NOT_SUPPORTED, \
+ PSA_ERROR_INVALID_ARGUMENT, TEST_CHECKPOINT_NUM(6));
+ } else
+ {
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ }
status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
}
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
/* Reset the key attributes and check if psa_import_key fails */
val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_NOT_SUPPORTED, TEST_CHECKPOINT_NUM(9));
+ check1[i].data_length, &key);
+ /* TBD Note:- these changes are done because of the spec bug : https://github.com/ARMmbed/mbedtls/pull/4582
+ * revisit the 1.0.x spec is out
+ */
+ TEST_ASSERT_DUAL(status, PSA_ERROR_NOT_SUPPORTED,
+ PSA_ERROR_INVALID_ARGUMENT, TEST_CHECKPOINT_NUM(9));
if (valid_test_input_index < 0)
valid_test_input_index = i;
@@ -113,7 +138,7 @@
{
int32_t status;
psa_cipher_operation_t operation;
- psa_key_handle_t key_handle = 16;
+ psa_key_id_t key = 16;
if (valid_test_input_index < 0)
return RESULT_SKIP(VAL_STATUS_NO_TESTS);
@@ -131,7 +156,7 @@
g_test_count++);
/* Set the key for a multipart symmetric encryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
- key_handle, check1[valid_test_input_index].alg);
+ key, check1[valid_test_input_index].alg);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
val->print(PRINT_TEST, "[Check %d] Test psa_cipher_encrypt_setup - Zero as key handle\n",
diff --git a/api-tests/dev_apis/crypto/test_c032/test_data.h b/api-tests/dev_apis/crypto/test_c032/test_data.h
index 0e3f681..449542e 100644
--- a/api-tests/dev_apis/crypto/test_c032/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c032/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -146,7 +146,7 @@
.data_length = AES_16B_KEY_SIZE,
.bits = BYTES_TO_BITS(AES_16B_KEY_SIZE),
.usage_flags = PSA_KEY_USAGE_ENCRYPT,
- .alg = PSA_ALG_CATEGORY_CIPHER,
+ .alg = PSA_ALG_NONE,
.expected_status = PSA_ERROR_NOT_SUPPORTED
},
#endif
@@ -208,12 +208,12 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{
.test_desc = "Test psa_cipher_encrypt_setup - EC Public key\n",
- .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+ .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1),
.data = ec_key_data,
.data_length = 65,
.bits = 256,
.usage_flags = PSA_KEY_USAGE_ENCRYPT,
- .alg = PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ .alg = PSA_ALG_ECDSA_ANY,
.expected_status = PSA_ERROR_INVALID_ARGUMENT
},
#endif
@@ -221,12 +221,12 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
{
.test_desc = "Test psa_cipher_encrypt_setup - EC keypair\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.data = ec_key_pair,
.data_length = 28,
.bits = 224,
.usage_flags = PSA_KEY_USAGE_ENCRYPT,
- .alg = PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ .alg = PSA_ALG_ECDSA_ANY,
.expected_status = PSA_ERROR_INVALID_ARGUMENT
},
#endif
diff --git a/api-tests/dev_apis/crypto/test_c032/test_entry_c032.c b/api-tests/dev_apis/crypto/test_c032/test_entry_c032.c
index 720f775..9e82238 100644
--- a/api-tests/dev_apis/crypto/test_c032/test_entry_c032.c
+++ b/api-tests/dev_apis/crypto/test_c032/test_entry_c032.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c032.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 32)
-#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+#define TEST_DESC "Testing crypto symmetric cipher APIs | UT: psa_cipher_encrypt_setup\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c033/test_c033.c b/api-tests/dev_apis/crypto/test_c033/test_c033.c
index 4925162..93a8dea 100644
--- a/api-tests/dev_apis/crypto/test_c033/test_c033.c
+++ b/api-tests/dev_apis/crypto/test_c033/test_c033.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -37,7 +37,7 @@
int32_t i, status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_cipher_operation_t operation;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -54,7 +54,7 @@
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- memset(&operation, 0, sizeof(operation));
+ val->crypto_function(VAL_CRYPTO_CIPHER_OPERATION_INIT, &operation);
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
@@ -67,13 +67,24 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the key for a multipart symmetric decryption operation */
- status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation, key,
check1[i].alg);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+ /* TBD Note:- these changes are done because of the spec bug : https://github.com/ARMmbed/mbedtls/pull/4582
+ * revisit the 1.0.x spec is out
+ */
+ if (PSA_ERROR_NOT_SUPPORTED == check1[i].expected_status ||
+ PSA_ERROR_INVALID_ARGUMENT == check1[i].expected_status)
+ {
+ TEST_ASSERT_DUAL(status, PSA_ERROR_NOT_SUPPORTED,
+ PSA_ERROR_INVALID_ARGUMENT, TEST_CHECKPOINT_NUM(4));
+ } else
+ {
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+ }
/* Whether setup succeeded or failed, abort must succeed.
* Abort a cipher operation
@@ -83,9 +94,20 @@
if (check1[i].expected_status != PSA_SUCCESS)
{
- status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation, key,
check1[i].alg);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ /* TBD Note:- these changes are done because of the spec bug : https://github.com/ARMmbed/mbedtls/pull/4582
+ * revisit the 1.0.x spec is out
+ */
+ if (PSA_ERROR_NOT_SUPPORTED == check1[i].expected_status ||
+ PSA_ERROR_INVALID_ARGUMENT == check1[i].expected_status)
+ {
+ TEST_ASSERT_DUAL(status, PSA_ERROR_NOT_SUPPORTED, \
+ PSA_ERROR_INVALID_ARGUMENT, TEST_CHECKPOINT_NUM(6));
+ } else
+ {
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ }
/* Abort a cipher operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
@@ -93,14 +115,18 @@
}
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
/* Reset the key attributes and check if psa_import_key fails */
val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_NOT_SUPPORTED, TEST_CHECKPOINT_NUM(9));
+ check1[i].data_length, &key);
+ /* TBD Note:- these changes are done because of the spec bug : https://github.com/ARMmbed/mbedtls/pull/4582
+ * revisit the 1.0.x spec is out
+ */
+ TEST_ASSERT_DUAL(status, PSA_ERROR_NOT_SUPPORTED,
+ PSA_ERROR_INVALID_ARGUMENT, TEST_CHECKPOINT_NUM(9));
if (valid_test_input_index < 0)
valid_test_input_index = i;
@@ -113,7 +139,7 @@
{
int32_t status;
psa_cipher_operation_t operation;
- psa_key_handle_t key_handle = 16;
+ psa_key_id_t key = 16;
if (valid_test_input_index < 0)
return RESULT_SKIP(VAL_STATUS_NO_TESTS);
@@ -131,7 +157,7 @@
val->print(PRINT_TEST, "[Check %d] Test psa_cipher_decrypt_setup - Invalid key handle\n",
g_test_count++);
/* Set the key for a multipart symmetric decryption operation */
- status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation, key,
check1[valid_test_input_index].alg);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
diff --git a/api-tests/dev_apis/crypto/test_c033/test_data.h b/api-tests/dev_apis/crypto/test_c033/test_data.h
index 0badf5e..8ab59f0 100644
--- a/api-tests/dev_apis/crypto/test_c033/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c033/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -136,7 +136,7 @@
.data = key_data,
.data_length = AES_16B_KEY_SIZE,
.usage_flags = PSA_KEY_USAGE_DECRYPT,
- .alg = PSA_ALG_CATEGORY_CIPHER,
+ .alg = PSA_ALG_NONE,
.expected_status = PSA_ERROR_NOT_SUPPORTED
},
#endif
@@ -194,11 +194,11 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{
.test_desc = "Test psa_cipher_decrypt_setup - EC Public key\n",
- .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+ .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1),
.data = ec_key_data,
.data_length = 65,
.usage_flags = PSA_KEY_USAGE_DECRYPT,
- .alg = PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ .alg = PSA_ALG_ECDSA_ANY,
.expected_status = PSA_ERROR_INVALID_ARGUMENT
},
#endif
@@ -206,11 +206,11 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
{
.test_desc = "Test psa_cipher_decrypt_setup - EC keypair\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.data = ec_key_pair,
.data_length = 28,
.usage_flags = PSA_KEY_USAGE_DECRYPT,
- .alg = PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ .alg = PSA_ALG_ECDSA_ANY,
.expected_status = PSA_ERROR_INVALID_ARGUMENT
},
#endif
diff --git a/api-tests/dev_apis/crypto/test_c033/test_entry_c033.c b/api-tests/dev_apis/crypto/test_c033/test_entry_c033.c
index 0c06a40..37ef13c 100644
--- a/api-tests/dev_apis/crypto/test_c033/test_entry_c033.c
+++ b/api-tests/dev_apis/crypto/test_c033/test_entry_c033.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c033.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 33)
-#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+#define TEST_DESC "Testing crypto symmetric cipher APIs | UT: psa_cipher_decrypt_setup\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c034/test_c034.c b/api-tests/dev_apis/crypto/test_c034/test_c034.c
index b248185..2816570 100644
--- a/api-tests/dev_apis/crypto/test_c034/test_c034.c
+++ b/api-tests/dev_apis/crypto/test_c034/test_c034.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -34,7 +34,7 @@
psa_cipher_operation_t operation;
int32_t status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -50,7 +50,7 @@
{
val->print(PRINT_TEST, "[Check %d] ", i+1);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- memset(&operation, 0, sizeof(operation));
+ val->crypto_function(VAL_CRYPTO_CIPHER_OPERATION_INIT, &operation);
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
@@ -63,11 +63,11 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the key for a multipart symmetric encryption operation */
- status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation, key,
check1[i].alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
@@ -83,7 +83,7 @@
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
continue;
@@ -111,13 +111,13 @@
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
/* Reset the key attributes and check if psa_import_key fails */
val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_ERROR_NOT_SUPPORTED, TEST_CHECKPOINT_NUM(3));
}
diff --git a/api-tests/dev_apis/crypto/test_c034/test_entry_c034.c b/api-tests/dev_apis/crypto/test_c034/test_entry_c034.c
index 28b2a67..2792e55 100644
--- a/api-tests/dev_apis/crypto/test_c034/test_entry_c034.c
+++ b/api-tests/dev_apis/crypto/test_c034/test_entry_c034.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c034.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 34)
-#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+#define TEST_DESC "Testing crypto symmetric cipher APIs | UT: psa_cipher_generate_iv\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c035/test_c035.c b/api-tests/dev_apis/crypto/test_c035/test_c035.c
index 43fed89..9b6b885 100644
--- a/api-tests/dev_apis/crypto/test_c035/test_c035.c
+++ b/api-tests/dev_apis/crypto/test_c035/test_c035.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -32,7 +32,7 @@
int32_t i, status;
psa_cipher_operation_t operation;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -61,11 +61,11 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the key for a multipart symmetric encryption operation */
- status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation, key,
check1[i].alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
@@ -86,13 +86,13 @@
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
/* Reset the key attributes and check if psa_import_key fails */
val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_ERROR_NOT_SUPPORTED, TEST_CHECKPOINT_NUM(9));
}
diff --git a/api-tests/dev_apis/crypto/test_c035/test_entry_c035.c b/api-tests/dev_apis/crypto/test_c035/test_entry_c035.c
index 9323895..6bbabc7 100644
--- a/api-tests/dev_apis/crypto/test_c035/test_entry_c035.c
+++ b/api-tests/dev_apis/crypto/test_c035/test_entry_c035.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c035.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 35)
-#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+#define TEST_DESC "Testing crypto symmetric cipher APIs | UT: psa_cipher_set_iv\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c036/test_c036.c b/api-tests/dev_apis/crypto/test_c036/test_c036.c
index f9d43ca..cd28cde 100644
--- a/api-tests/dev_apis/crypto/test_c036/test_c036.c
+++ b/api-tests/dev_apis/crypto/test_c036/test_c036.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -29,7 +29,6 @@
extern uint32_t g_test_count;
-
int32_t psa_cipher_update_test(caller_security_t caller __UNUSED)
{
int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
@@ -37,7 +36,7 @@
size_t expected_output_length;
psa_cipher_operation_t operation;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -69,7 +68,7 @@
&attributes,
check1[i].data,
check1[i].data_length,
- &key_handle);
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
if (check1[i].usage_flags == PSA_KEY_USAGE_ENCRYPT)
@@ -77,14 +76,14 @@
/* Set the key for a multipart symmetric encryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP,
&operation,
- key_handle,
+ key,
check1[i].alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
} else if (check1[i].usage_flags == PSA_KEY_USAGE_DECRYPT)
{
status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP,
&operation,
- key_handle,
+ key,
check1[i].alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
}
@@ -113,7 +112,7 @@
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
continue;
}
@@ -131,7 +130,7 @@
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(13));
/* Reset the key attributes and check if psa_import_key fails */
@@ -140,7 +139,7 @@
&attributes,
check1[i].data,
check1[i].data_length,
- &key_handle);
+ &key);
TEST_ASSERT_EQUAL(status, PSA_ERROR_NOT_SUPPORTED, TEST_CHECKPOINT_NUM(14));
}
diff --git a/api-tests/dev_apis/crypto/test_c036/test_entry_c036.c b/api-tests/dev_apis/crypto/test_c036/test_entry_c036.c
index e42ad47..133a0f3 100644
--- a/api-tests/dev_apis/crypto/test_c036/test_entry_c036.c
+++ b/api-tests/dev_apis/crypto/test_c036/test_entry_c036.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c036.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 36)
-#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+#define TEST_DESC "Testing crypto symmetric cipher APIs | UT: psa_cipher_update\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c037/test_c037.c b/api-tests/dev_apis/crypto/test_c037/test_c037.c
index fef6c0c..d108443 100644
--- a/api-tests/dev_apis/crypto/test_c037/test_c037.c
+++ b/api-tests/dev_apis/crypto/test_c037/test_c037.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -33,7 +33,7 @@
size_t get_update_output_length, get_finish_output_length;
psa_cipher_operation_t operation, invalid_operation;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -63,19 +63,19 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
if (check1[i].usage_flags == PSA_KEY_USAGE_ENCRYPT)
{
/* Set the key for a multipart symmetric encryption operation */
- status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation, key,
check1[i].alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
} else if (check1[i].usage_flags == PSA_KEY_USAGE_DECRYPT)
{
/* Set the key for a multipart symmetric decryption operation */
- status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation, key,
check1[i].alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
}
@@ -105,7 +105,7 @@
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
continue;
}
@@ -135,13 +135,13 @@
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(15));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(16));
/* Reset the key attributes and check if psa_import_key fails */
val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_ERROR_NOT_SUPPORTED, TEST_CHECKPOINT_NUM(3));
}
diff --git a/api-tests/dev_apis/crypto/test_c037/test_data.h b/api-tests/dev_apis/crypto/test_c037/test_data.h
index 36e05f0..ab40aa8 100644
--- a/api-tests/dev_apis/crypto/test_c037/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c037/test_data.h
@@ -269,7 +269,7 @@
.output_size = 0,
.expected_output = NULL,
.expected_output_length = 0,
- .expected_status = PSA_ERROR_BAD_STATE
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
},
#endif
diff --git a/api-tests/dev_apis/crypto/test_c037/test_entry_c037.c b/api-tests/dev_apis/crypto/test_c037/test_entry_c037.c
index 77c5a45..dbc6984 100644
--- a/api-tests/dev_apis/crypto/test_c037/test_entry_c037.c
+++ b/api-tests/dev_apis/crypto/test_c037/test_entry_c037.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c037.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 37)
-#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+#define TEST_DESC "Testing crypto symmetric cipher APIs | UT: psa_cipher_finish\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c038/test_c038.c b/api-tests/dev_apis/crypto/test_c038/test_c038.c
index 8752020..8b1b840 100644
--- a/api-tests/dev_apis/crypto/test_c038/test_c038.c
+++ b/api-tests/dev_apis/crypto/test_c038/test_c038.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -37,7 +37,7 @@
int32_t i, status;
psa_cipher_operation_t operation;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -66,19 +66,19 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
if (check1[i].usage_flags == PSA_KEY_USAGE_ENCRYPT)
{
/* Set the key for a multipart symmetric encryption operation */
- status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation, key,
check1[i].alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
} else if (check1[i].usage_flags == PSA_KEY_USAGE_DECRYPT)
{
/* Set the key for a multipart symmetric decryption operation */
- status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation, key,
check1[i].alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
}
@@ -92,7 +92,7 @@
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
/* Reset the key attributes and check if psa_import_key fails */
@@ -108,7 +108,7 @@
int32_t psa_cipher_abort_before_update_test(caller_security_t caller __UNUSED)
{
size_t get_output_length;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
psa_cipher_operation_t operation;
int32_t status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -139,11 +139,11 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
&attributes, check1[valid_test_input_index].data,
- check1[valid_test_input_index].data_length, &key_handle);
+ check1[valid_test_input_index].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the key for a multipart symmetric encryption operation */
- status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation, key,
check1[valid_test_input_index].alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
@@ -161,7 +161,7 @@
TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
/* Reset the key attributes and check if psa_import_key fails */
diff --git a/api-tests/dev_apis/crypto/test_c038/test_entry_c038.c b/api-tests/dev_apis/crypto/test_c038/test_entry_c038.c
index e82617f..276215b 100644
--- a/api-tests/dev_apis/crypto/test_c038/test_entry_c038.c
+++ b/api-tests/dev_apis/crypto/test_c038/test_entry_c038.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c038.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 38)
-#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+#define TEST_DESC "Testing crypto symmetric cipher APIs | UT: psa_cipher_abort\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c039/test_c039.c b/api-tests/dev_apis/crypto/test_c039/test_c039.c
index 7e1e62d..bf4ebad 100644
--- a/api-tests/dev_apis/crypto/test_c039/test_c039.c
+++ b/api-tests/dev_apis/crypto/test_c039/test_c039.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -37,7 +37,7 @@
int32_t i, status;
size_t get_output_length;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -65,12 +65,12 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Encrypt a short message with a public key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_ENCRYPT,
- key_handle,
+ status = val->crypto_function(VAL_CRYPTO_ASYMMETRIC_ENCRYPT,
+ key,
check1[i].alg,
check1[i].input,
check1[i].input_length,
@@ -84,7 +84,7 @@
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Reset the key attributes and check if psa_import_key fails */
@@ -101,8 +101,8 @@
* part of encryption process which prevents using fixed vectors. */
if ((check1[i].usage_flags & PSA_KEY_USAGE_DECRYPT) == PSA_KEY_USAGE_DECRYPT)
{
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_DECRYPT,
- key_handle,
+ status = val->crypto_function(VAL_CRYPTO_ASYMMETRIC_DECRYPT,
+ key,
check1[i].alg,
check1[i].output,
get_output_length,
@@ -122,13 +122,13 @@
}
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
/* Reset the key attributes and check if psa_import_key fails */
val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_ERROR_NOT_SUPPORTED, TEST_CHECKPOINT_NUM(11));
if (valid_test_input_index < 0)
@@ -142,7 +142,7 @@
{
int32_t status;
size_t get_output_length;
- psa_key_handle_t key_handle = 11;
+ psa_key_id_t key = 11;
if (valid_test_input_index < 0)
return RESULT_SKIP(VAL_STATUS_NO_TESTS);
@@ -158,8 +158,8 @@
val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_encrypt - Invalid key handle\n",
g_test_count++);
/* Encrypt a short message with a public key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_ENCRYPT,
- key_handle,
+ status = val->crypto_function(VAL_CRYPTO_ASYMMETRIC_ENCRYPT,
+ key,
check1[valid_test_input_index].alg,
check1[valid_test_input_index].input,
check1[valid_test_input_index].input_length,
@@ -173,7 +173,7 @@
val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_encrypt - Zero as key handle\n",
g_test_count++);
/* Encrypt a short message with a public key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_ENCRYPT,
+ status = val->crypto_function(VAL_CRYPTO_ASYMMETRIC_ENCRYPT,
0,
check1[valid_test_input_index].alg,
check1[valid_test_input_index].input,
diff --git a/api-tests/dev_apis/crypto/test_c039/test_data.h b/api-tests/dev_apis/crypto/test_c039/test_data.h
index a6cf0a0..446ecd9 100644
--- a/api-tests/dev_apis/crypto/test_c039/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c039/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -244,14 +244,13 @@
#ifdef ARCH_TEST_ECDSA
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
-#ifdef ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
{
.test_desc = "Test psa_asymmetric_encrypt - ECC public key\n",
- .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+ .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1),
.data = ec_key_data,
.data_length = 65,
.usage_flags = PSA_KEY_USAGE_ENCRYPT,
- .alg = PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ .alg = PSA_ALG_ECDSA_ANY,
.input = NULL,
.input_length = 0,
.salt = NULL,
@@ -263,5 +262,4 @@
},
#endif
#endif
-#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c039/test_entry_c039.c b/api-tests/dev_apis/crypto/test_c039/test_entry_c039.c
index b9c58de..5b808dd 100644
--- a/api-tests/dev_apis/crypto/test_c039/test_entry_c039.c
+++ b/api-tests/dev_apis/crypto/test_c039/test_entry_c039.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c039.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 39)
-#define TEST_DESC "Testing crypto asymmetric APIs\n"
+#define TEST_DESC "Testing crypto asymmetric APIs | UT: psa_asymmetric_encrypt\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c040/test_c040.c b/api-tests/dev_apis/crypto/test_c040/test_c040.c
index 3330b37..8aaa769 100644
--- a/api-tests/dev_apis/crypto/test_c040/test_c040.c
+++ b/api-tests/dev_apis/crypto/test_c040/test_c040.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -37,7 +37,7 @@
int32_t i, status;
size_t get_output_length;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -65,12 +65,12 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Decrypt a short message with a private key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_DECRYPT,
- key_handle,
+ status = val->crypto_function(VAL_CRYPTO_ASYMMETRIC_DECRYPT,
+ key,
check1[i].alg,
check1[i].input,
check1[i].input_length,
@@ -84,7 +84,7 @@
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
continue;
@@ -99,13 +99,13 @@
TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
/* Reset the key attributes and check if psa_import_key fails */
val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_ERROR_NOT_SUPPORTED, TEST_CHECKPOINT_NUM(9));
if (valid_test_input_index < 0)
@@ -119,7 +119,7 @@
{
int32_t status;
size_t get_output_length;
- psa_key_handle_t key_handle = 1;
+ psa_key_id_t key = 1;
if (valid_test_input_index < 0)
return RESULT_SKIP(VAL_STATUS_NO_TESTS);
@@ -135,8 +135,8 @@
val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_decrypt - Invalid key handle\n",
g_test_count++);
/* Encrypt a short message with a public key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_DECRYPT,
- key_handle,
+ status = val->crypto_function(VAL_CRYPTO_ASYMMETRIC_DECRYPT,
+ key,
check1[valid_test_input_index].alg,
check1[valid_test_input_index].input,
check1[valid_test_input_index].input_length,
@@ -150,7 +150,7 @@
val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_decrypt - Zero as key handle\n",
g_test_count++);
/* Encrypt a short message with a public key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_DECRYPT,
+ status = val->crypto_function(VAL_CRYPTO_ASYMMETRIC_DECRYPT,
0,
check1[valid_test_input_index].alg,
check1[valid_test_input_index].input,
diff --git a/api-tests/dev_apis/crypto/test_c040/test_entry_c040.c b/api-tests/dev_apis/crypto/test_c040/test_entry_c040.c
index f9ade00..419db73 100644
--- a/api-tests/dev_apis/crypto/test_c040/test_entry_c040.c
+++ b/api-tests/dev_apis/crypto/test_c040/test_entry_c040.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c040.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 40)
-#define TEST_DESC "Testing crypto asymmetric APIs\n"
+#define TEST_DESC "Testing crypto asymmetric APIs | UT: psa_asymmetric_decrypt\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c041/test_c041.c b/api-tests/dev_apis/crypto/test_c041/test_c041.c
index 4ce8b7b..ec6c47a 100644
--- a/api-tests/dev_apis/crypto/test_c041/test_c041.c
+++ b/api-tests/dev_apis/crypto/test_c041/test_c041.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -22,8 +22,8 @@
const client_test_t test_c041_crypto_list[] = {
NULL,
- psa_asymmetric_sign_test,
- psa_asymmetric_sign_negative_test,
+ psa_sign_hash_test,
+ psa_sign_hash_negative_test,
NULL,
};
@@ -31,13 +31,13 @@
static int32_t valid_test_input_index = -1;
-int32_t psa_asymmetric_sign_test(caller_security_t caller __UNUSED)
+int32_t psa_sign_hash_test(caller_security_t caller __UNUSED)
{
int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
size_t get_signature_length;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -65,12 +65,12 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Sign a hash or short message with a private key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_SIGN,
- key_handle,
+ status = val->crypto_function(VAL_CRYPTO_SIGN_HASH,
+ key,
check1[i].alg,
check1[i].hash,
check1[i].hash_length,
@@ -82,7 +82,7 @@
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
continue;
@@ -97,7 +97,7 @@
TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
if (valid_test_input_index < 0)
@@ -107,11 +107,11 @@
return VAL_STATUS_SUCCESS;
}
-int32_t psa_asymmetric_sign_negative_test(caller_security_t caller __UNUSED)
+int32_t psa_sign_hash_negative_test(caller_security_t caller __UNUSED)
{
int32_t status;
size_t get_signature_length;
- psa_key_handle_t key_handle = 10;
+ psa_key_id_t key = 10;
if (valid_test_input_index < 0)
return RESULT_SKIP(VAL_STATUS_NO_TESTS);
@@ -124,11 +124,11 @@
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_sign - Invalid key handle\n",
+ val->print(PRINT_TEST, "[Check %d] Test psa_sign_hash - Invalid key handle\n",
g_test_count++);
/* Sign a hash or short message with a private key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_SIGN,
- key_handle,
+ status = val->crypto_function(VAL_CRYPTO_SIGN_HASH,
+ key,
check1[valid_test_input_index].alg,
check1[valid_test_input_index].hash,
check1[valid_test_input_index].hash_length,
@@ -137,10 +137,10 @@
&get_signature_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
- val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_sign - Zero as key handle\n",
+ val->print(PRINT_TEST, "[Check %d] Test psa_sign_hash - Zero as key handle\n",
g_test_count++);
/* Sign a hash or short message with a private key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_SIGN,
+ status = val->crypto_function(VAL_CRYPTO_SIGN_HASH,
0,
check1[valid_test_input_index].alg,
check1[valid_test_input_index].hash,
diff --git a/api-tests/dev_apis/crypto/test_c041/test_c041.h b/api-tests/dev_apis/crypto/test_c041/test_c041.h
index ecd88d5..96f77d2 100644
--- a/api-tests/dev_apis/crypto/test_c041/test_c041.h
+++ b/api-tests/dev_apis/crypto/test_c041/test_c041.h
@@ -26,8 +26,8 @@
extern psa_api_t *psa;
extern const client_test_t test_c041_crypto_list[];
-int32_t psa_asymmetric_sign_test(caller_security_t caller);
-int32_t psa_asymmetric_sign_negative_test(caller_security_t caller);
+int32_t psa_sign_hash_test(caller_security_t caller);
+int32_t psa_sign_hash_negative_test(caller_security_t caller);
extern void crypto_common_exit_action(void);
#endif /* _TEST_C041_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c041/test_data.h b/api-tests/dev_apis/crypto/test_c041/test_data.h
index 7af5157..68422c4 100644
--- a/api-tests/dev_apis/crypto/test_c041/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c041/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -37,11 +37,11 @@
#ifdef ARCH_TEST_RSA_1024
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
{
- .test_desc = "Test psa_asymmetric_sign - RSA KEY_PAIR PKCS1V15 RAW\n",
+ .test_desc = "Test psa_sign_hash - RSA KEY_PAIR PKCS1V15 RAW\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.data = rsa_128_key_pair,
.data_length = 610,
- .usage_flags = PSA_KEY_USAGE_SIGN,
+ .usage_flags = PSA_KEY_USAGE_SIGN_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
.hash = sha_256_hash,
.hash_length = 32,
@@ -56,11 +56,11 @@
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
#ifdef ARCH_TEST_SHA256
{
- .test_desc = "Test psa_asymmetric_sign - RSA KEY_PAIR PKCS1V15 SHA-256\n",
+ .test_desc = "Test psa_sign_hash - RSA KEY_PAIR PKCS1V15 SHA-256\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.data = rsa_128_key_pair,
.data_length = 610,
- .usage_flags = PSA_KEY_USAGE_SIGN,
+ .usage_flags = PSA_KEY_USAGE_SIGN_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
.hash = sha_256_hash,
.hash_length = 32,
@@ -78,11 +78,11 @@
#ifdef ARCH_TEST_DETERMINISTIC_ECDSA
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{
- .test_desc = "Test psa_asymmetric_sign - ECDSA SECP256R1 SHA-256\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+ .test_desc = "Test psa_sign_hash - ECDSA SECP256R1 SHA-256\n",
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.data = ec_keypair,
.data_length = 32,
- .usage_flags = PSA_KEY_USAGE_SIGN,
+ .usage_flags = PSA_KEY_USAGE_SIGN_HASH,
.alg = PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
.hash = sha_256_hash,
.hash_length = 32,
@@ -98,11 +98,11 @@
#ifdef ARCH_TEST_RSA_1024
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
{
- .test_desc = "Test psa_asymmetric_sign - Invalid key type (RSA public key)\n",
+ .test_desc = "Test psa_sign_hash - Invalid key type (RSA public key)\n",
.type = PSA_KEY_TYPE_RSA_PUBLIC_KEY,
.data = rsa_128_key_data,
.data_length = 162,
- .usage_flags = PSA_KEY_USAGE_SIGN,
+ .usage_flags = PSA_KEY_USAGE_SIGN_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
.hash = NULL,
.hash_length = 0,
@@ -114,11 +114,11 @@
},
{
- .test_desc = "Test psa_asymmetric_sign - Small output buffer\n",
+ .test_desc = "Test psa_sign_hash - Small output buffer\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.data = rsa_128_key_pair,
.data_length = 610,
- .usage_flags = PSA_KEY_USAGE_SIGN,
+ .usage_flags = PSA_KEY_USAGE_SIGN_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
.hash = sha_256_hash,
.hash_length = 32,
@@ -131,11 +131,11 @@
#endif
{
- .test_desc = "Test psa_asymmetric_sign - Invalid algorithm\n",
+ .test_desc = "Test psa_sign_hash - Invalid algorithm\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.data = rsa_128_key_pair,
.data_length = 610,
- .usage_flags = PSA_KEY_USAGE_SIGN,
+ .usage_flags = PSA_KEY_USAGE_SIGN_HASH,
.alg = PSA_ALG_SHA_256,
.hash = NULL,
.hash_length = 0,
@@ -150,11 +150,11 @@
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
#ifdef ARCH_TEST_AES_128
{
- .test_desc = "Test psa_asymmetric_sign - Invalid key type (AES Key)\n",
+ .test_desc = "Test psa_sign_hash - Invalid key type (AES Key)\n",
.type = PSA_KEY_TYPE_AES,
.data = key_data,
.data_length = AES_16B_KEY_SIZE,
- .usage_flags = PSA_KEY_USAGE_SIGN,
+ .usage_flags = PSA_KEY_USAGE_SIGN_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
.hash = NULL,
.hash_length = 0,
@@ -171,7 +171,7 @@
#ifdef ARCH_TEST_RSA_1024
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
{
- .test_desc = "Test psa_asymmetric_sign - Invalid usage\n",
+ .test_desc = "Test psa_sign_hash - Invalid usage\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.data = rsa_128_key_pair,
.data_length = 610,
@@ -190,11 +190,11 @@
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
#ifdef ARCH_TEST_SHA256
{
- .test_desc = "Test psa_asymmetric_sign - Wrong hash size\n",
+ .test_desc = "Test psa_sign_hash - Wrong hash size\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.data = rsa_128_key_pair,
.data_length = 610,
- .usage_flags = PSA_KEY_USAGE_SIGN,
+ .usage_flags = PSA_KEY_USAGE_SIGN_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
.hash = sha_256_hash,
.hash_length = 31,
diff --git a/api-tests/dev_apis/crypto/test_c041/test_entry_c041.c b/api-tests/dev_apis/crypto/test_c041/test_entry_c041.c
index 444e9a2..0f2dc92 100644
--- a/api-tests/dev_apis/crypto/test_c041/test_entry_c041.c
+++ b/api-tests/dev_apis/crypto/test_c041/test_entry_c041.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c041.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 41)
-#define TEST_DESC "Testing crypto asymmetric APIs\n"
+#define TEST_DESC "Testing crypto asymmetric APIs | UT: psa_sign_hash\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c042/test_c042.c b/api-tests/dev_apis/crypto/test_c042/test_c042.c
index adff853..6948577 100644
--- a/api-tests/dev_apis/crypto/test_c042/test_c042.c
+++ b/api-tests/dev_apis/crypto/test_c042/test_c042.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -22,8 +22,8 @@
const client_test_t test_c042_crypto_list[] = {
NULL,
- psa_asymmetric_verify_test,
- psa_asymmetric_verify_negative_test,
+ psa_verify_hash_test,
+ psa_verify_hash_negative_test,
NULL,
};
@@ -31,13 +31,12 @@
static int32_t valid_test_input_index = -1;
-
-int32_t psa_asymmetric_verify_test(caller_security_t caller __UNUSED)
+int32_t psa_verify_hash_test(caller_security_t caller __UNUSED)
{
int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -65,12 +64,12 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Verify the signature a hash or short message using a public key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_VERIFY,
- key_handle,
+ status = val->crypto_function(VAL_CRYPTO_VERIFY_HASH,
+ key,
check1[i].alg,
check1[i].hash,
check1[i].hash_length,
@@ -79,7 +78,7 @@
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Destroy a key and restore the slot to its default state */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
if (valid_test_input_index < 0)
@@ -89,10 +88,10 @@
return VAL_STATUS_SUCCESS;
}
-int32_t psa_asymmetric_verify_negative_test(caller_security_t caller __UNUSED)
+int32_t psa_verify_hash_negative_test(caller_security_t caller __UNUSED)
{
int32_t status;
- psa_key_handle_t key_handle = 13;
+ psa_key_id_t key = 13;
if (valid_test_input_index < 0)
return RESULT_SKIP(VAL_STATUS_NO_TESTS);
@@ -101,7 +100,7 @@
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
- val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_verify - Invalid key handle\n",
+ val->print(PRINT_TEST, "[Check %d] Test psa_verify_hash - Invalid key handle\n",
g_test_count++);
/* Setting up the watchdog timer for each check */
@@ -109,8 +108,8 @@
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Verify the signature a hash or short message using a public key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_VERIFY,
- key_handle,
+ status = val->crypto_function(VAL_CRYPTO_VERIFY_HASH,
+ key,
check1[valid_test_input_index].alg,
check1[valid_test_input_index].hash,
check1[valid_test_input_index].hash_length,
@@ -118,10 +117,10 @@
check1[valid_test_input_index].signature_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
- val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_verify - Zero as key handle\n",
+ val->print(PRINT_TEST, "[Check %d] Test psa_verify_hash - Zero as key handle\n",
g_test_count++);
/* Verify the signature a hash or short message using a public key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_VERIFY,
+ status = val->crypto_function(VAL_CRYPTO_VERIFY_HASH,
0,
check1[valid_test_input_index].alg,
check1[valid_test_input_index].hash,
diff --git a/api-tests/dev_apis/crypto/test_c042/test_c042.h b/api-tests/dev_apis/crypto/test_c042/test_c042.h
index fca2029..232130e 100644
--- a/api-tests/dev_apis/crypto/test_c042/test_c042.h
+++ b/api-tests/dev_apis/crypto/test_c042/test_c042.h
@@ -26,8 +26,8 @@
extern psa_api_t *psa;
extern const client_test_t test_c042_crypto_list[];
-int32_t psa_asymmetric_verify_test(caller_security_t caller);
-int32_t psa_asymmetric_verify_negative_test(caller_security_t caller);
+int32_t psa_verify_hash_test(caller_security_t caller);
+int32_t psa_verify_hash_negative_test(caller_security_t caller);
extern void crypto_common_exit_action(void);
#endif /* _TEST_C042_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c042/test_data.h b/api-tests/dev_apis/crypto/test_c042/test_data.h
index 26c791e..f219a8d 100644
--- a/api-tests/dev_apis/crypto/test_c042/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c042/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -35,11 +35,11 @@
#ifdef ARCH_TEST_RSA_1024
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
{
- .test_desc = "Test psa_asymmetric_verify - RSA KEY_PAIR PKCS1V15 RAW\n",
+ .test_desc = "Test psa_verify_hash - RSA KEY_PAIR PKCS1V15 RAW\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.data = rsa_128_key_pair,
.data_length = 610,
- .usage_flags = PSA_KEY_USAGE_VERIFY,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
.hash = sha_256_hash,
.hash_length = 32,
@@ -52,11 +52,11 @@
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
#ifdef ARCH_TEST_SHA256
{
- .test_desc = "Test psa_asymmetric_verify - RSA KEY_PAIR PKCS1V15 SHA-256\n",
+ .test_desc = "Test psa_verify_hash - RSA KEY_PAIR PKCS1V15 SHA-256\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.data = rsa_128_key_pair,
.data_length = 610,
- .usage_flags = PSA_KEY_USAGE_VERIFY,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
.hash = sha_256_hash,
.hash_length = 32,
@@ -72,11 +72,11 @@
#ifdef ARCH_TEST_DETERMINISTIC_ECDSA
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{
- .test_desc = "Test psa_asymmetric_verify - ECDSA KEY_PAIR SECP256R1 SHA-256\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+ .test_desc = "Test psa_verify_hash - ECDSA KEY_PAIR SECP256R1 SHA-256\n",
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.data = ec_keypair,
.data_length = 32,
- .usage_flags = PSA_KEY_USAGE_VERIFY,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_HASH,
.alg = PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
.hash = sha_256_hash,
.hash_length = 32,
@@ -86,11 +86,11 @@
},
{
- .test_desc = "Test psa_asymmetric_verify - EC public key\n",
- .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+ .test_desc = "Test psa_verify_hash - EC public key\n",
+ .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1),
.data = ec_key_data,
.data_length = 65,
- .usage_flags = PSA_KEY_USAGE_VERIFY,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_HASH,
.alg = PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
.hash = sha_256_hash,
.hash_length = 32,
@@ -105,11 +105,11 @@
#ifdef ARCH_TEST_RSA_1024
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
{
- .test_desc = "Test psa_asymmetric_verify - RSA public key\n",
+ .test_desc = "Test psa_verify_hash - RSA public key\n",
.type = PSA_KEY_TYPE_RSA_PUBLIC_KEY,
.data = rsa_128_key_data,
.data_length = 162,
- .usage_flags = PSA_KEY_USAGE_VERIFY,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
.hash = sha_256_hash,
.hash_length = 32,
@@ -119,11 +119,11 @@
},
{
- .test_desc = "Test psa_asymmetric_verify - Small output buffer\n",
+ .test_desc = "Test psa_verify_hash - Small output buffer\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.data = rsa_128_key_pair,
.data_length = 610,
- .usage_flags = PSA_KEY_USAGE_VERIFY,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
.hash = sha_256_hash,
.hash_length = 32,
@@ -134,11 +134,11 @@
#endif
{
- .test_desc = "Test psa_asymmetric_verify - Invalid algorithm\n",
+ .test_desc = "Test psa_verify_hash - Invalid algorithm\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.data = rsa_128_key_pair,
.data_length = 610,
- .usage_flags = PSA_KEY_USAGE_VERIFY,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_HASH,
.alg = PSA_ALG_SHA_256,
.hash = sha_256_hash,
.hash_length = 32,
@@ -151,11 +151,11 @@
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
#ifdef ARCH_TEST_AES_128
{
- .test_desc = "Test psa_asymmetric_verify - Invalid key type (AES Key)\n",
+ .test_desc = "Test psa_verify_hash - Invalid key type (AES Key)\n",
.type = PSA_KEY_TYPE_AES,
.data = key_data,
.data_length = AES_16B_KEY_SIZE,
- .usage_flags = PSA_KEY_USAGE_VERIFY,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
.hash = sha_256_hash,
.hash_length = 32,
@@ -169,7 +169,7 @@
#ifdef ARCH_TEST_RSA_1024
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
{
- .test_desc = "Test psa_asymmetric_verify - Invalid usage\n",
+ .test_desc = "Test psa_verify_hash - Invalid usage\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.data = rsa_128_key_pair,
.data_length = 610,
@@ -186,11 +186,11 @@
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
#ifdef ARCH_TEST_SHA256
{
- .test_desc = "Test psa_asymmetric_verify - Wrong hash size\n",
+ .test_desc = "Test psa_verify_hash - Wrong hash size\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.data = rsa_128_key_pair,
.data_length = 610,
- .usage_flags = PSA_KEY_USAGE_VERIFY,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
.hash = sha_256_hash,
.hash_length = 31,
@@ -200,11 +200,11 @@
},
{
- .test_desc = "Test psa_asymmetric_verify - Wrong signature\n",
+ .test_desc = "Test psa_verify_hash - Wrong signature\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.data = rsa_128_key_pair,
.data_length = 610,
- .usage_flags = PSA_KEY_USAGE_VERIFY,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
.hash = sha_256_hash,
.hash_length = 32,
@@ -214,11 +214,11 @@
},
{
- .test_desc = "Test psa_asymmetric_verify - Wrong signature size\n",
+ .test_desc = "Test psa_verify_hash - Wrong signature size\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.data = rsa_128_key_pair,
.data_length = 610,
- .usage_flags = PSA_KEY_USAGE_VERIFY,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_HASH,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
.hash = sha_256_hash,
.hash_length = 32,
diff --git a/api-tests/dev_apis/crypto/test_c042/test_entry_c042.c b/api-tests/dev_apis/crypto/test_c042/test_entry_c042.c
index d46e266..eb23d27 100644
--- a/api-tests/dev_apis/crypto/test_c042/test_entry_c042.c
+++ b/api-tests/dev_apis/crypto/test_c042/test_entry_c042.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c042.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 42)
-#define TEST_DESC "Testing crypto asymmetric APIs\n"
+#define TEST_DESC "Testing crypto asymmetric APIs | UT: psa_verify_hash\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c043/test_c043.c b/api-tests/dev_apis/crypto/test_c043/test_c043.c
index 2f8ea3c..da04c6b 100644
--- a/api-tests/dev_apis/crypto/test_c043/test_c043.c
+++ b/api-tests/dev_apis/crypto/test_c043/test_c043.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -37,7 +37,7 @@
int32_t i, status;
size_t output_length;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -65,19 +65,19 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ check1[i].key_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set up a key agreement operation */
status = val->crypto_function(VAL_CRYPTO_RAW_KEY_AGREEMENT, check1[i].key_alg,
- key_handle, check1[i].peer_key, check1[i].peer_key_length,
+ key, check1[i].peer_key, check1[i].peer_key_length,
output, check1[i].output_size, &output_length);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Destroy a key and restore the slot to its default state */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
continue;
}
@@ -87,7 +87,7 @@
TEST_CHECKPOINT_NUM(7));
/* Destroy a key and restore the slot to its default state */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
}
@@ -99,7 +99,7 @@
int num_checks = sizeof(check2)/sizeof(check2[0]);
int32_t i, status;
size_t output_length;
- psa_key_handle_t key_handle = 8;
+ psa_key_id_t key = 8;
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -116,7 +116,7 @@
g_test_count++);
/* Set up a key agreement operation */
status = val->crypto_function(VAL_CRYPTO_RAW_KEY_AGREEMENT, check2[i].key_alg,
- key_handle, check2[i].peer_key, check2[i].peer_key_length,
+ key, check2[i].peer_key, check2[i].peer_key_length,
output, check2[i].output_size, &output_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
diff --git a/api-tests/dev_apis/crypto/test_c043/test_data.h b/api-tests/dev_apis/crypto/test_c043/test_data.h
index c66c2b2..e585078 100644
--- a/api-tests/dev_apis/crypto/test_c043/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c043/test_data.h
@@ -37,7 +37,7 @@
#ifdef ARCH_TEST_ECDH
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{"Test psa_raw_key_agreement - ECDH SECP256R1\n",
- PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH,
@@ -53,7 +53,7 @@
},
{"Test psa_raw_key_agreement - Small buffer size\n",
- PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH,
@@ -72,7 +72,7 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP384R1
{"Test psa_raw_key_agreement - ECDH SECP384R1\n",
- PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1),
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
{0x09, 0x9f, 0x3c, 0x70, 0x34, 0xd4, 0xa2, 0xc6, 0x99, 0x88, 0x4d, 0x73, 0xa3,
0x75, 0xa6, 0x7f, 0x76, 0x24, 0xef, 0x7c, 0x6b, 0x3c, 0x0f, 0x16, 0x06, 0x47,
0xb6, 0x74, 0x14, 0xdc, 0xe6, 0x55, 0xe3, 0x5b, 0x53, 0x80, 0x41, 0xe6, 0x49,
@@ -96,7 +96,7 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{"Test psa_raw_key_agreement - Invalid usage\n",
- PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_ECDH,
@@ -112,7 +112,7 @@
},
{"Test psa_raw_key_agreement - Unknown KDF\n",
- PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE,
@@ -134,7 +134,7 @@
#ifdef ARCH_TEST_SHA256
#ifdef ARCH_TEST_HKDF
{"Test psa_raw_key_agreement - Not a key agreement alg\n",
- PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
@@ -153,7 +153,7 @@
#ifdef ARCH_TEST_ECDH
{"Test psa_raw_key_agreement - Public key on different curve\n",
- PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH,
@@ -170,7 +170,7 @@
},
{"Test psa_raw_key_agreement - Public key instead of private key\n",
- PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1),
{0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
@@ -192,7 +192,7 @@
#ifdef ARCH_TEST_ECDH
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{"Test psa_raw_key_agreement - Negative case\n",
- PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH,
diff --git a/api-tests/dev_apis/crypto/test_c043/test_entry_c043.c b/api-tests/dev_apis/crypto/test_c043/test_entry_c043.c
index 2ad96e1..026129d 100644
--- a/api-tests/dev_apis/crypto/test_c043/test_entry_c043.c
+++ b/api-tests/dev_apis/crypto/test_c043/test_entry_c043.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c043.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 43)
-#define TEST_DESC "Testing crypto key derivation APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs | UT: psa_raw_key_agreement\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c044/test_c044.c b/api-tests/dev_apis/crypto/test_c044/test_c044.c
index aae201c..056801e 100644
--- a/api-tests/dev_apis/crypto/test_c044/test_c044.c
+++ b/api-tests/dev_apis/crypto/test_c044/test_c044.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -37,8 +37,8 @@
int32_t status, export_status;
psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
- psa_key_handle_t target_key_handle = 0;
+ psa_key_id_t key;
+ psa_key_id_t target_key = 0;
if (num_checks == 0)
{
@@ -70,7 +70,7 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &source_attributes, check1[i].data,
- check1[i].data_length, &key_handle);
+ check1[i].data_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Setup the attributes for the target key */
@@ -86,12 +86,12 @@
check1[i].target_bits);
/* Make a copy of a key */
- status = val->crypto_function(VAL_CRYPTO_COPY_KEY, key_handle, &target_attributes,
- &target_key_handle);
+ status = val->crypto_function(VAL_CRYPTO_COPY_KEY, key, &target_attributes,
+ &target_key);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Destroy the source key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
if (check1[i].expected_status != PSA_SUCCESS)
@@ -103,7 +103,7 @@
}
/* Check if the target key attributes is as expected */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, target_key_handle,
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, target_key,
&target_attributes);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
@@ -121,7 +121,7 @@
TEST_ASSERT_EQUAL(get_bits, check1[i].target_bits, TEST_CHECKPOINT_NUM(10));
/* Export a key in binary format */
- export_status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, target_key_handle,
+ export_status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, target_key,
check1[i].expected_data, check1[i].expected_data_size,
&get_data_length);
@@ -138,12 +138,12 @@
}
/* Destroy the target key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, target_key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, target_key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
/* Copy on a destroyed source should be an error */
- status = val->crypto_function(VAL_CRYPTO_COPY_KEY, key_handle, &target_attributes,
- &target_key_handle);
+ status = val->crypto_function(VAL_CRYPTO_COPY_KEY, key, &target_attributes,
+ &target_key);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(14));
val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &source_attributes);
diff --git a/api-tests/dev_apis/crypto/test_c044/test_data.h b/api-tests/dev_apis/crypto/test_c044/test_data.h
index 162b1cb..f245606 100644
--- a/api-tests/dev_apis/crypto/test_c044/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c044/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -38,19 +38,18 @@
} test_data;
static const test_data check1[] = {
-#ifdef ARCH_TEST_AES
-#ifdef ARCH_TEST_CCM
+#ifdef ARCH_TEST_CIPER_MODE_CTR
#ifdef ARCH_TEST_AES_128
{
.test_desc = "Test psa_copy_key - 16 Byte AES\n",
.type = PSA_KEY_TYPE_AES,
- .alg = PSA_ALG_CCM,
+ .alg = PSA_ALG_CTR,
.usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
.lifetime = PSA_KEY_LIFETIME_VOLATILE,
.data = key_data,
.data_length = AES_16B_KEY_SIZE,
.target_type = PSA_KEY_TYPE_AES,
- .target_alg = PSA_ALG_CCM,
+ .target_alg = PSA_ALG_CTR,
.target_usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
.target_lifetime = PSA_KEY_LIFETIME_VOLATILE,
.target_bits = BYTES_TO_BITS(AES_16B_KEY_SIZE),
@@ -64,13 +63,13 @@
{
.test_desc = "Test psa_copy_key - without copy usage\n",
.type = PSA_KEY_TYPE_AES,
- .alg = PSA_ALG_CCM,
+ .alg = PSA_ALG_CTR,
.usage_flags = PSA_KEY_USAGE_EXPORT,
.lifetime = PSA_KEY_LIFETIME_VOLATILE,
.data = key_data,
.data_length = AES_16B_KEY_SIZE,
.target_type = PSA_KEY_TYPE_AES,
- .target_alg = PSA_ALG_CCM,
+ .target_alg = PSA_ALG_CTR,
.target_usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
.target_lifetime = PSA_KEY_LIFETIME_VOLATILE,
.target_bits = BYTES_TO_BITS(AES_16B_KEY_SIZE),
@@ -84,13 +83,13 @@
{
.test_desc = "Test psa_copy_key - invalid lifetime\n",
.type = PSA_KEY_TYPE_AES,
- .alg = PSA_ALG_CCM,
+ .alg = PSA_ALG_CTR,
.usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
.lifetime = PSA_KEY_LIFETIME_VOLATILE,
.data = key_data,
.data_length = AES_16B_KEY_SIZE,
.target_type = PSA_KEY_TYPE_AES,
- .target_alg = PSA_ALG_CCM,
+ .target_alg = PSA_ALG_CTR,
.target_usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
.target_lifetime = PSA_KEY_LIFETIME_PERSISTENT,
.target_bits = BYTES_TO_BITS(AES_16B_KEY_SIZE),
@@ -104,13 +103,13 @@
{
.test_desc = "Test psa_copy_key - invalid key type\n",
.type = PSA_KEY_TYPE_AES,
- .alg = PSA_ALG_CCM,
+ .alg = PSA_ALG_CTR,
.usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
.lifetime = PSA_KEY_LIFETIME_VOLATILE,
.data = key_data,
.data_length = AES_16B_KEY_SIZE,
.target_type = PSA_KEY_TYPE_DES,
- .target_alg = PSA_ALG_CCM,
+ .target_alg = PSA_ALG_CTR,
.target_usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
.target_lifetime = PSA_KEY_LIFETIME_VOLATILE,
.target_bits = BYTES_TO_BITS(AES_16B_KEY_SIZE),
@@ -124,13 +123,13 @@
{
.test_desc = "Test psa_copy_key - invalid key bits\n",
.type = PSA_KEY_TYPE_AES,
- .alg = PSA_ALG_CCM,
+ .alg = PSA_ALG_CTR,
.usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
.lifetime = PSA_KEY_LIFETIME_VOLATILE,
.data = key_data,
.data_length = AES_16B_KEY_SIZE,
.target_type = PSA_KEY_TYPE_AES,
- .target_alg = PSA_ALG_CCM,
+ .target_alg = PSA_ALG_CTR,
.target_usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
.target_lifetime = PSA_KEY_LIFETIME_VOLATILE,
.target_bits = BYTES_TO_BITS(AES_16B_KEY_SIZE)-1,
@@ -146,13 +145,13 @@
{
.test_desc = "Test psa_copy_key - 24 Byte AES\n",
.type = PSA_KEY_TYPE_AES,
- .alg = PSA_ALG_CCM,
+ .alg = PSA_ALG_CTR,
.usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT,
.lifetime = PSA_KEY_LIFETIME_VOLATILE,
.data = key_data,
.data_length = AES_24B_KEY_SIZE,
.target_type = PSA_KEY_TYPE_AES,
- .target_alg = PSA_ALG_CCM,
+ .target_alg = PSA_ALG_CTR,
.target_usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT,
.target_lifetime = PSA_KEY_LIFETIME_VOLATILE,
.target_bits = BYTES_TO_BITS(AES_24B_KEY_SIZE),
@@ -168,13 +167,13 @@
{
.test_desc = "Test psa_copy_key - 32 Byte AES\n",
.type = PSA_KEY_TYPE_AES,
- .alg = PSA_ALG_CCM,
+ .alg = PSA_ALG_CTR,
.usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DECRYPT,
.lifetime = PSA_KEY_LIFETIME_VOLATILE,
.data = key_data,
.data_length = AES_32B_KEY_SIZE,
.target_type = PSA_KEY_TYPE_AES,
- .target_alg = PSA_ALG_CCM,
+ .target_alg = PSA_ALG_CTR,
.target_usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT,
.target_lifetime = PSA_KEY_LIFETIME_VOLATILE,
.target_bits = BYTES_TO_BITS(AES_32B_KEY_SIZE),
@@ -186,7 +185,6 @@
},
#endif
#endif
-#endif
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
#ifdef ARCH_TEST_RSA_2048
@@ -194,7 +192,7 @@
.test_desc = "Test psa_copy_key - 2048 RSA public key\n",
.type = PSA_KEY_TYPE_RSA_PUBLIC_KEY,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- .usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN,
+ .usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH,
.lifetime = PSA_KEY_LIFETIME_VOLATILE,
.data = rsa_256_key_data,
.data_length = 270,
@@ -220,7 +218,7 @@
.data_length = 1193,
.target_type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.target_alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- .target_usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY,
+ .target_usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH,
.target_lifetime = PSA_KEY_LIFETIME_VOLATILE,
.target_bits = BYTES_TO_BITS(256),
.expected_usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
@@ -254,7 +252,7 @@
.test_desc = "Test psa_copy_key - source key with no export usage\n",
.type = PSA_KEY_TYPE_RSA_KEY_PAIR,
.alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- .usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN,
+ .usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH,
.lifetime = PSA_KEY_LIFETIME_VOLATILE,
.data = rsa_256_key_pair,
.data_length = 1193,
@@ -344,13 +342,13 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{
.test_desc = "Test psa_copy_key - EC Public key\n",
- .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+ .type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1),
.alg = PSA_ALG_ECDSA_ANY,
.usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
.lifetime = PSA_KEY_LIFETIME_VOLATILE,
.data = ec_key_data,
.data_length = 65,
- .target_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+ .target_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1),
.target_alg = PSA_ALG_ECDSA_ANY,
.target_usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
.target_lifetime = PSA_KEY_LIFETIME_VOLATILE,
@@ -366,13 +364,13 @@
#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
{
.test_desc = "Test psa_copy_key - EC keypair\n",
- .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
+ .type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.alg = PSA_ALG_ECDSA_ANY,
.usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
.lifetime = PSA_KEY_LIFETIME_VOLATILE,
.data = ec_key_pair,
.data_length = 28,
- .target_type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
+ .target_type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1),
.target_alg = PSA_ALG_ECDSA_ANY,
.target_usage_flags = PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
.target_lifetime = PSA_KEY_LIFETIME_VOLATILE,
diff --git a/api-tests/dev_apis/crypto/test_c044/test_entry_c044.c b/api-tests/dev_apis/crypto/test_c044/test_entry_c044.c
index a2459f2..30fca08 100644
--- a/api-tests/dev_apis/crypto/test_c044/test_entry_c044.c
+++ b/api-tests/dev_apis/crypto/test_c044/test_entry_c044.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c044.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 44)
-#define TEST_DESC "Testing crypto key management APIs\n"
+#define TEST_DESC "Testing crypto key management APIs | UT: psa_copy_key\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c045/test_entry_c045.c b/api-tests/dev_apis/crypto/test_c045/test_entry_c045.c
index 779e198..bba61ae 100644
--- a/api-tests/dev_apis/crypto/test_c045/test_entry_c045.c
+++ b/api-tests/dev_apis/crypto/test_c045/test_entry_c045.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c045.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 45)
-#define TEST_DESC "Testing crypto hash functions APIs\n"
+#define TEST_DESC "Testing crypto hash functions APIs | UT: psa_hash_clone\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c046/test_c046.c b/api-tests/dev_apis/crypto/test_c046/test_c046.c
index 6c0a0bc..9b195bf 100644
--- a/api-tests/dev_apis/crypto/test_c046/test_c046.c
+++ b/api-tests/dev_apis/crypto/test_c046/test_c046.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -36,7 +36,7 @@
int32_t i, status;
size_t length;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -65,11 +65,11 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ check1[i].key_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Calculate the MAC (message authentication code) of a message */
- status = val->crypto_function(VAL_CRYPTO_MAC_COMPUTE, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_MAC_COMPUTE, key,
check1[i].key_alg, check1[i].data, check1[i].data_size, data,
check1[i].mac_size, &length);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
@@ -77,7 +77,7 @@
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
continue;
@@ -92,13 +92,13 @@
memset(data, 0, sizeof(data));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
/* Reset the key attributes and check if psa_import_key fails */
val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
- status = val->crypto_function(VAL_CRYPTO_MAC_COMPUTE, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_MAC_COMPUTE, key,
check1[i].key_alg, check1[i].data, check1[i].data_size, data,
check1[i].mac_size, &length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(9));
diff --git a/api-tests/dev_apis/crypto/test_c046/test_data.h b/api-tests/dev_apis/crypto/test_c046/test_data.h
index 6830ac4..bfe6553 100644
--- a/api-tests/dev_apis/crypto/test_c046/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c046/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -42,7 +42,7 @@
{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
0x4b, 0x22}, 64, 28,
- PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ PSA_KEY_USAGE_SIGN_HASH, PSA_ALG_HMAC(PSA_ALG_SHA_224),
PSA_SUCCESS
},
@@ -53,7 +53,7 @@
{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
0x4b, 0x22}, 64, 28,
- PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
+ PSA_KEY_USAGE_SIGN_HASH, PSA_ALG_CMAC,
PSA_ERROR_NOT_SUPPORTED
},
@@ -75,7 +75,7 @@
{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
0x4b, 0x22}, 64, 28,
- PSA_KEY_USAGE_SIGN, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1),
+ PSA_KEY_USAGE_SIGN_HASH, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1),
PSA_ERROR_NOT_SUPPORTED
},
@@ -86,7 +86,7 @@
{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
0x4b, 0x22}, 64, 28,
- PSA_KEY_USAGE_SIGN, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33),
+ PSA_KEY_USAGE_SIGN_HASH, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33),
PSA_ERROR_INVALID_ARGUMENT
},
@@ -97,7 +97,7 @@
{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
0x4b, 0x22}, 64, 28,
- PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(0),
+ PSA_KEY_USAGE_SIGN_HASH, PSA_ALG_HMAC(0),
PSA_ERROR_NOT_SUPPORTED
},
#endif
@@ -110,7 +110,7 @@
{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 64, 32,
- PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_KEY_USAGE_SIGN_HASH, PSA_ALG_HMAC(PSA_ALG_SHA_256),
PSA_SUCCESS
},
#endif
@@ -125,7 +125,7 @@
0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde, 0xda, 0xa8, 0x33, 0xb7, 0xd6, 0xb8, 0xa7,
0x02, 0x03, 0x8b, 0x27, 0x4e, 0xae, 0xa3, 0xf4, 0xe4, 0xbe, 0x9d, 0x91, 0x4e,
0xeb, 0x61, 0xf1, 0x70, 0x2e, 0x69, 0x6c, 0x20, 0x3a, 0x12, 0x68, 0x54}, 64, 64,
- PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_512),
+ PSA_KEY_USAGE_SIGN_HASH, PSA_ALG_HMAC(PSA_ALG_SHA_512),
PSA_SUCCESS
},
#endif
@@ -136,7 +136,7 @@
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68}, 64, 8,
- PSA_KEY_USAGE_SIGN, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 8),
+ PSA_KEY_USAGE_SIGN_HASH, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 8),
PSA_SUCCESS
},
#endif
@@ -150,7 +150,7 @@
{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
{0x9A, 0x8F, 0xFF, 0x8D, 0xA3, 0x5B, 0x97, 0xCB, 0x4C, 0x95, 0xF0, 0xFA, 0x6A,
0xE7, 0xE0, 0x77}, 64, 16,
- PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
+ PSA_KEY_USAGE_SIGN_HASH, PSA_ALG_CMAC,
PSA_SUCCESS
},
@@ -160,7 +160,7 @@
{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
{0x9A, 0x8F, 0xFF, 0x8D, 0xA3, 0x5B, 0x97, 0xCB, 0x4C, 0x95, 0xF0, 0xFA, 0x6A,
0xE7, 0xE0, 0x77}, 8, 16,
- PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
+ PSA_KEY_USAGE_SIGN_HASH, PSA_ALG_CMAC,
PSA_ERROR_BUFFER_TOO_SMALL
},
#endif
@@ -171,7 +171,7 @@
{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
{0x9A, 0x8F, 0xFF, 0x8D, 0xA3, 0x5B, 0x97, 0xCB, 0x4C, 0x95, 0xF0, 0xFA, 0x6A,
0xE7, 0xE0, 0x77}, 64, 16,
- PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
+ PSA_KEY_USAGE_SIGN_HASH, PSA_ALG_CMAC,
PSA_ERROR_INVALID_ARGUMENT
},
#endif
diff --git a/api-tests/dev_apis/crypto/test_c046/test_entry_c046.c b/api-tests/dev_apis/crypto/test_c046/test_entry_c046.c
index 60c36e5..9c66b52 100644
--- a/api-tests/dev_apis/crypto/test_c046/test_entry_c046.c
+++ b/api-tests/dev_apis/crypto/test_c046/test_entry_c046.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c046.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 46)
-#define TEST_DESC "Testing crypto MAC APIs\n"
+#define TEST_DESC "Testing crypto MAC APIs | UT: psa_mac_compute\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c047/test_c047.c b/api-tests/dev_apis/crypto/test_c047/test_c047.c
index 4f5c8bc..51f3683 100644
--- a/api-tests/dev_apis/crypto/test_c047/test_c047.c
+++ b/api-tests/dev_apis/crypto/test_c047/test_c047.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -33,7 +33,7 @@
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -61,24 +61,24 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ check1[i].key_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Calculate the MAC of a message and compare it with a reference value */
- status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY, key,
check1[i].key_alg, check1[i].data, check1[i].data_size,
check1[i].expected_mac, check1[i].mac_size);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Reset the key attributes and check if psa_import_key fails */
val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
/* Calculate the MAC of a message on a destroyed key handle should be an error */
- status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY, key,
check1[i].key_alg, check1[i].data, check1[i].data_size,
check1[i].expected_mac, check1[i].mac_size);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
diff --git a/api-tests/dev_apis/crypto/test_c047/test_data.h b/api-tests/dev_apis/crypto/test_c047/test_data.h
index 5a21729..3c250dc 100644
--- a/api-tests/dev_apis/crypto/test_c047/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c047/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -41,7 +41,7 @@
{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
0x4b, 0x22}, 28,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ PSA_KEY_USAGE_VERIFY_HASH, PSA_ALG_HMAC(PSA_ALG_SHA_224),
PSA_SUCCESS
},
#endif
@@ -54,7 +54,7 @@
{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 32,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_KEY_USAGE_VERIFY_HASH, PSA_ALG_HMAC(PSA_ALG_SHA_256),
PSA_SUCCESS
},
@@ -65,7 +65,7 @@
{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 32,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_CMAC,
+ PSA_KEY_USAGE_VERIFY_HASH, PSA_ALG_CMAC,
PSA_ERROR_NOT_SUPPORTED
},
@@ -87,7 +87,7 @@
{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 32,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33),
+ PSA_KEY_USAGE_VERIFY_HASH, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33),
PSA_ERROR_INVALID_ARGUMENT
},
@@ -98,7 +98,7 @@
{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 32,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1),
+ PSA_KEY_USAGE_VERIFY_HASH, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1),
PSA_ERROR_NOT_SUPPORTED
},
@@ -109,7 +109,7 @@
{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 32,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(0),
+ PSA_KEY_USAGE_VERIFY_HASH, PSA_ALG_HMAC(0),
PSA_ERROR_NOT_SUPPORTED
},
@@ -125,7 +125,7 @@
0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde, 0xda, 0xa8, 0x33, 0xb7, 0xd6, 0xb8, 0xa7,
0x02, 0x03, 0x8b, 0x27, 0x4e, 0xae, 0xa3, 0xf4, 0xe4, 0xbe, 0x9d, 0x91, 0x4e,
0xeb, 0x61, 0xf1, 0x70, 0x2e, 0x69, 0x6c, 0x20, 0x3a, 0x12, 0x68, 0x54}, 64,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_512),
+ PSA_KEY_USAGE_VERIFY_HASH, PSA_ALG_HMAC(PSA_ALG_SHA_512),
PSA_SUCCESS
},
#endif
@@ -136,7 +136,7 @@
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68}, 8,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 8),
+ PSA_KEY_USAGE_VERIFY_HASH, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 8),
PSA_SUCCESS
},
#endif
@@ -150,7 +150,7 @@
{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
{0x9A, 0x8F, 0xFF, 0x8D, 0xA3, 0x5B, 0x97, 0xCB, 0x4C, 0x95, 0xF0, 0xFA, 0x6A,
0xE7, 0xE0, 0x77}, 16,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_CMAC,
+ PSA_KEY_USAGE_VERIFY_HASH, PSA_ALG_CMAC,
PSA_SUCCESS
},
#endif
@@ -162,7 +162,7 @@
{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
{0x9A, 0x8F, 0xFF, 0x8D, 0xA3, 0x5B, 0x97, 0xCB, 0x4C, 0x95, 0xF0, 0xFA, 0x6A,
0xE7, 0xE0, 0x77}, 16,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_CMAC,
+ PSA_KEY_USAGE_VERIFY_HASH, PSA_ALG_CMAC,
PSA_ERROR_INVALID_ARGUMENT
},
@@ -175,7 +175,7 @@
{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 30,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_KEY_USAGE_VERIFY_HASH, PSA_ALG_HMAC(PSA_ALG_SHA_256),
PSA_ERROR_INVALID_SIGNATURE
},
#endif
@@ -188,7 +188,7 @@
{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
0x4b, 0x20}, 28,
- PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ PSA_KEY_USAGE_VERIFY_HASH, PSA_ALG_HMAC(PSA_ALG_SHA_224),
PSA_ERROR_INVALID_SIGNATURE
},
#endif
diff --git a/api-tests/dev_apis/crypto/test_c047/test_entry_c047.c b/api-tests/dev_apis/crypto/test_c047/test_entry_c047.c
index 37efca4..7d5dac0 100644
--- a/api-tests/dev_apis/crypto/test_c047/test_entry_c047.c
+++ b/api-tests/dev_apis/crypto/test_c047/test_entry_c047.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c047.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 47)
-#define TEST_DESC "Testing crypto MAC APIs\n"
+#define TEST_DESC "Testing crypto MAC APIs | UT: psa_mac_verify\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c048/test_c048.c b/api-tests/dev_apis/crypto/test_c048/test_c048.c
index 01c8e2a..559c9b9 100644
--- a/api-tests/dev_apis/crypto/test_c048/test_c048.c
+++ b/api-tests/dev_apis/crypto/test_c048/test_c048.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -36,7 +36,7 @@
int32_t i, status;
size_t output_length;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -64,17 +64,17 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ check1[i].key_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Encrypt a message using a symmetric cipher */
- status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT, key,
check1[i].key_alg, check1[i].input, check1[i].input_length, output,
check1[i].output_size, &output_length);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Reset the key attributes and check if psa_import_key fails */
@@ -91,7 +91,7 @@
TEST_CHECKPOINT_NUM(7));
/* Encrypt a message using a symmetric cipher on an aborted key handle should be an error */
- status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT, key,
check1[i].key_alg, check1[i].input, check1[i].input_length, output,
check1[i].output_size, &output_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(8));
diff --git a/api-tests/dev_apis/crypto/test_c048/test_entry_c048.c b/api-tests/dev_apis/crypto/test_c048/test_entry_c048.c
index bd493fa..19af21b 100644
--- a/api-tests/dev_apis/crypto/test_c048/test_entry_c048.c
+++ b/api-tests/dev_apis/crypto/test_c048/test_entry_c048.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c048.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 48)
-#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+#define TEST_DESC "Testing crypto symmetric cipher APIs | UT: psa_cipher_encrypt\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c049/test_c049.c b/api-tests/dev_apis/crypto/test_c049/test_c049.c
index e1e7e18..ade6e1a 100644
--- a/api-tests/dev_apis/crypto/test_c049/test_c049.c
+++ b/api-tests/dev_apis/crypto/test_c049/test_c049.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -36,7 +36,7 @@
int32_t i, status;
size_t output_length;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -64,17 +64,17 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ check1[i].key_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Decrypt a message using a symmetric cipher */
- status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT, key,
check1[i].key_alg, check1[i].input, check1[i].input_length, output,
check1[i].output_size, &output_length);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Reset the key attributes and check if psa_import_key fails */
@@ -90,7 +90,7 @@
TEST_ASSERT_MEMCMP(output, check1[i].expected_output, output_length,
TEST_CHECKPOINT_NUM(7));
- status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT, key_handle,
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT, key,
check1[i].key_alg, check1[i].input, check1[i].input_length, output,
check1[i].output_size, &output_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(8));
diff --git a/api-tests/dev_apis/crypto/test_c049/test_entry_c049.c b/api-tests/dev_apis/crypto/test_c049/test_entry_c049.c
index b133494..ddd74bf 100644
--- a/api-tests/dev_apis/crypto/test_c049/test_entry_c049.c
+++ b/api-tests/dev_apis/crypto/test_c049/test_entry_c049.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c049.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 49)
-#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+#define TEST_DESC "Testing crypto symmetric cipher APIs | UT: psa_cipher_decrypt\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c050/test_c050.c b/api-tests/dev_apis/crypto/test_c050/test_c050.c
index b22a6ed..8d64bae 100644
--- a/api-tests/dev_apis/crypto/test_c050/test_c050.c
+++ b/api-tests/dev_apis/crypto/test_c050/test_c050.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -19,32 +19,25 @@
#include "val_target.h"
#include "test_c050.h"
#include "test_data.h"
-#include "val_crypto.h"
const client_test_t test_c050_crypto_list[] = {
NULL,
- psa_open_key_test,
+ psa_sign_message_test,
+ psa_sign_message_negative_test,
NULL,
};
extern uint32_t g_test_count;
-static uint8_t data[BUFFER_SIZE];
+static int32_t valid_test_input_index = -1;
-int32_t psa_open_key_test(caller_security_t caller __UNUSED)
+
+int32_t psa_sign_message_test(caller_security_t caller __UNUSED)
{
- int32_t status, i = 0;
- size_t length, get_key_bits;
- const uint8_t *key_data;
- psa_key_type_t get_key_type;
- psa_key_usage_t get_key_usage_flags;
- psa_algorithm_t get_key_algorithm;
- psa_key_id_t key_id;
- psa_key_handle_t key_handle;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_attributes_t get_attributes = PSA_KEY_ATTRIBUTES_INIT;
- boot_t boot;
- psa_key_handle_t tdata_key_handle;
+ int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ size_t get_signature_length;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -56,192 +49,117 @@
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
- /* Get the current boot state */
- status = val->get_boot_flag(&boot.state);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
-
- /* If the boot is due to controlled reset get the Check ID */
- if (boot.state == BOOT_EXPECTED_CONT_TEST_EXEC)
+ for (i = 0; i < num_checks; i++)
{
- status = val->nvmem_read(VAL_NVMEM_OFFSET(NV_TEST_DATA1), &i, sizeof(int32_t));
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(3));
- }
-
- while (i < num_checks)
- {
- g_test_count = i + 1;
- val->print(PRINT_TEST, "[Check %d] ", g_test_count);
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the key data buffer to the input base on algorithm */
- if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Sign a message with a private key */
+ status = val->crypto_function(VAL_CRYPTO_SIGN_MESSAGE,
+ key,
+ check1[i].sign_alg,
+ check1[i].input,
+ check1[i].input_length,
+ check1[i].signature,
+ check1[i].signature_size,
+ &get_signature_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
{
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keypair;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keypair;
- else
- return VAL_STATUS_INVALID;
- }
- else
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keydata;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keydata;
- else
- return VAL_STATUS_INVALID;
- }
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ continue;
}
- else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
- {
- if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
- key_data = ec_keypair;
- else
- key_data = ec_keydata;
- }
- else
- key_data = check1[i].key_data;
- /* Get the cuurent boot state */
- status = val->get_boot_flag(&boot.state);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ /* Check if the output length matches with the expected length */
+ TEST_ASSERT_EQUAL(get_signature_length, check1[i].expected_signature_length,
+ TEST_CHECKPOINT_NUM(6));
- if (boot.state == BOOT_NOT_EXPECTED)
- {
- /* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &attributes, check1[i].attr_bits);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ /* Check if the output matches with the expected data */
+ TEST_ASSERT_MEMCMP(check1[i].signature, check1[i].expected_signature, get_signature_length,
+ TEST_CHECKPOINT_NUM(7));
- if (check1[i].key_lifetime == PSA_KEY_LIFETIME_PERSISTENT)
- val->crypto_function(VAL_CRYPTO_SET_KEY_ID, &attributes, check1[i].key_id);
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
- val->crypto_function(VAL_CRYPTO_SET_KEY_LIFETIME, &attributes, check1[i].key_lifetime);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
-
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, key_data,
- check1[i].key_length, &tdata_key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Save the details of current check, key id and key handle value in NV memory */
- status = val->nvmem_write(VAL_NVMEM_OFFSET(NV_TEST_DATA1), &i, sizeof(int32_t));
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
-
- status = val->nvmem_write(VAL_NVMEM_OFFSET(NV_TEST_DATA2), &check1[i].key_id,
- sizeof(psa_key_id_t));
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
-
- status = val->nvmem_write(VAL_NVMEM_OFFSET(NV_TEST_DATA3), &tdata_key_handle,
- sizeof(psa_key_handle_t));
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
-
- /* Set the boot flag indicating controlled reset */
- status = val->set_boot_flag(BOOT_EXPECTED_CONT_TEST_EXEC);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(10));
-
- /* Wait for system to reset */
- status = val->crypto_function(VAL_CRYPTO_RESET);
- if (status != PSA_SUCCESS)
- {
- return RESULT_SKIP(status);
- }
- while (1);
- }
- else if (boot.state == BOOT_EXPECTED_CONT_TEST_EXEC)
- {
- /* Get the values of check, key id and key handle value before the system was reset */
- status = val->nvmem_read(VAL_NVMEM_OFFSET(NV_TEST_DATA2), &key_id,
- sizeof(psa_key_id_t));
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
-
- status = val->nvmem_read(VAL_NVMEM_OFFSET(NV_TEST_DATA3), &key_handle,
- sizeof(psa_key_handle_t));
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
-
- /* Open a handle to an existing persistent key */
- status = val->crypto_function(VAL_CRYPTO_OPEN_KEY, key_id, &key_handle);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(13));
-
- /* If failure is expected, save and continue with the next data set */
- if (check1[i].expected_status != PSA_SUCCESS)
- {
- ++i;
- status = val->nvmem_write(VAL_NVMEM_OFFSET(NV_TEST_DATA1), &i, sizeof(int32_t));
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
-
- status = val->set_boot_flag(BOOT_NOT_EXPECTED);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(15));
-
- continue;
- }
-
- /* Get the attributes of the imported key and check if it matches the given value */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, key_handle,
- &get_attributes);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(16));
-
- val->crypto_function(VAL_CRYPTO_GET_KEY_TYPE, &get_attributes, &get_key_type);
- TEST_ASSERT_EQUAL(get_key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(17));
-
- val->crypto_function(VAL_CRYPTO_GET_KEY_BITS, &get_attributes, &get_key_bits);
- TEST_ASSERT_EQUAL(get_key_bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(18));
-
- val->crypto_function(VAL_CRYPTO_GET_KEY_USAGE_FLAGS, &get_attributes,
- &get_key_usage_flags);
- TEST_ASSERT_EQUAL(get_key_usage_flags, check1[i].usage, TEST_CHECKPOINT_NUM(19));
-
- val->crypto_function(VAL_CRYPTO_GET_KEY_ALGORITHM, &get_attributes, &get_key_algorithm);
- TEST_ASSERT_EQUAL(get_key_algorithm, check1[i].key_alg, TEST_CHECKPOINT_NUM(20));
-
- /* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, key_handle, data,
- BUFFER_SIZE, &length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(21));
-
- /* Check the value of the exported key */
- TEST_ASSERT_EQUAL(length, check1[i].expected_key_length, TEST_CHECKPOINT_NUM(22));
-
- if (PSA_KEY_TYPE_IS_UNSTRUCTURED(check1[i].key_type))
- {
- TEST_ASSERT_MEMCMP(data, check1[i].key_data, length, TEST_CHECKPOINT_NUM(23));
- }
- else if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type)
- || PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
- {
- TEST_ASSERT_MEMCMP(key_data, data, length, TEST_CHECKPOINT_NUM(24));
- }
- else
- {
- return VAL_STATUS_INVALID;
- }
-
- /* Reset the key attributes */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
-
- /* Destroy the persistent key to clean up storage for the next test */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(25));
-
- /* Save the check ID and set boot flags */
- ++i;
- status = val->nvmem_write(VAL_NVMEM_OFFSET(NV_TEST_DATA1), &i, sizeof(int32_t));
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(26));
-
- status = val->set_boot_flag(BOOT_NOT_EXPECTED);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(27));
-
- }
- else
- return VAL_STATUS_ERROR;
+ if (valid_test_input_index < 0)
+ valid_test_input_index = i;
}
return VAL_STATUS_SUCCESS;
}
+
+int32_t psa_sign_message_negative_test(caller_security_t caller __UNUSED)
+{
+ int32_t status;
+ size_t get_signature_length;
+ psa_key_id_t key = 10;
+
+ if (valid_test_input_index < 0)
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_sign_hash - Invalid key handle\n",
+ g_test_count++);
+ /* Sign a hash or short message with a private key */
+ status = val->crypto_function(VAL_CRYPTO_SIGN_HASH,
+ key,
+ check1[valid_test_input_index].sign_alg,
+ check1[valid_test_input_index].input,
+ check1[valid_test_input_index].input_length,
+ check1[valid_test_input_index].signature,
+ check1[valid_test_input_index].signature_size,
+ &get_signature_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_sign_hash - Zero as key handle\n",
+ g_test_count++);
+ /* Sign a hash or short message with a private key */
+ status = val->crypto_function(VAL_CRYPTO_SIGN_HASH,
+ 0,
+ check1[valid_test_input_index].sign_alg,
+ check1[valid_test_input_index].input,
+ check1[valid_test_input_index].input_length,
+ check1[valid_test_input_index].signature,
+ check1[valid_test_input_index].signature_size,
+ &get_signature_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c050/test_c050.h b/api-tests/dev_apis/crypto/test_c050/test_c050.h
index e04c136..9333e36 100644
--- a/api-tests/dev_apis/crypto/test_c050/test_c050.h
+++ b/api-tests/dev_apis/crypto/test_c050/test_c050.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -26,7 +26,9 @@
extern psa_api_t *psa;
extern const client_test_t test_c050_crypto_list[];
-int32_t psa_open_key_test(caller_security_t caller);
+int32_t psa_sign_message_test(caller_security_t caller);
+int32_t psa_sign_message_negative_test(caller_security_t caller);
+
extern void crypto_common_exit_action(void);
#endif /* _TEST_C050_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c050/test_data.h b/api-tests/dev_apis/crypto/test_c050/test_data.h
index 278f48b..6037381 100644
--- a/api-tests/dev_apis/crypto/test_c050/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c050/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,261 +15,226 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- psa_key_id_t key_id;
- uint8_t key_data[34];
- uint32_t key_length;
- size_t attr_bits;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
- psa_key_lifetime_t key_lifetime;
- uint32_t expected_bit_length;
- uint32_t expected_key_length;
+ psa_key_type_t type;
+ const uint8_t *data;
+ size_t data_length;
+ psa_key_usage_t usage_flags;
+ psa_algorithm_t alg;
+ psa_algorithm_t sign_alg;
+ const uint8_t *input;
+ size_t input_length;
+ uint8_t *signature;
+ size_t signature_size;
+ const uint8_t *expected_signature;
+ size_t expected_signature_length;
psa_status_t expected_status;
} test_data;
-static const uint8_t rsa_384_keypair[1];
-static const uint8_t rsa_384_keydata[1];
-
-static const uint8_t rsa_256_keypair[] = {
- 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
- 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
- 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
- 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
- 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
- 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
- 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
- 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
- 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
- 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
- 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
- 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
- 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
- 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
- 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
- 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
- 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
- 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
- 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
- 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
- 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
- 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
- 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
- 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
- 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
- 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
- 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
- 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
- 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
- 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
- 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
- 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
- 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
- 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
- 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
- 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
- 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
- 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
- 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
- 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
- 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
- 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
- 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
- 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
- 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
- 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
- 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
- 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
- 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
- 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
- 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
- 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
- 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
- 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
- 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
- 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
- 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
- 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
- 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
- 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
- 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
- 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
- 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
- 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
- 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
- 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
- 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
- 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
- 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
- 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
- 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
- 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
- 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
- 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
- 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
- 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
- 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
- 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
- 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
- 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
- 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
- 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
- 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
- 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
- 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
- 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
- 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
- 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
- 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
- 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
- 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
- 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
-
-static const uint8_t rsa_256_keydata[] = {
- 0x30, 0x82, 0x01, 0x0A,
- 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
- 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
- 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
- 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
- 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
- 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
- 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
- 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
- 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
- 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
- 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
- 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
- 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
- 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
- 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
- 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
- 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
- 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
- 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
-
-static const uint8_t ec_keydata[] = {
- 0x04, 0xde, 0xa5, 0xe4, 0x5d, 0x0e, 0xa3, 0x7f, 0xc5, 0x66, 0x23, 0x2a, 0x50, 0x8f,
- 0x4a, 0xd2, 0x0e, 0xa1, 0x3d, 0x47, 0xe4, 0xbf, 0x5f, 0xa4, 0xd5, 0x4a, 0x57, 0xa0,
- 0xba, 0x01, 0x20, 0x42, 0x08, 0x70, 0x97, 0x49, 0x6e, 0xfc, 0x58, 0x3f, 0xed, 0x8b,
- 0x24, 0xa5, 0xb9, 0xbe, 0x9a, 0x51, 0xde, 0x06, 0x3f, 0x5a, 0x00, 0xa8, 0xb6, 0x98,
- 0xa1, 0x6f, 0xd7, 0xf2, 0x9b, 0x54, 0x85, 0xf3, 0x20};
-
-static const uint8_t ec_keypair[] = {
- 0x68, 0x49, 0xf9, 0x7d, 0x10, 0x66, 0xf6, 0x99, 0x77, 0x59, 0x63, 0x7c, 0x7e, 0x38,
- 0x99, 0x46, 0x4c, 0xee, 0x3e, 0xc7, 0xac, 0x97, 0x06, 0x53, 0xa0, 0xbe, 0x07, 0x42};
-
-static test_data check1[] = {
-#ifdef ARCH_TEST_CIPHER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_open_key 16 Byte AES\n", PSA_KEY_TYPE_AES, 0x12,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0x77},
- AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, PSA_KEY_LIFETIME_PERSISTENT,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_AES_192
-{"Test psa_open_key 24 Byte AES\n", PSA_KEY_TYPE_AES, 0x34,
-{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
- 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9, 0x05},
- AES_24B_KEY_SIZE, BYTES_TO_BITS(AES_24B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- PSA_KEY_LIFETIME_PERSISTENT,
- BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_AES_256
-{"Test psa_open_key 32 Byte AES\n", PSA_KEY_TYPE_AES, 0x56,
-{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
- 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
- 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, PSA_KEY_LIFETIME_PERSISTENT,
- BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
-},
-#endif
-#endif
-
+static const test_data check1[] = {
+#ifdef CRYPTO_1_0
+#ifdef ARCH_TEST_RSA_1024
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
-#ifdef ARCH_TEST_RSA_2048
-{"Test psa_open_key 2048 RSA public key\n", PSA_KEY_TYPE_RSA_PUBLIC_KEY, 0x78,
- {0},
- 270, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, PSA_KEY_LIFETIME_PERSISTENT,
- 2048, 270, PSA_SUCCESS
-},
-
-{"Test psa_open_key with RSA 2048 keypair\n", PSA_KEY_TYPE_RSA_KEY_PAIR, 0x89,
- {0},
- 1193, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, PSA_KEY_LIFETIME_PERSISTENT,
- 2048, 1193, PSA_SUCCESS
-},
-#endif
-#endif
-
-#ifdef ARCH_TEST_CIPHER_MODE_CTR
-#ifdef ARCH_TEST_DES_1KEY
-{"Test psa_open_key with DES 64 bit key\n", PSA_KEY_TYPE_DES, 0x90,
- {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, BYTES_TO_BITS(DES_8B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- PSA_KEY_LIFETIME_PERSISTENT,
- BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
+{
+ .test_desc = "Test psa_sign_message - RSA KEY_PAIR PKCS1V15 RAW\n",
+ .type = PSA_KEY_TYPE_RSA_KEY_PAIR,
+ .data = rsa_128_key_pair,
+ .data_length = 610,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = expected_output,
+ .signature_size = BUFFER_SIZE,
+ .expected_signature = signature_4,
+ .expected_signature_length = 128,
+ .expected_status = PSA_SUCCESS,
},
#endif
-#ifdef ARCH_TEST_DES_2KEY
-{"Test psa_open_key with Triple DES 2-Key\n", PSA_KEY_TYPE_DES, 0x123,
-{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, PSA_KEY_LIFETIME_PERSISTENT,
- BYTES_TO_BITS(DES3_2B_KEY_SIZE), DES3_2B_KEY_SIZE, PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_DES_3KEY
-{"Test psa_open_key with Triple DES 3-Key\n", PSA_KEY_TYPE_DES, 0x456,
-{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
- 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
- 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, PSA_KEY_LIFETIME_PERSISTENT,
- BYTES_TO_BITS(DES3_3B_KEY_SIZE), DES3_3B_KEY_SIZE, PSA_SUCCESS
+#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
+#ifdef ARCH_TEST_SHA256
+{
+ .test_desc = "Test psa_sign_message - RSA KEY_PAIR PKCS1V15 SHA-256\n",
+ .type = PSA_KEY_TYPE_RSA_KEY_PAIR,
+ .data = rsa_128_key_pair,
+ .data_length = 610,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
+ .sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = NULL,
+ .signature_size = BUFFER_SIZE,
+ .expected_signature = NULL,
+ .expected_signature_length = 128,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT,
},
#endif
#endif
+#endif
-#ifdef ARCH_TEST_ECDSA
+#ifdef ARCH_TEST_SHA256
+#ifdef ARCH_TEST_DETERMINISTIC_ECDSA
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
-{"Test psa_open_key with EC Public key\n",
- PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1), 0x789,
- {0},
- 65, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY, PSA_KEY_LIFETIME_PERSISTENT,
- 256, 65, PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
-{"Test psa_open_key with EC keypair\n",
- PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1), 0x1234,
- {0},
- 28, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY, PSA_KEY_LIFETIME_PERSISTENT,
- 224, 28, PSA_SUCCESS
+{
+ .test_desc = "Test psa_sign_message - ECDSA SECP256R1 SHA-256\n",
+ .type = PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1),
+ .data = ec_keypair,
+ .data_length = 32,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
+ .sign_alg = PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = expected_output,
+ .signature_size = BUFFER_SIZE,
+ .expected_signature = signature_5,
+ .expected_signature_length = 64,
+ .expected_status = PSA_SUCCESS,
},
#endif
#endif
-#ifdef ARCH_TEST_CIPHER_MODE_CTR
-#ifdef ARCH_TEST_AES
-{"Test psa_open_key with volatile key\n", PSA_KEY_TYPE_AES,
- 0x5678,
-{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
- 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9, 0x05, 0xC9, 0xED,
- 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, PSA_KEY_LIFETIME_VOLATILE,
- BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_ERROR_DOES_NOT_EXIST
+#ifdef ARCH_TEST_RSA_1024
+#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
+{
+ .test_desc = "Test psa_sign_message - Invalid key type (RSA public key)\n",
+ .type = PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ .data = rsa_128_key_data,
+ .data_length = 162,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .input = NULL,
+ .input_length = 0,
+ .signature = expected_output,
+ .signature_size = 128,
+ .expected_signature = NULL,
+ .expected_signature_length = 0,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT,
},
+
+{
+ .test_desc = "Test psa_sign_message - Small output buffer\n",
+ .type = PSA_KEY_TYPE_RSA_KEY_PAIR,
+ .data = rsa_128_key_pair,
+ .data_length = 610,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = expected_output,
+ .signature_size = 127,
+ .expected_signature = signature_1,
+ .expected_signature_length = 128,
+ .expected_status = PSA_ERROR_BUFFER_TOO_SMALL,
+},
+#endif
+
+{
+ .test_desc = "Test psa_sign_message - Invalid algorithm\n",
+ .type = PSA_KEY_TYPE_RSA_KEY_PAIR,
+ .data = rsa_128_key_pair,
+ .data_length = 610,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_SHA_256,
+ .sign_alg = PSA_ALG_SHA_256,
+ .input = NULL,
+ .input_length = 0,
+ .signature = expected_output,
+ .signature_size = BUFFER_SIZE,
+ .expected_signature = NULL,
+ .expected_signature_length = 0,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT,
+},
+#endif
+
+#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
+#ifdef ARCH_TEST_AES_128
+{
+ .test_desc = "Test psa_sign_message - Invalid key type (AES Key)\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .input = NULL,
+ .input_length = 0,
+ .signature = expected_output,
+ .signature_size = BUFFER_SIZE,
+ .expected_signature = NULL,
+ .expected_signature_length = 0,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT,
+},
+#endif
+#endif
+#endif
+
+#ifdef ARCH_TEST_RSA_1024
+#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
+{
+ .test_desc = "Test psa_sign_message - Invalid usage\n",
+ .type = PSA_KEY_TYPE_RSA_KEY_PAIR,
+ .data = rsa_128_key_pair,
+ .data_length = 610,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .input = NULL,
+ .input_length = 0,
+ .signature = expected_output,
+ .signature_size = BUFFER_SIZE,
+ .expected_signature = NULL,
+ .expected_signature_length = 0,
+ .expected_status = PSA_ERROR_NOT_PERMITTED,
+},
+
+{
+ .test_desc = "Test psa_sign_message - Mismatch key type and Algorithm\n",
+ .type = PSA_KEY_TYPE_RSA_KEY_PAIR,
+ .data = rsa_128_key_pair,
+ .data_length = 610,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
+ .sign_alg = PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = expected_output,
+ .signature_size = BUFFER_SIZE,
+ .expected_signature = NULL,
+ .expected_signature_length = 128,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT,
+},
+
+#ifdef ARCH_TEST_SHA256
+#ifdef ARCH_TEST_DETERMINISTIC_ECDSA
+#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
+{
+ .test_desc = "Test psa_sign_message - Alg mismatch in key and API call\n",
+ .type = PSA_KEY_TYPE_RSA_KEY_PAIR,
+ .data = rsa_128_key_pair,
+ .data_length = 610,
+ .usage_flags = PSA_KEY_USAGE_SIGN_MESSAGE,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .sign_alg = PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = expected_output,
+ .signature_size = BUFFER_SIZE,
+ .expected_signature = NULL,
+ .expected_signature_length = 0,
+ .expected_status = PSA_ERROR_NOT_PERMITTED,
+},
+#endif
+#endif
+#endif
+#endif
#endif
#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c050/test_entry_c050.c b/api-tests/dev_apis/crypto/test_c050/test_entry_c050.c
index 42ad5d0..355d887 100644
--- a/api-tests/dev_apis/crypto/test_c050/test_entry_c050.c
+++ b/api-tests/dev_apis/crypto/test_c050/test_entry_c050.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c050.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 50)
-#define TEST_DESC "Testing crypto key management APIs\n"
+#define TEST_DESC "Testing crypto key management APIs | UT: psa_sign_message\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c051/test_c051.c b/api-tests/dev_apis/crypto/test_c051/test_c051.c
index 7f2e4da..d7fb4a3 100644
--- a/api-tests/dev_apis/crypto/test_c051/test_c051.c
+++ b/api-tests/dev_apis/crypto/test_c051/test_c051.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -22,26 +22,20 @@
const client_test_t test_c051_crypto_list[] = {
NULL,
- psa_close_key_test,
+ psa_verify_message_test,
+ psa_verify_message_negative_test,
NULL,
};
extern uint32_t g_test_count;
+static int32_t valid_test_input_index = -1;
-int32_t psa_close_key_test(caller_security_t caller __UNUSED)
+int32_t psa_verify_message_test(caller_security_t caller __UNUSED)
{
- int32_t i, status;
- const uint8_t *key_data;
- psa_key_type_t get_key_type;
- psa_key_id_t get_key_id;
- psa_key_lifetime_t get_key_lifetime;
- psa_key_usage_t get_key_usage_flags;
- psa_algorithm_t get_key_algorithm;
- size_t get_key_bits;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_attributes_t set_attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_key_handle_t key_handle;
+ int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -53,7 +47,6 @@
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
- /* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
@@ -63,124 +56,88 @@
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
- {
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keypair;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keypair;
- else
- return VAL_STATUS_INVALID;
- }
- else
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keydata;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keydata;
- else
- return VAL_STATUS_INVALID;
- }
- }
- else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
- {
- if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
- key_data = ec_keypair;
- else
- key_data = ec_keydata;
- }
- else
- key_data = check1[i].key_data;
-
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &set_attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &set_attributes, check1[i].attr_bits);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &set_attributes, check1[i].usage);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ID, &set_attributes, check1[i].key_id);
- val->crypto_function(VAL_CRYPTO_SET_KEY_LIFETIME, &set_attributes, check1[i].key_lifetime);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &set_attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &set_attributes, key_data,
- check1[i].key_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
- /* Close the key handle */
- status = val->crypto_function(VAL_CRYPTO_CLOSE_KEY, key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Verify the signature a hash or short message using a public key */
+ status = val->crypto_function(VAL_CRYPTO_VERIFY_MESSAGE,
+ key,
+ check1[i].alg,
+ check1[i].input,
+ check1[i].input_length,
+ check1[i].signature,
+ check1[i].signature_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
- /* Getting the attributes of the closed key should return error */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, key_handle,
- &attributes);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(5));
+ /* Destroy a key and restore the slot to its default state */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
- /* Check if all the attributes are erased */
- val->crypto_function(VAL_CRYPTO_GET_KEY_TYPE, &attributes, &get_key_type);
- TEST_ASSERT_EQUAL(get_key_type, 0, TEST_CHECKPOINT_NUM(6));
- val->crypto_function(VAL_CRYPTO_GET_KEY_ID, &attributes, &get_key_id);
- TEST_ASSERT_EQUAL(get_key_id, 0, TEST_CHECKPOINT_NUM(7));
-
- val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, &attributes, &get_key_lifetime);
- TEST_ASSERT_EQUAL(get_key_lifetime, 0, TEST_CHECKPOINT_NUM(8));
-
- val->crypto_function(VAL_CRYPTO_GET_KEY_USAGE_FLAGS, &attributes, &get_key_usage_flags);
- TEST_ASSERT_EQUAL(get_key_usage_flags, 0, TEST_CHECKPOINT_NUM(9));
-
- val->crypto_function(VAL_CRYPTO_GET_KEY_ALGORITHM, &attributes, &get_key_algorithm);
- TEST_ASSERT_EQUAL(get_key_algorithm, 0, TEST_CHECKPOINT_NUM(10));
-
- val->crypto_function(VAL_CRYPTO_GET_KEY_BITS, &attributes, &get_key_bits);
- TEST_ASSERT_EQUAL(get_key_bits, 0, TEST_CHECKPOINT_NUM(11));
-
- /* Closing an empty key handle should return error */
- status = val->crypto_function(VAL_CRYPTO_CLOSE_KEY, key_handle);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(12));
-
- if (check1[i].key_lifetime == PSA_KEY_LIFETIME_PERSISTENT)
- {
- /* Open the key handle and retrieve the data */
- status = val->crypto_function(VAL_CRYPTO_OPEN_KEY, check1[i].key_id,
- &key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(13));
-
- /* Get the attributes of the persistent key and check if it matches the given value */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, key_handle,
- &attributes);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
-
- val->crypto_function(VAL_CRYPTO_GET_KEY_TYPE, &attributes, &get_key_type);
- TEST_ASSERT_EQUAL(get_key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(15));
-
- val->crypto_function(VAL_CRYPTO_GET_KEY_ID, &attributes, &get_key_id);
- TEST_ASSERT_EQUAL(get_key_id, check1[i].key_id, TEST_CHECKPOINT_NUM(16));
-
- val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, &attributes, &get_key_lifetime);
- TEST_ASSERT_EQUAL(get_key_lifetime, check1[i].key_lifetime, TEST_CHECKPOINT_NUM(17));
-
- val->crypto_function(VAL_CRYPTO_GET_KEY_USAGE_FLAGS, &attributes, &get_key_usage_flags);
- TEST_ASSERT_EQUAL(get_key_usage_flags, check1[i].usage, TEST_CHECKPOINT_NUM(18));
-
- val->crypto_function(VAL_CRYPTO_GET_KEY_ALGORITHM, &attributes, &get_key_algorithm);
- TEST_ASSERT_EQUAL(get_key_algorithm, check1[i].key_alg, TEST_CHECKPOINT_NUM(19));
-
- val->crypto_function(VAL_CRYPTO_GET_KEY_BITS, &attributes, &get_key_bits);
- TEST_ASSERT_EQUAL(get_key_bits, check1[i].expected_bit_length,
- TEST_CHECKPOINT_NUM(20));
-
- /* Reset the key attributes */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
-
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(21));
-
- status = val->crypto_function(VAL_CRYPTO_CLOSE_KEY, key_handle);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(22));
- }
-
+ if (valid_test_input_index < 0)
+ valid_test_input_index = i;
}
return VAL_STATUS_SUCCESS;
}
+
+int32_t psa_verify_message_negative_test(caller_security_t caller __UNUSED)
+{
+ int32_t status;
+ psa_key_id_t key = 13;
+
+ if (valid_test_input_index < 0)
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_verify_message - Invalid key handle\n",
+ g_test_count++);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Verify the signature a hash or short message using a public key */
+ status = val->crypto_function(VAL_CRYPTO_VERIFY_HASH,
+ key,
+ check1[valid_test_input_index].alg,
+ check1[valid_test_input_index].input,
+ check1[valid_test_input_index].input_length,
+ check1[valid_test_input_index].signature,
+ check1[valid_test_input_index].signature_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_verify_message - Zero as key handle\n",
+ g_test_count++);
+ /* Verify the signature a hash or short message using a public key */
+ status = val->crypto_function(VAL_CRYPTO_VERIFY_HASH,
+ 0,
+ check1[valid_test_input_index].alg,
+ check1[valid_test_input_index].input,
+ check1[valid_test_input_index].input_length,
+ check1[valid_test_input_index].signature,
+ check1[valid_test_input_index].signature_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c051/test_c051.h b/api-tests/dev_apis/crypto/test_c051/test_c051.h
index 9569f93..796ad1a 100644
--- a/api-tests/dev_apis/crypto/test_c051/test_c051.h
+++ b/api-tests/dev_apis/crypto/test_c051/test_c051.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -26,7 +26,7 @@
extern psa_api_t *psa;
extern const client_test_t test_c051_crypto_list[];
-int32_t psa_close_key_test(caller_security_t caller);
+int32_t psa_verify_message_test(caller_security_t caller);
+int32_t psa_verify_message_negative_test(caller_security_t caller);
extern void crypto_common_exit_action(void);
-
#endif /* _TEST_C051_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c051/test_data.h b/api-tests/dev_apis/crypto/test_c051/test_data.h
index 9eef0dd..c020bd2 100644
--- a/api-tests/dev_apis/crypto/test_c051/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c051/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,257 +15,213 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- uint8_t key_data[34];
- uint32_t key_length;
- size_t attr_bits;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
- psa_key_id_t key_id;
- psa_key_lifetime_t key_lifetime;
- uint32_t expected_bit_length;
+ psa_key_type_t type;
+ const uint8_t *data;
+ size_t data_length;
+ psa_key_usage_t usage_flags;
+ psa_algorithm_t alg;
+ psa_algorithm_t setup_alg;
+ const uint8_t *input;
+ size_t input_length;
+ const uint8_t *signature;
+ size_t signature_length;
psa_status_t expected_status;
} test_data;
-static const uint8_t rsa_384_keypair[1];
-static const uint8_t rsa_384_keydata[1];
-static const uint8_t rsa_256_keypair[] = {
- 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
- 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
- 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
- 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
- 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
- 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
- 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
- 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
- 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
- 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
- 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
- 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
- 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
- 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
- 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
- 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
- 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
- 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
- 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
- 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
- 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
- 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
- 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
- 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
- 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
- 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
- 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
- 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
- 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
- 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
- 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
- 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
- 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
- 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
- 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
- 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
- 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
- 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
- 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
- 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
- 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
- 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
- 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
- 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
- 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
- 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
- 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
- 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
- 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
- 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
- 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
- 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
- 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
- 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
- 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
- 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
- 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
- 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
- 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
- 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
- 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
- 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
- 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
- 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
- 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
- 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
- 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
- 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
- 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
- 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
- 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
- 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
- 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
- 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
- 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
- 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
- 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
- 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
- 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
- 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
- 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
- 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
- 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
- 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
- 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
- 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
- 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
- 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
- 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
- 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
- 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
- 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
-
-static const uint8_t rsa_256_keydata[] = {
- 0x30, 0x82, 0x01, 0x0A,
- 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
- 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
- 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
- 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
- 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
- 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
- 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
- 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
- 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
- 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
- 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
- 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
- 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
- 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
- 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
- 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
- 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
- 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
- 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
-
-static const uint8_t ec_keydata[] = {
- 0x04, 0xde, 0xa5, 0xe4, 0x5d, 0x0e, 0xa3, 0x7f, 0xc5, 0x66, 0x23, 0x2a, 0x50, 0x8f,
- 0x4a, 0xd2, 0x0e, 0xa1, 0x3d, 0x47, 0xe4, 0xbf, 0x5f, 0xa4, 0xd5, 0x4a, 0x57, 0xa0,
- 0xba, 0x01, 0x20, 0x42, 0x08, 0x70, 0x97, 0x49, 0x6e, 0xfc, 0x58, 0x3f, 0xed, 0x8b,
- 0x24, 0xa5, 0xb9, 0xbe, 0x9a, 0x51, 0xde, 0x06, 0x3f, 0x5a, 0x00, 0xa8, 0xb6, 0x98,
- 0xa1, 0x6f, 0xd7, 0xf2, 0x9b, 0x54, 0x85, 0xf3, 0x20};
-
-static const uint8_t ec_keypair[] = {
- 0x68, 0x49, 0xf9, 0x7d, 0x10, 0x66, 0xf6, 0x99, 0x77, 0x59, 0x63, 0x7c, 0x7e, 0x38,
- 0x99, 0x46, 0x4c, 0xee, 0x3e, 0xc7, 0xac, 0x97, 0x06, 0x53, 0xa0, 0xbe, 0x07, 0x42};
-
static const test_data check1[] = {
-
-#ifdef ARCH_TEST_CIPHER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_close_key 16 Byte AES\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- 0x12, PSA_KEY_LIFETIME_VOLATILE,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_AES_192
-{"Test psa_close_key 24 Byte AES\n", PSA_KEY_TYPE_AES,
-{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
- 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, BYTES_TO_BITS(AES_24B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- 0x34, PSA_KEY_LIFETIME_PERSISTENT,
- BYTES_TO_BITS(AES_24B_KEY_SIZE), PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_AES_256
-{"Test psa_close_key 32 Byte AES\n", PSA_KEY_TYPE_AES,
-{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
- 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
- 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, BYTES_TO_BITS(AES_32B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- 0x56, PSA_KEY_LIFETIME_VOLATILE,
- BYTES_TO_BITS(AES_32B_KEY_SIZE), PSA_SUCCESS
-},
-#endif
-#endif
-
+#ifdef CRYPTO_1_0
+#ifdef ARCH_TEST_RSA_1024
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
-#ifdef ARCH_TEST_RSA_2048
-{"Test psa_close_key 2048 RSA public key\n", PSA_KEY_TYPE_RSA_PUBLIC_KEY,
- {0},
- 270, 2048, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- 0x78, PSA_KEY_LIFETIME_PERSISTENT,
- 2048, PSA_SUCCESS
+{
+ .test_desc = "Test psa_verify_message - RSA KEY_PAIR PKCS1V15 RAW\n",
+ .type = PSA_KEY_TYPE_RSA_KEY_PAIR,
+ .data = rsa_128_key_pair,
+ .data_length = 610,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = signature_4,
+ .signature_length = 128,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_close_key with RSA 2048 keypair\n", PSA_KEY_TYPE_RSA_KEY_PAIR,
- {0},
- 1193, 2048, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- 0x89, PSA_KEY_LIFETIME_PERSISTENT,
- 2048, PSA_SUCCESS
-},
-#endif
-#endif
-
-#ifdef ARCH_TEST_CIPHER_MODE_CTR
-#ifdef ARCH_TEST_DES_1KEY
-{"Test psa_close_key with DES 64 bit key\n", PSA_KEY_TYPE_DES,
- {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, BYTES_TO_BITS(DES_8B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- 0xAB, PSA_KEY_LIFETIME_PERSISTENT,
- BYTES_TO_BITS(DES_8B_KEY_SIZE), PSA_SUCCESS
+{
+ .test_desc = "Test psa_verify_message - RSA Public Key PKCS1V15 RAW\n",
+ .type = PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ .data = rsa_128_key_data,
+ .data_length = 162,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = signature_4,
+ .signature_length = 128,
+ .expected_status = PSA_SUCCESS
},
#endif
-#ifdef ARCH_TEST_DES_2KEY
-{"Test psa_close_key with Triple DES 2-Key\n", PSA_KEY_TYPE_DES,
-{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2B_KEY_SIZE, BYTES_TO_BITS(DES3_2B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- 0xBC, PSA_KEY_LIFETIME_PERSISTENT,
- BYTES_TO_BITS(DES3_2B_KEY_SIZE), PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_DES_3KEY
-{"Test psa_close_key with Triple DES 3-Key\n", PSA_KEY_TYPE_DES,
-{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
- 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
- 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3B_KEY_SIZE, BYTES_TO_BITS(DES3_3B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- 0xCD, PSA_KEY_LIFETIME_PERSISTENT,
- BYTES_TO_BITS(DES3_3B_KEY_SIZE), PSA_SUCCESS
+#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
+#ifdef ARCH_TEST_SHA256
+{
+ .test_desc = "Test psa_verify_message - RSA KEY_PAIR PKCS1V15 SHA-256\n",
+ .type = PSA_KEY_TYPE_RSA_KEY_PAIR,
+ .data = rsa_128_key_pair,
+ .data_length = 610,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = NULL,
+ .signature_length = 0,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
},
#endif
#endif
+#endif
-#ifdef ARCH_TEST_ECDSA
+#ifdef ARCH_TEST_SHA256
+#ifdef ARCH_TEST_DETERMINISTIC_ECDSA
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
-{"Test psa_close_key with EC Public key\n",
- PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
- {0},
- 65, 256, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY,
- 0xEF, PSA_KEY_LIFETIME_PERSISTENT,
- 256, PSA_SUCCESS
+{
+ .test_desc = "Test psa_verify_message - ECDSA KEY_PAIR SECP256R1 SHA-256\n",
+ .type = PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1),
+ .data = ec_keypair,
+ .data_length = 32,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = signature_5,
+ .signature_length = 64,
+ .expected_status = PSA_SUCCESS
},
+
+{
+ .test_desc = "Test psa_verify_message - ECDSA Public Key SECP256R1 SHA-256\n",
+ .type = PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1),
+ .data = ec_key_data,
+ .data_length = 65,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = signature_5,
+ .signature_length = 64,
+ .expected_status = PSA_SUCCESS
+},
+#endif
#endif
#endif
-#ifdef ARCH_TEST_ASYMMETRIC_ENCRYPTION
-#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
-{"Test psa_close_key with EC keypair\n",
- PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
- {0},
- 28, 224, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
- 0x123, PSA_KEY_LIFETIME_PERSISTENT,
- 224, PSA_SUCCESS
+#ifdef ARCH_TEST_RSA_1024
+#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
+{
+ .test_desc = "Test psa_verify_message - Small output buffer\n",
+ .type = PSA_KEY_TYPE_RSA_KEY_PAIR,
+ .data = rsa_128_key_pair,
+ .data_length = 610,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = signature_4,
+ .signature_length = 127,
+ .expected_status = PSA_ERROR_INVALID_SIGNATURE
},
+
+#ifdef ARCH_TEST_SHA256
+{
+ .test_desc = "Test psa_verify_message - Invalid algorithm\n",
+ .type = PSA_KEY_TYPE_RSA_KEY_PAIR,
+ .data = rsa_128_key_pair,
+ .data_length = 610,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_SHA_256,
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = signature_4,
+ .signature_length = 128,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
+},
+#endif
+
+#ifdef ARCH_TEST_AES_128
+{
+ .test_desc = "Test psa_verify_message - Invalid key type (AES Key)\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = signature_4,
+ .signature_length = 128,
+ .expected_status = PSA_ERROR_NOT_SUPPORTED
+},
+#endif
+
+{
+ .test_desc = "Test psa_verify_message - Invalid usage\n",
+ .type = PSA_KEY_TYPE_RSA_KEY_PAIR,
+ .data = rsa_128_key_pair,
+ .data_length = 610,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = signature_4,
+ .signature_length = 128,
+ .expected_status = PSA_ERROR_NOT_PERMITTED
+},
+
+{
+ .test_desc = "Test psa_verify_message - Wrong message size\n",
+ .type = PSA_KEY_TYPE_RSA_KEY_PAIR,
+ .data = rsa_128_key_pair,
+ .data_length = 610,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .input = &hash_input,
+ .input_length = sizeof(hash_input)-1,
+ .signature = signature_4,
+ .signature_length = 128,
+ .expected_status = PSA_ERROR_INVALID_SIGNATURE
+},
+
+{
+ .test_desc = "Test psa_verify_message - Wrong signature\n",
+ .type = PSA_KEY_TYPE_RSA_KEY_PAIR,
+ .data = rsa_128_key_pair,
+ .data_length = 610,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = signature_4_invalid,
+ .signature_length = 128,
+ .expected_status = PSA_ERROR_INVALID_SIGNATURE
+},
+
+{
+ .test_desc = "Test psa_verify_message - Wrong signature size\n",
+ .type = PSA_KEY_TYPE_RSA_KEY_PAIR,
+ .data = rsa_128_key_pair,
+ .data_length = 610,
+ .usage_flags = PSA_KEY_USAGE_VERIFY_MESSAGE,
+ .alg = PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ .input = &hash_input,
+ .input_length = sizeof(hash_input),
+ .signature = signature_4,
+ .signature_length = 129,
+ .expected_status = PSA_ERROR_INVALID_SIGNATURE
+},
+#endif
#endif
#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c051/test_entry_c051.c b/api-tests/dev_apis/crypto/test_c051/test_entry_c051.c
index 74a6d8e..9f4e7a2 100644
--- a/api-tests/dev_apis/crypto/test_c051/test_entry_c051.c
+++ b/api-tests/dev_apis/crypto/test_c051/test_entry_c051.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c051.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 51)
-#define TEST_DESC "Testing crypto key management APIs\n"
+#define TEST_DESC "Testing crypto key management APIs | UT: psa_verify_message\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c052/test_c052.c b/api-tests/dev_apis/crypto/test_c052/test_c052.c
index 7104a2e..4ba3fa6 100644
--- a/api-tests/dev_apis/crypto/test_c052/test_c052.c
+++ b/api-tests/dev_apis/crypto/test_c052/test_c052.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,10 +31,10 @@
int32_t psa_aead_encrypt_setup_test(caller_security_t caller __UNUSED)
{
int32_t i, status;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
- psa_key_handle_t key_handle;
+ psa_aead_operation_t operation;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -48,42 +48,61 @@
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "[Check %d] ", i + 1);
val->print(PRINT_TEST, check1[i].test_desc, 0);
+ val->crypto_function(VAL_CRYPTO_AEAD_OPERATION_INIT,
+ &operation);
+
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the key for a multipart authenticated encryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
- key_handle, check1[i].alg);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Setting up aead on destroyed key handle should return an error */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
- key_handle, check1[i].alg);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
- /* Reset the key attributes and check if psa_import_key fails */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ &attributes);
/* Abort the AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
}
diff --git a/api-tests/dev_apis/crypto/test_c052/test_data.h b/api-tests/dev_apis/crypto/test_c052/test_data.h
index 7160759..e3b3aa4 100644
--- a/api-tests/dev_apis/crypto/test_c052/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c052/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,72 +15,111 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- uint8_t key_data[32];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
+ psa_key_type_t type;
+ const uint8_t *data;
+ size_t data_length;
+ psa_key_usage_t usage_flags;
psa_algorithm_t alg;
+ psa_algorithm_t setup_alg;
psa_status_t expected_status;
} test_data;
static const test_data check1[] = {
#ifdef ARCH_TEST_CCM
#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_encrypt_setup - AES-CCM\n", PSA_KEY_TYPE_AES,
-{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
- 0x93, 0xCC, 0x6B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_encrypt_setup - CCM - AES\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_encrypt_setup - AES-CCM 24 bytes Tag length = 4\n", PSA_KEY_TYPE_AES,
-{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
- 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
- PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_encrypt_setup - CCM - AES - Tag length = 4\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_encrypt_setup - CCM - AES - Default Tag length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(PSA_ALG_CCM),
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
#ifdef ARCH_TEST_GCM
#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_encrypt_setup - GCM - 16B AES - 12B Nounce & 12B addi data\n", PSA_KEY_TYPE_AES,
-{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
- 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_encrypt_setup - GCM - AES\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_GCM,
+ .setup_alg = PSA_ALG_GCM,
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
#ifdef ARCH_TEST_CCM
#ifdef ARCH_TEST_DES_1KEY
-{"Test psa_aead_encrypt_setup - DES Key\n", PSA_KEY_TYPE_DES,
-{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29}, DES_8B_KEY_SIZE,
- PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
- PSA_ERROR_NOT_SUPPORTED
+{
+ .test_desc = "Test psa_aead_encrypt_setup - CCM - DES Invalid key\n",
+ .type = PSA_KEY_TYPE_DES,
+ .data = key_data,
+ .data_length = DES_8B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
},
#endif
#endif
#ifdef ARCH_TEST_AES_128
-#ifdef ARCH_TEST_CIPHER_MODE_CFB
-{"Test psa_aead_encrypt_setup - Unsupported Algorithm\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CFB, PSA_ALG_CFB,
- PSA_ERROR_NOT_SUPPORTED
+#ifdef ARCH_TEST_CIPER_MODE_CFB
+{
+ .test_desc = "Test psa_aead_encrypt_setup - Unsupported algorithm\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CFB,
+ .setup_alg = PSA_ALG_CFB,
+ .expected_status = PSA_ERROR_NOT_SUPPORTED
},
#endif
#ifdef ARCH_TEST_GCM
-{"Test psa_aead_encrypt_setup - Invalid key usage\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
- PSA_ERROR_NOT_PERMITTED
+{
+ .test_desc = "Test psa_aead_encrypt_setup - Invalid usage flag\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_GCM,
+ .setup_alg = PSA_ALG_GCM,
+ .expected_status = PSA_ERROR_NOT_PERMITTED
},
#endif
#endif
diff --git a/api-tests/dev_apis/crypto/test_c052/test_entry_c052.c b/api-tests/dev_apis/crypto/test_c052/test_entry_c052.c
index 8d9bcc7..caa8049 100644
--- a/api-tests/dev_apis/crypto/test_c052/test_entry_c052.c
+++ b/api-tests/dev_apis/crypto/test_c052/test_entry_c052.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c052.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 52)
-#define TEST_DESC "Testing crypto AEAD APIs\n"
+#define TEST_DESC "Testing crypto AEAD APIs | UT: psa_aead_encrypt_setup\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c053/test_c053.c b/api-tests/dev_apis/crypto/test_c053/test_c053.c
index 5e39a21..55ccbe3 100644
--- a/api-tests/dev_apis/crypto/test_c053/test_c053.c
+++ b/api-tests/dev_apis/crypto/test_c053/test_c053.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,10 +31,10 @@
int32_t psa_aead_decrypt_setup_test(caller_security_t caller __UNUSED)
{
int32_t i, status;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
- psa_key_handle_t key_handle;
+ int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes=PSA_KEY_ATTRIBUTES_INIT;
+ psa_aead_operation_t operation;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -48,42 +48,61 @@
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "[Check %d] ", i + 1);
val->print(PRINT_TEST, check1[i].test_desc, 0);
+ val->crypto_function(VAL_CRYPTO_AEAD_OPERATION_INIT,
+ &operation);
+
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the key for a multipart authenticated decryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT_SETUP, &operation,
- key_handle, check1[i].alg);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Setting up aead on destroyed key handle should return an error */
- status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT_SETUP, &operation,
- key_handle, check1[i].alg);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
- /* Reset the key attributes and check if psa_import_key fails */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ &attributes);
/* Abort the AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
}
diff --git a/api-tests/dev_apis/crypto/test_c053/test_data.h b/api-tests/dev_apis/crypto/test_c053/test_data.h
index 945fd7a..5df5443 100644
--- a/api-tests/dev_apis/crypto/test_c053/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c053/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,72 +15,111 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- uint8_t key_data[32];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
+ psa_key_type_t type;
+ const uint8_t *data;
+ size_t data_length;
+ psa_key_usage_t usage_flags;
psa_algorithm_t alg;
+ psa_algorithm_t setup_alg;
psa_status_t expected_status;
} test_data;
static const test_data check1[] = {
#ifdef ARCH_TEST_CCM
#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_decrypt_setup - AES-CCM\n", PSA_KEY_TYPE_AES,
-{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
- 0x93, 0xCC, 0x6B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_decrypt_setup - CCM - AES\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_decrypt_setup - AES-CCM 24 bytes Tag length = 4\n", PSA_KEY_TYPE_AES,
-{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
- 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM,
- PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_decrypt_setup - CCM - AES - Tag length = 4\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_decrypt_setup - CCM - AES - Default Tag length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(PSA_ALG_CCM),
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
#ifdef ARCH_TEST_GCM
#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_decrypt_setup - GCM - 16B AES - 12B Nounce & 12B addi data\n", PSA_KEY_TYPE_AES,
-{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
- 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_decrypt_setup - GCM - AES\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_GCM,
+ .setup_alg = PSA_ALG_GCM,
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
#ifdef ARCH_TEST_CCM
#ifdef ARCH_TEST_DES_1KEY
-{"Test psa_aead_decrypt_setup - DES Key\n", PSA_KEY_TYPE_DES,
-{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29}, DES_8B_KEY_SIZE,
- PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
- PSA_ERROR_NOT_SUPPORTED
+{
+ .test_desc = "Test psa_aead_decrypt_setup - CCM - DES Invalid key\n",
+ .type = PSA_KEY_TYPE_DES,
+ .data = key_data,
+ .data_length = DES_8B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
},
#endif
#endif
#ifdef ARCH_TEST_AES_128
-#ifdef ARCH_TEST_CIPHER_MODE_CFB
-{"Test psa_aead_decrypt_setup - Unsupported Algorithm\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CFB, PSA_ALG_CFB,
- PSA_ERROR_NOT_SUPPORTED
+#ifdef ARCH_TEST_CIPER_MODE_CFB
+{
+ .test_desc = "Test psa_aead_decrypt_setup - Unsupported algorithm\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CFB,
+ .setup_alg = PSA_ALG_CFB,
+ .expected_status = PSA_ERROR_NOT_SUPPORTED
},
#endif
#ifdef ARCH_TEST_GCM
-{"Test psa_aead_decrypt_setup - Invalid key usage\n", PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
- PSA_ERROR_NOT_PERMITTED
+{
+ .test_desc = "Test psa_aead_decrypt_setup - Invalid usage flag\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_GCM,
+ .setup_alg = PSA_ALG_GCM,
+ .expected_status = PSA_ERROR_NOT_PERMITTED
},
#endif
#endif
diff --git a/api-tests/dev_apis/crypto/test_c053/test_entry_c053.c b/api-tests/dev_apis/crypto/test_c053/test_entry_c053.c
index ce4be97..1037835 100644
--- a/api-tests/dev_apis/crypto/test_c053/test_entry_c053.c
+++ b/api-tests/dev_apis/crypto/test_c053/test_entry_c053.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c053.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 53)
-#define TEST_DESC "Testing crypto AEAD APIs\n"
+#define TEST_DESC "Testing crypto AEAD APIs | UT: psa_aead_decrypt_setup\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c054/test_c054.c b/api-tests/dev_apis/crypto/test_c054/test_c054.c
index e2652a1..644fe4c 100644
--- a/api-tests/dev_apis/crypto/test_c054/test_c054.c
+++ b/api-tests/dev_apis/crypto/test_c054/test_c054.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,12 +31,11 @@
int32_t psa_aead_generate_nonce_test(caller_security_t caller __UNUSED)
{
int32_t i, j, status, nonce_sum;
- uint8_t nonce[SIZE_32B];
size_t nonce_length;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
- psa_key_handle_t key_handle;
+ psa_aead_operation_t operation;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -50,76 +49,109 @@
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "[Check %d] ", i+1);
val->print(PRINT_TEST, check1[i].test_desc, 0);
+ /* Reset the nonce output buffer */
+ memset((void *)check1[i].nonce, 0x0, check1[i].nonce_size);
+
+ val->crypto_function(VAL_CRYPTO_AEAD_OPERATION_INIT,
+ &operation);
+
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
- /* Set the key for a multipart authenticated encryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
- key_handle, check1[i].alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ if (check1[i].operation_state) {
+ if (check1[i].usage_flags == PSA_KEY_USAGE_ENCRYPT) {
+ /* Set the key for a multipart authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
+ } else {
+ /* Set the key for a multipart authenticated decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
+ }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ }
/* Generate a random nonce for an authenticated encryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_GENERATE_NONCE, &operation, nonce,
- check1[i].nonce_size, &nonce_length);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_GENERATE_NONCE,
+ &operation,
+ check1[i].nonce,
+ check1[i].nonce_size,
+ &nonce_length);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Abort the AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
/* Reset the key attributes */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ &attributes);
continue;
}
/* Check that if generated iv are non-zero */
nonce_sum = 0;
- for (j = 0; j < (int)nonce_length; j++)
- nonce_sum += nonce[j];
+ for (j = 0; j < (int32_t)nonce_length; j++)
+ nonce_sum += check1[i].nonce[j];
TEST_ASSERT_NOT_EQUAL(nonce_sum, 0, TEST_CHECKPOINT_NUM(8));
/* Generate a random nonce on an ongoing operation should be an error */
- status = val->crypto_function(VAL_CRYPTO_AEAD_GENERATE_NONCE, &operation, nonce,
- check1[i].nonce_size, &nonce_length);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_GENERATE_NONCE,
+ &operation,
+ check1[i].nonce,
+ check1[i].nonce_size,
+ &nonce_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(9));
/* Abort the AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
/* Reset the key attributes */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
-
- /* Generate a random nonce on an aborted operation should be an error */
- status = val->crypto_function(VAL_CRYPTO_AEAD_GENERATE_NONCE, &operation, nonce,
- check1[i].nonce_size, &nonce_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(12));
-
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ &attributes);
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c054/test_data.h b/api-tests/dev_apis/crypto/test_c054/test_data.h
index 4607ad3..1ffdda3 100644
--- a/api-tests/dev_apis/crypto/test_c054/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c054/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,52 +15,197 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- uint8_t key_data[32];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
+ psa_key_type_t type;
+ const uint8_t *data;
+ size_t data_length;
+ psa_key_usage_t usage_flags;
psa_algorithm_t alg;
+ psa_algorithm_t setup_alg;
+ uint8_t *nonce;
size_t nonce_size;
+ uint32_t operation_state;
psa_status_t expected_status;
} test_data;
static const test_data check1[] = {
-#ifdef ARCH_TEST_CCM
#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_generate_nonce - AES-CCM\n", PSA_KEY_TYPE_AES,
-{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
- 0x93, 0xCC, 0x6B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM, SIZE_32B,
- PSA_SUCCESS
+#ifdef ARCH_TEST_CCM
+{
+ .test_desc = "Test psa_aead_generate_nonce - Encrypt - CCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = expected_output,
+ .nonce_size = BUFFER_SIZE,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_generate_nonce - AES-CCM 24 bytes Tag length = 4\n", PSA_KEY_TYPE_AES,
-{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
- 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
- PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4), SIZE_32B,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_generate_nonce - Encrypt - CCM - Tag length = 4\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
+ .nonce = expected_output,
+ .nonce_size = BUFFER_SIZE,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_generate_nonce - Small buffer size\n", PSA_KEY_TYPE_AES,
-{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
- 0x93, 0xCC, 0x6B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM, 8,
- PSA_ERROR_BUFFER_TOO_SMALL
+{
+ .test_desc = "Test psa_aead_generate_nonce - Encrypt - CCM - Default Tag length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(PSA_ALG_CCM),
+ .nonce = expected_output,
+ .nonce_size = BUFFER_SIZE,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-#endif
+
+{
+ .test_desc = "Test psa_aead_generate_nonce - Encrypt - CCM - Small buffer size\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = expected_output,
+ .nonce_size = PSA_AEAD_NONCE_LENGTH(PSA_KEY_TYPE_AES, PSA_ALG_CCM) - 1,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{
+ .test_desc = "Test psa_aead_generate_nonce - Encrypt - CCM - Invalid operation state\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = expected_output,
+ .nonce_size = BUFFER_SIZE,
+ .operation_state = 0,
+ .expected_status = PSA_ERROR_BAD_STATE
+},
#endif
#ifdef ARCH_TEST_GCM
-#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_generate_nonce - GCM - 16B AES - 12B Nounce & 12B addi data\n", PSA_KEY_TYPE_AES,
-{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
- 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM, SIZE_32B,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_generate_nonce - Encrypt - GCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_GCM,
+ .setup_alg = PSA_ALG_GCM,
+ .nonce = expected_output,
+ .nonce_size = BUFFER_SIZE,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_CCM
+{
+ .test_desc = "Test psa_aead_generate_nonce - Decrypt - CCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = expected_output,
+ .nonce_size = BUFFER_SIZE,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_generate_nonce - Decrypt - CCM - Tag length = 4\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
+ .nonce = expected_output,
+ .nonce_size = BUFFER_SIZE,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_generate_nonce - Decrypt - CCM - Default Tag length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(PSA_ALG_CCM),
+ .nonce = expected_output,
+ .nonce_size = BUFFER_SIZE,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_generate_nonce - Decrypt - CCM - Small buffer size\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = expected_output,
+ .nonce_size = PSA_AEAD_NONCE_LENGTH(PSA_KEY_TYPE_AES, PSA_ALG_CCM) - 1,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{
+ .test_desc = "Test psa_aead_generate_nonce - Decrypt - CCM - Invalid operation state\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = expected_output,
+ .nonce_size = BUFFER_SIZE,
+ .operation_state = 0,
+ .expected_status = PSA_ERROR_BAD_STATE
+},
+#endif
+
+#ifdef ARCH_TEST_GCM
+{
+ .test_desc = "Test psa_aead_generate_nonce - Decrypt - GCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_GCM,
+ .setup_alg = PSA_ALG_GCM,
+ .nonce = expected_output,
+ .nonce_size = BUFFER_SIZE,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
diff --git a/api-tests/dev_apis/crypto/test_c054/test_entry_c054.c b/api-tests/dev_apis/crypto/test_c054/test_entry_c054.c
index 0d2b75e..3309385 100644
--- a/api-tests/dev_apis/crypto/test_c054/test_entry_c054.c
+++ b/api-tests/dev_apis/crypto/test_c054/test_entry_c054.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c054.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 54)
-#define TEST_DESC "Testing crypto AEAD APIs\n"
+#define TEST_DESC "Testing crypto AEAD APIs | UT: psa_aead_generate_nonce\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c055/test_c055.c b/api-tests/dev_apis/crypto/test_c055/test_c055.c
index 097f2b4..a0d0229 100644
--- a/api-tests/dev_apis/crypto/test_c055/test_c055.c
+++ b/api-tests/dev_apis/crypto/test_c055/test_c055.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,10 +31,10 @@
int32_t psa_aead_set_nonce_test(caller_security_t caller __UNUSED)
{
int32_t i, status;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
- psa_key_handle_t key_handle;
+ psa_aead_operation_t operation;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -48,69 +48,97 @@
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "[Check %d] ", i+1);
val->print(PRINT_TEST, check1[i].test_desc, 0);
+ val->crypto_function(VAL_CRYPTO_AEAD_OPERATION_INIT,
+ &operation);
+
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
- /* Set the key for a multipart authenticated encryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
- key_handle, check1[i].alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ if (check1[i].operation_state) {
+ if (check1[i].usage_flags == PSA_KEY_USAGE_ENCRYPT) {
+ /* Set the key for a multipart authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
+ } else {
+ /* Set the key for a multipart authenticated decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
+ }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ }
/* Set the nonce for an authenticated encryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE, &operation, check1[i].nonce,
- check1[i].nonce_size);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE,
+ &operation,
+ check1[i].nonce,
+ check1[i].nonce_length);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Abort the AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
/* Reset the key attributes */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ &attributes);
continue;
}
/* Setting the nonce on an ongoing operation should be an error */
- status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE, &operation, check1[i].nonce,
- check1[i].nonce_size);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE,
+ &operation,
+ check1[i].nonce,
+ check1[i].nonce_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(8));
/* Abort the AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
/* Reset the key attributes */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
-
- /* Setting the nonce on an aborted operation should be an error */
- status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE, &operation, check1[i].nonce,
- check1[i].nonce_size);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(11));
-
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ &attributes);
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c055/test_data.h b/api-tests/dev_apis/crypto/test_c055/test_data.h
index 12e2185..39535ff 100644
--- a/api-tests/dev_apis/crypto/test_c055/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c055/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,70 +15,225 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- uint8_t key_data[32];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
+ psa_key_type_t type;
+ const uint8_t *data;
+ size_t data_length;
+ psa_key_usage_t usage_flags;
psa_algorithm_t alg;
- uint8_t nonce[32];
- size_t nonce_size;
+ psa_algorithm_t setup_alg;
+ const uint8_t *nonce;
+ size_t nonce_length;
+ uint32_t operation_state;
psa_status_t expected_status;
} test_data;
static const test_data check1[] = {
-#ifdef ARCH_TEST_CCM
#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_set_nonce - AES-CCM\n", PSA_KEY_TYPE_AES,
-{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
- 0x93, 0xCC, 0x6B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16,
- PSA_SUCCESS
+#ifdef ARCH_TEST_CCM
+{
+ .test_desc = "Test psa_aead_set_nonce - Encrypt - CCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_set_nonce - AES-CCM 24 bytes Tag length = 4\n", PSA_KEY_TYPE_AES,
-{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
- 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
- PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_set_nonce - Encrypt - CCM - Tag length = 4\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_set_nonce - Small nounce size\n", PSA_KEY_TYPE_AES,
-{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
- 0x93, 0xCC, 0x6B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
-{0x00, 0x01, 0x02}, 3,
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_aead_set_nonce - Encrypt - CCM - Default Tag length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(PSA_ALG_CCM),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_set_nonce - Large nonce size\n", PSA_KEY_TYPE_AES,
-{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
- 0x93, 0xCC, 0x6B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
- 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F}, 32,
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_aead_set_nonce - Encrypt - CCM - Small nonce size\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = PSA_AEAD_NONCE_LENGTH(PSA_KEY_TYPE_AES, PSA_ALG_CCM) - 1,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
},
-#endif
+
+{
+ .test_desc = "Test psa_aead_set_nonce - Encrypt - CCM - Large nonce size\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = (PSA_AEAD_NONCE_LENGTH(PSA_KEY_TYPE_AES, PSA_ALG_CCM))*5,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
+},
+
+{
+ .test_desc = "Test psa_aead_set_nonce - Encrypt - CCM - Invalid operation state\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .operation_state = 0,
+ .expected_status = PSA_ERROR_BAD_STATE
+},
#endif
#ifdef ARCH_TEST_GCM
-#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_set_nonce - GCM - 16B AES - 12B Nounce & 12B addi data\n", PSA_KEY_TYPE_AES,
-{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
- 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_set_nonce - Encrypt - GCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_GCM,
+ .setup_alg = PSA_ALG_GCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_CCM
+{
+ .test_desc = "Test psa_aead_set_nonce - Decrypt - CCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_set_nonce - Decrypt - CCM - Tag length = 4\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_set_nonce - Decrypt - CCM - Default Tag length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(PSA_ALG_CCM),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_set_nonce - Decrypt - CCM - Small nonce size\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = PSA_AEAD_NONCE_LENGTH(PSA_KEY_TYPE_AES, PSA_ALG_CCM) - 1,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
+},
+
+{
+ .test_desc = "Test psa_aead_set_nonce - Decrypt - CCM - Large nonce size\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = (PSA_AEAD_NONCE_LENGTH(PSA_KEY_TYPE_AES, PSA_ALG_CCM))*5,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
+},
+
+{
+ .test_desc = "Test psa_aead_set_nonce - Decrypt - CCM - Invalid operation state\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .operation_state = 0,
+ .expected_status = PSA_ERROR_BAD_STATE
+},
+#endif
+
+#ifdef ARCH_TEST_GCM
+{
+ .test_desc = "Test psa_aead_set_nonce - Decrypt - GCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_GCM,
+ .setup_alg = PSA_ALG_GCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
diff --git a/api-tests/dev_apis/crypto/test_c055/test_entry_c055.c b/api-tests/dev_apis/crypto/test_c055/test_entry_c055.c
index c34e978..8531765 100644
--- a/api-tests/dev_apis/crypto/test_c055/test_entry_c055.c
+++ b/api-tests/dev_apis/crypto/test_c055/test_entry_c055.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c055.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 55)
-#define TEST_DESC "Testing crypto AEAD APIs\n"
+#define TEST_DESC "Testing crypto AEAD APIs | UT: psa_aead_set_nonce\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c056/test_c056.c b/api-tests/dev_apis/crypto/test_c056/test_c056.c
index 26629cf..46a2094 100644
--- a/api-tests/dev_apis/crypto/test_c056/test_c056.c
+++ b/api-tests/dev_apis/crypto/test_c056/test_c056.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,10 +31,10 @@
int32_t psa_aead_set_lengths_test(caller_security_t caller __UNUSED)
{
int32_t i, status;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
- psa_key_handle_t key_handle;
+ psa_aead_operation_t operation;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -48,74 +48,104 @@
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "[Check %d] ", i+1);
val->print(PRINT_TEST, check1[i].test_desc, 0);
+ val->crypto_function(VAL_CRYPTO_AEAD_OPERATION_INIT,
+ &operation);
+
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
- /* Set the key for a multipart authenticated encryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
- key_handle, check1[i].alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ if (check1[i].operation_state) {
+ if (check1[i].usage_flags == PSA_KEY_USAGE_ENCRYPT) {
+ /* Set the key for a multipart authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
+ } else {
+ /* Set the key for a multipart authenticated decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
+ }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
- /* Set the nonce for an authenticated encryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE, &operation, check1[i].nonce,
- check1[i].nonce_size);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ /* Set the nonce for an authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE,
+ &operation,
+ check1[i].nonce,
+ check1[i].nonce_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ }
/* Declare the lengths of the message and additional data for AEAD */
- status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS, &operation, check1[i].ad_length,
- check1[i].plaintext_length);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS,
+ &operation,
+ check1[i].ad_length,
+ check1[i].plaintext_length);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Declare the lengths of failed operation should be an error */
- status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS, &operation,
- check1[i].ad_length, check1[i].plaintext_length);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS,
+ &operation,
+ check1[i].ad_length,
+ check1[i].plaintext_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(7));
/* Abort the AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
/* Reset the key attributes */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ &attributes);
continue;
}
/* Abort the AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
/* Reset the key attributes */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
-
- /* Declare the lengths of an aborted operation should be an error */
- status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS, &operation, check1[i].ad_length,
- check1[i].plaintext_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(12));
-
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ &attributes);
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c056/test_data.h b/api-tests/dev_apis/crypto/test_c056/test_data.h
index f891b7e..e2dc9d0 100644
--- a/api-tests/dev_apis/crypto/test_c056/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c056/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,81 +15,255 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- uint8_t key_data[32];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
+ psa_key_type_t type;
+ const uint8_t *data;
+ size_t data_length;
+ psa_key_usage_t usage_flags;
psa_algorithm_t alg;
- uint8_t nonce[32];
- size_t nonce_size;
+ psa_algorithm_t setup_alg;
+ const uint8_t *nonce;
+ size_t nonce_length;
size_t ad_length;
size_t plaintext_length;
+ uint32_t operation_state;
psa_status_t expected_status;
} test_data;
static const test_data check1[] = {
-#ifdef ARCH_TEST_CCM
#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_set_lengths - AES-CCM\n", PSA_KEY_TYPE_AES,
-{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
- 0x93, 0xCC, 0x6B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16, 8, 32,
- PSA_SUCCESS
+#ifdef ARCH_TEST_CCM
+{
+ .test_desc = "Test psa_aead_set_lengths - Encrypt - CCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_set_lengths - AES-CCM 24 bytes Tag length = 4\n", PSA_KEY_TYPE_AES,
-{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
- 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
- PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16, 8, 32,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_set_lengths - Encrypt - CCM - Tag length = 4\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_set_lengths - Zero ad size\n", PSA_KEY_TYPE_AES,
-{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
- 0x93, 0xCC, 0x6B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16, 0, 32,
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_aead_set_lengths - Encrypt - CCM - Default Tag length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(PSA_ALG_CCM),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_set_lengths - Zero plaintext size\n", PSA_KEY_TYPE_AES,
-{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
- 0x93, 0xCC, 0x6B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16, 8, 0,
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_aead_set_lengths - Encrypt - CCM - Zero ad_length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 0,
+ .plaintext_length = 32,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_set_lengths - Invalid lengths\n", PSA_KEY_TYPE_AES,
-{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
- 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
- PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16, 1, 1,
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_aead_set_lengths - Encrypt - CCM - Zero plaintext_length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 0,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-#endif
+
+{
+ .test_desc = "Test psa_aead_set_lengths - Encrypt - CCM - Invalid operation state\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .operation_state = 0,
+ .expected_status = PSA_ERROR_BAD_STATE
+},
#endif
#ifdef ARCH_TEST_GCM
-#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_set_lengths - Vey large lengths\n", PSA_KEY_TYPE_AES,
-{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
- 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16, 1000, 1000,
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_aead_set_lengths - Encrypt - GCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_GCM,
+ .setup_alg = PSA_ALG_GCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_CCM
+{
+ .test_desc = "Test psa_aead_set_lengths - Decrypt - CCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_set_lengths - Decrypt - CCM - Tag length = 4\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_set_lengths - Decrypt - CCM - Default Tag length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(PSA_ALG_CCM),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_set_lengths - Decrypt - CCM - Zero ad_length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 0,
+ .plaintext_length = 32,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_set_lengths - Decrypt - CCM - Zero plaintext_length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 0,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_set_lengths - Decrypt - CCM - Invalid operation state\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .operation_state = 0,
+ .expected_status = PSA_ERROR_BAD_STATE
+},
+#endif
+
+#ifdef ARCH_TEST_GCM
+{
+ .test_desc = "Test psa_aead_set_lengths - Decrypt - GCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_GCM,
+ .setup_alg = PSA_ALG_GCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
diff --git a/api-tests/dev_apis/crypto/test_c056/test_entry_c056.c b/api-tests/dev_apis/crypto/test_c056/test_entry_c056.c
index 37e0136..4ffb538 100644
--- a/api-tests/dev_apis/crypto/test_c056/test_entry_c056.c
+++ b/api-tests/dev_apis/crypto/test_c056/test_entry_c056.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c056.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 56)
-#define TEST_DESC "Testing crypto AEAD APIs\n"
+#define TEST_DESC "Testing crypto AEAD APIs | UT: psa_aead_set_lengths\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c057/test_c057.c b/api-tests/dev_apis/crypto/test_c057/test_c057.c
index 213ddf5..d89dbba 100644
--- a/api-tests/dev_apis/crypto/test_c057/test_c057.c
+++ b/api-tests/dev_apis/crypto/test_c057/test_c057.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,10 +31,10 @@
int32_t psa_aead_update_ad_test(caller_security_t caller __UNUSED)
{
int32_t i, status;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -48,79 +48,111 @@
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "[Check %d] ", i+1);
val->print(PRINT_TEST, check1[i].test_desc, 0);
+ val->crypto_function(VAL_CRYPTO_AEAD_OPERATION_INIT,
+ &operation);
+
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
- /* Set the key for a multipart authenticated encryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
- key_handle, check1[i].alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ if (check1[i].operation_state) {
+ if (check1[i].usage_flags == PSA_KEY_USAGE_ENCRYPT) {
+ /* Set the key for a multipart authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
+ } else {
+ /* Set the key for a multipart authenticated decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
+ }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
- /* Set the nonce for an authenticated encryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE, &operation, check1[i].nonce,
- check1[i].nonce_size);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ /* Set the nonce for an authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE,
+ &operation,
+ check1[i].nonce,
+ check1[i].nonce_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
- /* Declare the lengths of the message and additional data for AEAD */
- status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS, &operation, check1[i].ad_length,
- check1[i].plaintext_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ /* Declare the lengths of the message and additional data for AEAD */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS,
+ &operation,
+ check1[i].ad_length,
+ check1[i].plaintext_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ }
/* Pass additional data to an active AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE_AD, &operation,
- check1[i].additional_data, check1[i].ad_length);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE_AD,
+ &operation,
+ check1[i].input,
+ check1[i].input_length);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(7));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Pass additional data to an inactive AEAD operation should fail */
- status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE_AD, &operation,
- check1[i].additional_data, check1[i].ad_length);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE_AD,
+ &operation,
+ check1[i].input,
+ check1[i].input_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(8));
/* Abort the AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
/* Reset the key attributes */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ &attributes);
continue;
}
/* Abort the AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
/* Reset the key attributes */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
-
- /* Pass additional data to an inactive AEAD operation should fail */
- status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE_AD, &operation,
- check1[i].additional_data, check1[i].ad_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(13));
-
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ &attributes);
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c057/test_data.h b/api-tests/dev_apis/crypto/test_c057/test_data.h
index 9ead790..9008c62 100644
--- a/api-tests/dev_apis/crypto/test_c057/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c057/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,88 +15,279 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- uint8_t key_data[32];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
+ psa_key_type_t type;
+ const uint8_t *data;
+ size_t data_length;
+ psa_key_usage_t usage_flags;
psa_algorithm_t alg;
- uint8_t additional_data[32];
- uint8_t nonce[32];
- size_t nonce_size;
+ psa_algorithm_t setup_alg;
+ const uint8_t *nonce;
+ size_t nonce_length;
size_t ad_length;
size_t plaintext_length;
+ const uint8_t *input;
+ size_t input_length;
+ uint32_t operation_state;
psa_status_t expected_status;
} test_data;
static const test_data check1[] = {
+#ifdef ARCH_TEST_AES_128
#ifdef ARCH_TEST_CCM
-#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_update_ad - AES-CCM\n", PSA_KEY_TYPE_AES,
-{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
- 0x93, 0xCC, 0x6B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
-{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16, 13, 32,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_update_ad - Encrypt - CCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .input = additional_data,
+ .input_length = 8,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_update_ad - AES-CCM 24 bytes Tag length = 4\n", PSA_KEY_TYPE_AES,
-{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
- 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
- PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
-{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16, 13, 32,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_update_ad - Encrypt - CCM - Tag length = 4\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .input = additional_data,
+ .input_length = 8,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_update_ad - Zero ad size\n", PSA_KEY_TYPE_AES,
-{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
- 0x93, 0xCC, 0x6B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
-{0},
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16, 0, 32,
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_aead_update_ad - Encrypt - CCM - Default length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(PSA_ALG_CCM),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .input = additional_data,
+ .input_length = 8,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_update_ad - Zero plaintext size\n", PSA_KEY_TYPE_AES,
-{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
- 0x93, 0xCC, 0x6B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
-{0x0B, 0xE1, 0xA8, 0x8B, 0xAC, 0xE0, 0x18, 0xB1},
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16, 8, 0,
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_aead_update_ad - Encrypt - CCM - Zero ad_length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 0,
+ .plaintext_length = 32,
+ .input = NULL,
+ .input_length = 0,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_update_ad - Invalid lengths\n", PSA_KEY_TYPE_AES,
-{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
- 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
- PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
-{0x72},
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16, 1, 1,
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_aead_update_ad - Encrypt - CCM - Zero plaintext_length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 0,
+ .input = additional_data,
+ .input_length = 8,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-#endif
-#endif
-#ifdef ARCH_TEST_GCM
-#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_update_ad - Vey large lengths\n", PSA_KEY_TYPE_AES,
-{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
- 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
-{0x10},
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16, 1000, 1000,
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_aead_update_ad - Encrypt - CCM - Invalid operation state\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .input = additional_data,
+ .input_length = 8,
+ .operation_state = 0,
+ .expected_status = PSA_ERROR_BAD_STATE
+},
+
+{
+ .test_desc = "Test psa_aead_update_ad - Encrypt - CCM - Overflow input length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .input = additional_data,
+ .input_length = 9,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
+},
+
+{
+ .test_desc = "Test psa_aead_update_ad - Decrypt - CCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .input = additional_data,
+ .input_length = 8,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_update_ad - Decrypt - CCM - Tag length = 4\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .input = additional_data,
+ .input_length = 8,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_update_ad - Decrypt - CCM - Default length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(PSA_ALG_CCM),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .input = additional_data,
+ .input_length = 8,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_update_ad - Decrypt - CCM - Zero ad_length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 0,
+ .plaintext_length = 32,
+ .input = NULL,
+ .input_length = 0,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_update_ad - Decrypt - CCM - Zero plaintext_length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 0,
+ .input = additional_data,
+ .input_length = 8,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_update_ad - Decrypt - CCM - Invalid operation state\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .input = additional_data,
+ .input_length = 8,
+ .operation_state = 0,
+ .expected_status = PSA_ERROR_BAD_STATE
+},
+
+{
+ .test_desc = "Test psa_aead_update_ad - Decrypt - CCM - Overflow input length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 8,
+ .plaintext_length = 32,
+ .input = additional_data,
+ .input_length = 9,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
},
#endif
#endif
diff --git a/api-tests/dev_apis/crypto/test_c057/test_entry_c057.c b/api-tests/dev_apis/crypto/test_c057/test_entry_c057.c
index 2999f1b..3036458 100644
--- a/api-tests/dev_apis/crypto/test_c057/test_entry_c057.c
+++ b/api-tests/dev_apis/crypto/test_c057/test_entry_c057.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c057.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 57)
-#define TEST_DESC "Testing crypto AEAD APIs\n"
+#define TEST_DESC "Testing crypto AEAD APIs | UT: psa_aead_update_ad\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c058/test_c058.c b/api-tests/dev_apis/crypto/test_c058/test_c058.c
index 28e3a6f..5a467b9 100644
--- a/api-tests/dev_apis/crypto/test_c058/test_c058.c
+++ b/api-tests/dev_apis/crypto/test_c058/test_c058.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,12 +31,11 @@
int32_t psa_aead_update_test(caller_security_t caller __UNUSED)
{
int32_t i, status;
- uint8_t output[BUFFER_SIZE];
- size_t length;
+ size_t output_length;
int num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
- psa_key_handle_t key_handle;
+ psa_aead_operation_t operation;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -50,91 +49,130 @@
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "[Check %d] ", i+1);
val->print(PRINT_TEST, check1[i].test_desc, 0);
+ val->crypto_function(VAL_CRYPTO_AEAD_OPERATION_INIT,
+ &operation);
+
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
- /* Set the key for a multipart authenticated encryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
- key_handle, check1[i].alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ if (check1[i].operation_state) {
+ if (check1[i].usage_flags == PSA_KEY_USAGE_ENCRYPT) {
+ /* Set the key for a multipart authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
+ } else {
+ /* Set the key for a multipart authenticated decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
+ }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
- /* Set the nonce for an authenticated encryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE, &operation, check1[i].nonce,
- check1[i].nonce_size);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ /* Set the nonce for an authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE,
+ &operation,
+ check1[i].nonce,
+ check1[i].nonce_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
- /* Declare the lengths of the message and additional data for AEAD */
- status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS, &operation, check1[i].ad_length,
- check1[i].input_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ /* Declare the lengths of the message and additional data for AEAD */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS,
+ &operation,
+ check1[i].ad_length,
+ check1[i].plaintext_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
- /* Pass additional data to an active AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE_AD, &operation,
- check1[i].additional_data, check1[i].ad_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ /* Pass additional data to an active AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE_AD,
+ &operation,
+ check1[i].additional_data,
+ check1[i].ad_input_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ }
/* Encrypt or decrypt a message fragment in an active AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE, &operation,
- check1[i].plaintext, check1[i].plaintext_length, output,
- check1[i].output_size, &length);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE,
+ &operation,
+ check1[i].input,
+ check1[i].input_length,
+ check1[i].output,
+ check1[i].output_size,
+ &output_length);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(8));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Encrypt or decrypt a message fragment in an inactive AEAD operation should fail */
- status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE, &operation,
- check1[i].plaintext, check1[i].plaintext_length, output,
- check1[i].output_size, &length);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE,
+ &operation,
+ check1[i].input,
+ check1[i].input_length,
+ check1[i].output,
+ check1[i].output_size,
+ &output_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(9));
/* Abort the AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
/* Reset the key attributes */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ &attributes);
continue;
}
/* Compare the output and its length with the expected values */
- TEST_ASSERT_EQUAL(length, check1[i].expected_length, TEST_CHECKPOINT_NUM(12));
- TEST_ASSERT_MEMCMP(output, check1[i].expected_output, length, TEST_CHECKPOINT_NUM(13));
+ TEST_ASSERT_EQUAL(output_length, check1[i].expected_output_length,
+ TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_MEMCMP(check1[i].output, check1[i].expected_output, output_length,
+ TEST_CHECKPOINT_NUM(13));
/* Abort the AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(15));
/* Reset the key attributes */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
-
- /* Encrypt or decrypt a message fragment in an inactive AEAD operation should fail */
- status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE, &operation,
- check1[i].plaintext_length, check1[i].plaintext, output,
- check1[i].output_size, &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(16));
-
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ &attributes);
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c058/test_data.h b/api-tests/dev_apis/crypto/test_c058/test_data.h
index 53a36d0..587ea9d 100644
--- a/api-tests/dev_apis/crypto/test_c058/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c058/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,124 +15,465 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- uint8_t key_data[32];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
+ psa_key_type_t type;
+ const uint8_t *data;
+ size_t data_length;
+ psa_key_usage_t usage_flags;
psa_algorithm_t alg;
- uint8_t plaintext[30];
- uint8_t additional_data[32];
- uint8_t nonce[32];
- size_t nonce_size;
+ psa_algorithm_t setup_alg;
+ const uint8_t *nonce;
+ size_t nonce_length;
size_t ad_length;
size_t plaintext_length;
+ const uint8_t *additional_data;
+ size_t ad_input_length;
+ const uint8_t *input;
size_t input_length;
+ uint8_t *output;
size_t output_size;
- uint8_t expected_output[45];
- size_t expected_length;
+ const uint8_t *expected_output;
+ size_t expected_output_length;
+ uint32_t operation_state;
psa_status_t expected_status;
} test_data;
static const test_data check1[] = {
#ifdef ARCH_TEST_CCM
#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_update - AES-CCM\n", PSA_KEY_TYPE_AES,
-{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
- 0x21, 0xBF, 0x43},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
-{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
- 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
-{0x40, 0xa2, 0x7c, 0x1d, 0x1e, 0x23, 0xea, 0x3d, 0xbe, 0x80, 0x56, 0xb2, 0x77,
- 0x48, 0x61, 0xa4, 0xa2, 0x01, 0xcc, 0xe4, 0x9f, 0x19, 0x99, 0x7d, 0x19, 0x20,
- 0x6d, 0x8c, 0x8a, 0x34, 0x39, 0x51},
-{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
- 13, 32, 24, 24, BUFFER_SIZE,
-{0x26, 0xc5, 0x69, 0x61, 0xc0, 0x35, 0xa7, 0xe4, 0x52, 0xcc, 0xe6, 0x1b, 0xc6,
- 0xee, 0x22, 0x0d, 0x77, 0xb3, 0xf9, 0x4d, 0x18, 0xfd, 0x10, 0xb6, 0xd8, 0x0e,
- 0x8b, 0xf8, 0x0f, 0x4a, 0x46, 0xca, 0xb0, 0x6d, 0x43, 0x13, 0xf0, 0xdb, 0x9b,
- 0xe9}, 40,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_update - Encrypt - CCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 24,
+ .additional_data = additional_data,
+ .ad_input_length = 32,
+ .input = plaintext,
+ .input_length = 24,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = aead_ciphertext_2,
+ .expected_output_length = AEAD_CIPHERTEXT_LEN_2,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_update - AES-CCM 24 bytes Tag length = 4\n", PSA_KEY_TYPE_AES,
-{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
- 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
- PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
-{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
- 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
-{0x40, 0xa2, 0x7c, 0x1d, 0x1e, 0x23, 0xea, 0x3d, 0xbe, 0x80, 0x56, 0xb2, 0x77,
- 0x48, 0x61, 0xa4, 0xa2, 0x01, 0xcc, 0xe4, 0x9f, 0x19, 0x99, 0x7d, 0x19, 0x20,
- 0x6d, 0x8c, 0x8a, 0x34, 0x39, 0x51},
-{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
- 13, 32, 24, 24, BUFFER_SIZE,
-{0x26, 0xc5, 0x69, 0x61, 0xc0, 0x35, 0xa7, 0xe4, 0x52, 0xcc, 0xe6, 0x1b, 0xc6,
- 0xee, 0x22, 0x0d, 0x77, 0xb3, 0xf9, 0x4d, 0x18, 0xfd, 0x10, 0xb6, 0x64, 0x3b,
- 0x4f, 0x39}, 28,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_update - Encrypt - CCM - Tag length = 4\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 24,
+ .additional_data = additional_data,
+ .ad_input_length = 32,
+ .input = plaintext,
+ .input_length = 24,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = aead_ciphertext_3,
+ .expected_output_length = AEAD_CIPHERTEXT_LEN_3,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_update - Zero plaintext size\n", PSA_KEY_TYPE_AES,
-{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
- 0x21, 0xBF, 0x43},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
-{0},
-{0x0B, 0xE1, 0xA8, 0x8B, 0xAC, 0xE0, 0x18, 0xB1},
-{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
- 0x0D, 0x0E, 0x0F}, 16, 8, 0, 0, BUFFER_SIZE, {0}, 0,
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_aead_update - Encrypt - CCM - Default Tag length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(PSA_ALG_CCM),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 24,
+ .additional_data = additional_data,
+ .ad_input_length = 32,
+ .input = plaintext,
+ .input_length = 24,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = aead_ciphertext_2,
+ .expected_output_length = AEAD_CIPHERTEXT_LEN_2,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_update - Small buffer size\n", PSA_KEY_TYPE_AES,
-{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
- 0x21, 0xBF, 0x43},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
-{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
- 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
-{0x40, 0xa2, 0x7c, 0x1d, 0x1e, 0x23, 0xea, 0x3d, 0xbe, 0x80, 0x56, 0xb2, 0x77,
- 0x48, 0x61, 0xa4, 0xa2, 0x01, 0xcc, 0xe4, 0x9f, 0x19, 0x99, 0x7d, 0x19, 0x20,
- 0x6d, 0x8c, 0x8a, 0x34, 0x39, 0x51},
-{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
- 13, 32, 24, 24, 10, {0}, 0,
- PSA_ERROR_BUFFER_TOO_SMALL
+{
+ .test_desc = "Test psa_aead_update - Encrypt - CCM - Zero ad_length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 0,
+ .plaintext_length = 24,
+ .additional_data = NULL,
+ .ad_input_length = 0,
+ .input = plaintext,
+ .input_length = 24,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = aead_ciphertext_4,
+ .expected_output_length = AEAD_CIPHERTEXT_LEN_4,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-{"Test psa_aead_update - Input length overflows plaintext length\n", PSA_KEY_TYPE_AES,
-{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
- 0x21, 0xBF, 0x43},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
-{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
- 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
-{0x40, 0xa2, 0x7c, 0x1d, 0x1e, 0x23, 0xea, 0x3d, 0xbe, 0x80, 0x56, 0xb2, 0x77,
- 0x48, 0x61, 0xa4, 0xa2, 0x01, 0xcc, 0xe4, 0x9f, 0x19, 0x99, 0x7d, 0x19, 0x20,
- 0x6d, 0x8c, 0x8a, 0x34, 0x39, 0x51},
-{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
- 13, 32, 24, 10, BUFFER_SIZE, {0}, 0,
- PSA_ERROR_INVALID_ARGUMENT
+{
+ .test_desc = "Test psa_aead_update - Encrypt - CCM - Zero plaintext_length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 0,
+ .additional_data = additional_data,
+ .ad_input_length = 32,
+ .input = NULL,
+ .input_length = 0,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = aead_ciphertext_5,
+ .expected_output_length = AEAD_CIPHERTEXT_LEN_5,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
},
-#endif
-#endif
-#ifdef ARCH_TEST_GCM
-#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_update - GCM - 16B AES - 12B Nounce & 12B addi data\n", PSA_KEY_TYPE_AES,
-{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
- 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
-{0x45, 0x00, 0x00, 0x1c, 0x42, 0xa2, 0x00, 0x00, 0x80, 0x01, 0x44, 0x1f, 0x40,
- 0x67, 0x93, 0xb6, 0xe0, 0x00, 0x00, 0x02, 0x0a, 0x00, 0xf5, 0xff, 0x01, 0x02,
- 0x02, 0x01},
-{0x42, 0xf6, 0x7e, 0x3f, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10},
-{0x57, 0x69, 0x0e, 0x43, 0x4e, 0x28, 0x00, 0x00, 0xa2, 0xfc, 0xa1, 0xa3},
- 12, 12, 28, 28, BUFFER_SIZE,
-{0xFB, 0xA2, 0xCA, 0x84, 0x5E, 0x5D, 0xF9, 0xF0, 0xF2, 0x2C, 0x3E, 0x6E, 0x86,
- 0xDD, 0x83, 0x1E, 0x1F, 0xC6, 0x57, 0x92, 0xCD, 0x1A, 0xF9, 0x13, 0x0E, 0x13,
- 0x79, 0xED, 0x36, 0x9F, 0x07, 0x1F, 0x35, 0xE0, 0x34, 0xBE, 0x95, 0xF1, 0x12,
- 0xE4, 0xE7, 0xD0, 0x5D, 0x35}, 44,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_update - Encrypt - CCM - Small buffer size\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 24,
+ .additional_data = additional_data,
+ .ad_input_length = 32,
+ .input = plaintext,
+ .input_length = 24,
+ .output = expected_output,
+ .output_size = AEAD_CIPHERTEXT_LEN_2 - 2,
+ .expected_output = NULL,
+ .expected_output_length = 0,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{
+ .test_desc = "Test psa_aead_update - Encrypt - Less add data than specified\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 24,
+ .additional_data = additional_data,
+ .ad_input_length = 30,
+ .input = plaintext,
+ .input_length = 24,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = NULL,
+ .expected_output_length = 0,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
+},
+
+{
+ .test_desc = "Test psa_aead_update - Encrypt - CCM - Overflow input length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 24,
+ .additional_data = additional_data,
+ .ad_input_length = 32,
+ .input = plaintext,
+ .input_length = 25,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = NULL,
+ .expected_output_length = 0,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
+},
+
+{
+ .test_desc = "Test psa_aead_update - Encrypt - CCM - Invalid operation state\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 24,
+ .additional_data = additional_data,
+ .ad_input_length = 32,
+ .input = plaintext,
+ .input_length = 24,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = NULL,
+ .expected_output_length = 0,
+ .operation_state = 0,
+ .expected_status = PSA_ERROR_BAD_STATE
+},
+
+{
+ .test_desc = "Test psa_aead_update - Decrypt - CCM\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 24,
+ .additional_data = additional_data,
+ .ad_input_length = 32,
+ .input = plaintext,
+ .input_length = 24,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = aead_ciphertext_2,
+ .expected_output_length = AEAD_CIPHERTEXT_LEN_2,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_update - Decrypt - CCM - Tag length = 4\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 24,
+ .additional_data = additional_data,
+ .ad_input_length = 32,
+ .input = plaintext,
+ .input_length = 24,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = aead_ciphertext_3,
+ .expected_output_length = AEAD_CIPHERTEXT_LEN_3,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_update - Decrypt - CCM - Default Tag length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(PSA_ALG_CCM),
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 24,
+ .additional_data = additional_data,
+ .ad_input_length = 32,
+ .input = plaintext,
+ .input_length = 24,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = aead_ciphertext_2,
+ .expected_output_length = AEAD_CIPHERTEXT_LEN_2,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_update - Decrypt - CCM - Zero ad_length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 0,
+ .plaintext_length = 24,
+ .additional_data = NULL,
+ .ad_input_length = 0,
+ .input = plaintext,
+ .input_length = 24,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = aead_ciphertext_4,
+ .expected_output_length = AEAD_CIPHERTEXT_LEN_4,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_update - Decrypt - CCM - Zero plaintext_length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 0,
+ .additional_data = additional_data,
+ .ad_input_length = 32,
+ .input = NULL,
+ .input_length = 0,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = aead_ciphertext_5,
+ .expected_output_length = AEAD_CIPHERTEXT_LEN_5,
+ .operation_state = 1,
+ .expected_status = PSA_SUCCESS
+},
+
+{
+ .test_desc = "Test psa_aead_update - Decrypt - CCM - Small buffer size\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 24,
+ .additional_data = additional_data,
+ .ad_input_length = 32,
+ .input = plaintext,
+ .input_length = 24,
+ .output = expected_output,
+ .output_size = AEAD_CIPHERTEXT_LEN_2 - 2,
+ .expected_output = NULL,
+ .expected_output_length = 0,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{
+ .test_desc = "Test psa_aead_update - Decrypt - Less add data than specified\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 24,
+ .additional_data = additional_data,
+ .ad_input_length = 30,
+ .input = plaintext,
+ .input_length = 24,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = NULL,
+ .expected_output_length = 0,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
+},
+
+{
+ .test_desc = "Test psa_aead_update - Decrypt - CCM - Overflow input length\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 24,
+ .additional_data = additional_data,
+ .ad_input_length = 32,
+ .input = plaintext,
+ .input_length = 25,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = NULL,
+ .expected_output_length = 0,
+ .operation_state = 1,
+ .expected_status = PSA_ERROR_INVALID_ARGUMENT
+},
+
+{
+ .test_desc = "Test psa_aead_update - Decrypt - CCM - Invalid operation state\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .nonce = nonce,
+ .nonce_length = 13,
+ .ad_length = 32,
+ .plaintext_length = 24,
+ .additional_data = additional_data,
+ .ad_input_length = 32,
+ .input = plaintext,
+ .input_length = 24,
+ .output = expected_output,
+ .output_size = BUFFER_SIZE,
+ .expected_output = NULL,
+ .expected_output_length = 0,
+ .operation_state = 0,
+ .expected_status = PSA_ERROR_BAD_STATE
},
#endif
#endif
diff --git a/api-tests/dev_apis/crypto/test_c058/test_entry_c058.c b/api-tests/dev_apis/crypto/test_c058/test_entry_c058.c
index d7b1ee1..22fe94f 100644
--- a/api-tests/dev_apis/crypto/test_c058/test_entry_c058.c
+++ b/api-tests/dev_apis/crypto/test_c058/test_entry_c058.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c058.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 58)
-#define TEST_DESC "Testing crypto AEAD APIs\n"
+#define TEST_DESC "Testing crypto AEAD APIs | UT: psa_aead_update\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c059/test_c059.c b/api-tests/dev_apis/crypto/test_c059/test_c059.c
index abec35e..f412690 100644
--- a/api-tests/dev_apis/crypto/test_c059/test_c059.c
+++ b/api-tests/dev_apis/crypto/test_c059/test_c059.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -36,7 +36,7 @@
int num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -64,12 +64,12 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ check1[i].key_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the key for a multipart authenticated encryption operation */
status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
- key_handle, check1[i].alg);
+ key, check1[i].alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Set the nonce for an authenticated encryption operation */
@@ -110,7 +110,7 @@
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
/* Reset the key attributes */
@@ -129,7 +129,7 @@
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(17));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(18));
/* Reset the key attributes */
diff --git a/api-tests/dev_apis/crypto/test_c059/test_data.h b/api-tests/dev_apis/crypto/test_c059/test_data.h
index 9e43eea..9a9f5e8 100644
--- a/api-tests/dev_apis/crypto/test_c059/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c059/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -65,7 +65,7 @@
{"Test psa_aead_finish - AES-CCM 24 bytes Tag length = 4\n", PSA_KEY_TYPE_AES,
{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
- PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
{0x40, 0xa2, 0x7c, 0x1d, 0x1e, 0x23, 0xea, 0x3d, 0xbe, 0x80, 0x56, 0xb2, 0x77,
diff --git a/api-tests/dev_apis/crypto/test_c059/test_entry_c059.c b/api-tests/dev_apis/crypto/test_c059/test_entry_c059.c
index 73ac611..9130cf1 100644
--- a/api-tests/dev_apis/crypto/test_c059/test_entry_c059.c
+++ b/api-tests/dev_apis/crypto/test_c059/test_entry_c059.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c059.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 59)
-#define TEST_DESC "Testing crypto AEAD APIs\n"
+#define TEST_DESC "Testing crypto AEAD APIs | UT: psa_aead_finish\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c060/test_c060.c b/api-tests/dev_apis/crypto/test_c060/test_c060.c
index e86043e..1454378 100644
--- a/api-tests/dev_apis/crypto/test_c060/test_c060.c
+++ b/api-tests/dev_apis/crypto/test_c060/test_c060.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -32,10 +32,10 @@
int32_t psa_aead_abort_test(caller_security_t caller __UNUSED)
{
int32_t i, status;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
- psa_key_handle_t key_handle;
+ psa_aead_operation_t operation;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -52,35 +52,62 @@
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
+ val->crypto_function(VAL_CRYPTO_AEAD_OPERATION_INIT,
+ &operation);
+
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Setup the attributes for the key */
- val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
- val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
- val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE,
+ &attributes,
+ check1[i].type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ &attributes,
+ check1[i].usage_flags);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM,
+ &attributes,
+ check1[i].alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY,
+ &attributes,
+ check1[i].data,
+ check1[i].data_length,
+ &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
- /* Set the key for a multipart authenticated encryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
- key_handle, check1[i].alg);
+ if (check1[i].usage_flags == PSA_KEY_USAGE_ENCRYPT)
+ {
+ /* Set the key for a multipart authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
+ } else {
+ /* Set the key for a multipart authenticated decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT_SETUP,
+ &operation,
+ key,
+ check1[i].setup_alg);
+ }
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
- /* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT,
+ &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
- /* Reset the key attributes and check if psa_import_key fails */
- val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
-
- /* Abort the AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY,
+ key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ &attributes);
+
}
return VAL_STATUS_SUCCESS;
@@ -102,7 +129,8 @@
for (i = 0; i < operation_count; i++)
{
/* Abort the AEAD operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation[i]);
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT,
+ &operation[i]);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(2));
}
diff --git a/api-tests/dev_apis/crypto/test_c060/test_data.h b/api-tests/dev_apis/crypto/test_c060/test_data.h
index 2618c53..93a296a 100644
--- a/api-tests/dev_apis/crypto/test_c060/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c060/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,44 +15,96 @@
* limitations under the License.
**/
-#include "val_crypto.h"
+#include "test_crypto_common.h"
typedef struct {
char test_desc[75];
- psa_key_type_t key_type;
- uint8_t key_data[32];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
+ psa_key_type_t type;
+ const uint8_t *data;
+ size_t data_length;
+ psa_key_usage_t usage_flags;
psa_algorithm_t alg;
+ psa_algorithm_t setup_alg;
psa_status_t expected_status;
} test_data;
static const test_data check1[] = {
-#ifdef ARCH_TEST_CCM
#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_abort - AES-CCM\n", PSA_KEY_TYPE_AES,
-{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
- 0x93, 0xCC, 0x6B},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
- PSA_SUCCESS
+#ifdef ARCH_TEST_CCM
+{
+ .test_desc = "Test psa_aead_abort - Encrypt - CCM - AES\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .expected_status = PSA_SUCCESS
},
-
-{"Test psa_aead_abort - AES-CCM 24 bytes Tag length = 4\n", PSA_KEY_TYPE_AES,
-{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
- 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
- PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
- PSA_SUCCESS
-},
-#endif
#endif
#ifdef ARCH_TEST_GCM
-#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_abort - GCM - 16B AES - 12B Nounce & 12B addi data\n", PSA_KEY_TYPE_AES,
-{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
- 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
- PSA_SUCCESS
+{
+ .test_desc = "Test psa_aead_abort - Encrypt - GCM - AES\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_GCM,
+ .setup_alg = PSA_ALG_GCM,
+ .expected_status = PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_CHACHA20_POLY1305
+{
+ .test_desc = "Test psa_aead_abort - Encrypt - CHACHA20_POLY1305 - AES\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_ENCRYPT,
+ .alg = PSA_ALG_CHACHA20_POLY1305,
+ .setup_alg = PSA_ALG_CHACHA20_POLY1305,
+ .expected_status = PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_CCM
+{
+ .test_desc = "Test psa_aead_abort - Decrypt - CCM - AES\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CCM,
+ .setup_alg = PSA_ALG_CCM,
+ .expected_status = PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_GCM
+{
+ .test_desc = "Test psa_aead_abort - Decrypt - GCM - AES\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_GCM,
+ .setup_alg = PSA_ALG_GCM,
+ .expected_status = PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_CHACHA20_POLY1305
+{
+ .test_desc = "Test psa_aead_abort - Decrypt - CHACHA20_POLY1305 - AES\n",
+ .type = PSA_KEY_TYPE_AES,
+ .data = key_data,
+ .data_length = AES_16B_KEY_SIZE,
+ .usage_flags = PSA_KEY_USAGE_DECRYPT,
+ .alg = PSA_ALG_CHACHA20_POLY1305,
+ .setup_alg = PSA_ALG_CHACHA20_POLY1305,
+ .expected_status = PSA_SUCCESS
},
#endif
#endif
diff --git a/api-tests/dev_apis/crypto/test_c060/test_entry_c060.c b/api-tests/dev_apis/crypto/test_c060/test_entry_c060.c
index 20bdc80..1bcbefc 100644
--- a/api-tests/dev_apis/crypto/test_c060/test_entry_c060.c
+++ b/api-tests/dev_apis/crypto/test_c060/test_entry_c060.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c060.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 60)
-#define TEST_DESC "Testing crypto AEAD APIs\n"
+#define TEST_DESC "Testing crypto AEAD APIs | UT: psa_aead_abort\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c061/test_c061.c b/api-tests/dev_apis/crypto/test_c061/test_c061.c
index 89b4158..2378c0f 100644
--- a/api-tests/dev_apis/crypto/test_c061/test_c061.c
+++ b/api-tests/dev_apis/crypto/test_c061/test_c061.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -36,7 +36,7 @@
int num_checks = sizeof(check1)/sizeof(check1[0]);
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
- psa_key_handle_t key_handle;
+ psa_key_id_t key;
if (num_checks == 0)
{
@@ -64,12 +64,12 @@
/* Import the key data into the key slot */
status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
- check1[i].key_length, &key_handle);
+ check1[i].key_length, &key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the key for a multipart authenticated encryption operation */
status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT_SETUP, &operation,
- key_handle, check1[i].alg);
+ key, check1[i].alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Set the nonce for an authenticated encryption operation */
@@ -110,7 +110,7 @@
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
/* Reset the key attributes */
@@ -129,7 +129,7 @@
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(16));
/* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(17));
/* Reset the key attributes */
diff --git a/api-tests/dev_apis/crypto/test_c061/test_data.h b/api-tests/dev_apis/crypto/test_c061/test_data.h
index c5af3a8..cefed85 100644
--- a/api-tests/dev_apis/crypto/test_c061/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c061/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -65,7 +65,7 @@
{"Test psa_aead_verify - AES-CCM 24 bytes Tag length = 4\n", PSA_KEY_TYPE_AES,
{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM,
- PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+ PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4),
{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
{0x40, 0xa2, 0x7c, 0x1d, 0x1e, 0x23, 0xea, 0x3d, 0xbe, 0x80, 0x56, 0xb2, 0x77,
diff --git a/api-tests/dev_apis/crypto/test_c061/test_entry_c061.c b/api-tests/dev_apis/crypto/test_c061/test_entry_c061.c
index 71b6a64..e0c3875 100644
--- a/api-tests/dev_apis/crypto/test_c061/test_entry_c061.c
+++ b/api-tests/dev_apis/crypto/test_c061/test_entry_c061.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c061.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 61)
-#define TEST_DESC "Testing crypto AEAD APIs\n"
+#define TEST_DESC "Testing crypto AEAD APIs | UT: psa_aead_verify\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c062/test_c062.c b/api-tests/dev_apis/crypto/test_c062/test_c062.c
index ce99247..b088dee 100644
--- a/api-tests/dev_apis/crypto/test_c062/test_c062.c
+++ b/api-tests/dev_apis/crypto/test_c062/test_c062.c
@@ -153,7 +153,7 @@
&operation,
check1[valid_test_input_index].hash_state +
expected_hash_state_length1,
- check1[valid_test_input_index].hash_state_size -
+ check1[valid_test_input_index].hash_state_size -
expected_hash_state_length1,
&expected_hash_state_length2);
TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(6));
diff --git a/api-tests/dev_apis/crypto/test_c062/test_entry_c062.c b/api-tests/dev_apis/crypto/test_c062/test_entry_c062.c
index d7cff4a..98de3cf 100644
--- a/api-tests/dev_apis/crypto/test_c062/test_entry_c062.c
+++ b/api-tests/dev_apis/crypto/test_c062/test_entry_c062.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c062.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 62)
-#define TEST_DESC "Testing crypto hash functions APIs\n"
+#define TEST_DESC "Testing crypto hash functions APIs | UT: psa_hash_suspend\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c063/test_entry_c063.c b/api-tests/dev_apis/crypto/test_c063/test_entry_c063.c
index 4049d97..6bddba5 100644
--- a/api-tests/dev_apis/crypto/test_c063/test_entry_c063.c
+++ b/api-tests/dev_apis/crypto/test_c063/test_entry_c063.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_c063.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 63)
-#define TEST_DESC "Testing crypto hash functions APIs\n"
+#define TEST_DESC "Testing crypto hash functions APIs | UT: psa_hash_resume\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/crypto/testsuite.db b/api-tests/dev_apis/crypto/testsuite.db
index e857a3e..7e4f8b4 100644
--- a/api-tests/dev_apis/crypto/testsuite.db
+++ b/api-tests/dev_apis/crypto/testsuite.db
@@ -1,5 +1,5 @@
#/** @file
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -81,5 +81,7 @@
test_c059
test_c060
test_c061
+test_c062
+test_c063
(END)
diff --git a/api-tests/dev_apis/initial_attestation/1.0-beta0_testsuite.db b/api-tests/dev_apis/initial_attestation/1.0-beta0_testsuite.db
new file mode 100644
index 0000000..8f04f32
--- /dev/null
+++ b/api-tests/dev_apis/initial_attestation/1.0-beta0_testsuite.db
@@ -0,0 +1,25 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of initial_attestation suite
+
+(START)
+
+test_a001
+
+(END)
diff --git a/api-tests/dev_apis/initial_attestation/1.0.0_testsuite.db b/api-tests/dev_apis/initial_attestation/1.0.0_testsuite.db
new file mode 100644
index 0000000..8f04f32
--- /dev/null
+++ b/api-tests/dev_apis/initial_attestation/1.0.0_testsuite.db
@@ -0,0 +1,25 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of initial_attestation suite
+
+(START)
+
+test_a001
+
+(END)
diff --git a/api-tests/dev_apis/initial_attestation/1.0.1_testsuite.db b/api-tests/dev_apis/initial_attestation/1.0.1_testsuite.db
new file mode 100644
index 0000000..8f04f32
--- /dev/null
+++ b/api-tests/dev_apis/initial_attestation/1.0.1_testsuite.db
@@ -0,0 +1,25 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of initial_attestation suite
+
+(START)
+
+test_a001
+
+(END)
diff --git a/api-tests/dev_apis/initial_attestation/1.0.2_testsuite.db b/api-tests/dev_apis/initial_attestation/1.0.2_testsuite.db
new file mode 100644
index 0000000..8f04f32
--- /dev/null
+++ b/api-tests/dev_apis/initial_attestation/1.0.2_testsuite.db
@@ -0,0 +1,25 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of initial_attestation suite
+
+(START)
+
+test_a001
+
+(END)
diff --git a/api-tests/dev_apis/initial_attestation/test_a001/test_entry_a001.c b/api-tests/dev_apis/initial_attestation/test_a001/test_entry_a001.c
index db253b8..b685017 100644
--- a/api-tests/dev_apis/initial_attestation/test_a001/test_entry_a001.c
+++ b/api-tests/dev_apis/initial_attestation/test_a001/test_entry_a001.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_a001.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_INITIAL_ATTESTATION_BASE, 1)
-#define TEST_DESC "Testing initial attestation APIs\n"
+#define TEST_DESC "Testing attestation initial attestation APIs | UT: psa_initial_attestation\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/storage/its_1.0-beta2_testsuite.db b/api-tests/dev_apis/storage/its_1.0-beta2_testsuite.db
new file mode 100644
index 0000000..ebfbaaf
--- /dev/null
+++ b/api-tests/dev_apis/storage/its_1.0-beta2_testsuite.db
@@ -0,0 +1,34 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of internal trusted storage suite
+
+(START)
+
+test_s001
+test_s002
+test_s003
+test_s004
+test_s005
+test_s006
+test_s007
+test_s008
+test_s009
+test_s010
+
+(END)
diff --git a/api-tests/dev_apis/storage/its_1.0_testsuite.db b/api-tests/dev_apis/storage/its_1.0_testsuite.db
new file mode 100644
index 0000000..ebfbaaf
--- /dev/null
+++ b/api-tests/dev_apis/storage/its_1.0_testsuite.db
@@ -0,0 +1,34 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of internal trusted storage suite
+
+(START)
+
+test_s001
+test_s002
+test_s003
+test_s004
+test_s005
+test_s006
+test_s007
+test_s008
+test_s009
+test_s010
+
+(END)
diff --git a/api-tests/dev_apis/storage/ps_1.0-beta2_testsuite.db b/api-tests/dev_apis/storage/ps_1.0-beta2_testsuite.db
new file mode 100644
index 0000000..a89fa95
--- /dev/null
+++ b/api-tests/dev_apis/storage/ps_1.0-beta2_testsuite.db
@@ -0,0 +1,41 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of internal trusted storage suite
+
+(START)
+
+test_s001
+test_s002
+test_s003
+test_s004
+test_s005
+test_s006
+test_s007
+test_s008
+test_s009
+test_s010
+test_s011
+test_s012
+test_s013
+test_s014
+test_s015
+test_s016
+test_s017
+
+(END)
diff --git a/api-tests/dev_apis/storage/ps_1.0_testsuite.db b/api-tests/dev_apis/storage/ps_1.0_testsuite.db
new file mode 100644
index 0000000..a89fa95
--- /dev/null
+++ b/api-tests/dev_apis/storage/ps_1.0_testsuite.db
@@ -0,0 +1,41 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of internal trusted storage suite
+
+(START)
+
+test_s001
+test_s002
+test_s003
+test_s004
+test_s005
+test_s006
+test_s007
+test_s008
+test_s009
+test_s010
+test_s011
+test_s012
+test_s013
+test_s014
+test_s015
+test_s016
+test_s017
+
+(END)
diff --git a/api-tests/dev_apis/storage/test_s001/test_entry_s001.c b/api-tests/dev_apis/storage/test_s001/test_entry_s001.c
index b7dd733..353de42 100644
--- a/api-tests/dev_apis/storage/test_s001/test_entry_s001.c
+++ b/api-tests/dev_apis/storage/test_s001/test_entry_s001.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s001.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 1)
-#define TEST_DESC "UID not found check\n"
+#define TEST_DESC "UID not found check"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s002/test_entry_s002.c b/api-tests/dev_apis/storage/test_s002/test_entry_s002.c
index 43a3552..e54e697 100755
--- a/api-tests/dev_apis/storage/test_s002/test_entry_s002.c
+++ b/api-tests/dev_apis/storage/test_s002/test_entry_s002.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s002.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 2)
-#define TEST_DESC "Write once error check\n"
+#define TEST_DESC "Write once error check"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s003/test_entry_s003.c b/api-tests/dev_apis/storage/test_s003/test_entry_s003.c
index 99807e2..12ae9f3 100755
--- a/api-tests/dev_apis/storage/test_s003/test_entry_s003.c
+++ b/api-tests/dev_apis/storage/test_s003/test_entry_s003.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s003.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 3)
-#define TEST_DESC "Insufficient space check\n"
+#define TEST_DESC "Insufficient space check"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s004/test_entry_s004.c b/api-tests/dev_apis/storage/test_s004/test_entry_s004.c
index a7861ef..e101789 100755
--- a/api-tests/dev_apis/storage/test_s004/test_entry_s004.c
+++ b/api-tests/dev_apis/storage/test_s004/test_entry_s004.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s004.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 4)
-#define TEST_DESC "Data Consistency check\n"
+#define TEST_DESC "Data Consistency check"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s005/test_entry_s005.c b/api-tests/dev_apis/storage/test_s005/test_entry_s005.c
index d41b0b8..a360d37 100755
--- a/api-tests/dev_apis/storage/test_s005/test_entry_s005.c
+++ b/api-tests/dev_apis/storage/test_s005/test_entry_s005.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s005.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 5)
-#define TEST_DESC "Success scenarios check\n"
+#define TEST_DESC "Success scenarios check"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s006/test_entry_s006.c b/api-tests/dev_apis/storage/test_s006/test_entry_s006.c
index 09d90d0..cc5d188 100755
--- a/api-tests/dev_apis/storage/test_s006/test_entry_s006.c
+++ b/api-tests/dev_apis/storage/test_s006/test_entry_s006.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s006.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 6)
-#define TEST_DESC "Check for storage create flags\n"
+#define TEST_DESC "Check for storage create flags"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s007/test_entry_s007.c b/api-tests/dev_apis/storage/test_s007/test_entry_s007.c
index a2e8120..b369fbf 100755
--- a/api-tests/dev_apis/storage/test_s007/test_entry_s007.c
+++ b/api-tests/dev_apis/storage/test_s007/test_entry_s007.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s007.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 7)
-#define TEST_DESC "Incorrect Size check\n"
+#define TEST_DESC "Incorrect Size check"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s008/test_entry_s008.c b/api-tests/dev_apis/storage/test_s008/test_entry_s008.c
index 98540df..ed02809 100755
--- a/api-tests/dev_apis/storage/test_s008/test_entry_s008.c
+++ b/api-tests/dev_apis/storage/test_s008/test_entry_s008.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s008.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 8)
-#define TEST_DESC "Invalid offset check\n"
+#define TEST_DESC "Invalid offset check"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s009/test_entry_s009.c b/api-tests/dev_apis/storage/test_s009/test_entry_s009.c
index 6a1da17..9a2292c 100755
--- a/api-tests/dev_apis/storage/test_s009/test_entry_s009.c
+++ b/api-tests/dev_apis/storage/test_s009/test_entry_s009.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s009.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 9)
-#define TEST_DESC "Invalid Arguments check\n"
+#define TEST_DESC "Invalid Arguments check"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s010/test_entry_s010.c b/api-tests/dev_apis/storage/test_s010/test_entry_s010.c
index 8cdd70b..92f21e5 100644
--- a/api-tests/dev_apis/storage/test_s010/test_entry_s010.c
+++ b/api-tests/dev_apis/storage/test_s010/test_entry_s010.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s010.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 10)
-#define TEST_DESC "UID value zero check\n"
+#define TEST_DESC "UID value zero check"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s011/test_entry_s011.c b/api-tests/dev_apis/storage/test_s011/test_entry_s011.c
index 082eea4..c7486a7 100644
--- a/api-tests/dev_apis/storage/test_s011/test_entry_s011.c
+++ b/api-tests/dev_apis/storage/test_s011/test_entry_s011.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s011.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 11)
-#define TEST_DESC "Optional APIs: UID not found check\n"
+#define TEST_DESC "Optional APIs: UID not found check"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s012/test_entry_s012.c b/api-tests/dev_apis/storage/test_s012/test_entry_s012.c
index 4bded12..2036949 100644
--- a/api-tests/dev_apis/storage/test_s012/test_entry_s012.c
+++ b/api-tests/dev_apis/storage/test_s012/test_entry_s012.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s012.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 12)
-#define TEST_DESC "Optional APIs: Invalid arguments and offset invalid\n"
+#define TEST_DESC "Optional APIs: Invalid arguments and offset invalid"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s013/test_entry_s013.c b/api-tests/dev_apis/storage/test_s013/test_entry_s013.c
index 0c3fa8f..075bb53 100644
--- a/api-tests/dev_apis/storage/test_s013/test_entry_s013.c
+++ b/api-tests/dev_apis/storage/test_s013/test_entry_s013.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s013.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 13)
-#define TEST_DESC "Set_Extended and Create api : Success\n"
+#define TEST_DESC "Set_Extended and Create api : Success"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s014/test_entry_s014.c b/api-tests/dev_apis/storage/test_s014/test_entry_s014.c
index 5b01131..664381d 100644
--- a/api-tests/dev_apis/storage/test_s014/test_entry_s014.c
+++ b/api-tests/dev_apis/storage/test_s014/test_entry_s014.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s014.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 14)
-#define TEST_DESC "Optional APIs not supported check\n"
+#define TEST_DESC "Optional APIs not supported check"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s015/test_entry_s015.c b/api-tests/dev_apis/storage/test_s015/test_entry_s015.c
index 567c981..9b5471e 100644
--- a/api-tests/dev_apis/storage/test_s015/test_entry_s015.c
+++ b/api-tests/dev_apis/storage/test_s015/test_entry_s015.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s015.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 15)
-#define TEST_DESC "Create API write_once flag value check\n"
+#define TEST_DESC "Create API write_once flag value check"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s016/test_entry_s016.c b/api-tests/dev_apis/storage/test_s016/test_entry_s016.c
index 3aef53d..3060ec5 100644
--- a/api-tests/dev_apis/storage/test_s016/test_entry_s016.c
+++ b/api-tests/dev_apis/storage/test_s016/test_entry_s016.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s016.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 16)
-#define TEST_DESC "Storage assest capacity modification check\n"
+#define TEST_DESC "Storage assest capacity modification check"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_s017/test_entry_s017.c b/api-tests/dev_apis/storage/test_s017/test_entry_s017.c
index 9f7ea64..516fe99 100644
--- a/api-tests/dev_apis/storage/test_s017/test_entry_s017.c
+++ b/api-tests/dev_apis/storage/test_s017/test_entry_s017.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_s017.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 17)
-#define TEST_DESC "Storage assest capacity modification check\n"
+#define TEST_DESC "Storage assest capacity modification check"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
@@ -35,6 +35,15 @@
/* test init */
val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+
+ #if defined(STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_STORAGE, 0);
+ #elif defined(INTERNAL_TRUSTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_ITS, 0);
+ #elif defined(PROTECTED_STORAGE)
+ val->print(PRINT_TEST, TEST_DESC_PS, 0);
+ #endif
+
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/dev_apis/storage/test_storage_common.h b/api-tests/dev_apis/storage/test_storage_common.h
index 7d1d4b1..9d0f5ce 100644
--- a/api-tests/dev_apis/storage/test_storage_common.h
+++ b/api-tests/dev_apis/storage/test_storage_common.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -24,6 +24,9 @@
#define STORAGE_FUNCTION val->storage_function
#define ITS_TEST_MESSAGE "\n[Info] Executing ITS tests\n"
#define PS_TEST_MESSAGE "\n[Info] Executing PS tests\n"
+#define TEST_DESC_STORAGE " | UT: STORAGE\n"
+#define TEST_DESC_ITS " | UT: ITS\n"
+#define TEST_DESC_PS " | UT: PS\n"
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/docs/Arm_PSA-M_Functional_API_Test_Suite_Validation_Methodology.pdf b/api-tests/docs/Arm_PSA-M_Functional_API_Test_Suite_Validation_Methodology.pdf
new file mode 100644
index 0000000..90f44d9
--- /dev/null
+++ b/api-tests/docs/Arm_PSA-M_Functional_API_Test_Suite_Validation_Methodology.pdf
Binary files differ
diff --git a/api-tests/docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf b/api-tests/docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf
deleted file mode 100644
index 123d593..0000000
--- a/api-tests/docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf
+++ /dev/null
Binary files differ
diff --git a/api-tests/docs/psa_crypto_testlist.md b/api-tests/docs/psa_crypto_testlist.md
index 67aa616..4a9b973 100644
--- a/api-tests/docs/psa_crypto_testlist.md
+++ b/api-tests/docs/psa_crypto_testlist.md
@@ -485,7 +485,7 @@
| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | |
| | | | | PSA_ERROR_INVALID_HANDLE | | Uninitialized key handle | |
| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer | |
-| Asymmetric Cryptography | test_c041 | psa_asymmetric_sign | Sign a hash or short message with a private key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 RAW | |
+| Asymmetric Cryptography | test_c041 | psa_sign_hash | Sign a hash or short message with a private key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 RAW | |
| | | | | | 2. Setup the attributes for the key | 2. RSA KEYPAIR PKCS1V15 SHA-256 | |
| | | | | | 3. Import the key data into the key slot | 3. ECDSA KEYPAIR SECP256R1 SHA-256 | |
| | | | | | 4. Sign a hash or short message with a private key | | |
@@ -500,7 +500,7 @@
| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot | |
| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | |
| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer | |
-| Asymmetric Cryptography | test_c042 | psa_asymmetric_verify | Verify the signature a hash or short message using a public key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 RAW | |
+| Asymmetric Cryptography | test_c042 | psa_verify_hash | Verify the signature a hash or short message using a public key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 RAW | |
| | | | | | 2. Setup the attributes for the key | 2. RSA KEYPAIR PKCS1V15 SHA-256 | |
| | | | | | 3. Import the key data into the key slot | 3. ECDSA KEYPAIR SECP256R1 SHA-256 | |
| | | | | | 4. Verify the signature a hash or short message using a public key | 4. RSA public key | |
diff --git a/api-tests/docs/sw_requirements.md b/api-tests/docs/sw_requirements.md
index 7c7f8f1..2809434 100644
--- a/api-tests/docs/sw_requirements.md
+++ b/api-tests/docs/sw_requirements.md
@@ -6,7 +6,7 @@
- Host Operating System : Ubuntu 16.04, Windows 10
- Scripting tools : Python 3.7.1
- Host Compiler toolchain : GCC 5.4.0 (Linux Host) or MinGW 6.3.0 (Windows Host)
-- Cross Compiler toolchain : GNU Arm Embedded Toolchain 7.3.1 or Arm Compiler 6.11
+- Cross Compiler toolchain : GNU Arm Embedded Toolchain 7.3.1 or Arm Compiler 6.14
- Build tools : CMake 3.15
**Note**: To compile the test suite code, at least one of the above supported compiler toolchains
@@ -45,4 +45,4 @@
--------------
-*Copyright (c) 2018-2020, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/docs/test_failure_analysis.md b/api-tests/docs/test_failure_analysis.md
index bb48229..81c10fc 100644
--- a/api-tests/docs/test_failure_analysis.md
+++ b/api-tests/docs/test_failure_analysis.md
@@ -2,8 +2,8 @@
# Test failure analysis document
This file contains list of failures identified when testing the release
-on tgt_dev_apis_tfm_an521, tgt_dev_apis_tfm_musca_a and tgt_dev_apis_tfm_musca_b1
-targets with TFM commit Hash - cea100b1e09fe53fd1ed6818b8129ef51daa0822.
+on tgt_dev_apis_tfm_an521 and tgt_dev_apis_tfm_musca_b1
+targets with TFM commit Hash - d0f6ceb0559af6ef08f4624eeac079cc07a1f077.
The reason for each failing test is listed here in this file.
## Known Failures
@@ -11,11 +11,16 @@
| Test | Fail description | Github issue |
|------|---------------------------------------------------------------------------------| ------------ |
|test_c021 | psa_key_derivation_output_key returns incorrect error code | https://github.com/ARMmbed/mbed-crypto/issues/175 |
+|test_c026 | psa_sign_message not supported | https://jira.arm.com/browse/IOTPSW-4100 |
+|test_c027 | psa_mac_update not supported | https://jira.arm.com/browse/IOTPSW-4100 |
+|test_c028 | PSA_KEY_USAGE_SIGN_MESSAGE not found | https://jira.arm.com/browse/IOTPSW-4100 |
+|test_c029 | PSA_KEY_USAGE_VERIFY_MESSAGE not supported | https://jira.arm.com/browse/IOTPSW-4100 |
+|test_c030 | PSA_KEY_USAGE_VERIFY_MESSAGE not supported | https://jira.arm.com/browse/IOTPSW-4100 |
|test_c046 | psa_mac_compute is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
|test_c047 | psa_mac_verify is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
|test_c048 | psa_cipher_encrypt is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
|test_c049 | psa_cipher_decrypt is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
-|test_c050 | Persistent key storage is unavailable in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/382 |
+|test_c051 | PSA_KEY_USAGE_VERIFY_MESSAGE not supported | https://jira.arm.com/browse/IOTPSW-4100 |
|test_c052 | psa_aead_encrypt_setup is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
|test_c053 | psa_aead_decrypt_setup is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
|test_c054 | psa_aead_generate_nonce is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
@@ -26,6 +31,8 @@
|test_c059 | psa_aead_finish is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
|test_c060 | psa_aead_abort is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
|test_c061 | psa_aead_verify is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c062 | psa_hash_suspend is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://jira.arm.com/browse/IOTPSW-4100 |
+|test_c063 | psa_hash_resume is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://jira.arm.com/browse/IOTPSW-4100 |
## License
@@ -33,4 +40,4 @@
--------------
-*Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/ff/README.md b/api-tests/ff/README.md
index 371a968..24a2813 100644
--- a/api-tests/ff/README.md
+++ b/api-tests/ff/README.md
@@ -23,13 +23,14 @@
For more information on architecture test suite specification, refer to the [Validation Methodology](../docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf) document.
## This release
- - Code Quality : REL v1.1
- - This release contains the PSA-FF tests that are written for the PSA FF 1.0 specification.
+ - Code Quality : REL v1.2
+ - This release contains the PSA-FF tests that are written for the PSA FF 1.1 Extensions specification.
## Release Tags
| Release version | Release tag | PSA FF specification version |
|-----------------|---------------|----------------|
+| REL v1.2 | [v21.07_API1.2_ADAC_ALPHA](https://github.com/ARM-software/psa-arch-tests/tree//api-tests/ff) | 1.1-Alpha0 |
| REL v1.1 | [v20.11_API1.1](https://github.com/ARM-software/psa-arch-tests/tree/v20.11_API1.1/api-tests/ff) | 1.0 |
| REL v1.0 | [v20.03_API1.0](https://github.com/ARM-software/psa-arch-tests/tree/v20.03_API1.0/api-tests/ff) | 1.0 |
| v0.9 | [v19.06_API0.9](https://github.com/ARM-software/psa-arch-tests/tree/v19.06_API0.9/api-tests/ff) | 1.0-Beta1 |
@@ -85,11 +86,23 @@
- -DWATCHDOG_AVAILABLE=<0|1>: Test harness may require to access watchdog timer to recover system hang. 0 means skip watchdog programming in the test suite and 1 means program the watchdog. Default is 1. Note, If the system under test doesn't support the reboot of the system when it encounters the panic situation, a watchdog must be available to the tests if INCLUDE_PANIC_TESTS set to 1.
- -DSUITE_TEST_RANGE="<test_start_number>;<test_end_number>" is to select range of tests for build. All tests under -DSUITE are considered by default if not specified.
- -DTFM_PROFILE=<profile_small/profile_medium> is to work with TFM defined Pofile Small/Medium definitions. Supported values are profile_small and profile_medium. Unless specified Default Profile is used.
+- -DSPEC_VERSION=<spec_version> is test suite specification version. Which will build for given specified spec_version. Supported values for FF test suite are 1.0 and 1.1 . Default is empty. <br/>
+ If -DSPEC_VERSION option is not given it will build for latest version of testsuite.
+ For spec version corresponds test list will be in testsuite.db file in api-tests/ff/ipc/ folder.
+ Note: For FF 1.1 make sure to do the manifests changes and use SPEC_VERSION=1.1 .
+- -DSTATELESS_ROT_TESTS=<stateless_rot> is the flag for enabling stateless rot service for FF suite. Supported values are 0 and 1. 0 for connection based services and 1 for stateless rot services.
+ Note: For using STATELESS ROT service must use -DSPEC_VERSION = 1.1 .
- -DPSA_INCLUDE_PATHS="<include_path1>;<include_path2>;...;<include_pathn>" is an additional directory to be included into the compiler search path. To compile IPC tests, the include path must point to the path where **psa/client.h**, **psa/service.h**, **psa/lifecycle.h** and test partition manifest output files(**psa_manifest/sid.h**, **psa_manifest/pid.h** and **psa_manifest/<manifestfilename>.h**) are located in your build system. Bydefault, PSA_INCLUDE_PATHS accepts absolute path. However, relative path can be provided using below format:<br />
```
-DPSA_INCLUDE_PATHS=`readlink -f <relative_include_path>`
```
+For using FF-1.1 do the following manifests changes in api-tests/platform/manifests files.
+ Change "psa_framework_version" attribute from 1.0 to 1.1 in all manifests files.
+ Add "model": "IPC" attribute in manifests files.
+ Add "connection_based" attribute in all services of manifest file. Give value true or false accroding to your requirement. True for connection based services and false for stateless rot services.
+ Replace signal to name in irq attribute of manifest file.
+
To compile IPC tests for **tgt_ff_tfm_an521** platform, execute the following commands:
```
cd api-tests
@@ -148,4 +161,4 @@
--------------
-*Copyright (c) 2018-2020, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/ff/ipc/stateless_rot_testsuite.db b/api-tests/ff/ipc/stateless_rot_testsuite.db
new file mode 100644
index 0000000..b549418
--- /dev/null
+++ b/api-tests/ff/ipc/stateless_rot_testsuite.db
@@ -0,0 +1,93 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of IPC suite
+
+(START)
+
+test_i001
+test_i003
+test_i013, panic_test
+test_i014, panic_test
+test_i015, panic_test
+test_i016, panic_test
+test_i021
+test_i022, panic_test
+test_i023, panic_test
+test_i024, panic_test
+test_i025, panic_test
+test_i026, panic_test
+test_i030, panic_test
+test_i031, panic_test
+test_i032, panic_test
+test_i033, panic_test
+test_i036, panic_test
+test_i037, panic_test
+test_i038, panic_test
+test_i039, panic_test
+test_i042, panic_test
+test_i043, panic_test
+test_i044, panic_test
+test_i045, panic_test
+test_i046, panic_test
+test_i047, panic_test
+test_i048, panic_test
+test_i049, panic_test
+test_i050, panic_test
+test_i051, panic_test
+test_i052, panic_test
+test_i053, panic_test
+test_i054, panic_test
+test_i055, panic_test
+test_i056, panic_test
+test_i057, panic_test
+test_i058
+test_i059, panic_test
+test_i060, panic_test
+test_i061, panic_test
+test_i062, panic_test
+test_i063
+test_i064, panic_test
+test_i065, panic_test
+test_i066, panic_test
+test_i067
+test_i068, panic_test
+test_i069, panic_test
+test_i070, panic_test
+test_i071
+test_i072, panic_test
+test_i073, panic_test
+test_i074, panic_test
+test_i075, panic_test
+test_i076, panic_test
+test_i077, panic_test
+test_i078, panic_test
+test_i079, panic_test
+test_i080, panic_test
+test_i081, panic_test
+test_i082, panic_test
+test_i083, panic_test
+test_i084, panic_test
+test_i085, panic_test
+test_i086, panic_test
+test_i087, panic_test
+test_l088
+test_i089, panic_test
+test_i090, panic_test
+
+(END)
diff --git a/api-tests/ff/ipc/test_i003/test_i003.c b/api-tests/ff/ipc/test_i003/test_i003.c
index 9a3e20c..1e53727 100644
--- a/api-tests/ff/ipc/test_i003/test_i003.c
+++ b/api-tests/ff/ipc/test_i003/test_i003.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -26,6 +26,261 @@
#include "test_i003.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i003_client_tests_list[] = {
+ NULL,
+ client_test_zero_length_invec,
+ client_test_zero_length_outvec,
+ client_test_call_read_and_skip,
+ client_test_call_and_write,
+ client_test_overlapping_vectors,
+ NULL,
+};
+
+int32_t client_test_zero_length_invec(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ int data[4] = {0x11, 0x22};
+
+ val->print(PRINT_TEST, "[Check 1] Test zero length invec\n", 0);
+
+ /* Invec 0 as zero length vector
+ * Invec 1 as NULL
+ * Invec 2 as valid msg pointer which is not zero length memory pointer
+ */
+ psa_invec data1[3] = { {&data[0], 0},
+ {NULL, 0},
+ {&data[1], sizeof(data[1])} };
+
+ /* Outvec 0 as valid msg pointer which is not zero length memory pointer
+ * Outvec 1 to 3 are NULL
+ */
+ psa_outvec resp[1] = { {&data[2], sizeof(data[2])} };
+
+ status = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, data1, 3, resp, 1);
+
+ if (status < 0)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ }
+ else if (data[2] != data[1])
+ {
+ val->print(PRINT_ERROR, "\tExpected data=%x\n", data[1]);
+ val->print(PRINT_ERROR, "\tBut actual data=%x\n", data[2]);
+ status = VAL_STATUS_WRITE_FAILED;
+ }
+ else if (resp[0].len != sizeof(data[1]))
+ {
+ val->print(PRINT_ERROR, "\tExpected size= %x\n", sizeof(data[1]));
+ val->print(PRINT_ERROR, "\tBut actual size=%x\n", resp[0].len);
+ status = VAL_STATUS_WRITE_FAILED;
+ }
+
+ if (VAL_ERROR(status))
+ {
+ val->print(PRINT_ERROR, "\tpsa_call failed. status=%x\n", status);
+ }
+
+ return status;
+}
+
+int32_t client_test_zero_length_outvec(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ int data[4] = {0x11};
+
+ val->print(PRINT_TEST, "[Check 2] Test zero length outvec\n", 0);
+
+ /* Test invec 1 to 3 are NULL
+ * Invec 1 should be ignored since in_len is 1
+ */
+ psa_invec data1[2] = { {&data[0], sizeof(data[0])},
+ {&data[1], sizeof(data[1])} };
+
+ /* Test outvec 0 as zero length
+ * Test outvec 1 as NULL
+ * Test outvec 2 as valid msg pointer which is not zero length memory pointer
+ */
+ psa_outvec resp[3] = { {&data[0], 0},
+ {NULL, 0},
+ {&data[2], sizeof(data[2])} };
+
+ status = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, data1, 1, resp, 3);
+
+
+ if (status < 0)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ }
+ /* Compare the outvec with expected data */
+ else if (data[2] != data[0])
+ {
+ val->print(PRINT_ERROR, "\tExpected data=%x\n", data[0]);
+ val->print(PRINT_ERROR, "\tBut actual data=%x\n", data[2]);
+ status = VAL_STATUS_WRITE_FAILED;
+ }
+ /* No. of bytes written by psa_write should update the psa_outvec.len param */
+ else if (resp[2].len != sizeof(data[2]))
+ {
+ val->print(PRINT_ERROR, "\tExpected size=%x\n", sizeof(data[2]));
+ val->print(PRINT_ERROR, "\tBut actual size=%x\n", resp[2].len);
+ status = VAL_STATUS_WRITE_FAILED;
+ }
+
+ if (VAL_ERROR(status))
+ {
+ val->print(PRINT_ERROR, "\tpsa_call failed. status=%x\n", status);
+ }
+
+ return status;
+}
+
+int32_t client_test_call_read_and_skip(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int data1[2] = {0xaa, 0xbb};
+ uint64_t data2 = 0x1122334455667788;
+ uint64_t data3 = 0x1020304050607080;
+
+
+ val->print(PRINT_TEST, "[Check 3] Test psa_call, psa_read and psa_skip\n", 0);
+
+ /* Server test func checks the following:
+ * All iovec as input, out_len=0, inbound read, inbound skip,
+ * outbound read, outbound skip
+ */
+ psa_invec data[4] = { {&data1[0], sizeof(data1[0])},
+ {&data1[1], sizeof(data1[1])},
+ {&data2, sizeof(data2)},
+ {&data3, sizeof(data3)} };
+
+ status = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, data, 4, NULL, 0);
+
+
+ if (status < 0)
+ {
+ val->print(PRINT_ERROR, "\tpsa_call failed. status=%x\n", status);
+ status = VAL_STATUS_CALL_FAILED;
+ }
+
+ return status;
+}
+
+int32_t client_test_call_and_write(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int data[4] = {0}, expected_data[4] = {0xaa, 0xbb, 0xcc, 0xeedd}, i;
+ size_t expected_size[] = {sizeof(expected_data[0]),
+ sizeof(expected_data[1]),
+ sizeof(expected_data[2]),
+ 2};
+
+
+ val->print(PRINT_TEST, "[Check 4] Test psa_call and psa_write\n", 0);
+
+ /* Check all iovec as output */
+ /* Check for in_len=0 */
+ /* check for iovec write using psa_write */
+ /* check for write concatenation */
+ psa_outvec resp[4] = { {&data[0], sizeof(data[0])},
+ {&data[1], sizeof(data[1])},
+ {&data[2], sizeof(data[2])},
+ {&data[3], sizeof(data[3])} };
+
+ status = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, resp, 4);
+
+ if (status < 0)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ }
+
+ for (i = 0; i < 4 ; i++)
+ {
+ if (data[i] != expected_data[i])
+ {
+ val->print(PRINT_ERROR, "\tIteration= %x\n", i);
+ val->print(PRINT_ERROR, "\tExpected data=%x\n", expected_data[i]);
+ val->print(PRINT_ERROR, "\tBut actual data=%x\n", data[i]);
+ status = VAL_STATUS_WRITE_FAILED;
+ }
+ /* No. of bytes written by psa_write should update the psa_outvec.len param */
+ else if (resp[i].len != expected_size[i])
+ {
+ val->print(PRINT_ERROR, "\tIteration= %x\n", i);
+ val->print(PRINT_ERROR, "\tExpected size=%x\n", expected_size[i]);
+ val->print(PRINT_ERROR, "\tBut actual size=%x\n", resp[i].len);
+ status = VAL_STATUS_WRITE_FAILED;
+ }
+ }
+
+ if (VAL_ERROR(status))
+ {
+ val->print(PRINT_ERROR, "\tpsa_call failed. status=%x\n", status);
+ }
+
+ return status;
+}
+
+int32_t client_test_overlapping_vectors(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ uint8_t data = 0x11, expected_data[] = {0x22, 0x33};
+
+ val->print(PRINT_TEST, "[Check 6] Test overlapping vectors\n", 0);
+
+#if STATELESS_ROT != 1
+ psa_handle_t handle = 0;
+ if (val->ipc_connect(SERVER_UNSPECIFED_VERSION_SID,
+ SERVER_UNSPECIFED_VERSION_VERSION,
+ &handle))
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+#endif
+
+ /* Rule- When client provides an input and output vectors which are referencing
+ * to same memory location, psa_read after psa_write to that memory location
+ * can return original or modified value.
+ *
+ * Rule- When client provides an input and output vectors which are referencing to same
+ * memory location, a psa_write(s) to both memory vectors can return either the 1st
+ * or the 2nd value written.
+ *
+ * Input [0] and output [0,1] vectors have been used to verify these rule.
+ * All of these vectors are pointing to same memory location.
+ */
+
+ psa_invec invec[1] = { {&data, sizeof(data)} } ;
+ psa_outvec outvec[2] = { {&data, sizeof(data)},
+ {&data, sizeof(data)} };
+
+ status = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, invec, 1, outvec, 2);
+
+ if (status < 0)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ }
+ /* data should contain either value written by 1st psa_write or 2nd */
+ else if ((data != expected_data[0]) && (data != expected_data[1]))
+ {
+ val->print(PRINT_ERROR, "\tInvalid data received=%x\n", data);
+ status = VAL_STATUS_CALL_FAILED;
+ }
+
+ if (VAL_ERROR(status))
+ {
+ val->print(PRINT_ERROR, "\tpsa_call failed. status=%x\n", status);
+ }
+
+ return status;
+}
+
+#else
+
const client_test_t test_i003_client_tests_list[] = {
NULL,
client_test_zero_length_invec,
@@ -88,8 +343,8 @@
{
val->print(PRINT_ERROR, "\tpsa_call failed. status=%x\n", status);
}
-
val->ipc_close(handle);
+
return status;
}
@@ -123,6 +378,7 @@
{&data[2], sizeof(data[2])}};
status = psa->call(handle, PSA_IPC_CALL, data1, 1, resp, 3);
+
if (status < 0)
{
status = VAL_STATUS_CALL_FAILED;
@@ -148,6 +404,7 @@
}
val->ipc_close(handle);
+
return status;
}
@@ -178,6 +435,7 @@
{&data3, sizeof(data3)}};
status = psa->call(handle, PSA_IPC_CALL, data, 4, NULL, 0);
+
if (status < 0)
{
val->print(PRINT_ERROR, "\tpsa_call failed. status=%x\n",status);
@@ -185,6 +443,7 @@
}
val->ipc_close(handle);
+
return status;
}
@@ -217,6 +476,7 @@
{&data[3], sizeof(data[3])}};
status = psa->call(handle, PSA_IPC_CALL, NULL, 0, resp, 4);
+
if (status < 0)
{
status = VAL_STATUS_CALL_FAILED;
@@ -247,6 +507,7 @@
}
val->ipc_close(handle);
+
return status;
}
@@ -289,11 +550,12 @@
int32_t client_test_overlapping_vectors(caller_security_t caller __UNUSED)
{
int32_t status = VAL_STATUS_SUCCESS;
- psa_handle_t handle = 0;
+
uint8_t data = 0x11, expected_data[] = {0x22, 0x33};
val->print(PRINT_TEST, "[Check 6] Test overlapping vectors\n", 0);
+ psa_handle_t handle = 0;
if (val->ipc_connect(SERVER_UNSPECIFED_VERSION_SID,
SERVER_UNSPECIFED_VERSION_VERSION,
&handle))
@@ -336,5 +598,8 @@
}
val->ipc_close(handle);
+
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i003/test_supp_i003.c b/api-tests/ff/ipc/test_i003/test_supp_i003.c
index cd27deb..dfe1a64 100644
--- a/api-tests/ff/ipc/test_i003/test_supp_i003.c
+++ b/api-tests/ff/ipc/test_i003/test_supp_i003.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,10 +23,375 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_call_read_and_skip(void);
+int32_t server_test_call_and_write(void);
+int32_t server_test_zero_length_invec(void);
+int32_t server_test_zero_length_outvec(void);
+int32_t server_test_overlapping_vectors(void);
+
+const server_test_t test_i003_server_tests_list[] = {
+ NULL,
+ server_test_zero_length_invec,
+ server_test_zero_length_outvec,
+ server_test_call_read_and_skip,
+ server_test_call_and_write,
+ server_test_overlapping_vectors,
+ NULL,
+};
+
+static void exit_graceful(psa_handle_t msg_handle, int status_code,
+ int print_next_args, int expected_data, int actual_data)
+{
+ if (print_next_args != 0)
+ {
+ val->print(PRINT_ERROR, "\tExpected data=%x\n", expected_data);
+ val->print(PRINT_ERROR, "\tActual data=%x\n", actual_data);
+ }
+ /* Negative status_code represents check failure and each check has
+ * uniq status_code to identify failing point
+ */
+ psa->reply(msg_handle, status_code);
+}
+
+int32_t server_test_zero_length_invec(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ int data[5] = {0}, actual_data = 0x22;
+
+ if (val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
+ {
+ exit_graceful(msg.handle, -2, 0, 0, 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ if (((msg.in_size[0] != 0)) ||
+ ((msg.in_size[1] != 0)) ||
+ ((msg.in_size[2] != sizeof(int))) ||
+ ((msg.in_size[3] != 0)))
+ {
+ exit_graceful(msg.handle, -3, 0, 0, 0);
+ return VAL_STATUS_MSG_INSIZE_FAILED;
+ }
+
+ if ((msg.in_size[2] <= sizeof(data[2])) &&
+ (psa->read(msg.handle, 2, &data[2], msg.in_size[2]) != msg.in_size[2]))
+ {
+ exit_graceful(msg.handle, -4, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ if (actual_data != data[2])
+ {
+ exit_graceful(msg.handle, -5, 1, data[2], actual_data);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ if (((msg.out_size[0] != sizeof(int))) ||
+ ((msg.out_size[1] != 0)) ||
+ ((msg.out_size[2] != 0)) ||
+ ((msg.out_size[3] != 0)))
+ {
+ exit_graceful(msg.handle, -6, 0, 0, 0);
+ return VAL_STATUS_MSG_OUTSIZE_FAILED;
+ }
+
+ psa->write(msg.handle, 0, &data[2], msg.out_size[0]);
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+ return status;
+}
+
+int32_t server_test_zero_length_outvec(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ int data[5] = {0}, actual_data = 0x11;
+
+ if (val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
+ {
+ exit_graceful(msg.handle, -2, 0, 0, 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ if (((msg.in_size[0] != sizeof(int))) ||
+ ((msg.in_size[1] != 0)) ||
+ ((msg.in_size[2] != 0)) ||
+ ((msg.in_size[3] != 0)))
+ {
+ exit_graceful(msg.handle, -3, 0, 0, 0);
+ return VAL_STATUS_MSG_INSIZE_FAILED;
+ }
+
+ if ((msg.in_size[0] <= sizeof(data[0])) &&
+ (psa->read(msg.handle, 0, &data[0], msg.in_size[0]) != msg.in_size[0]))
+ {
+ exit_graceful(msg.handle, -4, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ if (actual_data != data[0])
+ {
+ exit_graceful(msg.handle, -5, 1, data[2], actual_data);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ if (((msg.out_size[0] != 0)) ||
+ ((msg.out_size[1] != 0)) ||
+ ((msg.out_size[2] != sizeof(int))) ||
+ ((msg.out_size[3] != 0)))
+ {
+ exit_graceful(msg.handle, -6, 0, 0, 0);
+ return VAL_STATUS_MSG_OUTSIZE_FAILED;
+ }
+ psa->write(msg.handle, 2, &data[0], msg.out_size[2]);
+
+ /* Dummy write with zero byte. This should not overwrite previously written data */
+ psa->write(msg.handle, 2, &data[0], msg.out_size[0]);
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+ return status;
+}
+
+int32_t server_test_call_read_and_skip(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int expected_data1[2] = {0xaa, 0xbb};
+ int expected_data2[4] = {0x7788, 0x2233, 0x2211, 0x50607080},
+ actual_data[4] = {0}, i;
+ psa_msg_t msg = {0};
+
+ if (val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
+ {
+ exit_graceful(msg.handle, -2, 0, 0, 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ /* msg.in_size should match with the size of psa_invec given to psa_call*/
+ if (((msg.in_size[0] != sizeof(int))) ||
+ ((msg.in_size[1] != sizeof(int))) ||
+ ((msg.in_size[2] != sizeof(uint64_t))) ||
+ ((msg.in_size[3] != sizeof(uint64_t))))
+ {
+ exit_graceful(msg.handle, -3, 0, 0, 0);
+ return VAL_STATUS_MSG_INSIZE_FAILED;
+ }
+
+ /* Full size read for invec 0 and invec 1 */
+ for (i = 0; i < 2 ; i++)
+ {
+ if ((msg.in_size[i] <= sizeof(actual_data[i])) &&
+ (psa->read(msg.handle, i, &actual_data[i], msg.in_size[i]) != msg.in_size[i]))
+ {
+ exit_graceful(msg.handle, -4, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+ if (actual_data[i] != expected_data1[i])
+ {
+ exit_graceful(msg.handle, -5, 1, expected_data1[i], actual_data[i]);
+ return VAL_STATUS_READ_FAILED;
+ }
+ }
+
+ /* Inbound read of 2 bytes from invec 2 */
+ if (psa->read(msg.handle, 2, &actual_data[0], 2) != 2)
+ {
+ exit_graceful(msg.handle, -6, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+ if (actual_data[0] != expected_data2[0])
+ {
+ exit_graceful(msg.handle, -7, 1, expected_data2[0], actual_data[0]);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ /* Inbound read of 3 bytes from invec 2 */
+ if (psa->skip(msg.handle, 2, 3) != 3)
+ {
+ exit_graceful(msg.handle, -8, 0, 0, 0);
+ return VAL_STATUS_SKIP_FAILED;
+ }
+
+ /* Check previous psa_skip has actually skipped 3 bytes */
+ if (psa->read(msg.handle, 2, &actual_data[0], 2) != 2)
+ {
+ exit_graceful(msg.handle, -9, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ if (actual_data[0] != expected_data2[1])
+ {
+ exit_graceful(msg.handle, -10, 1, expected_data2[1], actual_data[0]);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ /* Outbound read of 3 bytes from invec 2
+ * Only one byte should be updated in buffer. Remaining space should be untouched
+ */
+ if (psa->read(msg.handle, 2, &actual_data[0], 3) != 1)
+ {
+ exit_graceful(msg.handle, -11, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ if (actual_data[0] != expected_data2[2])
+ {
+ exit_graceful(msg.handle, -12, 1, expected_data2[2], actual_data[0]);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ actual_data[0] = 0xaa;
+
+ /* After outbound read, subsequent read or skip to invec 2 should return 0
+ * and memory buffer shouldn't be updated
+ */
+ if ((psa->read(msg.handle, 2, &actual_data[0], 3) != 0) ||
+ (psa->skip(msg.handle, 2, 3) != 0) || (actual_data[0] != 0xaa))
+ {
+ exit_graceful(msg.handle, -13, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ /* Read of zero bytes should not read anything */
+ if ((psa->read(msg.handle, 3, &actual_data[0], 0) != 0) || (actual_data[0] != 0xaa))
+ {
+ exit_graceful(msg.handle, -14, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ /* Skip of zero bytes should not skip anything */
+ if (psa->skip(msg.handle, 3, 0) != 0)
+ {
+ exit_graceful(msg.handle, -15, 0, 0, 0);
+ return VAL_STATUS_SKIP_FAILED;
+ }
+
+ /* Check effect of previous zero byte read and skip */
+ psa->read(msg.handle, 3, &actual_data[0], 4);
+ if (actual_data[0] != expected_data2[3])
+ {
+ exit_graceful(msg.handle, -16, 1, expected_data2[3], actual_data[0]);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ /* Outbound skip to invec 3 */
+ if (psa->skip(msg.handle, 3, 5) != 4)
+ {
+ exit_graceful(msg.handle, -17, 0, 0, 0);
+ return VAL_STATUS_SKIP_FAILED;
+ }
+ if (psa->skip(msg.handle, 3, 5) != 0)
+ {
+ exit_graceful(msg.handle, -18, 0, 0, 0);
+ return VAL_STATUS_SKIP_FAILED;
+ }
+
+ /* Since out_len is 0, msg.out_size should be 0 */
+ if ((msg.out_size[0] != 0) ||
+ (msg.out_size[1] != 0) ||
+ (msg.out_size[2] != 0) ||
+ (msg.out_size[3] != 0))
+ {
+ exit_graceful(msg.handle, -14, 0, 0, 0);
+ return VAL_STATUS_MSG_OUTSIZE_FAILED;
+ }
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+ return status;
+}
+
+int32_t server_test_call_and_write(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int data[5] = {0xaa, 0xbb, 0xcc, 0xdd, 0xee}, i;
+ psa_msg_t msg = {0};
+
+ if (val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
+ {
+ exit_graceful(msg.handle, -2, 0, 0, 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ /* msg.out_size should match with size of psa_outvec given to psa_call */
+ if (((msg.out_size[0] != sizeof(int))) ||
+ ((msg.out_size[1] != sizeof(int))) ||
+ ((msg.out_size[2] != sizeof(int))) ||
+ ((msg.out_size[3] != sizeof(int))))
+ {
+ exit_graceful(msg.handle, -3, 0, 0, 0);
+ return VAL_STATUS_MSG_OUTSIZE_FAILED;
+ }
+
+ /* Since in_len=0, all msg.in_size should be 0 */
+ if ((msg.in_size[0] != 0) ||
+ (msg.in_size[1] != 0) ||
+ (msg.in_size[2] != 0) ||
+ (msg.in_size[3] != 0))
+
+ {
+ exit_graceful(msg.handle, -4, 0, 0, 0);
+ return VAL_STATUS_MSG_INSIZE_FAILED;
+ }
+
+ for (i = 0; i < 3 ; i++)
+ {
+ psa->write(msg.handle, i, &data[i], msg.out_size[i]);
+ }
+
+ /* Zero byte write shouldn't have any effect */
+ psa->write(msg.handle, 3, &data[3], 0);
+
+ /*Using invec 3 to test write concatenation behaviour */
+ psa->write(msg.handle, 3, &data[3], 1);
+ psa->write(msg.handle, 3, &data[4], 1);
+
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+ return status;
+}
+
+int32_t server_test_overlapping_vectors(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t wr_data[] = {0x22, 0x33},
+ rd_data[] = {0x0, 0x0},
+ expected_data[] = {0x11, 0x22};
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(208), status))
+ {
+ exit_graceful(msg.handle, -1, 0, 0, 0);
+ return status;
+ }
+
+ /* Performing read after write to overlapping vector. */
+ psa->write(msg.handle, 0, &wr_data[0], 1);
+ psa->read(msg.handle, 0, &rd_data[0], 1);
+
+ /* rd_data[0] should either be original value or modified value */
+ if ((rd_data[0] != expected_data[0]) && (rd_data[0] != expected_data[1]))
+ {
+ val->print(PRINT_ERROR, "\tReceived invalid data=%x\n", rd_data[0]);
+ exit_graceful(msg.handle, -2, 0, 0, 0);
+ return status;
+ }
+
+ /* Performing write after write to overlapping vector. */
+ psa->write(msg.handle, 1, &wr_data[1], 1);
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+ return status;
+}
+
+#else
+
int32_t server_test_psa_set_rhandle(void);
int32_t server_test_call_read_and_skip(void);
int32_t server_test_call_and_write(void);
-int32_t server_test_zero_length_invec();
+int32_t server_test_zero_length_invec(void);
int32_t server_test_zero_length_outvec(void);
int32_t server_test_overlapping_vectors(void);
@@ -118,6 +483,7 @@
status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
+
return status;
}
@@ -178,6 +544,7 @@
status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
+
return status;
}
@@ -334,6 +701,7 @@
status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
+
return status;
}
@@ -393,6 +761,7 @@
status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
+
return status;
}
@@ -524,5 +893,8 @@
status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
val->err_check_set(TEST_CHECKPOINT_NUM(209), status);
psa->reply(msg.handle, PSA_SUCCESS);
+
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i013/test_i013.c b/api-tests/ff/ipc/test_i013/test_i013.c
index 5bf872d..84925f9 100644
--- a/api-tests/ff/ipc/test_i013/test_i013.c
+++ b/api-tests/ff/ipc/test_i013/test_i013.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,36 @@
#include "test_i013.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i013_client_tests_list[] = {
+ NULL,
+ client_test_psa_get_with_more_than_one_signal,
+ NULL,
+};
+
+int32_t client_test_psa_get_with_more_than_one_signal(caller_security_t caller __UNUSED)
+{
+
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST, "[Check 1] Test psa_get with multiple signals\n", 0);
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+
+}
+
+#else
+
const client_test_t test_i013_client_tests_list[] = {
NULL,
client_test_psa_get_with_more_than_one_signal,
@@ -44,4 +74,7 @@
(void)(handle);
return VAL_STATUS_SPM_FAILED;
+
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i013/test_supp_i013.c b/api-tests/ff/ipc/test_i013/test_supp_i013.c
index 024d964..256d309 100644
--- a/api-tests/ff/ipc/test_i013/test_supp_i013.c
+++ b/api-tests/ff/ipc/test_i013/test_supp_i013.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,77 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_get_with_more_than_one_signal(void);
+
+const server_test_t test_i013_server_tests_list[] = {
+ NULL,
+ server_test_psa_get_with_more_than_one_signal,
+ NULL,
+};
+
+int32_t server_test_psa_get_with_more_than_one_signal(void)
+{
+ psa_msg_t msg = {0};
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_VERSION_SIGNAL)
+ {
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ /* Unblock client */
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
+ {
+ val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ }
+ psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* multiple signals check */
+ psa->get((SERVER_UNSPECIFED_VERSION_SIGNAL | SERVER_RELAX_VERSION_SIGNAL), &msg);
+
+ /* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
+
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(203), VAL_STATUS_SPM_FAILED);
+ return VAL_STATUS_SPM_FAILED;
+}
+
+#else
+
int32_t server_test_psa_get_with_more_than_one_signal(void);
const server_test_t test_i013_server_tests_list[] = {
@@ -81,9 +152,13 @@
{
val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
}
+
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
+
}
val->err_check_set(TEST_CHECKPOINT_NUM(203), VAL_STATUS_SPM_FAILED);
return VAL_STATUS_SPM_FAILED;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i014/test_i014.c b/api-tests/ff/ipc/test_i014/test_i014.c
index e01baa2..22ac59d 100644
--- a/api-tests/ff/ipc/test_i014/test_i014.c
+++ b/api-tests/ff/ipc/test_i014/test_i014.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,8 @@
#include "test_i014.h"
+#if STATELESS_ROT == 1
+
const client_test_t test_i014_client_tests_list[] = {
NULL,
client_test_psa_get_called_twice,
@@ -33,7 +35,34 @@
int32_t client_test_psa_get_called_twice(caller_security_t caller __UNUSED)
{
- psa_handle_t handle = 0;
+
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST, "[Check 1] Test psa_get called twice\n", 0);
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
+const client_test_t test_i014_client_tests_list[] = {
+ NULL,
+ client_test_psa_get_called_twice,
+ NULL,
+};
+
+int32_t client_test_psa_get_called_twice(caller_security_t caller __UNUSED)
+{
+ psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_get called twice\n", 0);
@@ -45,3 +74,5 @@
(void)(handle);
return VAL_STATUS_SPM_FAILED;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i015/test_i015.c b/api-tests/ff/ipc/test_i015/test_i015.c
index edfc414..14b4f52 100644
--- a/api-tests/ff/ipc/test_i015/test_i015.c
+++ b/api-tests/ff/ipc/test_i015/test_i015.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,8 @@
#include "test_i015.h"
+#if STATELESS_ROT == 1
+
const client_test_t test_i015_client_tests_list[] = {
NULL,
client_test_psa_get_with_non_rot_signal,
@@ -33,6 +35,34 @@
int32_t client_test_psa_get_with_non_rot_signal(caller_security_t caller __UNUSED)
{
+
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST, "[Check 1] Test psa_get with non-RoT signal\n", 0);
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
+const client_test_t test_i015_client_tests_list[] = {
+ NULL,
+ client_test_psa_get_with_non_rot_signal,
+ NULL,
+};
+
+int32_t client_test_psa_get_with_non_rot_signal(caller_security_t caller __UNUSED)
+{
+
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_get with non-RoT signal\n", 0);
@@ -45,3 +75,5 @@
(void)(handle);
return VAL_STATUS_SPM_FAILED;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i016/test_i016.c b/api-tests/ff/ipc/test_i016/test_i016.c
index 943d6e3..6757692 100644
--- a/api-tests/ff/ipc/test_i016/test_i016.c
+++ b/api-tests/ff/ipc/test_i016/test_i016.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,35 @@
#include "test_i016.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i016_client_tests_list[] = {
+ NULL,
+ client_test_psa_get_with_unasserted_signal,
+ NULL,
+};
+
+int32_t client_test_psa_get_with_unasserted_signal(caller_security_t caller __UNUSED)
+{
+
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST, "[Check 1] Test psa_get with unasserted signal\n", 0);
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
const client_test_t test_i016_client_tests_list[] = {
NULL,
client_test_psa_get_with_unasserted_signal,
@@ -45,3 +74,5 @@
(void)(handle);
return VAL_STATUS_SPM_FAILED;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i021/test_i021.c b/api-tests/ff/ipc/test_i021/test_i021.c
index 2638b76..26e6502 100644
--- a/api-tests/ff/ipc/test_i021/test_i021.c
+++ b/api-tests/ff/ipc/test_i021/test_i021.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,41 @@
#include "test_i021.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i021_client_tests_list[] = {
+ NULL,
+ client_test_irq_routing,
+ NULL,
+};
+
+int32_t client_test_irq_routing(caller_security_t caller __UNUSED)
+{
+
+ driver_test_fn_id_t driver_test_fn_id = TEST_INTR_SERVICE;
+
+ /*
+ * The interrupt related test check is captured in driver_partition.c as this is the
+ * only partition in test suite that holds the interrupt source. The interrupt test check
+ * is invoked by client by calling to DRIVER_TEST_SID RoT service of driver partition that
+ * hold the test check.
+ */
+
+ val->print(PRINT_TEST, "[Check 1] Test irq routing\n", 0);
+
+ /* Execute driver function related to TEST_INTR_SERVICE */
+ psa_invec invec = {&driver_test_fn_id, sizeof(driver_test_fn_id)};
+
+ if (psa->call(DRIVER_TEST_HANDLE, PSA_IPC_CALL, &invec, 1, NULL, 0) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_SPM_FAILED;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const client_test_t test_i021_client_tests_list[] = {
NULL,
client_test_irq_routing,
@@ -65,3 +100,5 @@
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i022/test_i022.c b/api-tests/ff/ipc/test_i022/test_i022.c
index 5778436..4fb0b90 100644
--- a/api-tests/ff/ipc/test_i022/test_i022.c
+++ b/api-tests/ff/ipc/test_i022/test_i022.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,23 @@
#include "test_i022.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i022_client_tests_list[] = {
+ NULL,
+ client_test_psa_reply_with_invalid_handle,
+ NULL,
+};
+
+int32_t client_test_psa_reply_with_invalid_handle(caller_security_t caller __UNUSED)
+{
+ val->print(PRINT_TEST, "[Check 1] Testing psa_reply with invalid handle\n", 0);
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+#else
+
const client_test_t test_i022_client_tests_list[] = {
NULL,
client_test_psa_reply_with_invalid_handle,
@@ -45,3 +62,5 @@
(void)(handle);
return VAL_STATUS_SPM_FAILED;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i022/test_supp_i022.c b/api-tests/ff/ipc/test_i022/test_supp_i022.c
index ce4b7ab..ad22896 100644
--- a/api-tests/ff/ipc/test_i022/test_supp_i022.c
+++ b/api-tests/ff/ipc/test_i022/test_supp_i022.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,8 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
int32_t server_test_psa_reply_with_invalid_handle(void);
const server_test_t test_i022_server_tests_list[] = {
@@ -33,7 +35,73 @@
int32_t server_test_psa_reply_with_invalid_handle(void)
{
- psa_msg_t msg = {0};
+ psa_msg_t msg = {0};
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Call psa_reply with INVALID_HANLDE. Call should panic */
+ psa->reply(INVALID_HANDLE, PSA_ERROR_CONNECTION_REFUSED);
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_reply with invalid handle should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ status = val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return status;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
+int32_t server_test_psa_reply_with_invalid_handle(void);
+
+const server_test_t test_i022_server_tests_list[] = {
+ NULL,
+ server_test_psa_reply_with_invalid_handle,
+ NULL,
+};
+
+int32_t server_test_psa_reply_with_invalid_handle(void)
+{
+ psa_msg_t msg = {0};
int32_t status = VAL_STATUS_SUCCESS;
/*
@@ -93,3 +161,5 @@
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i023/test_i023.c b/api-tests/ff/ipc/test_i023/test_i023.c
index 76bdf99..db509f3 100644
--- a/api-tests/ff/ipc/test_i023/test_i023.c
+++ b/api-tests/ff/ipc/test_i023/test_i023.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,23 @@
#include "test_i023.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i023_client_tests_list[] = {
+ NULL,
+ client_test_psa_reply_with_null_handle,
+ NULL,
+};
+
+int32_t client_test_psa_reply_with_null_handle(caller_security_t caller __UNUSED)
+{
+ val->print(PRINT_TEST, "[Check 1] Testing psa_reply with invalid handle\n", 0);
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+#else
+
const client_test_t test_i023_client_tests_list[] = {
NULL,
client_test_psa_reply_with_null_handle,
@@ -45,3 +62,5 @@
(void)(handle);
return VAL_STATUS_SPM_FAILED;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i023/test_supp_i023.c b/api-tests/ff/ipc/test_i023/test_supp_i023.c
index 02cebf9..fe0189c 100644
--- a/api-tests/ff/ipc/test_i023/test_supp_i023.c
+++ b/api-tests/ff/ipc/test_i023/test_supp_i023.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,8 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
int32_t server_test_psa_reply_with_null_handle(void);
const server_test_t test_i023_server_tests_list[] = {
@@ -33,7 +35,77 @@
int32_t server_test_psa_reply_with_null_handle(void)
{
- psa_msg_t msg = {0};
+
+ psa_msg_t msg = {0};
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Test check - Call psa_reply with PSA_NULL_HANDLE. Call should panic */
+ psa->reply(PSA_NULL_HANDLE, PSA_ERROR_CONNECTION_REFUSED);
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_reply with NULL handle should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ status = val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return status;
+ }
+
+ psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
+
+ status = VAL_STATUS_SPM_FAILED;
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
+int32_t server_test_psa_reply_with_null_handle(void);
+
+const server_test_t test_i023_server_tests_list[] = {
+ NULL,
+ server_test_psa_reply_with_null_handle,
+ NULL,
+};
+
+int32_t server_test_psa_reply_with_null_handle(void)
+{
+
+ psa_msg_t msg = {0};
int32_t status = VAL_STATUS_SUCCESS;
/*
@@ -95,3 +167,5 @@
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i026/test_i026.c b/api-tests/ff/ipc/test_i026/test_i026.c
index a1cb20a..7ab4fbe 100644
--- a/api-tests/ff/ipc/test_i026/test_i026.c
+++ b/api-tests/ff/ipc/test_i026/test_i026.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,89 @@
#include "test_i026.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i026_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_iovec_more_than_max_limit,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_iovec_more_than_max_limit(caller_security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint8_t data = 0x11;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+ psa_invec invec[PSA_MAX_IOVEC] = {{&data, sizeof(data)},
+ {&data, sizeof(data)},
+ {&data, sizeof(data)},
+ {&data, sizeof(data)}
+ };
+ psa_outvec outvec[1] = {{&data, sizeof(data)}};
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_call with IOVEC > PSA_MAX_IOVEC\n", 0);
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Test check- psa_call with IOVEC > PSA_MAX_IOVEC */
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, invec,
+ PSA_MAX_IOVEC, outvec, 1);
+ /*
+ * If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
+ * a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
+ * For SPE caller, it must panic.
+ */
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ {
+ return VAL_STATUS_SUCCESS;
+ }
+
+ /* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ return status;
+}
+
+#else
+
const client_test_t test_i026_client_tests_list[] = {
NULL,
client_test_psa_call_with_iovec_more_than_max_limit,
@@ -43,7 +126,7 @@
{&data, sizeof(data)},
{&data, sizeof(data)}
};
- psa_outvec outvec[1] = {{&data, sizeof(data)}};
+ psa_outvec outvec[1] = { {&data, sizeof(data)} };
val->print(PRINT_TEST,
"[Check 1] Test psa_call with IOVEC > PSA_MAX_IOVEC\n", 0);
@@ -113,3 +196,5 @@
psa->close(handle);
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i026/test_supp_i026.c b/api-tests/ff/ipc/test_i026/test_supp_i026.c
index 142b910..a9d4982 100644
--- a/api-tests/ff/ipc/test_i026/test_supp_i026.c
+++ b/api-tests/ff/ipc/test_i026/test_supp_i026.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,7 +23,9 @@
extern val_api_t *val;
extern psa_api_t *psa;
-int32_t server_test_psa_call_with_iovec_more_than_max_limit();
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_call_with_iovec_more_than_max_limit(void);
const server_test_t test_i026_server_tests_list[] = {
NULL,
@@ -31,7 +33,39 @@
NULL,
};
-int32_t server_test_psa_call_with_iovec_more_than_max_limit()
+int32_t server_test_psa_call_with_iovec_more_than_max_limit(void)
+{
+ psa_msg_t msg = {0};
+ psa_signal_t signals;
+
+wait:
+ signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
+ {
+ goto wait;
+ }
+
+ if (msg.type == PSA_IPC_CALL)
+ {
+ /* Control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa->reply(msg.handle, -2);
+ }
+
+ return VAL_STATUS_ERROR;
+}
+
+#else
+
+int32_t server_test_psa_call_with_iovec_more_than_max_limit(void);
+
+const server_test_t test_i026_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_iovec_more_than_max_limit,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_iovec_more_than_max_limit(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
@@ -77,3 +111,5 @@
return VAL_STATUS_ERROR;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i030/test_i030.c b/api-tests/ff/ipc/test_i030/test_i030.c
index 7f4d15b..e4861d3 100644
--- a/api-tests/ff/ipc/test_i030/test_i030.c
+++ b/api-tests/ff/ipc/test_i030/test_i030.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,35 @@
#include "test_i030.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i030_client_tests_list[] = {
+ NULL,
+ client_test_psa_read_with_null_handle,
+ NULL,
+};
+
+int32_t client_test_psa_read_with_null_handle(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_read with NULL handle\n", 0);
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
const client_test_t test_i030_client_tests_list[] = {
NULL,
client_test_psa_read_with_null_handle,
@@ -58,3 +87,5 @@
(void)(status_of_call);
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i030/test_supp_i030.c b/api-tests/ff/ipc/test_i030/test_supp_i030.c
index 5a74021..85e2914 100644
--- a/api-tests/ff/ipc/test_i030/test_supp_i030.c
+++ b/api-tests/ff/ipc/test_i030/test_supp_i030.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,84 @@
#define NUM_OF_BYTES 4
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_read_with_null_handle(void);
+
+const server_test_t test_i030_server_tests_list[] = {
+ NULL,
+ server_test_psa_read_with_null_handle,
+ NULL,
+};
+
+int32_t server_test_psa_read_with_null_handle(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_read with PSA_NULL_HANDLE, call should panic */
+ psa->read(PSA_NULL_HANDLE, 0, (void *)data, 0);
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_read with NULL handle should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->reply(msg.handle, -4);
+ }
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
int32_t server_test_psa_read_with_null_handle(void);
const server_test_t test_i030_server_tests_list[] = {
@@ -108,5 +186,8 @@
status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
+
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i031/test_i031.c b/api-tests/ff/ipc/test_i031/test_i031.c
index 6cfe2e2..a3a1c5b 100644
--- a/api-tests/ff/ipc/test_i031/test_i031.c
+++ b/api-tests/ff/ipc/test_i031/test_i031.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,35 @@
#include "test_i031.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i031_client_tests_list[] = {
+ NULL,
+ client_test_psa_read_with_invalid_handle,
+ NULL,
+};
+
+int32_t client_test_psa_read_with_invalid_handle(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_read with invalid handle\n", 0);
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
const client_test_t test_i031_client_tests_list[] = {
NULL,
client_test_psa_read_with_invalid_handle,
@@ -55,6 +84,9 @@
status = VAL_STATUS_SPM_FAILED;
psa->close(handle);
+
(void)(status_of_call);
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i031/test_supp_i031.c b/api-tests/ff/ipc/test_i031/test_supp_i031.c
index 62af645..a525d08 100644
--- a/api-tests/ff/ipc/test_i031/test_supp_i031.c
+++ b/api-tests/ff/ipc/test_i031/test_supp_i031.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,84 @@
#define NUM_OF_BYTES 4
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_read_with_invalid_handle(void);
+
+const server_test_t test_i031_server_tests_list[] = {
+ NULL,
+ server_test_psa_read_with_invalid_handle,
+ NULL,
+};
+
+int32_t server_test_psa_read_with_invalid_handle(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_read with INVALID_HANDLE, call should panic */
+ psa->read(INVALID_HANDLE, 0, (void *)data, 0);
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_read with invalid handle should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->reply(msg.handle, -4);
+ }
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
int32_t server_test_psa_read_with_invalid_handle(void);
const server_test_t test_i031_server_tests_list[] = {
@@ -110,3 +188,5 @@
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i032/test_i032.c b/api-tests/ff/ipc/test_i032/test_i032.c
index c7e9918..ac5a33b 100644
--- a/api-tests/ff/ipc/test_i032/test_i032.c
+++ b/api-tests/ff/ipc/test_i032/test_i032.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,8 @@
#include "test_i032.h"
+#if STATELESS_ROT == 1
+
const client_test_t test_i032_client_tests_list[] = {
NULL,
client_test_psa_read_with_invec_equal_to_max_iovec,
@@ -34,12 +36,40 @@
int32_t client_test_psa_read_with_invec_equal_to_max_iovec(caller_security_t caller __UNUSED)
{
int32_t status = VAL_STATUS_SUCCESS;
- psa_handle_t handle = 0;
psa_status_t status_of_call;
val->print(PRINT_TEST,
"[Check 1] Test psa_read with invec_idx=PSA_MAX_IOVEC\n", 0);
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
+const client_test_t test_i032_client_tests_list[] = {
+ NULL,
+ client_test_psa_read_with_invec_equal_to_max_iovec,
+ NULL,
+};
+
+int32_t client_test_psa_read_with_invec_equal_to_max_iovec(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_read with invec_idx=PSA_MAX_IOVEC\n", 0);
+
+ psa_handle_t handle = 0;
handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
if (!PSA_HANDLE_IS_VALID(handle))
{
@@ -55,6 +85,9 @@
status = VAL_STATUS_SPM_FAILED;
psa->close(handle);
+
(void)(status_of_call);
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i032/test_supp_i032.c b/api-tests/ff/ipc/test_i032/test_supp_i032.c
index fe94496..b9d1d36 100644
--- a/api-tests/ff/ipc/test_i032/test_supp_i032.c
+++ b/api-tests/ff/ipc/test_i032/test_supp_i032.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,84 @@
#define NUM_OF_BYTES 4
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_read_with_invec_equal_to_max_iovec(void);
+
+const server_test_t test_i032_server_tests_list[] = {
+ NULL,
+ server_test_psa_read_with_invec_equal_to_max_iovec,
+ NULL,
+};
+
+int32_t server_test_psa_read_with_invec_equal_to_max_iovec(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_read with invec_idx=PSA_MAX_IOVEC, call should panic */
+ psa->read(msg.handle, PSA_MAX_IOVEC, (void *)data, 0);
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_read with invec_idx=PSA_MAX_IOVEC should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+ status = VAL_STATUS_SPM_FAILED;
+ psa->reply(msg.handle, -4);
+
+ }
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
int32_t server_test_psa_read_with_invec_equal_to_max_iovec(void);
const server_test_t test_i032_server_tests_list[] = {
@@ -110,3 +188,5 @@
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i033/test_i033.c b/api-tests/ff/ipc/test_i033/test_i033.c
index f83589c..dadf109 100644
--- a/api-tests/ff/ipc/test_i033/test_i033.c
+++ b/api-tests/ff/ipc/test_i033/test_i033.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,36 @@
#include "test_i033.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i033_client_tests_list[] = {
+ NULL,
+ client_test_psa_read_with_invec_greater_than_max_iovec,
+ NULL,
+};
+
+int32_t client_test_psa_read_with_invec_greater_than_max_iovec(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_read with invec_idx > PSA_MAX_IOVEC\n", 0);
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
const client_test_t test_i033_client_tests_list[] = {
NULL,
client_test_psa_read_with_invec_greater_than_max_iovec,
@@ -46,7 +76,6 @@
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
-
status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
@@ -55,6 +84,9 @@
status = VAL_STATUS_SPM_FAILED;
psa->close(handle);
+
(void)(status_of_call);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i033/test_supp_i033.c b/api-tests/ff/ipc/test_i033/test_supp_i033.c
index 789de3d..fe8f220 100644
--- a/api-tests/ff/ipc/test_i033/test_supp_i033.c
+++ b/api-tests/ff/ipc/test_i033/test_supp_i033.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,84 @@
#define NUM_OF_BYTES 4
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_read_with_invec_greater_than_max_iovec(void);
+
+const server_test_t test_i033_server_tests_list[] = {
+ NULL,
+ server_test_psa_read_with_invec_greater_than_max_iovec,
+ NULL,
+};
+
+int32_t server_test_psa_read_with_invec_greater_than_max_iovec(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_read with invec_idx > PSA_MAX_IOVEC, call should panic */
+ psa->read(msg.handle, PSA_MAX_IOVEC + 1, (void *)data, 0);
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_read with invec_idx > PSA_MAX_IOVEC should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->reply(msg.handle, -4);
+ }
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
int32_t server_test_psa_read_with_invec_greater_than_max_iovec(void);
const server_test_t test_i033_server_tests_list[] = {
@@ -110,3 +188,5 @@
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i036/test_i036.c b/api-tests/ff/ipc/test_i036/test_i036.c
index bb85aea..28f93c3 100644
--- a/api-tests/ff/ipc/test_i036/test_i036.c
+++ b/api-tests/ff/ipc/test_i036/test_i036.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,36 @@
#include "test_i036.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i036_client_tests_list[] = {
+ NULL,
+ client_test_psa_skip_with_null_handle,
+ NULL,
+};
+
+int32_t client_test_psa_skip_with_null_handle(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_skip with NULL handle\n", 0);
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
const client_test_t test_i036_client_tests_list[] = {
NULL,
client_test_psa_skip_with_null_handle,
@@ -55,6 +85,9 @@
status = VAL_STATUS_SPM_FAILED;
psa->close(handle);
+
(void)(status_of_call);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i036/test_supp_i036.c b/api-tests/ff/ipc/test_i036/test_supp_i036.c
index cf92845..6a17a5f 100644
--- a/api-tests/ff/ipc/test_i036/test_supp_i036.c
+++ b/api-tests/ff/ipc/test_i036/test_supp_i036.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,81 @@
int32_t server_test_psa_skip_with_null_handle(void);
+#if STATELESS_ROT == 1
+
+const server_test_t test_i036_server_tests_list[] = {
+ NULL,
+ server_test_psa_skip_with_null_handle,
+ NULL,
+};
+
+int32_t server_test_psa_skip_with_null_handle(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_skip with PSA_NULL_HANDLE, call should panic */
+ psa->skip(PSA_NULL_HANDLE, 0, 0);
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_skip with NULL handle should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->reply(msg.handle, -4);
+ }
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
const server_test_t test_i036_server_tests_list[] = {
NULL,
server_test_psa_skip_with_null_handle,
@@ -107,3 +182,5 @@
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i037/test_i037.c b/api-tests/ff/ipc/test_i037/test_i037.c
index 407232e..ba752e2 100644
--- a/api-tests/ff/ipc/test_i037/test_i037.c
+++ b/api-tests/ff/ipc/test_i037/test_i037.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,36 @@
#include "test_i037.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i037_client_tests_list[] = {
+ NULL,
+ client_test_psa_skip_with_invalid_handle,
+ NULL,
+};
+
+int32_t client_test_psa_skip_with_invalid_handle(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_skip with invalid handle\n", 0);
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
const client_test_t test_i037_client_tests_list[] = {
NULL,
client_test_psa_skip_with_invalid_handle,
@@ -55,6 +85,9 @@
status = VAL_STATUS_SPM_FAILED;
psa->close(handle);
+
(void)(status_of_call);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i037/test_supp_i037.c b/api-tests/ff/ipc/test_i037/test_supp_i037.c
index c7d7711..e3d0a73 100644
--- a/api-tests/ff/ipc/test_i037/test_supp_i037.c
+++ b/api-tests/ff/ipc/test_i037/test_supp_i037.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,83 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_skip_with_invalid_handle(void);
+
+const server_test_t test_i037_server_tests_list[] = {
+ NULL,
+ server_test_psa_skip_with_invalid_handle,
+ NULL,
+};
+
+int32_t server_test_psa_skip_with_invalid_handle(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_skip with INVALID_HANDLE, call should panic */
+ psa->skip(INVALID_HANDLE, 0, 0);
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_skip with invalid handle should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->reply(msg.handle, -4);
+ }
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
int32_t server_test_psa_skip_with_invalid_handle(void);
const server_test_t test_i037_server_tests_list[] = {
@@ -107,3 +184,5 @@
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i038/test_i038.c b/api-tests/ff/ipc/test_i038/test_i038.c
index 2a2a2e6..df8ec4a 100644
--- a/api-tests/ff/ipc/test_i038/test_i038.c
+++ b/api-tests/ff/ipc/test_i038/test_i038.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,35 @@
#include "test_i038.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i038_client_tests_list[] = {
+ NULL,
+ client_test_psa_skip_with_invec_equal_to_max_iovec,
+ NULL,
+};
+
+int32_t client_test_psa_skip_with_invec_equal_to_max_iovec(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_skip with invec_idx=PSA_MAX_IOVEC\n", 0);
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
const client_test_t test_i038_client_tests_list[] = {
NULL,
client_test_psa_skip_with_invec_equal_to_max_iovec,
@@ -55,6 +84,9 @@
status = VAL_STATUS_SPM_FAILED;
psa->close(handle);
+
(void)(status_of_call);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i038/test_supp_i038.c b/api-tests/ff/ipc/test_i038/test_supp_i038.c
index 3790305..850de8b 100644
--- a/api-tests/ff/ipc/test_i038/test_supp_i038.c
+++ b/api-tests/ff/ipc/test_i038/test_supp_i038.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,85 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_skip_with_invec_equal_to_max_iovec(void);
+
+const server_test_t test_i038_server_tests_list[] = {
+ NULL,
+ server_test_psa_skip_with_invec_equal_to_max_iovec,
+ NULL,
+};
+
+int32_t server_test_psa_skip_with_invec_equal_to_max_iovec(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_skip with invec_idx=PSA_MAX_IOVEC, call should panic */
+ psa->skip(msg.handle, PSA_MAX_IOVEC, 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_skip with invec_idx=PSA_MAX_IOVEC should failed but succeed\n", 0);
+
+ psa->reply(msg.handle, -4);
+
+ }
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
int32_t server_test_psa_skip_with_invec_equal_to_max_iovec(void);
const server_test_t test_i038_server_tests_list[] = {
@@ -109,3 +188,5 @@
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i039/test_i039.c b/api-tests/ff/ipc/test_i039/test_i039.c
index 26bd8a7..bee2b67 100644
--- a/api-tests/ff/ipc/test_i039/test_i039.c
+++ b/api-tests/ff/ipc/test_i039/test_i039.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,35 @@
#include "test_i039.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i039_client_tests_list[] = {
+ NULL,
+ client_test_psa_skip_with_invec_greater_than_max_iovec,
+ NULL,
+};
+
+int32_t client_test_psa_skip_with_invec_greater_than_max_iovec(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_skip with invec_idx > PSA_MAX_IOVEC\n", 0);
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
const client_test_t test_i039_client_tests_list[] = {
NULL,
client_test_psa_skip_with_invec_greater_than_max_iovec,
@@ -55,6 +84,9 @@
status = VAL_STATUS_SPM_FAILED;
psa->close(handle);
+
(void)(status_of_call);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i039/test_supp_i039.c b/api-tests/ff/ipc/test_i039/test_supp_i039.c
index a94076c..25a25cb 100644
--- a/api-tests/ff/ipc/test_i039/test_supp_i039.c
+++ b/api-tests/ff/ipc/test_i039/test_supp_i039.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,85 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_skip_with_invec_greater_than_max_iovec(void);
+
+const server_test_t test_i039_server_tests_list[] = {
+ NULL,
+ server_test_psa_skip_with_invec_greater_than_max_iovec,
+ NULL,
+};
+
+int32_t server_test_psa_skip_with_invec_greater_than_max_iovec(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_skip with invec_idx > PSA_MAX_IOVEC, call should panic */
+ psa->skip(msg.handle, PSA_MAX_IOVEC + 1, 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_skip with invec_idx > PSA_MAX_IOVEC should failed but succeed\n", 0);
+
+ psa->reply(msg.handle, -4);
+
+ }
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
int32_t server_test_psa_skip_with_invec_greater_than_max_iovec(void);
const server_test_t test_i039_server_tests_list[] = {
@@ -106,6 +185,9 @@
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
+
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i042/test_i042.c b/api-tests/ff/ipc/test_i042/test_i042.c
index 9c8e4ce..4c14de1 100644
--- a/api-tests/ff/ipc/test_i042/test_i042.c
+++ b/api-tests/ff/ipc/test_i042/test_i042.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,8 @@
#include "test_i042.h"
+#if STATELESS_ROT == 1
+
const client_test_t test_i042_client_tests_list[] = {
NULL,
client_test_psa_write_with_null_handle,
@@ -34,12 +36,39 @@
int32_t client_test_psa_write_with_null_handle(caller_security_t caller __UNUSED)
{
int32_t status = VAL_STATUS_SUCCESS;
- psa_handle_t handle = 0;
psa_status_t status_of_call;
val->print(PRINT_TEST,
"[Check 1] Test psa_write with NULL handle\n", 0);
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
+const client_test_t test_i042_client_tests_list[] = {
+ NULL,
+ client_test_psa_write_with_null_handle,
+ NULL,
+};
+
+int32_t client_test_psa_write_with_null_handle(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ psa_status_t status_of_call;
+ psa_handle_t handle = 0;
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_write with NULL handle\n", 0);
+
handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
if (!PSA_HANDLE_IS_VALID(handle))
{
@@ -55,6 +84,9 @@
status = VAL_STATUS_SPM_FAILED;
psa->close(handle);
+
(void)(status_of_call);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i042/test_supp_i042.c b/api-tests/ff/ipc/test_i042/test_supp_i042.c
index 09bb04f..6b233b3 100644
--- a/api-tests/ff/ipc/test_i042/test_supp_i042.c
+++ b/api-tests/ff/ipc/test_i042/test_supp_i042.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,7 +23,9 @@
extern val_api_t *val;
extern psa_api_t *psa;
-int32_t server_test_psa_write_with_null_handle();
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_write_with_null_handle(void);
const server_test_t test_i042_server_tests_list[] = {
NULL,
@@ -31,7 +33,81 @@
NULL,
};
-int32_t server_test_psa_write_with_null_handle()
+int32_t server_test_psa_write_with_null_handle(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[4] = {0};
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* psa_write with PSA_NULL_HANDLE, call should panic */
+ psa->write(PSA_NULL_HANDLE, 0, (void *)data, 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ /* Resetting boot.state to catch unwanted reboot */
+ val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED);
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_write with NULL handle should failed but succeed\n", 0);
+
+ psa->reply(msg.handle, -4);
+
+ }
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
+int32_t server_test_psa_write_with_null_handle(void);
+
+const server_test_t test_i042_server_tests_list[] = {
+ NULL,
+ server_test_psa_write_with_null_handle,
+ NULL,
+};
+
+int32_t server_test_psa_write_with_null_handle(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
@@ -106,3 +182,5 @@
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i043/test_i043.c b/api-tests/ff/ipc/test_i043/test_i043.c
index 1030e65..49c4e6f 100644
--- a/api-tests/ff/ipc/test_i043/test_i043.c
+++ b/api-tests/ff/ipc/test_i043/test_i043.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,35 @@
#include "test_i043.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i043_client_tests_list[] = {
+ NULL,
+ client_test_psa_write_with_invalid_handle,
+ NULL,
+};
+
+int32_t client_test_psa_write_with_invalid_handle(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_write with invalid handle\n", 0);
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
const client_test_t test_i043_client_tests_list[] = {
NULL,
client_test_psa_write_with_invalid_handle,
@@ -55,6 +84,9 @@
status = VAL_STATUS_SPM_FAILED;
psa->close(handle);
+
(void)(status_of_call);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i043/test_supp_i043.c b/api-tests/ff/ipc/test_i043/test_supp_i043.c
index eca5ee7..7f314e0 100644
--- a/api-tests/ff/ipc/test_i043/test_supp_i043.c
+++ b/api-tests/ff/ipc/test_i043/test_supp_i043.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,85 @@
#define NUM_OF_BYTES 4
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_write_with_invalid_handle(void);
+
+const server_test_t test_i043_server_tests_list[] = {
+ NULL,
+ server_test_psa_write_with_invalid_handle,
+ NULL,
+};
+
+int32_t server_test_psa_write_with_invalid_handle(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_write with INVALID_HANDLE, call should panic */
+ psa->write(INVALID_HANDLE, 0, (void *)data, 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_write with invalid handle should failed but succeed\n", 0);
+
+ psa->reply(msg.handle, -4);
+ }
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
int32_t server_test_psa_write_with_invalid_handle(void);
const server_test_t test_i043_server_tests_list[] = {
@@ -111,3 +190,5 @@
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i044/test_i044.c b/api-tests/ff/ipc/test_i044/test_i044.c
index 09050d2..bf2c5c4 100644
--- a/api-tests/ff/ipc/test_i044/test_i044.c
+++ b/api-tests/ff/ipc/test_i044/test_i044.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,8 @@
#include "test_i044.h"
+#if STATELESS_ROT == 1
+
const client_test_t test_i044_client_tests_list[] = {
NULL,
client_test_psa_write_with_invec_equal_to_max_iovec,
@@ -34,12 +36,39 @@
int32_t client_test_psa_write_with_invec_equal_to_max_iovec(caller_security_t caller __UNUSED)
{
int32_t status = VAL_STATUS_SUCCESS;
- psa_handle_t handle = 0;
psa_status_t status_of_call;
val->print(PRINT_TEST,
"[Check 1] Test psa_write with invec_idx=PSA_MAX_IOVEC\n", 0);
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
+const client_test_t test_i044_client_tests_list[] = {
+ NULL,
+ client_test_psa_write_with_invec_equal_to_max_iovec,
+ NULL,
+};
+
+int32_t client_test_psa_write_with_invec_equal_to_max_iovec(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ psa_status_t status_of_call;
+ psa_handle_t handle = 0;
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_write with invec_idx=PSA_MAX_IOVEC\n", 0);
+
handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
if (!PSA_HANDLE_IS_VALID(handle))
{
@@ -55,6 +84,9 @@
status = VAL_STATUS_SPM_FAILED;
psa->close(handle);
+
(void)(status_of_call);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i044/test_supp_i044.c b/api-tests/ff/ipc/test_i044/test_supp_i044.c
index 6fea86e..4a55125 100644
--- a/api-tests/ff/ipc/test_i044/test_supp_i044.c
+++ b/api-tests/ff/ipc/test_i044/test_supp_i044.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,85 @@
#define NUM_OF_BYTES 4
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_write_with_invec_equal_to_max_iovec(void);
+
+const server_test_t test_i044_server_tests_list[] = {
+ NULL,
+ server_test_psa_write_with_invec_equal_to_max_iovec,
+ NULL,
+};
+
+int32_t server_test_psa_write_with_invec_equal_to_max_iovec(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_write with invec_idx=PSA_MAX_IOVEC, call should panic */
+ psa->write(msg.handle, PSA_MAX_IOVEC, (void *)data, 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_write with invec_idx=PSA_MAX_IOVEC should failed but succeed\n", 0);
+
+ psa->reply(msg.handle, -4);
+ }
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
int32_t server_test_psa_write_with_invec_equal_to_max_iovec(void);
const server_test_t test_i044_server_tests_list[] = {
@@ -111,3 +190,5 @@
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i045/test_i045.c b/api-tests/ff/ipc/test_i045/test_i045.c
index 774e9cd..883f81c 100644
--- a/api-tests/ff/ipc/test_i045/test_i045.c
+++ b/api-tests/ff/ipc/test_i045/test_i045.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,8 @@
#include "test_i045.h"
+#if STATELESS_ROT == 1
+
const client_test_t test_i045_client_tests_list[] = {
NULL,
client_test_psa_write_with_invec_greater_than_max_iovec,
@@ -34,12 +36,39 @@
int32_t client_test_psa_write_with_invec_greater_than_max_iovec(caller_security_t caller __UNUSED)
{
int32_t status = VAL_STATUS_SUCCESS;
- psa_handle_t handle = 0;
psa_status_t status_of_call;
val->print(PRINT_TEST,
"[Check 1] Test psa_write with invec_idx > PSA_MAX_IOVEC\n", 0);
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
+const client_test_t test_i045_client_tests_list[] = {
+ NULL,
+ client_test_psa_write_with_invec_greater_than_max_iovec,
+ NULL,
+};
+
+int32_t client_test_psa_write_with_invec_greater_than_max_iovec(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ psa_status_t status_of_call;
+ psa_handle_t handle = 0;
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_write with invec_idx > PSA_MAX_IOVEC\n", 0);
+
handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
if (!PSA_HANDLE_IS_VALID(handle))
{
@@ -55,6 +84,9 @@
status = VAL_STATUS_SPM_FAILED;
psa->close(handle);
+
(void)(status_of_call);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i045/test_supp_i045.c b/api-tests/ff/ipc/test_i045/test_supp_i045.c
index b590405..d414a78 100644
--- a/api-tests/ff/ipc/test_i045/test_supp_i045.c
+++ b/api-tests/ff/ipc/test_i045/test_supp_i045.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,86 @@
#define NUM_OF_BYTES 4
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_write_with_invec_greater_than_max_iovec(void);
+
+const server_test_t test_i045_server_tests_list[] = {
+ NULL,
+ server_test_psa_write_with_invec_greater_than_max_iovec,
+ NULL,
+};
+
+int32_t server_test_psa_write_with_invec_greater_than_max_iovec(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_write with invec_idx > PSA_MAX_IOVEC, call should panic */
+ psa->write(msg.handle, PSA_MAX_IOVEC + 1, (void *)data, 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_write with invec_idx > PSA_MAX_IOVEC should failed but succeed\n", 0);
+
+ psa->reply(msg.handle, -4);
+ }
+ }
+
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
int32_t server_test_psa_write_with_invec_greater_than_max_iovec(void);
const server_test_t test_i045_server_tests_list[] = {
@@ -105,9 +185,12 @@
}
}
+
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i046/test_i046.c b/api-tests/ff/ipc/test_i046/test_i046.c
index 8aea6db..3f967ef 100644
--- a/api-tests/ff/ipc/test_i046/test_i046.c
+++ b/api-tests/ff/ipc/test_i046/test_i046.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,38 @@
#include "test_i046.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i046_client_tests_list[] = {
+ NULL,
+ client_test_psa_write_with_size_overflow,
+ NULL,
+};
+
+int32_t client_test_psa_write_with_size_overflow(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call;
+ uint8_t data = 0;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_write with size overflow\n", 0);
+
+ psa_outvec resp = {&data, sizeof(data)};
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, &resp, 1);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
const client_test_t test_i046_client_tests_list[] = {
NULL,
client_test_psa_write_with_size_overflow,
@@ -58,6 +90,9 @@
status = VAL_STATUS_SPM_FAILED;
psa->close(handle);
+
(void)(status_of_call);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i046/test_supp_i046.c b/api-tests/ff/ipc/test_i046/test_supp_i046.c
index d4be5e0..5d86843 100644
--- a/api-tests/ff/ipc/test_i046/test_supp_i046.c
+++ b/api-tests/ff/ipc/test_i046/test_supp_i046.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,85 @@
#define NUM_OF_BYTES 4
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_write_with_size_overflow(void);
+
+const server_test_t test_i046_server_tests_list[] = {
+ NULL,
+ server_test_psa_write_with_size_overflow,
+ NULL,
+};
+
+int32_t server_test_psa_write_with_size_overflow(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_write with size overflow, call should panic */
+ psa->write(msg.handle, 0, (void *)data, msg.out_size[0]+1);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_write with size overflow should failed but succeed\n", 0);
+
+ psa->reply(msg.handle, -4);
+ }
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
int32_t server_test_psa_write_with_size_overflow(void);
const server_test_t test_i046_server_tests_list[] = {
@@ -111,3 +190,5 @@
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i047/test_i047.c b/api-tests/ff/ipc/test_i047/test_i047.c
index f5d9502..e145117 100644
--- a/api-tests/ff/ipc/test_i047/test_i047.c
+++ b/api-tests/ff/ipc/test_i047/test_i047.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,8 @@
#include "test_i047.h"
+#if STATELESS_ROT == 1
+
const client_test_t test_i047_client_tests_list[] = {
NULL,
client_test_psa_get_with_invalid_msg_pointer,
@@ -33,11 +35,36 @@
int32_t client_test_psa_get_with_invalid_msg_pointer(caller_security_t caller __UNUSED)
{
+
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_get with invalid msg pointer\n", 0);
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
+ (void)status_of_call;
+
+ return VAL_STATUS_SUCCESS;
+
+}
+
+#else
+
+const client_test_t test_i047_client_tests_list[] = {
+ NULL,
+ client_test_psa_get_with_invalid_msg_pointer,
+ NULL,
+};
+
+int32_t client_test_psa_get_with_invalid_msg_pointer(caller_security_t caller __UNUSED)
+{
+
psa_handle_t handle = 0;
val->print(PRINT_TEST,
"[Check 1] Test psa_get with invalid msg pointer\n", 0);
+
handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -48,5 +75,8 @@
val->print(PRINT_ERROR, "\tpsa_connect should failed but succeed\n", 0);
(void)(handle);
+
return VAL_STATUS_SPM_FAILED;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i047/test_supp_i047.c b/api-tests/ff/ipc/test_i047/test_supp_i047.c
index 49a5337..3c74b9f 100644
--- a/api-tests/ff/ipc/test_i047/test_supp_i047.c
+++ b/api-tests/ff/ipc/test_i047/test_supp_i047.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,100 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_get_with_invalid_msg_pointer(void);
+
+const server_test_t test_i047_server_tests_list[] = {
+ NULL,
+ server_test_psa_get_with_invalid_msg_pointer,
+ NULL,
+};
+
+int32_t server_test_psa_get_with_invalid_msg_pointer(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_signal_t signals = 0;
+ psa_msg_t *invalid_msg = NULL;
+ memory_desc_t *memory_desc;
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ signals = psa->wait(SERVER_UNSPECIFED_VERSION_SIGNAL, PSA_BLOCK);
+ if ((signals & SERVER_UNSPECIFED_VERSION_SIGNAL) == 0)
+ {
+ val->print(PRINT_ERROR,
+ "psa_wait returned with invalid signal value = 0x%x\n", signals);
+ return VAL_STATUS_ERROR;
+ }
+
+ /*
+ * Selection of invalid msg pointer:
+ *
+ * if (ISOLATION_LEVEL > 1)
+ * msg_pointer = driver_mmio_region_base;
+ * else
+ * msg_pointer = NULL;
+ */
+
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
+ {
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ return status;
+ }
+
+ invalid_msg = (psa_msg_t *) memory_desc->start;
+ }
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* psa_get with invalid msg pointer, call should panic */
+ psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, invalid_msg);
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_get with invalid msg pointer should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+#else
int32_t server_test_psa_get_with_invalid_msg_pointer(void);
@@ -114,5 +208,8 @@
/* Reject the connection */
psa->reply(invalid_msg->handle, PSA_ERROR_CONNECTION_REFUSED);
+
return VAL_STATUS_SPM_FAILED;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i048/test_i048.c b/api-tests/ff/ipc/test_i048/test_i048.c
index 7e11989..91aeeba 100644
--- a/api-tests/ff/ipc/test_i048/test_i048.c
+++ b/api-tests/ff/ipc/test_i048/test_i048.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,117 @@
#include "test_i048.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i048_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_invalid_invec_pointer,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_invalid_invec_pointer(caller_security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+ memory_desc_t *memory_desc;
+ psa_invec *invalid_invec = NULL;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_call with invalid address for in_vec\n", 0);
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /*
+ * Selection of invalid invec pointer:
+ *
+ * if caller == CALLER_NONSECURE
+ * // PSA RoT pointer
+ * invec_pointer = driver_mmio_region_base;
+ * else
+ * if (ISOLATION_LEVEL > 1)
+ * // PSA RoT pointer
+ * invec_pointer = driver_mmio_region_base;
+ * else
+ * invec_pointer = NULL;
+ */
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(101), status))
+ {
+ return status;
+ }
+
+ if (caller == CALLER_NONSECURE)
+ invalid_invec = (psa_invec *) memory_desc->start;
+ else
+ {
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
+ invalid_invec = (psa_invec *) memory_desc->start;
+ }
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Test check- psa_call with invalid address for in_vec */
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL,
+ invalid_invec, 1, NULL, 0);
+
+ /*
+ * If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
+ * a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
+ * For SPE caller, it must panic.
+ */
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ {
+ return VAL_STATUS_SUCCESS;
+ }
+
+ /* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tpsa_call should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ return status;
+}
+
+#else
+
const client_test_t test_i048_client_tests_list[] = {
NULL,
client_test_psa_call_with_invalid_invec_pointer,
@@ -140,3 +251,4 @@
psa->close(handle);
return status;
}
+#endif
diff --git a/api-tests/ff/ipc/test_i048/test_supp_i048.c b/api-tests/ff/ipc/test_i048/test_supp_i048.c
index 29058c1..794c180 100644
--- a/api-tests/ff/ipc/test_i048/test_supp_i048.c
+++ b/api-tests/ff/ipc/test_i048/test_supp_i048.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,39 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_call_with_invalid_invec_pointer(void);
+
+const server_test_t test_i048_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_invalid_invec_pointer,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_invalid_invec_pointer(void)
+{
+ psa_msg_t msg = {0};
+ psa_signal_t signals;
+
+wait:
+ signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
+ {
+ goto wait;
+ }
+
+ if (msg.type == PSA_IPC_CALL)
+ {
+ /* Control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa->reply(msg.handle, -2);
+ }
+ return VAL_STATUS_ERROR;
+}
+
+#else
+
int32_t server_test_psa_call_with_invalid_invec_pointer(void);
const server_test_t test_i048_server_tests_list[] = {
@@ -77,3 +110,5 @@
return VAL_STATUS_ERROR;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i049/test_i049.c b/api-tests/ff/ipc/test_i049/test_i049.c
index becd24a..8313316 100644
--- a/api-tests/ff/ipc/test_i049/test_i049.c
+++ b/api-tests/ff/ipc/test_i049/test_i049.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -24,6 +24,117 @@
#endif
#include "test_i049.h"
+#include "stdio.h"
+
+#if STATELESS_ROT == 1
+
+const client_test_t test_i049_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_invalid_outvec_pointer,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_invalid_outvec_pointer(caller_security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+ memory_desc_t *memory_desc;
+ psa_outvec *invalid_outvec = NULL;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_call with invalid address for outvec\n", 0);
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /*
+ * Selection of invalid outvec pointer:
+ *
+ * if caller == CALLER_NONSECURE
+ * // PSA RoT pointer
+ * outvec_pointer = driver_mmio_region_base;
+ * else
+ * if (ISOLATION_LEVEL > 1)
+ * // PSA RoT pointer
+ * outvec_pointer = driver_mmio_region_base;
+ * else
+ * outvec_pointer = NULL;
+ */
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(101), status))
+ {
+ return status;
+ }
+
+ if (caller == CALLER_NONSECURE)
+ invalid_outvec = (psa_outvec *) memory_desc->start;
+ else
+ {
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
+ invalid_outvec = (psa_outvec *) memory_desc->start;
+ }
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Test check- psa_call with invalid address for outvec */
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0,
+ invalid_outvec, 1);
+
+ /*
+ * If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
+ * a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
+ * For SPE caller, it must panic.
+ */
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ {
+ return VAL_STATUS_SUCCESS;
+ }
+
+ /* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tpsa_call should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ return status;
+}
+
+#else
const client_test_t test_i049_client_tests_list[] = {
NULL,
@@ -140,3 +251,5 @@
psa->close(handle);
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i049/test_supp_i049.c b/api-tests/ff/ipc/test_i049/test_supp_i049.c
index 8061a00..0a53cd9 100644
--- a/api-tests/ff/ipc/test_i049/test_supp_i049.c
+++ b/api-tests/ff/ipc/test_i049/test_supp_i049.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,12 +17,47 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
+#include "stdio.h"
#define val CONCAT(val, _server_sp)
#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_call_with_invalid_outvec_pointer(void);
+
+const server_test_t test_i049_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_invalid_outvec_pointer,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_invalid_outvec_pointer(void)
+{
+ psa_msg_t msg = {0};
+ psa_signal_t signals;
+
+wait:
+ signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
+ {
+ goto wait;
+ }
+
+ if (msg.type == PSA_IPC_CALL)
+ {
+ /* Control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa->reply(msg.handle, -2);
+ }
+
+ return VAL_STATUS_ERROR;
+}
+
+#else
+
int32_t server_test_psa_call_with_invalid_outvec_pointer(void);
const server_test_t test_i049_server_tests_list[] = {
@@ -77,3 +112,5 @@
return VAL_STATUS_ERROR;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i050/test_i050.c b/api-tests/ff/ipc/test_i050/test_i050.c
index 13701a3..df986d7 100644
--- a/api-tests/ff/ipc/test_i050/test_i050.c
+++ b/api-tests/ff/ipc/test_i050/test_i050.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,118 @@
#include "test_i050.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i050_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_invalid_invec_base,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_invalid_invec_base(caller_security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+ memory_desc_t *memory_desc;
+ addr_t *invalid_base = NULL;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_call with invalid psa_invec.base\n", 0);
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /*
+ * Selection of invalid invec pointer:
+ *
+ * if caller == CALLER_NONSECURE
+ * // PSA RoT pointer
+ * invalid_base = driver_mmio_region_base;
+ * else
+ * if (ISOLATION_LEVEL > 1)
+ * // PSA RoT pointer
+ * invalid_base = driver_mmio_region_base;
+ * else
+ * invalid_base = NULL;
+ */
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(101), status))
+ {
+ return status;
+ }
+
+
+ if (caller == CALLER_NONSECURE)
+ invalid_base = (addr_t *) memory_desc->start;
+ else
+ {
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
+ invalid_base = (addr_t *) memory_desc->start;
+ }
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ psa_invec invec[1] = { {invalid_base, sizeof(addr_t)} };
+
+ /* Test check- psa_call with invalid address for psa_invec.base */
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, invec, 1, NULL, 0);
+
+ /*
+ * If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
+ * a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
+ * For SPE caller, it must panic.
+ */
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ {
+ return VAL_STATUS_SUCCESS;
+ }
+
+ /* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tpsa_call should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ return status;
+}
+
+#else
+
const client_test_t test_i050_client_tests_list[] = {
NULL,
client_test_psa_call_with_invalid_invec_base,
@@ -96,6 +208,7 @@
return status;
}
+
if (caller == CALLER_NONSECURE)
invalid_base = (addr_t *) memory_desc->start;
else
@@ -142,3 +255,5 @@
psa->close(handle);
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i050/test_supp_i050.c b/api-tests/ff/ipc/test_i050/test_supp_i050.c
index 3cd745d..d988e8c 100644
--- a/api-tests/ff/ipc/test_i050/test_supp_i050.c
+++ b/api-tests/ff/ipc/test_i050/test_supp_i050.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,40 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_call_with_invalid_invec_base(void);
+
+const server_test_t test_i050_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_invalid_invec_base,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_invalid_invec_base(void)
+{
+ psa_msg_t msg = {0};
+ psa_signal_t signals;
+
+wait:
+ signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
+ {
+ goto wait;
+ }
+
+ if (msg.type == PSA_IPC_CALL)
+ {
+ /* Control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa->reply(msg.handle, -2);
+ }
+
+ return VAL_STATUS_ERROR;
+}
+
+#else
+
int32_t server_test_psa_call_with_invalid_invec_base(void);
const server_test_t test_i050_server_tests_list[] = {
@@ -77,3 +111,5 @@
return VAL_STATUS_ERROR;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i051/test_i051.c b/api-tests/ff/ipc/test_i051/test_i051.c
index 3fb0d15..60805ef 100644
--- a/api-tests/ff/ipc/test_i051/test_i051.c
+++ b/api-tests/ff/ipc/test_i051/test_i051.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,118 @@
#include "test_i051.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i051_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_invalid_outvec_base,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_invalid_outvec_base(caller_security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+ memory_desc_t *memory_desc;
+ addr_t *invalid_base = NULL;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_call with invalid psa_outvec.base\n", 0);
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /*
+ * Selection of invalid outvec pointer:
+ *
+ * if caller == CALLER_NONSECURE
+ * // PSA RoT pointer
+ * invalid_base = driver_mmio_region_base;
+ * else
+ * if (ISOLATION_LEVEL > 1)
+ * // PSA RoT pointer
+ * invalid_base = driver_mmio_region_base;
+ * else
+ * invalid_base = NULL;
+ */
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(101), status))
+ {
+ return status;
+ }
+
+ if (caller == CALLER_NONSECURE)
+ invalid_base = (addr_t *) memory_desc->start;
+ else
+ {
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
+ invalid_base = (addr_t *) memory_desc->start;
+ }
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ psa_outvec outvec[1] = { {invalid_base, sizeof(addr_t)} };
+
+ /* Test check- psa_call with invalid address for psa_outvec.base */
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, outvec, 1);
+
+ /*
+ * If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
+ * a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
+ * For SPE caller, it must panic.
+ */
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ {
+ return VAL_STATUS_SUCCESS;
+ }
+
+ /* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tpsa_call should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ return status;
+}
+
+#else
+
const client_test_t test_i051_client_tests_list[] = {
NULL,
client_test_psa_call_with_invalid_outvec_base,
@@ -142,3 +254,5 @@
psa->close(handle);
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i051/test_supp_i051.c b/api-tests/ff/ipc/test_i051/test_supp_i051.c
index 01d83f1..396163d 100644
--- a/api-tests/ff/ipc/test_i051/test_supp_i051.c
+++ b/api-tests/ff/ipc/test_i051/test_supp_i051.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,40 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_call_with_invalid_outvec_base(void);
+
+const server_test_t test_i051_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_invalid_outvec_base,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_invalid_outvec_base(void)
+{
+ psa_msg_t msg = {0};
+ psa_signal_t signals;
+
+wait:
+ signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
+ {
+ goto wait;
+ }
+
+ if (msg.type == PSA_IPC_CALL)
+ {
+ /* Control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa->reply(msg.handle, -2);
+ }
+
+ return VAL_STATUS_ERROR;
+}
+
+#else
+
int32_t server_test_psa_call_with_invalid_outvec_base(void);
const server_test_t test_i051_server_tests_list[] = {
@@ -77,3 +111,5 @@
return VAL_STATUS_ERROR;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i052/test_i052.c b/api-tests/ff/ipc/test_i052/test_i052.c
index d8c3ef0..ba04f62 100644
--- a/api-tests/ff/ipc/test_i052/test_i052.c
+++ b/api-tests/ff/ipc/test_i052/test_i052.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,126 @@
#include "test_i052.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i052_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_invalid_invec_end_addr,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_invalid_invec_end_addr(caller_security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+ memory_desc_t *memory_desc_driver, *memory_desc;
+ size_t invalid_size;
+ memory_cfg_id_t memory_cfg_id;
+ addr_t *valid_base = NULL;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_call with invalid end_addr for psa_invec\n", 0);
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /*
+ * Selection of invalid size for psa_invec:
+ *
+ * if caller == CALLER_NONSECURE
+ * valid_base = nspe_mmio_region_base;
+ * invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);
+ * else
+ * if (ISOLATION_LEVEL > 1)
+ * valid_base = server_mmio_region_base;
+ * invalid_size = (driver_mmio_region_base - server_mmio_region_base + 1);
+ */
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc_driver,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(101), status))
+ {
+ return status;
+ }
+
+ if (caller == CALLER_NONSECURE)
+ memory_cfg_id = MEMORY_NSPE_MMIO;
+ else
+ memory_cfg_id = MEMORY_SERVER_PARTITION_MMIO;
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ memory_cfg_id, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
+ {
+ return status;
+ }
+
+ valid_base = (addr_t *) memory_desc->start;
+ invalid_size = (memory_desc_driver->start - memory_desc->start + 1);
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ psa_invec invec[1] = { {valid_base, invalid_size} };
+
+ /* Test check- psa_call with invalid end_addr for psa_invec */
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, invec, 1, NULL, 0);
+
+ /*
+ * If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
+ * a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
+ * For SPE caller, it must panic.
+ */
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ {
+ return VAL_STATUS_SUCCESS;
+ }
+
+ /* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tpsa_call should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ return status;
+}
+
+#else
+
const client_test_t test_i052_client_tests_list[] = {
NULL,
client_test_psa_call_with_invalid_invec_end_addr,
@@ -152,3 +272,5 @@
psa->close(handle);
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i052/test_supp_i052.c b/api-tests/ff/ipc/test_i052/test_supp_i052.c
index c989cf1..818d3a0 100644
--- a/api-tests/ff/ipc/test_i052/test_supp_i052.c
+++ b/api-tests/ff/ipc/test_i052/test_supp_i052.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,39 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_call_with_invalid_invec_end_addr(void);
+
+const server_test_t test_i052_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_invalid_invec_end_addr,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_invalid_invec_end_addr(void)
+{
+ psa_msg_t msg = {0};
+ psa_signal_t signals;
+
+wait:
+ signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
+ {
+ goto wait;
+ }
+
+ if (msg.type == PSA_IPC_CALL)
+ {
+ /* Control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa->reply(msg.handle, -2);
+ }
+ return VAL_STATUS_ERROR;
+}
+
+#else
+
int32_t server_test_psa_call_with_invalid_invec_end_addr(void);
const server_test_t test_i052_server_tests_list[] = {
@@ -77,3 +110,5 @@
return VAL_STATUS_ERROR;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i053/test_i053.c b/api-tests/ff/ipc/test_i053/test_i053.c
index 542f809..9644563 100644
--- a/api-tests/ff/ipc/test_i053/test_i053.c
+++ b/api-tests/ff/ipc/test_i053/test_i053.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,127 @@
#include "test_i053.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i053_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_invalid_outvec_end_addr,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_invalid_outvec_end_addr(caller_security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+ memory_desc_t *memory_desc_driver, *memory_desc;
+ size_t invalid_size;
+ memory_cfg_id_t memory_cfg_id;
+ addr_t *valid_base = NULL;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_call with invalid end_addr for psa_outvec\n", 0);
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /*
+ * Selection of invalid size for psa_outvec:
+ *
+ * if caller == CALLER_NONSECURE
+ * valid_base = nspe_mmio_region_base;
+ * invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);
+ * else
+ * if (ISOLATION_LEVEL > 1)
+ * valid_base = server_mmio_region_base;
+ * invalid_size = (driver_mmio_region_base - server_mmio_region_base + 1);
+ */
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc_driver,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(101), status))
+ {
+ return status;
+ }
+
+ if (caller == CALLER_NONSECURE)
+ memory_cfg_id = MEMORY_NSPE_MMIO;
+ else
+ memory_cfg_id = MEMORY_SERVER_PARTITION_MMIO;
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ memory_cfg_id, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
+ {
+ return status;
+ }
+
+ valid_base = (addr_t *) memory_desc->start;
+ invalid_size = (memory_desc_driver->start - memory_desc->start + 1);
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ psa_outvec outvec[1] = { {valid_base, invalid_size} };
+
+ /* Test check- psa_call with invalid end_addr for psa_outvec */
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, outvec, 1);
+
+ /*
+ * If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
+ * a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
+ * For SPE caller, it must panic.
+ */
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ {
+ return VAL_STATUS_SUCCESS;
+ }
+
+ /* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tpsa_call should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
const client_test_t test_i053_client_tests_list[] = {
NULL,
client_test_psa_call_with_invalid_outvec_end_addr,
@@ -153,3 +274,5 @@
(void)(status_of_call);
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i053/test_supp_i053.c b/api-tests/ff/ipc/test_i053/test_supp_i053.c
index 59ad945..d5e5f6a 100644
--- a/api-tests/ff/ipc/test_i053/test_supp_i053.c
+++ b/api-tests/ff/ipc/test_i053/test_supp_i053.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,39 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_call_with_invalid_outvec_end_addr(void);
+
+const server_test_t test_i053_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_invalid_outvec_end_addr,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_invalid_outvec_end_addr(void)
+{
+ psa_msg_t msg = {0};
+ psa_signal_t signals;
+
+wait:
+ signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
+ {
+ goto wait;
+ }
+
+ if (msg.type == PSA_IPC_CALL)
+ {
+ /* Control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa->reply(msg.handle, -2);
+ }
+ return VAL_STATUS_ERROR;
+}
+
+#else
+
int32_t server_test_psa_call_with_invalid_outvec_end_addr(void);
const server_test_t test_i053_server_tests_list[] = {
@@ -77,3 +110,5 @@
return VAL_STATUS_ERROR;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i054/test_i054.c b/api-tests/ff/ipc/test_i054/test_i054.c
index cf05d6d..808566d 100644
--- a/api-tests/ff/ipc/test_i054/test_i054.c
+++ b/api-tests/ff/ipc/test_i054/test_i054.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,72 @@
#include "test_i054.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i054_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_not_writable_outvec_base,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_not_writable_outvec_base(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_call with not writable psa_outvec.base\n", 0);
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_S))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Using function address (code) as not writable address */
+ psa_outvec outvec[1] = { {&client_test_psa_call_with_not_writable_outvec_base, sizeof(char)} };
+
+ /* Test check- psa_call with not writable psa_outvec.base, call should panic */
+ psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, outvec, 1);
+
+ /* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tpsa_call should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ return status;
+}
+
+#else
+
const client_test_t test_i054_client_tests_list[] = {
NULL,
client_test_psa_call_with_not_writable_outvec_base,
@@ -92,6 +158,8 @@
}
status = VAL_STATUS_SPM_FAILED;
- psa->close(handle);
+ psa->close(handle);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i054/test_supp_i054.c b/api-tests/ff/ipc/test_i054/test_supp_i054.c
index b76863b..fdcd2d2 100644
--- a/api-tests/ff/ipc/test_i054/test_supp_i054.c
+++ b/api-tests/ff/ipc/test_i054/test_supp_i054.c
@@ -23,6 +23,8 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
int32_t server_test_psa_call_with_not_writable_outvec_base(void);
const server_test_t test_i054_server_tests_list[] = {
@@ -33,10 +35,50 @@
int32_t server_test_psa_call_with_not_writable_outvec_base(void)
{
- int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
psa_signal_t signals;
+wait:
+ signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
+ {
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
+ {
+ goto wait;
+ }
+
+ if (msg.type == PSA_IPC_CALL)
+ {
+ /* Control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa->reply(msg.handle, -2);
+ }
+ }
+ else
+ {
+ val->print(PRINT_ERROR, "\tpsa_wait returned with invalid signal value = 0x%x\n", signals);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_ERROR;
+}
+
+#else
+
+int32_t server_test_psa_call_with_not_writable_outvec_base(void);
+
+const server_test_t test_i054_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_not_writable_outvec_base,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_not_writable_outvec_base(void)
+{
+ psa_msg_t msg = {0};
+ psa_signal_t signals;
+
+ int32_t status = VAL_STATUS_SUCCESS;
status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
@@ -77,3 +119,5 @@
return VAL_STATUS_ERROR;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i055/test_i055.c b/api-tests/ff/ipc/test_i055/test_i055.c
index cbec364..2ed9a95 100644
--- a/api-tests/ff/ipc/test_i055/test_i055.c
+++ b/api-tests/ff/ipc/test_i055/test_i055.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,38 @@
#include "test_i055.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i055_client_tests_list[] = {
+ NULL,
+ client_test_psa_read_with_invalid_buffer_addr,
+ NULL,
+};
+
+int32_t client_test_psa_read_with_invalid_buffer_addr(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint8_t data = 0x11;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_read with invalid buffer addr\n", 0);
+
+ psa_invec invec[1] = { {&data, sizeof(data)} };
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, invec, 1, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
const client_test_t test_i055_client_tests_list[] = {
NULL,
client_test_psa_read_with_invalid_buffer_addr,
@@ -48,7 +80,9 @@
return VAL_STATUS_INVALID_HANDLE;
}
+
psa_invec invec[1] = {{&data, sizeof(data)}};
+
status_of_call = psa->call(handle, PSA_IPC_CALL, invec, 1, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
@@ -57,6 +91,9 @@
status = VAL_STATUS_SPM_FAILED;
psa->close(handle);
+
(void)(status_of_call);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i055/test_supp_i055.c b/api-tests/ff/ipc/test_i055/test_supp_i055.c
index 406f416..1aa23e9 100644
--- a/api-tests/ff/ipc/test_i055/test_supp_i055.c
+++ b/api-tests/ff/ipc/test_i055/test_supp_i055.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,110 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_read_with_invalid_buffer_addr(void);
+
+const server_test_t test_i055_server_tests_list[] = {
+ NULL,
+ server_test_psa_read_with_invalid_buffer_addr,
+ NULL,
+};
+
+int32_t server_test_psa_read_with_invalid_buffer_addr(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ void *buffer = NULL;
+ memory_desc_t *memory_desc;
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /*
+ * Selection of invalid buffer addr:
+ *
+ * if (ISOLATION_LEVEL > 1)
+ * buffer = driver_mmio_region_base;
+ * else
+ * buffer = NULL;
+ */
+
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
+ {
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
+ return status;
+ }
+
+ buffer = (void *) memory_desc->start;
+ }
+
+ /* Serve psa_call */
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_read with invalid buffer addr, call should panic */
+ psa->read(msg.handle, 0, (void *)buffer, msg.in_size[0]);
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_read with invalid buffer should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->reply(msg.handle, -4);
+ }
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(205), status);
+ return status;
+}
+
+#else
+
int32_t server_test_psa_read_with_invalid_buffer_addr(void);
const server_test_t test_i055_server_tests_list[] = {
@@ -135,3 +239,5 @@
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i056/test_i056.c b/api-tests/ff/ipc/test_i056/test_i056.c
index 291e0d0..9871d65 100644
--- a/api-tests/ff/ipc/test_i056/test_i056.c
+++ b/api-tests/ff/ipc/test_i056/test_i056.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,38 @@
#include "test_i056.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i056_client_tests_list[] = {
+ NULL,
+ client_test_psa_read_with_not_writable_buffer_addr,
+ NULL,
+};
+
+int32_t client_test_psa_read_with_not_writable_buffer_addr(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint8_t data = 0x11;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_read with invalid buffer addr\n", 0);
+
+ psa_invec invec[1] = { {&data, sizeof(data)} };
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, invec, 1, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
const client_test_t test_i056_client_tests_list[] = {
NULL,
client_test_psa_read_with_not_writable_buffer_addr,
@@ -49,6 +81,7 @@
}
psa_invec invec[1] = {{&data, sizeof(data)}};
+
status_of_call = psa->call(handle, PSA_IPC_CALL, invec, 1, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
@@ -57,6 +90,9 @@
status = VAL_STATUS_SPM_FAILED;
psa->close(handle);
+
(void)(status_of_call);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i056/test_supp_i056.c b/api-tests/ff/ipc/test_i056/test_supp_i056.c
index b0fd4a2..9791c60 100644
--- a/api-tests/ff/ipc/test_i056/test_supp_i056.c
+++ b/api-tests/ff/ipc/test_i056/test_supp_i056.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,88 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_read_with_not_writable_buffer_addr(void);
+
+const server_test_t test_i056_server_tests_list[] = {
+ NULL,
+ server_test_psa_read_with_not_writable_buffer_addr,
+ NULL,
+};
+
+int32_t server_test_psa_read_with_not_writable_buffer_addr(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ void *buffer = NULL;
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /* Set buffer to point to not writable location (Code memory) */
+ buffer = (void *) &server_test_psa_read_with_not_writable_buffer_addr;
+
+ /* Serve psa_call */
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_read with not writable buffer addr, call should panic */
+ psa->read(msg.handle, 0, (void *)buffer, msg.in_size[0]);
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_read with not writable buffer should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->reply(msg.handle, -4);
+ }
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
+
+#else
+
int32_t server_test_psa_read_with_not_writable_buffer_addr(void);
const server_test_t test_i056_server_tests_list[] = {
@@ -89,7 +171,6 @@
}
else
{
-
/* Test check- psa_read with not writable buffer addr, call should panic */
psa->read(msg.handle, 0, (void *)buffer, msg.in_size[0]);
@@ -114,3 +195,5 @@
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i057/test_i057.c b/api-tests/ff/ipc/test_i057/test_i057.c
index 95c265a..b092704 100644
--- a/api-tests/ff/ipc/test_i057/test_i057.c
+++ b/api-tests/ff/ipc/test_i057/test_i057.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,38 @@
#include "test_i057.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i057_client_tests_list[] = {
+ NULL,
+ client_test_psa_write_with_invalid_buffer_addr,
+ NULL,
+};
+
+int32_t client_test_psa_write_with_invalid_buffer_addr(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint8_t data = 0x11;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_write with invalid buffer addr\n", 0);
+
+ psa_outvec outvec[1] = { {&data, sizeof(data)} };
+
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, outvec, 1);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(status_of_call);
+ return status;
+}
+
+#else
+
const client_test_t test_i057_client_tests_list[] = {
NULL,
client_test_psa_write_with_invalid_buffer_addr,
@@ -49,6 +81,7 @@
}
psa_outvec outvec[1] = {{&data, sizeof(data)}};
+
status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1);
/* Expectation is server test should hang and control shouldn't have come here */
@@ -57,6 +90,9 @@
status = VAL_STATUS_SPM_FAILED;
psa->close(handle);
+
(void)(status_of_call);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i057/test_supp_i057.c b/api-tests/ff/ipc/test_i057/test_supp_i057.c
index d00ed25..0eb5f70 100644
--- a/api-tests/ff/ipc/test_i057/test_supp_i057.c
+++ b/api-tests/ff/ipc/test_i057/test_supp_i057.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,110 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_write_with_invalid_buffer_addr(void);
+
+const server_test_t test_i057_server_tests_list[] = {
+ NULL,
+ server_test_psa_write_with_invalid_buffer_addr,
+ NULL,
+};
+
+int32_t server_test_psa_write_with_invalid_buffer_addr(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ void *buffer = NULL;
+ memory_desc_t *memory_desc;
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /*
+ * Selection of invalid buffer addr:
+ *
+ * if (ISOLATION_LEVEL > 1)
+ * buffer = driver_mmio_region_base;
+ * else
+ * buffer = NULL;
+ */
+
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
+ {
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
+ return status;
+ }
+
+ buffer = (void *) memory_desc->start;
+ }
+
+ /* Server psa_call */
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ psa->reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa->reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_write with invalid buffer addr, call should panic */
+ psa->write(msg.handle, 0, (void *)buffer, msg.out_size[0]);
+
+ /* shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tpsa_write with invalid buffer should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->reply(msg.handle, -4);
+ }
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(205), status);
+ return status;
+}
+
+#else
+
int32_t server_test_psa_write_with_invalid_buffer_addr(void);
const server_test_t test_i057_server_tests_list[] = {
@@ -135,3 +239,5 @@
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i058/test_i058.c b/api-tests/ff/ipc/test_i058/test_i058.c
index 6ffdd77..4277a1e 100644
--- a/api-tests/ff/ipc/test_i058/test_i058.c
+++ b/api-tests/ff/ipc/test_i058/test_i058.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,65 @@
#include "test_i058.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i058_client_tests_list[] = {
+ NULL,
+ client_test_psa_doorbell_signal,
+ NULL,
+};
+
+int32_t client_test_psa_doorbell_signal(caller_security_t caller __UNUSED)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+#ifndef NONSECURE_TEST_BUILD
+ psa_signal_t signals = 0;
+#endif
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test PSA_DOORBELL signal\n", 0);
+
+#ifndef NONSECURE_TEST_BUILD
+ /* Wait for doorball notification */
+ signals = psa_wait(PSA_DOORBELL, PSA_BLOCK);
+
+ /* Is this doorbell signal? */
+ if ((signals & PSA_DOORBELL) == 0)
+ {
+ status = VAL_STATUS_INVALID_HANDLE;
+ val->print(PRINT_ERROR, "\tpsa_wait didn't receive doorbell signal\n", 0);
+ }
+
+ /*
+ * Wait for doorball notification again to check -
+ * Doorbell should remain asserted until psa_clear is called.
+ */
+ signals = psa_wait(PSA_DOORBELL, PSA_BLOCK);
+
+ /* Is this doorbell signal? */
+ if ((signals & PSA_DOORBELL) == 0)
+ {
+ status = VAL_STATUS_INVALID_HANDLE;
+ val->print(PRINT_ERROR, "\tDoorbell signal cleared without calling psa_clear\n", 0);
+ }
+
+ /* Clear the doorbell signal */
+ psa_clear();
+
+ /* Is doorbell signal cleared? */
+ signals = psa_wait(PSA_DOORBELL, PSA_POLL);
+ if ((signals & PSA_DOORBELL) != 0)
+ {
+ status = VAL_STATUS_INVALID_HANDLE;
+ val->print(PRINT_ERROR, "\tpsa_clear didn't clear doorbell signal\n", 0);
+ }
+#endif
+
+ return status;
+}
+
+#else
+
const client_test_t test_i058_client_tests_list[] = {
NULL,
client_test_psa_doorbell_signal,
@@ -88,3 +147,5 @@
psa->close(handle);
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i058/test_supp_i058.c b/api-tests/ff/ipc/test_i058/test_supp_i058.c
index 21218b0..f84497d 100644
--- a/api-tests/ff/ipc/test_i058/test_supp_i058.c
+++ b/api-tests/ff/ipc/test_i058/test_supp_i058.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,6 +23,38 @@
extern val_api_t *val;
extern psa_api_t *psa;
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_doorbell_signal(void);
+
+const server_test_t test_i058_server_tests_list[] = {
+ NULL,
+ server_test_psa_doorbell_signal,
+ NULL,
+};
+
+int32_t server_test_psa_doorbell_signal(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ if (msg.client_id > 0)
+ {
+ /* Doorbell signal to client partititon */
+ psa->notify(msg.client_id);
+ }
+ else
+ {
+ status = VAL_STATUS_SPM_FAILED;
+ val->print(PRINT_ERROR, "Caller is from non-secure\n", 0);
+ }
+
+ val->err_check_set(TEST_CHECKPOINT_NUM(202), status);
+ return status;
+}
+
+#else
+
int32_t server_test_psa_doorbell_signal(void);
const server_test_t test_i058_server_tests_list[] = {
@@ -66,3 +98,5 @@
return status;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i063/test_i063.c b/api-tests/ff/ipc/test_i063/test_i063.c
index 644aa65..4a03410 100644
--- a/api-tests/ff/ipc/test_i063/test_i063.c
+++ b/api-tests/ff/ipc/test_i063/test_i063.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,8 @@
#include "test_i063.h"
+#if STATELESS_ROT == 1
+
const client_test_t test_i063_client_tests_list[] = {
NULL,
client_test_psa_wait_signal_mask,
@@ -33,6 +35,24 @@
int32_t client_test_psa_wait_signal_mask(caller_security_t caller __UNUSED)
{
+
+
+ val->print(PRINT_TEST, "[Check 1] Test psa_wait signal mask\n", 0);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
+const client_test_t test_i063_client_tests_list[] = {
+ NULL,
+ client_test_psa_wait_signal_mask,
+ NULL,
+};
+
+int32_t client_test_psa_wait_signal_mask(caller_security_t caller __UNUSED)
+{
+
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_wait signal mask\n", 0);
@@ -52,6 +72,7 @@
val->print(PRINT_ERROR, "psa_connect failed -2\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
-
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i064/test_i064.c b/api-tests/ff/ipc/test_i064/test_i064.c
index e627fc3..104a72e 100644
--- a/api-tests/ff/ipc/test_i064/test_i064.c
+++ b/api-tests/ff/ipc/test_i064/test_i064.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,38 @@
#include "test_i064.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i064_client_tests_list[] = {
+ NULL,
+ client_test_psa_eoi_with_non_intr_signal,
+ NULL,
+};
+
+int32_t client_test_psa_eoi_with_non_intr_signal(caller_security_t caller __UNUSED)
+{
+ driver_test_fn_id_t driver_test_fn_id = TEST_PSA_EOI_WITH_NON_INTR_SIGNAL;
+
+ /*
+ * The interrupt related test check is captured in driver_partition.c as this is the
+ * only partition in test suite that holds the interrupt source. The interrupt test check
+ * is invoked by client by calling to DRIVER_TEST_SID RoT service of driver partition that
+ * hold the test check.
+ */
+
+ val->print(PRINT_TEST, "[Check 1] Test psa_eoi with non-interrupt signal\n", 0);
+
+ /* Execute driver function related to TEST_PSA_EOI_WITH_NON_INTR_SIGNAL */
+ psa_invec invec = {&driver_test_fn_id, sizeof(driver_test_fn_id)};
+
+ psa->call(DRIVER_TEST_HANDLE, PSA_IPC_CALL, &invec, 1, NULL, 0);
+
+ /* The expectation is that driver partition get panic and control never reaches here. */
+ return VAL_STATUS_SPM_FAILED;
+}
+
+#else
+
const client_test_t test_i064_client_tests_list[] = {
NULL,
client_test_psa_eoi_with_non_intr_signal,
@@ -45,6 +77,7 @@
val->print(PRINT_TEST, "[Check 1] Test psa_eoi with non-interrupt signal\n", 0);
+
/* Connect to DRIVER_TEST_SID */
handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
if (!PSA_HANDLE_IS_VALID(handle))
@@ -55,6 +88,7 @@
/* Execute driver function related to TEST_PSA_EOI_WITH_NON_INTR_SIGNAL */
psa_invec invec = {&driver_test_fn_id, sizeof(driver_test_fn_id)};
+
psa->call(handle, PSA_IPC_CALL, &invec, 1, NULL, 0);
psa->close(handle);
@@ -62,3 +96,5 @@
/* The expectation is that driver partition get panic and control never reaches here. */
return VAL_STATUS_SPM_FAILED;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i065/test_i065.c b/api-tests/ff/ipc/test_i065/test_i065.c
index 518dce4..6f0434e 100644
--- a/api-tests/ff/ipc/test_i065/test_i065.c
+++ b/api-tests/ff/ipc/test_i065/test_i065.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,38 @@
#include "test_i065.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i065_client_tests_list[] = {
+ NULL,
+ client_test_psa_eoi_with_unasserted_signal,
+ NULL,
+};
+
+int32_t client_test_psa_eoi_with_unasserted_signal(caller_security_t caller __UNUSED)
+{
+ driver_test_fn_id_t driver_test_fn_id = TEST_PSA_EOI_WITH_UNASSERTED_SIGNAL;
+
+ /*
+ * The interrupt related test check is captured in driver_partition.c as this is the
+ * only partition in test suite that holds the interrupt source. The interrupt test check
+ * is invoked by client by calling to DRIVER_TEST_SID RoT service of driver partition that
+ * hold the test check.
+ */
+
+ val->print(PRINT_TEST, "[Check 1] Test psa_eoi with multiple signal\n", 0);
+
+ /* Execute driver function related to TEST_PSA_EOI_WITH_UNASSERTED_SIGNAL */
+ psa_invec invec = {&driver_test_fn_id, sizeof(driver_test_fn_id)};
+
+ psa->call(DRIVER_TEST_HANDLE, PSA_IPC_CALL, &invec, 1, NULL, 0);
+
+ /* The expectation is that driver partition get panic and control never reaches here. */
+ return VAL_STATUS_SPM_FAILED;
+}
+
+#else
+
const client_test_t test_i065_client_tests_list[] = {
NULL,
client_test_psa_eoi_with_unasserted_signal,
@@ -55,6 +87,7 @@
/* Execute driver function related to TEST_PSA_EOI_WITH_UNASSERTED_SIGNAL */
psa_invec invec = {&driver_test_fn_id, sizeof(driver_test_fn_id)};
+
psa->call(handle, PSA_IPC_CALL, &invec, 1, NULL, 0);
psa->close(handle);
@@ -62,3 +95,5 @@
/* The expectation is that driver partition get panic and control never reaches here. */
return VAL_STATUS_SPM_FAILED;
}
+
+ #endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i066/test_i066.c b/api-tests/ff/ipc/test_i066/test_i066.c
index dc602ba..ddfa6b3 100644
--- a/api-tests/ff/ipc/test_i066/test_i066.c
+++ b/api-tests/ff/ipc/test_i066/test_i066.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,38 @@
#include "test_i066.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i066_client_tests_list[] = {
+ NULL,
+ client_test_psa_eoi_with_multiple_signals,
+ NULL,
+};
+
+int32_t client_test_psa_eoi_with_multiple_signals(caller_security_t caller __UNUSED)
+{
+ driver_test_fn_id_t driver_test_fn_id = TEST_PSA_EOI_WITH_MULTIPLE_SIGNALS;
+
+ /*
+ * The interrupt related test check is captured in driver_partition.c as this is the
+ * only partition in test suite that holds the interrupt source. The interrupt test check
+ * is invoked by client by calling to DRIVER_TEST_SID RoT service of driver partition that
+ * hold the test check.
+ */
+
+ val->print(PRINT_TEST, "[Check 1] Test psa_eoi with multiple signals\n", 0);
+
+ /* Execute driver function related to TEST_PSA_EOI_WITH_MULTIPLE_SIGNALS */
+ psa_invec invec = {&driver_test_fn_id, sizeof(driver_test_fn_id)};
+
+ psa->call(DRIVER_TEST_HANDLE, PSA_IPC_CALL, &invec, 1, NULL, 0);
+
+ /* The expectation is that driver partition get panic and control never reaches here. */
+ return VAL_STATUS_SPM_FAILED;
+}
+
+#else
+
const client_test_t test_i066_client_tests_list[] = {
NULL,
client_test_psa_eoi_with_multiple_signals,
@@ -55,6 +87,7 @@
/* Execute driver function related to TEST_PSA_EOI_WITH_MULTIPLE_SIGNALS */
psa_invec invec = {&driver_test_fn_id, sizeof(driver_test_fn_id)};
+
psa->call(handle, PSA_IPC_CALL, &invec, 1, NULL, 0);
psa->close(handle);
@@ -62,3 +95,5 @@
/* The expectation is that driver partition get panic and control never reaches here. */
return VAL_STATUS_SPM_FAILED;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i072/test_i072.c b/api-tests/ff/ipc/test_i072/test_i072.c
index ec77eb0..9f09884 100644
--- a/api-tests/ff/ipc/test_i072/test_i072.c
+++ b/api-tests/ff/ipc/test_i072/test_i072.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,95 @@
#include "test_i072.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i072_client_tests_list[] = {
+ NULL,
+ client_test_nspe_read_app_rot_variable,
+ client_test_nspe_write_app_rot_variable,
+ NULL,
+};
+
+static int32_t get_secure_partition_address(addr_t *addr)
+{
+
+ psa_outvec outvec[1] = { {addr, sizeof(addr_t)} };
+ if (psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_nspe_read_app_rot_variable(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint32_t data = 0x1234;
+
+ val->print(PRINT_TEST, "[Check 1] Test NSPE reading APP-RoT data\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read Application RoT global variable address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint32_t *)app_rot_addr;
+
+ /* Did read ignore? */
+ if (data == 0x1234)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_nspe_write_app_rot_variable(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint32_t data = 0x1234;
+
+ val->print(PRINT_TEST, "[Check 2] Test NSPE writing APP-RoT data\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Write Application RoT global variable address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint32_t *)app_rot_addr = (uint32_t)data;
+
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const client_test_t test_i072_client_tests_list[] = {
NULL,
client_test_nspe_read_app_rot_variable,
@@ -54,6 +143,7 @@
val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
psa->close(handle);
+
return VAL_STATUS_SUCCESS;
}
@@ -123,5 +213,8 @@
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
+
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i072/test_supp_i072.c b/api-tests/ff/ipc/test_i072/test_supp_i072.c
index 636f477..665ee31 100644
--- a/api-tests/ff/ipc/test_i072/test_supp_i072.c
+++ b/api-tests/ff/ipc/test_i072/test_supp_i072.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,6 +31,68 @@
/* Application RoT data region */
volatile uint32_t g_test_i072 = DATA_VALUE;
+#if STATELESS_ROT == 1
+
+const server_test_t test_i072_server_tests_list[] = {
+ NULL,
+ server_test_nspe_read_app_rot_variable,
+ server_test_nspe_write_app_rot_variable,
+ NULL,
+};
+
+static int32_t send_secure_partition_address(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ volatile uint32_t *addr = &g_test_i072;
+ psa_msg_t msg = {0};
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ return status;
+ }
+
+ val->print(PRINT_DEBUG, "\tAPP-ROT: Passing 0x%x to NSPE\n", (int)&g_test_i072);
+
+ /* Send Application RoT data address - global variable */
+ psa->write(msg.handle, 0, (void *)&addr, sizeof(addr));
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t server_test_nspe_read_app_rot_variable(void)
+{
+ return send_secure_partition_address();
+}
+
+int32_t server_test_nspe_write_app_rot_variable(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+
+ status = send_secure_partition_address();
+ if (VAL_ERROR(status))
+ return status;
+
+ /* Reached here means there could be write succeed or ignored */
+ if (g_test_i072 == DATA_VALUE)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected write to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const server_test_t test_i072_server_tests_list[] = {
NULL,
server_test_nspe_read_app_rot_variable,
@@ -72,6 +134,7 @@
return status;
}
psa->reply(msg.handle, PSA_SUCCESS);
+
return VAL_STATUS_SUCCESS;
}
@@ -114,3 +177,5 @@
}
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i073/test_i073.c b/api-tests/ff/ipc/test_i073/test_i073.c
index 99e6448..b3891b5 100644
--- a/api-tests/ff/ipc/test_i073/test_i073.c
+++ b/api-tests/ff/ipc/test_i073/test_i073.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,95 @@
#include "test_i073.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i073_client_tests_list[] = {
+ NULL,
+ client_test_nspe_read_app_rot_stack,
+ client_test_nspe_write_app_rot_stack,
+ NULL,
+};
+
+static int32_t get_secure_partition_address(addr_t *addr)
+{
+ /* Get App-RoT address */
+ psa_outvec outvec[1] = { {addr, sizeof(addr_t)} };
+ if (psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_nspe_read_app_rot_stack(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint32_t data = 0x1234;
+
+ val->print(PRINT_TEST, "[Check 1] Test NSPE reading APP-RoT stack\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read Application RoT stack address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint32_t *)app_rot_addr;
+
+ /* Did read ignore? */
+ if (data == 0x1234)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_nspe_write_app_rot_stack(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint32_t data = 0x1234;
+
+ val->print(PRINT_TEST, "[Check 2] Test NSPE writing APP-RoT stack\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Write Application RoT stack address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint32_t *)app_rot_addr = (uint32_t)data;
+
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const client_test_t test_i073_client_tests_list[] = {
NULL,
client_test_nspe_read_app_rot_stack,
@@ -54,6 +143,7 @@
val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
psa->close(handle);
+
return VAL_STATUS_SUCCESS;
}
@@ -123,5 +213,8 @@
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
+
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i073/test_supp_i073.c b/api-tests/ff/ipc/test_i073/test_supp_i073.c
index 0a0900d..28b0fcf 100644
--- a/api-tests/ff/ipc/test_i073/test_supp_i073.c
+++ b/api-tests/ff/ipc/test_i073/test_supp_i073.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,6 +28,76 @@
#define DATA_VALUE 0x5467
+#if STATELESS_ROT == 1
+
+const server_test_t test_i073_server_tests_list[] = {
+ NULL,
+ server_test_nspe_read_app_rot_stack,
+ server_test_nspe_write_app_rot_stack,
+ NULL,
+};
+
+static int32_t send_secure_partition_address(addr_t *stack)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ return status;
+ }
+
+ val->print(PRINT_DEBUG, "\tAPP-ROT: Passing 0x%x to NSPE\n", (int)stack);
+
+ /* Send Application RoT stack address */
+ psa->write(msg.handle, 0, (void *)&stack, sizeof(uint32_t));
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t server_test_nspe_read_app_rot_stack(void)
+{
+ /* Application RoT stack - local variable */
+ uint32_t l_test_i073 = DATA_VALUE;
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ status = send_secure_partition_address(&l_test_i073);
+
+ /* Dummy print to avoid compiler optimisation on local variable */
+ val->print(PRINT_INFO, "\tStack data 0x%x\n", l_test_i073);
+ return status;
+}
+
+int32_t server_test_nspe_write_app_rot_stack(void)
+{
+ /* Application RoT stack - local variable */
+ uint32_t l_test_i073 = DATA_VALUE;
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ status = send_secure_partition_address(&l_test_i073);
+ if (VAL_ERROR(status))
+ return status;
+
+ /* Reached here means there could be write succeed or ignored */
+ if (l_test_i073 == DATA_VALUE)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected write to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const server_test_t test_i073_server_tests_list[] = {
NULL,
server_test_nspe_read_app_rot_stack,
@@ -68,6 +138,7 @@
return status;
}
psa->reply(msg.handle, PSA_SUCCESS);
+
return VAL_STATUS_SUCCESS;
}
@@ -120,3 +191,5 @@
}
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i074/test_i074.c b/api-tests/ff/ipc/test_i074/test_i074.c
index 85bbdbb..6042bb6 100644
--- a/api-tests/ff/ipc/test_i074/test_i074.c
+++ b/api-tests/ff/ipc/test_i074/test_i074.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -29,6 +29,112 @@
#define DATA_VALUE 0x12
#define BUFFER_SIZE 0x4
+#if STATELESS_ROT == 1
+
+const client_test_t test_i074_client_tests_list[] = {
+ NULL,
+ client_test_nspe_read_app_rot_heap,
+ client_test_nspe_write_app_rot_heap,
+ NULL,
+};
+
+#ifdef SP_HEAP_MEM_SUPP
+static int32_t get_secure_partition_address(addr_t *addr)
+{
+
+ /* Get App-RoT address */
+ psa_outvec outvec[1] = { {addr, BUFFER_SIZE} };
+ if (psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_nspe_read_app_rot_heap(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint8_t data = DATA_VALUE;
+
+ val->print(PRINT_TEST, "[Check 1] Test NSPE reading APP-RoT heap\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read Application RoT heap address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint8_t *)app_rot_addr;
+
+ /* Did read ignore? */
+ if (data == DATA_VALUE)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_nspe_write_app_rot_heap(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint8_t data = DATA_VALUE;
+
+ val->print(PRINT_TEST, "[Check 2] Test NSPE writing APP-RoT heap\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Write Application RoT heap address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint8_t *)app_rot_addr = (uint8_t)data;
+
+ return VAL_STATUS_SUCCESS;
+}
+#else
+int32_t client_test_nspe_read_app_rot_heap(caller_security_t caller __UNUSED)
+{
+ val->print(PRINT_TEST, "[Check 1] Test NSPE reading APP-RoT heap\n", 0);
+ val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
+ return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
+}
+
+int32_t client_test_nspe_write_app_rot_heap(caller_security_t caller __UNUSED)
+{
+ val->print(PRINT_TEST, "[Check 2] Test NSPE writing APP-RoT heap\n", 0);
+ val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
+ return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
+}
+#endif
+
+#else
+
const client_test_t test_i074_client_tests_list[] = {
NULL,
client_test_nspe_read_app_rot_heap,
@@ -59,6 +165,7 @@
val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
psa->close(handle);
+
return VAL_STATUS_SUCCESS;
}
@@ -128,6 +235,7 @@
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
+
return VAL_STATUS_SUCCESS;
}
#else
@@ -145,3 +253,5 @@
return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
}
#endif
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i074/test_supp_i074.c b/api-tests/ff/ipc/test_i074/test_supp_i074.c
index d5c84bf..c296a6b 100644
--- a/api-tests/ff/ipc/test_i074/test_supp_i074.c
+++ b/api-tests/ff/ipc/test_i074/test_supp_i074.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -34,6 +34,97 @@
#define DATA_VALUE_ORG 0x11
#define BUFFER_SIZE 0x4
+#if STATELESS_ROT == 1
+
+const server_test_t test_i074_server_tests_list[] = {
+ NULL,
+ server_test_nspe_read_app_rot_heap,
+ server_test_nspe_write_app_rot_heap,
+ NULL,
+};
+
+#ifdef SP_HEAP_MEM_SUPP
+static int32_t send_secure_partition_address(uint8_t *heap)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ return status;
+ }
+
+ val->print(PRINT_DEBUG, "\tAPP-ROT: Passing 0x%x to NSPE\n", (int)heap);
+
+ /* Send Application RoT heap address */
+ psa->write(msg.handle, 0, (void *)&heap, sizeof(BUFFER_SIZE));
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t server_test_nspe_read_app_rot_heap(void)
+{
+ /* Application RoT heap buffer */
+ uint8_t *buffer;
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ buffer = (uint8_t *)malloc(sizeof(uint8_t) * BUFFER_SIZE);
+ memset((uint8_t *)buffer, DATA_VALUE_ORG, BUFFER_SIZE);
+
+ status = send_secure_partition_address(buffer);
+ free(buffer);
+
+ return status;
+}
+
+int32_t server_test_nspe_write_app_rot_heap(void)
+{
+ /* Application RoT heap buffer */
+ uint8_t *buffer;
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ buffer = (uint8_t *)malloc(sizeof(uint8_t) * BUFFER_SIZE);
+ memset((uint8_t *)buffer, DATA_VALUE_ORG, BUFFER_SIZE);
+
+ status = send_secure_partition_address(buffer);
+ if (VAL_ERROR(status))
+ return status;
+
+ /* Reached here means there could be write succeed or ignored */
+ if (buffer[0] == DATA_VALUE_ORG)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected write to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ free(buffer);
+ return VAL_STATUS_SUCCESS;
+}
+#else
+
+int32_t server_test_nspe_read_app_rot_heap(void)
+{
+ return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
+}
+
+int32_t server_test_nspe_write_app_rot_heap(void)
+{
+ return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
+}
+#endif
+
+#else
+
const server_test_t test_i074_server_tests_list[] = {
NULL,
server_test_nspe_read_app_rot_heap,
@@ -75,6 +166,7 @@
return status;
}
psa->reply(msg.handle, PSA_SUCCESS);
+
return VAL_STATUS_SUCCESS;
}
@@ -146,3 +238,5 @@
return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
}
#endif
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i075/test_i075.c b/api-tests/ff/ipc/test_i075/test_i075.c
index fc5dcce..5c7f4d0 100644
--- a/api-tests/ff/ipc/test_i075/test_i075.c
+++ b/api-tests/ff/ipc/test_i075/test_i075.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -27,6 +27,93 @@
#define DATA_VALUE 0x1234
+#if STATELESS_ROT == 1
+
+const client_test_t test_i075_client_tests_list[] = {
+ NULL,
+ client_test_nspe_read_app_rot_mmio,
+ client_test_nspe_write_app_rot_mmio,
+ NULL,
+};
+
+static int32_t get_secure_partition_address(addr_t *addr)
+{
+ psa_outvec outvec[1] = { {addr, sizeof(addr_t)} };
+ if (psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_nspe_read_app_rot_mmio(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint32_t data = DATA_VALUE;
+
+ val->print(PRINT_TEST, "[Check 1] Test NSPE reading APP-RoT mmio\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read Application RoT mmio address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint32_t *)app_rot_addr;
+
+ /* Did read ignore? */
+ if (data == DATA_VALUE)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_nspe_write_app_rot_mmio(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint32_t data = DATA_VALUE;
+
+ val->print(PRINT_TEST, "[Check 2] Test NSPE writing APP-RoT mmio\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Write Application RoT mmio address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint32_t *)app_rot_addr = (uint32_t)data;
+
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const client_test_t test_i075_client_tests_list[] = {
NULL,
client_test_nspe_read_app_rot_mmio,
@@ -56,6 +143,7 @@
val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
psa->close(handle);
+
return VAL_STATUS_SUCCESS;
}
@@ -125,5 +213,8 @@
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
+
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i075/test_supp_i075.c b/api-tests/ff/ipc/test_i075/test_supp_i075.c
index 8b094d5..3f56a5a 100644
--- a/api-tests/ff/ipc/test_i075/test_supp_i075.c
+++ b/api-tests/ff/ipc/test_i075/test_supp_i075.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,6 +28,103 @@
#define DATA_VALUE 0x5467
+#if STATELESS_ROT == 1
+
+const server_test_t test_i075_server_tests_list[] = {
+ NULL,
+ server_test_nspe_read_app_rot_mmio,
+ server_test_nspe_write_app_rot_mmio,
+ NULL,
+};
+
+static int32_t get_mmio_addr(addr_t *addr)
+{
+ memory_desc_t *memory_desc;
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ /* Get APP-ROT MMIO address */
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_SERVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ return status;
+ }
+
+ *addr = memory_desc->start;
+ return VAL_STATUS_SUCCESS;
+}
+
+static int32_t send_secure_partition_address(addr_t *addr)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ psa->reply(msg.handle, -2);
+ return status;
+ }
+
+ val->print(PRINT_DEBUG, "\tAPP-ROT: Passing 0x%x to NSPE\n", (int)*addr);
+
+ /* Send Application RoT mmio address */
+ psa->write(msg.handle, 0, (void *)addr, sizeof(uint32_t));
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t server_test_nspe_read_app_rot_mmio(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ addr_t app_rot_addr;
+
+ status = get_mmio_addr(&app_rot_addr);
+ if (VAL_ERROR(status))
+ return status;
+
+ /* Initialise mmio address */
+ *(uint32_t *)app_rot_addr = (uint32_t)DATA_VALUE;
+
+ return send_secure_partition_address(&app_rot_addr);
+}
+
+int32_t server_test_nspe_write_app_rot_mmio(void)
+{
+ addr_t app_rot_addr;
+ int32_t status = VAL_STATUS_SUCCESS;
+
+
+ status = get_mmio_addr(&app_rot_addr);
+ if (VAL_ERROR(status))
+ return status;
+
+ /* Initialise mmio address */
+ *(uint32_t *)app_rot_addr = (uint32_t)DATA_VALUE;
+ status = send_secure_partition_address(&app_rot_addr);
+ if (VAL_ERROR(status))
+ return status;
+
+ /* Reached here means there could be write succeed or ignored */
+ if (*(uint32_t *)app_rot_addr == (uint32_t)DATA_VALUE)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected write to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const server_test_t test_i075_server_tests_list[] = {
NULL,
server_test_nspe_read_app_rot_mmio,
@@ -146,3 +243,5 @@
}
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i076/test_i076.c b/api-tests/ff/ipc/test_i076/test_i076.c
index 485c451..b4e9a0a 100644
--- a/api-tests/ff/ipc/test_i076/test_i076.c
+++ b/api-tests/ff/ipc/test_i076/test_i076.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -27,6 +27,8 @@
#define DATA_VALUE1 0x1234
+#if STATELESS_ROT == 1
+
const client_test_t test_i076_client_tests_list[] = {
NULL,
client_test_nspe_read_psa_rot_variable,
@@ -34,7 +36,107 @@
NULL,
};
-static int32_t get_secure_partition_address(psa_handle_t *handle,
+static int32_t get_secure_partition_address(__attribute__((unused)) psa_handle_t *handle,
+ addr_t *addr,
+ driver_test_fn_id_t test_fn_id)
+{
+ psa_invec invec[1] = { {&test_fn_id, sizeof(test_fn_id)} };
+ psa_outvec outvec[1] = { {addr, sizeof(addr_t)} };
+ if (psa->call(DRIVER_TEST_HANDLE, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+static int32_t get_driver_status(psa_handle_t *handle)
+{
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_CALL_FAILED;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_nspe_read_psa_rot_variable(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint32_t data = DATA_VALUE1;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 1] Test NSPE reading PSA-RoT data\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_DATA_RD)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read PSA RoT global variable address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint32_t *)psa_rot_addr;
+
+ /* Did read ignore? */
+ if (data == DATA_VALUE1)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_nspe_write_psa_rot_variable(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint32_t data = DATA_VALUE1;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 2] Test NSPE writing PSA-RoT data\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_DATA_WR)))
+ return VAL_STATUS_ERROR;
+
+ /* Write PSA RoT global variable address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint32_t *)psa_rot_addr = (uint32_t)data;
+
+ /* Handshake with driver to decide write status */
+ if (VAL_ERROR(get_driver_status(&handle)))
+ {
+ return VAL_STATUS_DRIVER_FN_FAILED;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
+const client_test_t test_i076_client_tests_list[] = {
+ NULL,
+ client_test_nspe_read_psa_rot_variable,
+ client_test_nspe_write_psa_rot_variable,
+ NULL,
+};
+
+static int32_t get_secure_partition_address(__attribute__((unused)) psa_handle_t *handle,
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
@@ -53,7 +155,6 @@
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
-
return VAL_STATUS_SUCCESS;
}
@@ -140,5 +241,8 @@
}
close_driver_fn(&handle);
+
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i077/test_i077.c b/api-tests/ff/ipc/test_i077/test_i077.c
index 42f204b..10837f3 100644
--- a/api-tests/ff/ipc/test_i077/test_i077.c
+++ b/api-tests/ff/ipc/test_i077/test_i077.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -27,6 +27,8 @@
#define DATA_VALUE1 0x1234
+#if STATELESS_ROT == 1
+
const client_test_t test_i077_client_tests_list[] = {
NULL,
client_test_nspe_read_psa_rot_stack,
@@ -34,7 +36,110 @@
NULL,
};
-static int32_t get_secure_partition_address(psa_handle_t *handle,
+static int32_t get_secure_partition_address(__attribute__((unused)) psa_handle_t *handle,
+ addr_t *addr,
+ driver_test_fn_id_t test_fn_id)
+{
+ /* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
+ psa_invec invec[1] = { {&test_fn_id, sizeof(test_fn_id)} };
+ psa_outvec outvec[1] = { {addr, sizeof(addr_t)} };
+ if (psa->call(DRIVER_TEST_HANDLE, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+static int32_t get_driver_status(psa_handle_t *handle)
+{
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_CALL_FAILED;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_nspe_read_psa_rot_stack(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint32_t data = DATA_VALUE1;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 1] Test NSPE reading PSA-RoT stack\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_STACK_RD)))
+ return VAL_STATUS_ERROR;
+
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read PSA RoT stack address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint32_t *)psa_rot_addr;
+
+ /* Did read ignore? */
+ if (data == DATA_VALUE1)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_nspe_write_psa_rot_stack(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint32_t data = DATA_VALUE1;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 2] Test NSPE writing PSA-RoT stack\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_STACK_WR)))
+ return VAL_STATUS_ERROR;
+
+ /* Write PSA RoT stack address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint32_t *)psa_rot_addr = (uint32_t)data;
+
+ /* Handshake with driver to decide write status */
+ if (VAL_ERROR(get_driver_status(&handle)))
+ {
+ return VAL_STATUS_DRIVER_FN_FAILED;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
+const client_test_t test_i077_client_tests_list[] = {
+ NULL,
+ client_test_nspe_read_psa_rot_stack,
+ client_test_nspe_write_psa_rot_stack,
+ NULL,
+};
+
+static int32_t get_secure_partition_address(__attribute__((unused)) psa_handle_t *handle,
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
@@ -55,6 +160,7 @@
}
return VAL_STATUS_SUCCESS;
+
}
static int32_t get_driver_status(psa_handle_t *handle)
@@ -71,7 +177,6 @@
psa->close(*handle);
}
-
int32_t client_test_nspe_read_psa_rot_stack(caller_security_t caller __UNUSED)
{
addr_t psa_rot_addr;
@@ -141,5 +246,8 @@
}
close_driver_fn(&handle);
+
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i078/test_i078.c b/api-tests/ff/ipc/test_i078/test_i078.c
index 2e257d9..595a2a5 100644
--- a/api-tests/ff/ipc/test_i078/test_i078.c
+++ b/api-tests/ff/ipc/test_i078/test_i078.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -29,6 +29,129 @@
#define DATA_VALUE 0x12
#define BUFFER_SIZE 0x4
+#if STATELESS_ROT == 1
+
+const client_test_t test_i078_client_tests_list[] = {
+ NULL,
+ client_test_nspe_read_psa_rot_heap,
+ client_test_nspe_write_psa_rot_heap,
+ NULL,
+};
+
+#ifdef SP_HEAP_MEM_SUPP
+static int32_t get_secure_partition_address(psa_handle_t *handle,
+ addr_t *addr,
+ driver_test_fn_id_t test_fn_id)
+{
+ /* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
+ psa_invec invec[1] = { {&test_fn_id, sizeof(test_fn_id)} };
+ psa_outvec outvec[1] = { {addr, sizeof(addr_t)} };
+ if (psa->call(DRIVER_TEST_HANDLE, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+static int32_t get_driver_status(psa_handle_t *handle)
+{
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_CALL_FAILED;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+
+int32_t client_test_nspe_read_psa_rot_heap(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint8_t data = DATA_VALUE;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 1] Test NSPE reading PSA-RoT heap\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_HEAP_RD)))
+ return VAL_STATUS_ERROR;
+
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read PSA RoT heap address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint8_t *)psa_rot_addr;
+
+ /* Did read ignore? */
+ if (data == DATA_VALUE)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_nspe_write_psa_rot_heap(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint8_t data = DATA_VALUE;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 2] Test NSPE writing PSA-RoT heap\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_HEAP_WR)))
+ return VAL_STATUS_ERROR;
+
+ /* Write PSA RoT heap address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint8_t *)psa_rot_addr = (uint8_t)data;
+
+ /* Handshake with driver to decide write status */
+ if (VAL_ERROR(get_driver_status(&handle)))
+ {
+ return VAL_STATUS_DRIVER_FN_FAILED;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+#else
+int32_t client_test_nspe_read_psa_rot_heap(caller_security_t caller __UNUSED)
+{
+ val->print(PRINT_TEST, "[Check 1] Test NSPE reading PSA-RoT heap\n", 0);
+ val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
+ return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
+}
+
+int32_t client_test_nspe_write_psa_rot_heap(caller_security_t caller __UNUSED)
+{
+ val->print(PRINT_TEST, "[Check 2] Test NSPE writing PSA-RoT heap\n", 0);
+ val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
+ return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
+}
+#endif
+
+
+#else
+
const client_test_t test_i078_client_tests_list[] = {
NULL,
client_test_nspe_read_psa_rot_heap,
@@ -143,6 +266,7 @@
}
close_driver_fn(&handle);
+
return VAL_STATUS_SUCCESS;
}
#else
@@ -160,3 +284,6 @@
return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
}
#endif
+
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i079/test_i079.c b/api-tests/ff/ipc/test_i079/test_i079.c
index 995e850..d98f946 100644
--- a/api-tests/ff/ipc/test_i079/test_i079.c
+++ b/api-tests/ff/ipc/test_i079/test_i079.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -27,6 +27,110 @@
#define DATA_VALUE 0x1234
+#if STATELESS_ROT == 1
+
+const client_test_t test_i079_client_tests_list[] = {
+ NULL,
+ client_test_nspe_read_psa_rot_mmio,
+ client_test_nspe_write_psa_rot_mmio,
+ NULL,
+};
+
+static int32_t get_secure_partition_address(__attribute__((unused)) psa_handle_t *handle,
+ addr_t *addr,
+ driver_test_fn_id_t test_fn_id)
+{
+ /* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
+ psa_invec invec[1] = { {&test_fn_id, sizeof(test_fn_id)} };
+ psa_outvec outvec[1] = { {addr, sizeof(addr_t)} };
+ if (psa->call(DRIVER_TEST_HANDLE, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ return VAL_STATUS_SUCCESS;
+
+}
+
+static int32_t get_driver_status(psa_handle_t *handle)
+{
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_CALL_FAILED;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_nspe_read_psa_rot_mmio(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint32_t data = DATA_VALUE;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 1] Test NSPE reading PSA-RoT mmio\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_MMIO_RD)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read PSA RoT mmio address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint32_t *)psa_rot_addr;
+
+ /* Did read ignore? */
+ if (data == DATA_VALUE)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_nspe_write_psa_rot_mmio(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint32_t data = DATA_VALUE;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 2] Test NSPE writing PSA-RoT mmio\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_MMIO_WR)))
+ return VAL_STATUS_ERROR;
+
+ /* Write PSA RoT mmio address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint32_t *)psa_rot_addr = (uint32_t)data;
+
+ /* Handshake with driver to decide write status */
+ if (VAL_ERROR(get_driver_status(&handle)))
+ {
+ return VAL_STATUS_DRIVER_FN_FAILED;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const client_test_t test_i079_client_tests_list[] = {
NULL,
client_test_nspe_read_psa_rot_mmio,
@@ -83,9 +187,7 @@
&psa_rot_addr,
TEST_ISOLATION_PSA_ROT_MMIO_RD)))
return VAL_STATUS_ERROR;
-
close_driver_fn(&handle);
-
/* Setting boot.state before test check */
if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
{
@@ -138,7 +240,8 @@
close_driver_fn(&handle);
return VAL_STATUS_DRIVER_FN_FAILED;
}
-
close_driver_fn(&handle);
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i080/test_i080.c b/api-tests/ff/ipc/test_i080/test_i080.c
index 1fd25f6..abce5b0 100644
--- a/api-tests/ff/ipc/test_i080/test_i080.c
+++ b/api-tests/ff/ipc/test_i080/test_i080.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -27,6 +27,109 @@
#define DATA_VALUE1 0x1234
+#if STATELESS_ROT == 1
+
+const client_test_t test_i080_client_tests_list[] = {
+ NULL,
+ client_test_app_rot_read_psa_rot_variable,
+ client_test_app_rot_write_psa_rot_variable,
+ NULL,
+};
+
+static int32_t get_secure_partition_address(__attribute__((unused)) psa_handle_t *handle,
+ addr_t *addr,
+ driver_test_fn_id_t test_fn_id)
+{
+ /* Execute driver function related to TEST_ISOLATION_PSA_ROT_* */
+ psa_invec invec[1] = { {&test_fn_id, sizeof(test_fn_id)} };
+ psa_outvec outvec[1] = { {addr, sizeof(addr_t)} };
+ if (psa->call(DRIVER_TEST_HANDLE, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+static int32_t get_driver_status(psa_handle_t *handle)
+{
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_CALL_FAILED;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_app_rot_read_psa_rot_variable(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint32_t data = DATA_VALUE1;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 1] Test APP-RoT reading PSA-RoT data\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_DATA_RD)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read PSA RoT global variable address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint32_t *)psa_rot_addr;
+
+ /* Did read ignore? */
+ if (data == DATA_VALUE1)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_app_rot_write_psa_rot_variable(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint32_t data = DATA_VALUE1;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 2] Test APP-RoT writing PSA-RoT data\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_DATA_WR)))
+ return VAL_STATUS_ERROR;
+
+ /* Write PSA RoT global variable address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint32_t *)psa_rot_addr = (uint32_t)data;
+
+ /* Handshake with driver to decide write status */
+ if (VAL_ERROR(get_driver_status(&handle)))
+ {
+ return VAL_STATUS_DRIVER_FN_FAILED;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const client_test_t test_i080_client_tests_list[] = {
NULL,
client_test_app_rot_read_psa_rot_variable,
@@ -138,7 +241,8 @@
close_driver_fn(&handle);
return VAL_STATUS_DRIVER_FN_FAILED;
}
-
close_driver_fn(&handle);
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i081/test_i081.c b/api-tests/ff/ipc/test_i081/test_i081.c
index 5f12593..3e53183 100644
--- a/api-tests/ff/ipc/test_i081/test_i081.c
+++ b/api-tests/ff/ipc/test_i081/test_i081.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -27,6 +27,111 @@
#define DATA_VALUE1 0x1234
+#if STATELESS_ROT == 1
+
+const client_test_t test_i081_client_tests_list[] = {
+ NULL,
+ client_test_app_rot_read_psa_rot_stack,
+ client_test_app_rot_write_psa_rot_stack,
+ NULL,
+};
+
+static int32_t get_secure_partition_address(__attribute__((unused)) psa_handle_t *handle,
+ addr_t *addr,
+ driver_test_fn_id_t test_fn_id)
+{
+ /* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
+ psa_invec invec[1] = { {&test_fn_id, sizeof(test_fn_id)} };
+ psa_outvec outvec[1] = { {addr, sizeof(addr_t)} };
+ if (psa->call(DRIVER_TEST_HANDLE, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+static int32_t get_driver_status(psa_handle_t *handle)
+{
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_CALL_FAILED;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_app_rot_read_psa_rot_stack(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint32_t data = DATA_VALUE1;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 1] Test APP-RoT reading PSA-RoT stack\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_STACK_RD)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read PSA RoT stack address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint32_t *)psa_rot_addr;
+
+ /* Did read ignore? */
+ if (data == DATA_VALUE1)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_app_rot_write_psa_rot_stack(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint32_t data = DATA_VALUE1;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 2] Test APP-RoT writing PSA-RoT stack\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_STACK_WR)))
+ return VAL_STATUS_ERROR;
+
+ /* Write PSA RoT stack address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint32_t *)psa_rot_addr = (uint32_t)data;
+
+ /* Handshake with driver to decide write status */
+ if (VAL_ERROR(get_driver_status(&handle)))
+ {
+ return VAL_STATUS_DRIVER_FN_FAILED;
+ }
+
+
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const client_test_t test_i081_client_tests_list[] = {
NULL,
client_test_app_rot_read_psa_rot_stack,
@@ -141,5 +246,8 @@
}
close_driver_fn(&handle);
+
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i082/test_i082.c b/api-tests/ff/ipc/test_i082/test_i082.c
index 6e56975..e6651cc 100644
--- a/api-tests/ff/ipc/test_i082/test_i082.c
+++ b/api-tests/ff/ipc/test_i082/test_i082.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -29,6 +29,125 @@
#define DATA_VALUE 0x12
#define BUFFER_SIZE 0x4
+#if STATELESS_ROT == 1
+
+const client_test_t test_i082_client_tests_list[] = {
+ NULL,
+ client_test_app_rot_read_psa_rot_heap,
+ client_test_app_rot_write_psa_rot_heap,
+ NULL,
+};
+
+#ifdef SP_HEAP_MEM_SUPP
+static int32_t get_secure_partition_address(psa_handle_t *handle,
+ addr_t *addr,
+ driver_test_fn_id_t test_fn_id)
+{
+ /* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
+ psa_invec invec[1] = { {&test_fn_id, sizeof(test_fn_id)} };
+ psa_outvec outvec[1] = { {addr, sizeof(addr_t)} };
+ if (psa->call(DRIVER_TEST_HANDLE, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+static int32_t get_driver_status(psa_handle_t *handle)
+{
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_CALL_FAILED;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_app_rot_read_psa_rot_heap(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint8_t data = DATA_VALUE;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 1] Test APP-RoT reading PSA-RoT heap\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_HEAP_RD)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read PSA RoT heap address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint8_t *)psa_rot_addr;
+
+ /* Did read ignore? */
+ if (data == DATA_VALUE)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_app_rot_write_psa_rot_heap(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint8_t data = DATA_VALUE;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 2] Test APP-RoT writing PSA-RoT heap\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_HEAP_WR)))
+ return VAL_STATUS_ERROR;
+
+ /* Write PSA RoT heap address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint8_t *)psa_rot_addr = (uint8_t)data;
+
+ /* Handshake with driver to decide write status */
+ if (VAL_ERROR(get_driver_status(&handle)))
+ {
+ return VAL_STATUS_DRIVER_FN_FAILED;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+#else
+int32_t client_test_app_rot_read_psa_rot_heap(caller_security_t caller __UNUSED)
+{
+ val->print(PRINT_TEST, "[Check 1] Test APP-RoT reading PSA-RoT heap\n", 0);
+ val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
+ return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
+}
+
+int32_t client_test_app_rot_write_psa_rot_heap(caller_security_t caller __UNUSED)
+{
+ val->print(PRINT_TEST, "[Check 2] Test APP-RoT writing PSA-RoT heap\n", 0);
+ val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
+ return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
+}
+#endif
+
+#else
+
const client_test_t test_i082_client_tests_list[] = {
NULL,
client_test_app_rot_read_psa_rot_heap,
@@ -87,7 +206,7 @@
TEST_ISOLATION_PSA_ROT_HEAP_RD)))
return VAL_STATUS_ERROR;
- close_driver_fn(&handle);
+ close_driver_fn(&handle);
/* Setting boot.state before test check */
if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
@@ -160,3 +279,5 @@
return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
}
#endif
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i083/test_i083.c b/api-tests/ff/ipc/test_i083/test_i083.c
index 477f91e..8c1bd7f 100644
--- a/api-tests/ff/ipc/test_i083/test_i083.c
+++ b/api-tests/ff/ipc/test_i083/test_i083.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -27,6 +27,118 @@
#define DATA_VALUE 0x1234
+#if STATELESS_ROT == 1
+
+const client_test_t test_i083_client_tests_list[] = {
+ NULL,
+ client_test_app_rot_read_psa_rot_mmio,
+ client_test_app_rot_write_psa_rot_mmio,
+ NULL,
+};
+
+static int32_t get_secure_partition_address(__attribute__((unused)) psa_handle_t *handle,
+ addr_t *addr,
+ driver_test_fn_id_t test_fn_id)
+{
+
+ /* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
+ psa_invec invec[1] = { {&test_fn_id, sizeof(test_fn_id)} };
+ psa_outvec outvec[1] = { {addr, sizeof(addr_t)} };
+ if (psa->call(DRIVER_TEST_HANDLE, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ return VAL_STATUS_SUCCESS;
+
+}
+
+static int32_t get_driver_status(psa_handle_t *handle)
+{
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_CALL_FAILED;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_app_rot_read_psa_rot_mmio(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint32_t data = DATA_VALUE;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 1] Test APP-RoT reading PSA-RoT mmio\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_MMIO_RD)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read PSA RoT mmio address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint32_t *)psa_rot_addr;
+
+ /* Did read ignore? */
+ if (data == DATA_VALUE)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_app_rot_write_psa_rot_mmio(caller_security_t caller __UNUSED)
+{
+ addr_t psa_rot_addr;
+ uint32_t data = DATA_VALUE;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check 2] Test APP-RoT writing PSA-RoT mmio\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&handle,
+ &psa_rot_addr,
+ TEST_ISOLATION_PSA_ROT_MMIO_WR)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_S))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Write PSA RoT mmio address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint32_t *)psa_rot_addr = (uint32_t)data;
+
+ /* Handshake with driver to decide write status */
+ if (VAL_ERROR(get_driver_status(&handle)))
+ {
+ return VAL_STATUS_DRIVER_FN_FAILED;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const client_test_t test_i083_client_tests_list[] = {
NULL,
client_test_app_rot_read_psa_rot_mmio,
@@ -55,6 +167,7 @@
}
return VAL_STATUS_SUCCESS;
+
}
static int32_t get_driver_status(psa_handle_t *handle)
@@ -127,6 +240,13 @@
TEST_ISOLATION_PSA_ROT_MMIO_WR)))
return VAL_STATUS_ERROR;
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_S))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
/* Write PSA RoT mmio address.
* This should generate internal fault or ignore the write.
*/
@@ -142,3 +262,5 @@
close_driver_fn(&handle);
return VAL_STATUS_SUCCESS;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i084/test_i084.c b/api-tests/ff/ipc/test_i084/test_i084.c
index 50afc94..023b88c 100644
--- a/api-tests/ff/ipc/test_i084/test_i084.c
+++ b/api-tests/ff/ipc/test_i084/test_i084.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,95 @@
#include "test_i084.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i084_client_tests_list[] = {
+ NULL,
+ client_test_sp_read_other_sp_variable,
+ client_test_sp_write_other_sp_variable,
+ NULL,
+};
+
+static int32_t get_secure_partition_address(addr_t *addr)
+{
+ /* Get App-RoT address */
+ psa_outvec outvec[1] = { {addr, sizeof(addr_t)} };
+ if (psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ val->print(PRINT_DEBUG, "\tClient SP: Accessing address 0x%x\n", *addr);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_sp_read_other_sp_variable(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint32_t data = 0x1234;
+
+ val->print(PRINT_TEST, "[Check 1] Test SP reading other SP data\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read Application RoT global variable address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint32_t *)app_rot_addr;
+
+ /* Did read ignore? */
+ if (data == 0x1234)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_sp_write_other_sp_variable(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint32_t data = 0x1234;
+
+ val->print(PRINT_TEST, "[Check 2] Test SP writing other SP data\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Write Application RoT global variable address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint32_t *)app_rot_addr = (uint32_t)data;
+
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const client_test_t test_i084_client_tests_list[] = {
NULL,
client_test_sp_read_other_sp_variable,
@@ -125,3 +214,5 @@
}
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i084/test_supp_i084.c b/api-tests/ff/ipc/test_i084/test_supp_i084.c
index 5362919..9e33823 100644
--- a/api-tests/ff/ipc/test_i084/test_supp_i084.c
+++ b/api-tests/ff/ipc/test_i084/test_supp_i084.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,6 +31,68 @@
/* Application RoT data region */
volatile uint32_t g_test_i084 = DATA_VALUE;
+#if STATELESS_ROT == 1
+
+const server_test_t test_i084_server_tests_list[] = {
+ NULL,
+ server_test_sp_read_other_sp_variable,
+ server_test_sp_write_other_sp_variable,
+ NULL,
+};
+
+static int32_t send_secure_partition_address(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ volatile uint32_t *addr = &g_test_i084;
+ psa_msg_t msg = {0};
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ return status;
+ }
+
+ val->print(PRINT_DEBUG, "\tServer SP: Passing 0x%x to Client SP\n", (int)&g_test_i084);
+
+ /* Send Application RoT data address - global variable */
+ psa->write(msg.handle, 0, (void *)&addr, sizeof(addr));
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t server_test_sp_read_other_sp_variable(void)
+{
+ return send_secure_partition_address();
+}
+
+int32_t server_test_sp_write_other_sp_variable(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+
+ status = send_secure_partition_address();
+ if (VAL_ERROR(status))
+ return status;
+
+ /* Reached here means there could be write succeed or ignored */
+ if (g_test_i084 == DATA_VALUE)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected write to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const server_test_t test_i084_server_tests_list[] = {
NULL,
server_test_sp_read_other_sp_variable,
@@ -114,3 +176,5 @@
}
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i085/test_i085.c b/api-tests/ff/ipc/test_i085/test_i085.c
index 9a3647e..f672fdd 100644
--- a/api-tests/ff/ipc/test_i085/test_i085.c
+++ b/api-tests/ff/ipc/test_i085/test_i085.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,96 @@
#include "test_i085.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i085_client_tests_list[] = {
+ NULL,
+ client_test_sp_read_other_sp_stack,
+ client_test_sp_write_other_sp_stack,
+ NULL,
+};
+
+static int32_t get_secure_partition_address(addr_t *addr)
+{
+ /* Get App-RoT address */
+ psa_outvec outvec[1] = { {addr, sizeof(addr_t)} };
+ if (psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ val->print(PRINT_DEBUG, "\tClient SP: Accessing address 0x%x\n", *addr);
+
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_sp_read_other_sp_stack(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint32_t data = 0x1234;
+
+ val->print(PRINT_TEST, "[Check 1] Test SP reading other SP stack\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read Application RoT stack address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint32_t *)app_rot_addr;
+
+ /* Did read ignore? */
+ if (data == 0x1234)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_sp_write_other_sp_stack(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint32_t data = 0x1234;
+
+ val->print(PRINT_TEST, "[Check 2] Test SP writing other SP stack\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Write Application RoT stack address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint32_t *)app_rot_addr = (uint32_t)data;
+
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const client_test_t test_i085_client_tests_list[] = {
NULL,
client_test_sp_read_other_sp_stack,
@@ -125,3 +215,5 @@
}
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i085/test_supp_i085.c b/api-tests/ff/ipc/test_i085/test_supp_i085.c
index bf0541a..7c47b49 100644
--- a/api-tests/ff/ipc/test_i085/test_supp_i085.c
+++ b/api-tests/ff/ipc/test_i085/test_supp_i085.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,6 +28,77 @@
#define DATA_VALUE 0x5467
+#if STATELESS_ROT == 1
+
+const server_test_t test_i085_server_tests_list[] = {
+ NULL,
+ server_test_sp_read_other_sp_stack,
+ server_test_sp_write_other_sp_stack,
+ NULL,
+};
+
+static int32_t send_secure_partition_address(addr_t *stack)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ return status;
+ }
+
+ val->print(PRINT_DEBUG, "\tServer SP: Passing 0x%x to Client SP\n", (int)stack);
+
+ /* Send Application RoT stack address */
+ psa->write(msg.handle, 0, (void *)&stack, sizeof(addr_t));
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t server_test_sp_read_other_sp_stack(void)
+{
+ /* Application RoT stack - local variable */
+ uint32_t l_test_i085 = DATA_VALUE;
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ status = send_secure_partition_address(&l_test_i085);
+
+ /* Dummy print to avoid compiler optimisation on local variable */
+ val->print(PRINT_INFO, "\tData value 0x%x\n", l_test_i085);
+ return status;
+}
+
+int32_t server_test_sp_write_other_sp_stack(void)
+{
+ /* Application RoT stack - local variable */
+ uint32_t l_test_i085 = DATA_VALUE;
+ int32_t status = VAL_STATUS_SUCCESS;
+
+
+ status = send_secure_partition_address(&l_test_i085);
+ if (VAL_ERROR(status))
+ return status;
+
+ /* Reached here means there could be write succeed or ignored */
+ if (l_test_i085 == DATA_VALUE)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected write to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const server_test_t test_i085_server_tests_list[] = {
NULL,
server_test_sp_read_other_sp_stack,
@@ -120,3 +191,5 @@
}
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i086/test_i086.c b/api-tests/ff/ipc/test_i086/test_i086.c
index 2cb9ce6..2c2fcaa 100644
--- a/api-tests/ff/ipc/test_i086/test_i086.c
+++ b/api-tests/ff/ipc/test_i086/test_i086.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -29,6 +29,110 @@
#define DATA_VALUE 0x12
#define BUFFER_SIZE 0x4
+#if STATELESS_ROT == 1
+
+const client_test_t test_i086_client_tests_list[] = {
+ NULL,
+ client_test_sp_read_other_sp_heap,
+ client_test_sp_write_other_sp_heap,
+ NULL,
+};
+
+#ifdef SP_HEAP_MEM_SUPP
+static int32_t get_secure_partition_address(addr_t *addr)
+{
+ psa_outvec outvec[1] = { {addr, BUFFER_SIZE} };
+ if (psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ val->print(PRINT_DEBUG, "\tClient SP: Accessing address 0x%x\n", *addr);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_sp_read_other_sp_heap(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint8_t data = DATA_VALUE;
+
+ val->print(PRINT_TEST, "[Check 1] Test SP reading other SP heap\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read Application RoT heap address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint8_t *)app_rot_addr;
+
+ /* Did read ignore? */
+ if (data == DATA_VALUE)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_sp_write_other_sp_heap(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint8_t data = DATA_VALUE;
+
+ val->print(PRINT_TEST, "[Check 2] Test SP writing other SP heap\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Write Application RoT heap address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint8_t *)app_rot_addr = (uint8_t)data;
+ return VAL_STATUS_SUCCESS;
+
+}
+#else
+int32_t client_test_sp_read_other_sp_heap(caller_security_t caller __UNUSED)
+{
+ val->print(PRINT_TEST, "[Check 1] Test SP reading other SP heap\n", 0);
+ val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
+ return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
+}
+
+int32_t client_test_sp_write_other_sp_heap(caller_security_t caller __UNUSED)
+{
+ val->print(PRINT_TEST, "[Check 2] Test SP writing other SP heap\n", 0);
+ val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
+ return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
+}
+#endif
+
+#else
+
const client_test_t test_i086_client_tests_list[] = {
NULL,
client_test_sp_read_other_sp_heap,
@@ -129,6 +233,7 @@
return VAL_STATUS_INVALID_HANDLE;
}
return VAL_STATUS_SUCCESS;
+
}
#else
int32_t client_test_sp_read_other_sp_heap(caller_security_t caller __UNUSED)
@@ -145,3 +250,5 @@
return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
}
#endif
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i086/test_supp_i086.c b/api-tests/ff/ipc/test_i086/test_supp_i086.c
index 2d48686..0b20c05 100644
--- a/api-tests/ff/ipc/test_i086/test_supp_i086.c
+++ b/api-tests/ff/ipc/test_i086/test_supp_i086.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -34,6 +34,97 @@
#define DATA_VALUE_ORG 0x11
#define BUFFER_SIZE 0x4
+#if STATELESS_ROT == 1
+
+const server_test_t test_i086_server_tests_list[] = {
+ NULL,
+ server_test_sp_read_other_sp_heap,
+ server_test_sp_write_other_sp_heap,
+ NULL,
+};
+
+#ifdef SP_HEAP_MEM_SUPP
+static int32_t send_secure_partition_address(uint8_t *heap)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa->reply(msg.handle, -2);
+ return status;
+ }
+
+ val->print(PRINT_DEBUG, "\tServer SP: Passing 0x%x to Client SP\n", (int)heap);
+
+ /* Send Application RoT heap address */
+ psa->write(msg.handle, 0, (void *)&heap, sizeof(BUFFER_SIZE));
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t server_test_sp_read_other_sp_heap(void)
+{
+ /* Application RoT heap buffer */
+ uint8_t *buffer;
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ buffer = (uint8_t *)malloc(sizeof(uint8_t) * BUFFER_SIZE);
+ memset((uint8_t *)buffer, DATA_VALUE_ORG, BUFFER_SIZE);
+
+ status = send_secure_partition_address(buffer);
+ free(buffer);
+
+ return status;
+}
+
+int32_t server_test_sp_write_other_sp_heap(void)
+{
+ /* Application RoT heap buffer */
+ uint8_t *buffer;
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ buffer = (uint8_t *)malloc(sizeof(uint8_t) * BUFFER_SIZE);
+ memset((uint8_t *)buffer, DATA_VALUE_ORG, BUFFER_SIZE);
+
+ status = send_secure_partition_address(buffer);
+ if (VAL_ERROR(status))
+ return status;
+
+ /* Reached here means there could be write succeed or ignored */
+ if (buffer[0] == DATA_VALUE_ORG)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected write to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ free(buffer);
+ return VAL_STATUS_SUCCESS;
+}
+#else
+
+int32_t server_test_sp_read_other_sp_heap(void)
+{
+ return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
+}
+
+int32_t server_test_sp_write_other_sp_heap(void)
+{
+ return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
+}
+#endif
+
+#else
+
const server_test_t test_i086_server_tests_list[] = {
NULL,
server_test_sp_read_other_sp_heap,
@@ -75,6 +166,7 @@
return status;
}
psa->reply(msg.handle, PSA_SUCCESS);
+
return VAL_STATUS_SUCCESS;
}
@@ -146,3 +238,5 @@
return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
}
#endif
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i087/test_i087.c b/api-tests/ff/ipc/test_i087/test_i087.c
index 90d39cb..864d444 100644
--- a/api-tests/ff/ipc/test_i087/test_i087.c
+++ b/api-tests/ff/ipc/test_i087/test_i087.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -27,6 +27,8 @@
#define DATA_VALUE 0x1234
+#if STATELESS_ROT == 1
+
const client_test_t test_i087_client_tests_list[] = {
NULL,
client_test_sp_read_other_sp_mmio,
@@ -36,6 +38,97 @@
static int32_t get_secure_partition_address(addr_t *addr)
{
+ /* Get App-RoT address */
+ psa_outvec outvec[1] = { {addr, sizeof(addr_t)} };
+ if (psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ val->print(PRINT_DEBUG, "\tClient SP: Accessing address 0x%x\n", *addr);
+
+ return VAL_STATUS_SUCCESS;
+
+}
+
+int32_t client_test_sp_read_other_sp_mmio(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint32_t data = DATA_VALUE;
+
+ val->print(PRINT_TEST, "[Check 1] Test SP reading other SP mmio\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_REENTER_TEST))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Read Application RoT mmio address.
+ * This should generate internal fault or ignore the read.
+ */
+ data = *(uint32_t *)app_rot_addr;
+
+ /* Did read ignore? */
+ if (data == DATA_VALUE)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected read to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t client_test_sp_write_other_sp_mmio(caller_security_t caller __UNUSED)
+{
+ addr_t app_rot_addr;
+ uint32_t data = DATA_VALUE;
+
+ val->print(PRINT_TEST, "[Check 2] Test SP writing other SP mmio\n", 0);
+
+ if (VAL_ERROR(get_secure_partition_address(&app_rot_addr)))
+ return VAL_STATUS_ERROR;
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Write Application RoT mmio address.
+ * This should generate internal fault or ignore the write.
+ */
+ *(uint32_t *)app_rot_addr = (uint32_t)data;
+
+ return VAL_STATUS_SUCCESS;
+
+
+}
+
+#else
+
+const client_test_t test_i087_client_tests_list[] = {
+ NULL,
+ client_test_sp_read_other_sp_mmio,
+ client_test_sp_write_other_sp_mmio,
+ NULL,
+};
+
+static int32_t get_secure_partition_address(addr_t *addr)
+{
+
psa_handle_t handle = 0;
handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
@@ -126,4 +219,7 @@
return VAL_STATUS_INVALID_HANDLE;
}
return VAL_STATUS_SUCCESS;
+
+
}
+ #endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i087/test_supp_i087.c b/api-tests/ff/ipc/test_i087/test_supp_i087.c
index 0eedb5e..3fd6eac 100644
--- a/api-tests/ff/ipc/test_i087/test_supp_i087.c
+++ b/api-tests/ff/ipc/test_i087/test_supp_i087.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,6 +28,100 @@
#define DATA_VALUE 0x5467
+#if STATELESS_ROT == 1
+
+const server_test_t test_i087_server_tests_list[] = {
+ NULL,
+ server_test_sp_read_other_sp_mmio,
+ server_test_sp_write_other_sp_mmio,
+ NULL,
+};
+
+static int32_t get_mmio_addr(addr_t *addr)
+{
+ memory_desc_t *memory_desc;
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ /* Get APP-ROT MMIO address */
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_SERVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ return status;
+ }
+
+ *addr = memory_desc->start;
+ return VAL_STATUS_SUCCESS;
+}
+
+static int32_t send_secure_partition_address(addr_t *addr)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ psa->reply(msg.handle, -2);
+ return status;
+ }
+
+ val->print(PRINT_DEBUG, "\tServer SP: Passing 0x%x to Client SP\n", (int)*addr);
+
+ /* Send Application RoT mmio address */
+ psa->write(msg.handle, 0, (void *)addr, sizeof(addr_t));
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t server_test_sp_read_other_sp_mmio(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ addr_t app_rot_addr;
+
+ status = get_mmio_addr(&app_rot_addr);
+ if (VAL_ERROR(status))
+ return status;
+
+ return send_secure_partition_address(&app_rot_addr);
+}
+
+int32_t server_test_sp_write_other_sp_mmio(void)
+{
+ addr_t app_rot_addr;
+ int32_t status = VAL_STATUS_SUCCESS;
+
+
+ status = get_mmio_addr(&app_rot_addr);
+ if (VAL_ERROR(status))
+ return status;
+
+ /* Initialise mmio address */
+ *(uint32_t *)app_rot_addr = (uint32_t)DATA_VALUE;
+ status = send_secure_partition_address(&app_rot_addr);
+ if (VAL_ERROR(status))
+ return status;
+
+ /* Reached here means there could be write succeed or ignored */
+ if (*(uint32_t *)app_rot_addr == (uint32_t)DATA_VALUE)
+ return VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_ERROR, "\tExpected write to fault but it didn't\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+#else
+
const server_test_t test_i087_server_tests_list[] = {
NULL,
server_test_sp_read_other_sp_mmio,
@@ -143,3 +237,5 @@
}
return VAL_STATUS_SUCCESS;
}
+
+#endif
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i090/test_i090.c b/api-tests/ff/ipc/test_i090/test_i090.c
index f7e9bfe..249f52f 100644
--- a/api-tests/ff/ipc/test_i090/test_i090.c
+++ b/api-tests/ff/ipc/test_i090/test_i090.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,6 +25,83 @@
#include "test_i090.h"
+#if STATELESS_ROT == 1
+
+const client_test_t test_i090_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_neg_type,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_neg_type(caller_security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_call with negative type\n", 0);
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Test check- psa_call with negative type */
+ status_of_call = psa->call(SERVER_UNSPECIFED_VERSION_HANDLE, -1, NULL, 0, NULL, 0);
+
+ /*
+ * If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
+ * a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
+ * For SPE caller, it must panic.
+ */
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ {
+ return VAL_STATUS_SUCCESS;
+ }
+
+ /* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ return status;
+}
+
+#else
+
const client_test_t test_i090_client_tests_list[] = {
NULL,
client_test_psa_call_with_neg_type,
@@ -106,3 +183,5 @@
psa->close(handle);
return status;
}
+
+#endif
diff --git a/api-tests/ff/ipc/test_i090/test_supp_i090.c b/api-tests/ff/ipc/test_i090/test_supp_i090.c
index 7295b59..3570c2b 100644
--- a/api-tests/ff/ipc/test_i090/test_supp_i090.c
+++ b/api-tests/ff/ipc/test_i090/test_supp_i090.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,7 +23,9 @@
extern val_api_t *val;
extern psa_api_t *psa;
-int32_t server_test_psa_call_with_neg_type();
+#if STATELESS_ROT == 1
+
+int32_t server_test_psa_call_with_neg_type(void);
const server_test_t test_i090_server_tests_list[] = {
NULL,
@@ -31,7 +33,38 @@
NULL,
};
-int32_t server_test_psa_call_with_neg_type()
+int32_t server_test_psa_call_with_neg_type(void)
+{
+ psa_msg_t msg = {0};
+ psa_signal_t signals;
+
+wait:
+ signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
+ {
+ goto wait;
+ }
+ if (msg.type == PSA_IPC_CALL)
+ {
+ /* Control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa->reply(msg.handle, -2);
+ }
+
+ return VAL_STATUS_ERROR;
+}
+
+#else
+
+int32_t server_test_psa_call_with_neg_type(void);
+
+const server_test_t test_i090_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_neg_type,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_neg_type(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
@@ -77,3 +110,5 @@
return VAL_STATUS_ERROR;
}
+
+#endif
diff --git a/api-tests/ff/partition/client_partition.c b/api-tests/ff/partition/client_partition.c
index 7ecea52..ae6b40f 100644
--- a/api-tests/ff/partition/client_partition.c
+++ b/api-tests/ff/partition/client_partition.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -97,11 +97,13 @@
/* Server_partition requests client to connect to SERVER_SECURE_CONNECT_ONLY_SID */
else if (signals & PSA_DOORBELL)
{
+#if STATELESS_ROT != 1
if (psa_connect(SERVER_SECURE_CONNECT_ONLY_SID, SERVER_SECURE_CONNECT_ONLY_VERSION)
!= PSA_ERROR_CONNECTION_REFUSED)
{
val_print(PRINT_ERROR, "psa_connect failed \n", 0);
}
+#endif
psa_clear();
}
else
diff --git a/api-tests/ff/partition/driver_partition.c b/api-tests/ff/partition/driver_partition.c
index 956e370..8823fc2 100644
--- a/api-tests/ff/partition/driver_partition.c
+++ b/api-tests/ff/partition/driver_partition.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -16,10 +16,15 @@
**/
#include "val_driver_service_apis.h"
-
#define DATA_VALUE 0x1111
#define BUFFER_SIZE 4
+#if SPEC_VERSION == 11
+
+#define DRIVER_UART_INTR_SIG DRIVER_UART_INTR_SIG_SIGNAL
+
+#endif
+
uint32_t g_psa_rot_data = DATA_VALUE;
int32_t driver_test_psa_eoi_with_non_intr_signal(void);
@@ -352,6 +357,7 @@
int32_t driver_test_psa_eoi_with_multiple_signals(void)
{
+ psa_irq_enable(DRIVER_UART_INTR_SIG);
/*
* To test psa_eoi for multiple signals, one of signal should asserted first.
* Otherwise, check can false pass with psa_eoi_with_unasserted_signal.
@@ -398,7 +404,9 @@
int32_t driver_test_irq_routing(void)
{
+
psa_signal_t signals = 0;
+ psa_irq_enable(DRIVER_UART_INTR_SIG);
/* Assert interrupt signal assigned to driver partition */
val_generate_interrupt();
@@ -406,6 +414,7 @@
/* Wait for DRIVER_UART_INTR_SIG signal */
signals = psa_wait(DRIVER_UART_INTR_SIG, PSA_BLOCK);
+
if (signals & DRIVER_UART_INTR_SIG)
{
/* Received DRIVER_UART_INTR_SIG signal, now process it */
diff --git a/api-tests/platform/drivers/uart/stm/pal_uart.c b/api-tests/platform/drivers/uart/stm/pal_uart.c
index 9208ff5..bd740ef 100644
--- a/api-tests/platform/drivers/uart/stm/pal_uart.c
+++ b/api-tests/platform/drivers/uart/stm/pal_uart.c
@@ -49,6 +49,7 @@
{
/* ensure TX buffer to be empty */
while (!pal_uart_stm_is_tx_empty())
+ ;
/* write the data (upper 24 bits are reserved) */
((USART_TypeDef *) g_uart)->TDR = c;
@@ -140,14 +141,8 @@
pal_uart_stm_putc(' ');
pal_uart_stm_putc(' ');
/* Loop until TX interrupt trigger */
- while (1)
- {
- if (!pal_uart_stm_is_tx_irq_triggerd())
- continue;
- else
- break;
- }
-
+ while (!pal_uart_stm_is_tx_irq_triggerd())
+ ;
}
/**
diff --git a/api-tests/platform/targets/common/nspe/crypto/pal_crypto_config_check.h b/api-tests/platform/targets/common/nspe/crypto/pal_crypto_config_check.h
index e51dc11..b6fdd11 100644
--- a/api-tests/platform/targets/common/nspe/crypto/pal_crypto_config_check.h
+++ b/api-tests/platform/targets/common/nspe/crypto/pal_crypto_config_check.h
@@ -196,10 +196,6 @@
#error "ARCH_TEST_CMAC defined, but not all prerequisites"
#endif
-#if defined(ARCH_TEST_GMAC) && !defined(ARCH_TEST_AES)
-#error "ARCH_TEST_GMAC defined, but not all prerequisites"
-#endif
-
#if defined(ARCH_TEST_HMAC) && !defined(ARCH_TEST_AES)
#error "ARCH_TEST_HMAC defined, but not all prerequisites"
#endif
diff --git a/api-tests/platform/targets/common/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/common/nspe/crypto/pal_crypto_intf.c
index 197fc88..7d8e633 100644
--- a/api-tests/platform/targets/common/nspe/crypto/pal_crypto_intf.c
+++ b/api-tests/platform/targets/common/nspe/crypto/pal_crypto_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -30,495 +30,845 @@
**/
int32_t pal_crypto_function(int type, va_list valist)
{
- int i;
- psa_status_t status;
- uint8_t *buffer, *ciphertext, *plaintext;
- const uint8_t *nonce, *additional_data, *salt, *peer;
- size_t *length, size, ciphertext_size, nonce_length;
- size_t salt_length, peer_length, additional_data_length;
- size_t plaintext_size;
-#ifdef NO_SUPPORT
- size_t *tag_length;
+ psa_algorithm_t alg;
+ const uint8_t *input, *input1;
+ size_t input_length, input_length1, bits;
+ uint8_t *output;
+ size_t output_size;
+ size_t output_length, *p_output_length;
+ size_t *p_bits;
+ psa_key_id_t key, id;
+ psa_cipher_operation_t *cipher_operation, cipher_operation_temp;
+ const psa_key_attributes_t *c_attributes;
+ psa_key_attributes_t *attributes, attributes_temp;
+ psa_key_id_t *target_key, *p_id, *p_key;
+ psa_algorithm_t *p_alg;
+ psa_key_lifetime_t lifetime;
+ psa_key_lifetime_t *p_lifetime;
+ psa_key_type_t *p_type;
+ psa_key_usage_t usage_flags;
+ psa_key_usage_t *p_usage_flags;
+ psa_hash_operation_t *hash_operation, *hash_target_operation;
+ psa_hash_operation_t hash_operation_temp;
+ const psa_hash_operation_t *hash_source_operation;
+ psa_key_derivation_operation_t *derivation_operation, derivation_operation_temp;
+ const psa_key_derivation_operation_t *c_derivation_operation;
+ psa_key_derivation_step_t step;
+ psa_mac_operation_t *mac_operation, mac_operation_temp;
+ psa_aead_operation_t *aead_operation, aead_operation_temp;
+ const uint8_t *nonce;
+ size_t nonce_length;
+ const uint8_t *additional_data;
+ size_t additional_data_length;
+#if HOST_GCC_MISSING_CRYPTO_1_0 == 0
+ uint8_t *output1;
+ size_t output_size1, *p_output_length1;
#endif
- psa_aead_operation_t *aead_operation;
- psa_key_attributes_t *attributes;
- psa_key_handle_t *handle, key_handle;
- psa_key_type_t *key_type_out, key_type;
- psa_key_usage_t *usage_out, usage;
- psa_key_id_t *key_id_out, key_id;
- psa_key_lifetime_t *key_lifetime_out, key_lifetime;
- psa_algorithm_t *key_alg_out, key_alg, alg;
- psa_hash_operation_t *hash_operation, *target_operation;
- psa_mac_operation_t *mac_operation;
- psa_cipher_operation_t *cipher_operation;
- psa_key_derivation_operation_t *derive_operation;
- psa_key_derivation_step_t step;
- (void)aead_operation;
switch (type)
- {
- case PAL_CRYPTO_INIT:
- return psa_crypto_init();
- case PAL_CRYPTO_GENERATE_RANDOM:
- buffer = va_arg(valist, uint8_t *);
- size = va_arg(valist, int);
- return psa_generate_random(buffer, size);
- case PAL_CRYPTO_IMPORT_KEY:
- attributes = va_arg(valist, psa_key_attributes_t *);
- buffer = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- handle = (psa_key_handle_t *)va_arg(valist, int *);
- status = psa_import_key(attributes, buffer, size, handle);
- return status;
- case PAL_CRYPTO_SET_KEY_TYPE:
- attributes = va_arg(valist, psa_key_attributes_t *);
- key_type = (psa_key_type_t)va_arg(valist, int);
- psa_set_key_type(attributes, key_type);
- return 0;
- case PAL_CRYPTO_SET_KEY_BITS:
- attributes = va_arg(valist, psa_key_attributes_t *);
- size = va_arg(valist, size_t);
- psa_set_key_bits(attributes, size);
- return 0;
- case PAL_CRYPTO_GET_KEY_ATTRIBUTES:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- attributes = va_arg(valist, psa_key_attributes_t *);
- return psa_get_key_attributes(key_handle, attributes);
- case PAL_CRYPTO_GET_KEY_TYPE:
- attributes = va_arg(valist, psa_key_attributes_t *);
- key_type_out = va_arg(valist, psa_key_type_t *);
- *key_type_out = psa_get_key_type(attributes);
- return 0;
- case PAL_CRYPTO_EXPORT_KEY:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- buffer = (uint8_t *)(va_arg(valist, uint8_t *));
- size = va_arg(valist, size_t);
- length = (size_t *)va_arg(valist, size_t *);
- return psa_export_key(key_handle, buffer, size, length);
- case PAL_CRYPTO_SET_KEY_USAGE_FLAGS:
- attributes = va_arg(valist, psa_key_attributes_t *);
- usage = va_arg(valist, psa_key_usage_t);
- psa_set_key_usage_flags(attributes, usage);
- return 0;
- case PAL_CRYPTO_RESET_KEY_ATTRIBUTES:
- attributes = va_arg(valist, psa_key_attributes_t *);
- psa_reset_key_attributes(attributes);
- return 0;
- case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- buffer = (uint8_t *)(va_arg(valist, uint8_t *));
- size = va_arg(valist, size_t);
- length = (size_t *)va_arg(valist, size_t *);
- return psa_export_public_key(key_handle, buffer, size, length);
- case PAL_CRYPTO_SET_KEY_ID:
- attributes = va_arg(valist, psa_key_attributes_t *);
- key_id = va_arg(valist, psa_key_id_t);
- psa_set_key_id(attributes, key_id);
- return 0;
- case PAL_CRYPTO_SET_KEY_LIFETIME:
- attributes = va_arg(valist, psa_key_attributes_t *);
- key_lifetime = va_arg(valist, psa_key_lifetime_t);
- psa_set_key_lifetime(attributes, key_lifetime);
- return 0;
- case PAL_CRYPTO_SET_KEY_ALGORITHM:
- attributes = va_arg(valist, psa_key_attributes_t *);
- key_alg = va_arg(valist, psa_algorithm_t);
- psa_set_key_algorithm(attributes, key_alg);
- return 0;
- case PAL_CRYPTO_GET_KEY_ID:
- attributes = va_arg(valist, psa_key_attributes_t *);
- key_id_out = va_arg(valist, psa_key_id_t *);
- *key_id_out = psa_get_key_id(attributes);
- return 0;
- case PAL_CRYPTO_GET_KEY_LIFETIME:
- attributes = va_arg(valist, psa_key_attributes_t *);
- key_lifetime_out = va_arg(valist, psa_key_lifetime_t *);
- *key_lifetime_out = psa_get_key_lifetime(attributes);
- return 0;
- case PAL_CRYPTO_GET_KEY_USAGE_FLAGS:
- attributes = va_arg(valist, psa_key_attributes_t *);
- usage_out = va_arg(valist, psa_key_usage_t *);
- *usage_out = psa_get_key_usage_flags(attributes);
- return 0;
- case PAL_CRYPTO_GET_KEY_ALGORITHM:
- attributes = va_arg(valist, psa_key_attributes_t *);
- key_alg_out = va_arg(valist, psa_algorithm_t *);
- *key_alg_out = psa_get_key_algorithm(attributes);
- return 0;
- case PAL_CRYPTO_GET_KEY_BITS:
- attributes = va_arg(valist, psa_key_attributes_t *);
- length = va_arg(valist, size_t *);
- *length = psa_get_key_bits(attributes);
- return 0;
- case PAL_CRYPTO_DESTROY_KEY:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- return psa_destroy_key(key_handle);
- case PAL_CRYPTO_HASH_SETUP:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_hash_setup(hash_operation, alg);
- case PAL_CRYPTO_HASH_UPDATE:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_hash_update(hash_operation, buffer, size);
- case PAL_CRYPTO_HASH_VERIFY:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_hash_verify(hash_operation, buffer, size);
- case PAL_CRYPTO_HASH_FINISH:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_hash_finish(hash_operation, buffer, size, length);
- case PAL_CRYPTO_HASH_ABORT:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- return psa_hash_abort(hash_operation);
- case PAL_CRYPTO_HASH_COMPUTE:
- alg = va_arg(valist, psa_algorithm_t);
- plaintext = va_arg(valist, uint8_t*);
- plaintext_size = va_arg(valist, size_t);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_hash_compute(alg, plaintext, plaintext_size, buffer, size, length);
- case PAL_CRYPTO_HASH_COMPARE:
- alg = va_arg(valist, psa_algorithm_t);
- plaintext = va_arg(valist, uint8_t*);
- plaintext_size = va_arg(valist, size_t);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size);
- case PAL_CRYPTO_HASH_CLONE:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- target_operation = va_arg(valist, psa_hash_operation_t*);
- return psa_hash_clone(hash_operation, target_operation);
- case PAL_CRYPTO_GENERATE_KEY:
- attributes = va_arg(valist, psa_key_attributes_t *);
- handle = (psa_key_handle_t *)va_arg(valist, int *);
- return psa_generate_key(attributes, handle);
- case PAL_CRYPTO_AEAD_ENCRYPT:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- nonce = va_arg(valist, const uint8_t *);
- nonce_length = va_arg(valist, size_t);
- additional_data = va_arg(valist, const uint8_t *);
- additional_data_length = va_arg(valist, size_t);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_aead_encrypt(key_handle, alg, nonce, nonce_length, additional_data,
- additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
- case PAL_CRYPTO_AEAD_DECRYPT:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- nonce = va_arg(valist, const uint8_t *);
- nonce_length = va_arg(valist, size_t);
- additional_data = va_arg(valist, const uint8_t *);
- additional_data_length = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data,
- additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
-#ifdef NO_SUPPORT
- case PAL_CRYPTO_AEAD_ENCRYPT_SETUP:
- aead_operation = va_arg(valist, psa_aead_operation_t *);
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_aead_encrypt_setup(aead_operation, key_handle, alg);
- case PAL_CRYPTO_AEAD_DECRYPT_SETUP:
- aead_operation = va_arg(valist, psa_aead_operation_t *);
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_aead_decrypt_setup(aead_operation, key_handle, alg);
- case PAL_CRYPTO_AEAD_GENERATE_NONCE:
- aead_operation = va_arg(valist, psa_aead_operation_t *);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- length = (size_t *)va_arg(valist, size_t*);
- return psa_aead_generate_nonce(aead_operation, buffer, size, length);
- case PAL_CRYPTO_AEAD_SET_NONCE:
- aead_operation = va_arg(valist, psa_aead_operation_t *);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_aead_set_nonce(aead_operation, buffer, size);
- case PAL_CRYPTO_AEAD_SET_LENGTHS:
- aead_operation = va_arg(valist, psa_aead_operation_t *);
- size = va_arg(valist, size_t);
- plaintext_size = va_arg(valist, size_t);
- return psa_aead_set_lengths(aead_operation, size, plaintext_size);
- case PAL_CRYPTO_AEAD_UPDATE_AD:
- aead_operation = va_arg(valist, psa_aead_operation_t *);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_aead_update_ad(aead_operation, buffer, size);
- case PAL_CRYPTO_AEAD_UPDATE:
- aead_operation = va_arg(valist, psa_aead_operation_t *);
- plaintext = va_arg(valist, uint8_t*);
- plaintext_size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t*);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_aead_update(aead_operation, plaintext, plaintext_size, ciphertext,
- ciphertext_size, length);
- case PAL_CRYPTO_AEAD_FINISH:
- aead_operation = va_arg(valist, psa_aead_operation_t *);
- ciphertext = va_arg(valist, uint8_t*);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- tag_length = (size_t *)va_arg(valist, size_t*);
- return psa_aead_finish(aead_operation, ciphertext, ciphertext_size, length, buffer,
- size, tag_length);
- case PAL_CRYPTO_AEAD_VERIFY:
- aead_operation = va_arg(valist, psa_aead_operation_t *);
- plaintext = va_arg(valist, uint8_t*);
- plaintext_size = va_arg(valist, size_t);
- length = (size_t *)va_arg(valist, size_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_aead_verify(aead_operation, plaintext, plaintext_size, length, buffer, size);
- case PAL_CRYPTO_AEAD_ABORT:
- aead_operation = va_arg(valist, psa_aead_operation_t *);
- return psa_aead_abort(aead_operation);
+ {
+ case PAL_CRYPTO_AEAD_DECRYPT:
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_aead_decrypt(key,
+ alg,
+ nonce,
+ nonce_length,
+ additional_data,
+ additional_data_length,
+ input,
+ input_length,
+ output,
+ output_size,
+ p_output_length);
+ break;
+ case PAL_CRYPTO_AEAD_ENCRYPT:
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_aead_encrypt(key,
+ alg,
+ nonce,
+ nonce_length,
+ additional_data,
+ additional_data_length,
+ input,
+ input_length,
+ output,
+ output_size,
+ p_output_length);
+ break;
+#if HOST_GCC_MISSING_CRYPTO_1_0 == 0
+ case PAL_CRYPTO_AEAD_ABORT:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ return psa_aead_abort(aead_operation);
+ break;
+ case PAL_CRYPTO_AEAD_DECRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_decrypt_setup(aead_operation,
+ key,
+ alg);
+ break;
+ case PAL_CRYPTO_AEAD_ENCRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_encrypt_setup(aead_operation,
+ key,
+ alg);
+ break;
+ case PAL_CRYPTO_AEAD_FINISH:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ output1 = va_arg(valist, uint8_t *);
+ output_size1 = va_arg(valist, size_t);
+ p_output_length1 = va_arg(valist, size_t *);
+ return psa_aead_finish(aead_operation,
+ output,
+ output_size,
+ p_output_length,
+ output1,
+ output_size1,
+ p_output_length1);
+ break;
+ case PAL_CRYPTO_AEAD_GENERATE_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_aead_generate_nonce(aead_operation,
+ output,
+ output_size,
+ p_output_length);
+ break;
+ case PAL_CRYPTO_AEAD_SET_LENGTHS:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ input_length = va_arg(valist, size_t);
+ input_length1 = va_arg(valist, size_t);
+ return psa_aead_set_lengths(aead_operation,
+ input_length,
+ input_length1);
+ break;
+ case PAL_CRYPTO_AEAD_SET_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ return psa_aead_set_nonce(aead_operation,
+ input,
+ input_length);
+ break;
+ case PAL_CRYPTO_AEAD_UPDATE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_aead_update(aead_operation,
+ input,
+ input_length,
+ output,
+ output_size,
+ p_output_length);
+ break;
+ case PAL_CRYPTO_AEAD_UPDATE_AD:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ return psa_aead_update_ad(aead_operation,
+ input,
+ input_length);
+ break;
+ case PAL_CRYPTO_AEAD_VERIFY:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ return psa_aead_verify(aead_operation,
+ output,
+ output_size,
+ p_output_length,
+ input,
+ input_length);
+ break;
#endif
- case PAL_CRYPTO_MAC_SIGN_SETUP:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_mac_sign_setup(mac_operation, key_handle, alg);
- case PAL_CRYPTO_MAC_UPDATE:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_mac_update(mac_operation, buffer, size);
- case PAL_CRYPTO_MAC_SIGN_FINISH:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- length = (size_t *)va_arg(valist, size_t*);
- return psa_mac_sign_finish(mac_operation, buffer, size, length);
- case PAL_CRYPTO_MAC_VERIFY_SETUP:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_mac_verify_setup(mac_operation, key_handle, alg);
- case PAL_CRYPTO_MAC_VERIFY_FINISH:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_mac_verify_finish(mac_operation, buffer, size);
- case PAL_CRYPTO_MAC_ABORT:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- return psa_mac_abort(mac_operation);
-#ifdef NO_SUPPORT
- case PAL_CRYPTO_MAC_COMPUTE:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- plaintext = va_arg(valist, uint8_t*);
- plaintext_size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t*);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_mac_compute(key_handle, alg, plaintext, plaintext_size, ciphertext,
- ciphertext_size, length);
- case PAL_CRYPTO_MAC_VERIFY:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- plaintext = va_arg(valist, uint8_t*);
- plaintext_size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t*);
- ciphertext_size = va_arg(valist, size_t);
- return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext,
- ciphertext_size);
+ case PAL_CRYPTO_AEAD_OPERATION_INIT:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ aead_operation_temp = psa_aead_operation_init();
+ memcpy((void *)aead_operation, (void *)&aead_operation_temp,
+ sizeof(psa_aead_operation_t));
+ return 0;
+ break;
+ case PAL_CRYPTO_ASYMMETRIC_DECRYPT:
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ input1 = va_arg(valist, const uint8_t *);
+ input_length1 = va_arg(valist, size_t);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_asymmetric_decrypt(key,
+ alg,
+ input,
+ input_length,
+ input1,
+ input_length1,
+ output,
+ output_size,
+ p_output_length);
+ break;
+ case PAL_CRYPTO_ASYMMETRIC_ENCRYPT:
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ input1 = va_arg(valist, const uint8_t *);
+ input_length1 = va_arg(valist, size_t);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_asymmetric_encrypt(key,
+ alg,
+ input,
+ input_length,
+ input1,
+ input_length1,
+ output,
+ output_size,
+ p_output_length);
+ break;
+ case PAL_CRYPTO_CIPHER_ABORT:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ return psa_cipher_abort(cipher_operation);
+ break;
+#if HOST_GCC_MISSING_CRYPTO_1_0 == 0
+ case PAL_CRYPTO_CIPHER_DECRYPT:
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_cipher_decrypt(key,
+ alg,
+ input,
+ input_length,
+ output,
+ output_size,
+ p_output_length);
+ break;
#endif
- case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- salt = va_arg(valist, const uint8_t *);
- salt_length = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_asymmetric_encrypt(key_handle, alg, plaintext, size, salt, salt_length,
- ciphertext, ciphertext_size, length);
- case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- salt = va_arg(valist, const uint8_t *);
- salt_length = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_asymmetric_decrypt(key_handle, alg, plaintext, size, salt, salt_length,
- ciphertext, ciphertext_size, length);
- case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_cipher_encrypt_setup(cipher_operation, key_handle, alg);
- case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_cipher_decrypt_setup(cipher_operation, key_handle, alg);
- case PAL_CRYPTO_CIPHER_GENERATE_IV:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_cipher_generate_iv(cipher_operation, buffer, size, length);
- case PAL_CRYPTO_CIPHER_SET_IV:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_cipher_set_iv(cipher_operation, buffer, size);
- case PAL_CRYPTO_CIPHER_UPDATE:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
- length);
- case PAL_CRYPTO_CIPHER_FINISH:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_cipher_finish(cipher_operation, ciphertext, ciphertext_size, length);
- case PAL_CRYPTO_CIPHER_ABORT:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- return psa_cipher_abort(cipher_operation);
-#ifdef NO_SUPPORT
- case PAL_CRYPTO_CIPHER_ENCRYPT:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_cipher_encrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
- length);
- case PAL_CRYPTO_CIPHER_DECRYPT:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
- length);
+ case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_decrypt_setup(cipher_operation,
+ key,
+ alg);
+ break;
+#if HOST_GCC_MISSING_CRYPTO_1_0 == 0
+ case PAL_CRYPTO_CIPHER_ENCRYPT:
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_cipher_encrypt(key,
+ alg,
+ input,
+ input_length,
+ output,
+ output_size,
+ p_output_length);
+ break;
#endif
- case PAL_CRYPTO_ASYMMTERIC_SIGN:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_asymmetric_sign(key_handle, alg, buffer, size, ciphertext, ciphertext_size,
- length);
- case PAL_CRYPTO_ASYMMTERIC_VERIFY:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- return psa_asymmetric_verify(key_handle, alg, buffer, size, ciphertext,
- ciphertext_size);
- case PAL_CRYPTO_RAW_KEY_AGREEMENT:
- alg = va_arg(valist, psa_algorithm_t);
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- peer = va_arg(valist, uint8_t*);
- peer_length = va_arg(valist, size_t);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_raw_key_agreement(alg, key_handle, peer, peer_length, buffer, size, length);
- case PAL_CRYPTO_COPY_KEY:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- attributes = va_arg(valist, psa_key_attributes_t *);
- handle = (psa_key_handle_t *)va_arg(valist, int *);
- return psa_copy_key(key_handle, attributes, handle);
- case PAL_CRYPTO_KEY_DERIVATION_SETUP:
- derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_key_derivation_setup(derive_operation, alg);
- case PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES:
- derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
- step = (psa_key_derivation_step_t)va_arg(valist, int);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_key_derivation_input_bytes(derive_operation, step, buffer, size);
- case PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY:
- derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
- step = (psa_key_derivation_step_t)va_arg(valist, int);
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- return psa_key_derivation_input_key(derive_operation, step, key_handle);
- case PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT:
- derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
- step = (psa_key_derivation_step_t)va_arg(valist, int);
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- peer = va_arg(valist, uint8_t*);
- peer_length = va_arg(valist, size_t);
- return psa_key_derivation_key_agreement(derive_operation, step, key_handle, peer,
- peer_length);
- case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES:
- derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_key_derivation_output_bytes(derive_operation, buffer, size);
- case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY:
- attributes = va_arg(valist, psa_key_attributes_t *);
- derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
- handle = (psa_key_handle_t *)va_arg(valist, int *);
- return psa_key_derivation_output_key(attributes, derive_operation, handle);
- case PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY:
- derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
- size = va_arg(valist, size_t);
- return psa_key_derivation_set_capacity(derive_operation, size);
- case PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY:
- derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
- length = va_arg(valist, size_t *);
- return psa_key_derivation_get_capacity(derive_operation, length);
- case PAL_CRYPTO_KEY_DERIVATION_ABORT:
- derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
- return psa_key_derivation_abort(derive_operation);
- case PAL_CRYPTO_OPEN_KEY:
- key_id = va_arg(valist, psa_key_id_t);
- handle = (psa_key_handle_t *)va_arg(valist, int *);
- return psa_open_key(key_id, handle);
- case PAL_CRYPTO_CLOSE_KEY:
- key_handle = (psa_key_handle_t)va_arg(valist, int);
- return psa_close_key(key_handle);
- case PAL_CRYPTO_FREE:
- for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
- psa_destroy_key(i);
- return 0;
-#ifndef TF_M_PROFILE_SMALL
- case PAL_CRYPTO_RESET:
- return pal_system_reset();
+ case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_encrypt_setup(cipher_operation,
+ key,
+ alg);
+ break;
+ case PAL_CRYPTO_CIPHER_FINISH:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_cipher_finish(cipher_operation,
+ output,
+ output_size,
+ p_output_length);
+ break;
+ case PAL_CRYPTO_CIPHER_GENERATE_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_cipher_generate_iv(cipher_operation,
+ output,
+ output_size,
+ p_output_length);
+ break;
+ case PAL_CRYPTO_CIPHER_OPERATION_INIT:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ cipher_operation_temp = psa_cipher_operation_init();
+ memcpy((void *)cipher_operation, (void *)&cipher_operation_temp,
+ sizeof(psa_cipher_operation_t));
+ return 0;
+ break;
+ case PAL_CRYPTO_CIPHER_SET_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ return psa_cipher_set_iv(cipher_operation,
+ input,
+ input_length);
+ break;
+ case PAL_CRYPTO_CIPHER_UPDATE:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_cipher_update(cipher_operation,
+ input,
+ input_length,
+ output,
+ output_size,
+ p_output_length);
+ break;
+ case PAL_CRYPTO_COPY_KEY:
+ key = va_arg(valist, psa_key_id_t);
+ c_attributes = va_arg(valist, const psa_key_attributes_t *);
+ target_key = va_arg(valist, psa_key_id_t *);
+ return psa_copy_key(key,
+ c_attributes,
+ target_key);
+ break;
+ case PAL_CRYPTO_INIT:
+ return psa_crypto_init();
+ break;
+ case PAL_CRYPTO_DESTROY_KEY:
+ key = va_arg(valist, psa_key_id_t);
+ return psa_destroy_key(key);
+ break;
+ case PAL_CRYPTO_EXPORT_KEY:
+ key = va_arg(valist, psa_key_id_t);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_export_key(key,
+ output,
+ output_size,
+ p_output_length);
+ break;
+ case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
+ key = va_arg(valist, psa_key_id_t);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_export_public_key(key,
+ output,
+ output_size,
+ p_output_length);
+ break;
+ case PAL_CRYPTO_GENERATE_KEY:
+ c_attributes = va_arg(valist, const psa_key_attributes_t *);
+ target_key = va_arg(valist, psa_key_id_t *);
+ return psa_generate_key(c_attributes,
+ target_key);
+ break;
+ case PAL_CRYPTO_GENERATE_RANDOM:
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ return psa_generate_random(output,
+ output_size);
+ break;
+ case PAL_CRYPTO_GET_KEY_ALGORITHM:
+ c_attributes = va_arg(valist, const psa_key_attributes_t *);
+ p_alg = va_arg(valist, psa_algorithm_t *);
+ *p_alg = psa_get_key_algorithm(c_attributes);
+ return 0;
+ break;
+ case PAL_CRYPTO_GET_KEY_ATTRIBUTES:
+ key = va_arg(valist, psa_key_id_t);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ return psa_get_key_attributes(key,
+ attributes);
+ break;
+ case PAL_CRYPTO_GET_KEY_BITS:
+ c_attributes = va_arg(valist, const psa_key_attributes_t *);
+ p_bits = va_arg(valist, size_t *);
+ *p_bits = psa_get_key_bits(c_attributes);
+ return 0;
+ break;
+ case PAL_CRYPTO_GET_KEY_ID:
+ c_attributes = va_arg(valist, const psa_key_attributes_t *);
+ p_id = va_arg(valist, psa_key_id_t *);
+ *p_id = psa_get_key_id(c_attributes);
+ return 0;
+ break;
+ case PAL_CRYPTO_GET_KEY_LIFETIME:
+ c_attributes = va_arg(valist, const psa_key_attributes_t *);
+ p_lifetime = va_arg(valist, psa_key_lifetime_t *);
+ *p_lifetime = psa_get_key_lifetime(c_attributes);
+ return 0;
+ break;
+ case PAL_CRYPTO_GET_KEY_TYPE:
+ c_attributes = va_arg(valist, const psa_key_attributes_t *);
+ p_type = va_arg(valist, psa_key_type_t *);
+ *p_type = psa_get_key_type(c_attributes);
+ return 0;
+ break;
+ case PAL_CRYPTO_GET_KEY_USAGE_FLAGS:
+ c_attributes = va_arg(valist, const psa_key_attributes_t *);
+ p_usage_flags = va_arg(valist, psa_key_usage_t *);
+ *p_usage_flags = psa_get_key_usage_flags(c_attributes);
+ return 0;
+ break;
+ case PAL_CRYPTO_HASH_ABORT:
+ hash_operation = va_arg(valist, psa_hash_operation_t *);
+ return psa_hash_abort(hash_operation);
+ break;
+ case PAL_CRYPTO_HASH_CLONE:
+ hash_source_operation = va_arg(valist, const psa_hash_operation_t *);
+ hash_target_operation = va_arg(valist, psa_hash_operation_t *);
+ return psa_hash_clone(hash_source_operation,
+ hash_target_operation);
+ break;
+ case PAL_CRYPTO_HASH_COMPARE:
+ alg = va_arg(valist, psa_algorithm_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ input1 = va_arg(valist, const uint8_t *);
+ input_length1 = va_arg(valist, size_t);
+ return psa_hash_compare(alg,
+ input,
+ input_length,
+ input1,
+ input_length1);
+ break;
+ case PAL_CRYPTO_HASH_COMPUTE:
+ alg = va_arg(valist, psa_algorithm_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_hash_compute(alg,
+ input,
+ input_length,
+ output,
+ output_size,
+ p_output_length);
+ break;
+ case PAL_CRYPTO_HASH_FINISH:
+ hash_operation = va_arg(valist, psa_hash_operation_t *);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_hash_finish(hash_operation,
+ output,
+ output_size,
+ p_output_length);
+ break;
+ case PAL_CRYPTO_HASH_OPERATION_INIT:
+ hash_operation = va_arg(valist, psa_hash_operation_t *);
+ hash_operation_temp = psa_hash_operation_init();
+ memcpy((void *)hash_operation, (void *)&hash_operation_temp,
+ sizeof(psa_hash_operation_t));
+ return 0;
+ break;
+#ifdef CRYPTO_1_0
+ case PAL_CRYPTO_HASH_RESUME:
+ hash_operation = va_arg(valist, psa_hash_operation_t *);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ return psa_hash_resume(hash_operation,
+ input,
+ input_length);
+ break;
+ case PAL_CRYPTO_HASH_SUSPEND:
+ hash_operation = va_arg(valist, psa_hash_operation_t *);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_hash_suspend(hash_operation,
+ output,
+ output_size,
+ p_output_length);
+ break;
#endif
- default:
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ case PAL_CRYPTO_HASH_SETUP:
+ hash_operation = va_arg(valist, psa_hash_operation_t *);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_hash_setup(hash_operation,
+ alg);
+ break;
+ case PAL_CRYPTO_HASH_UPDATE:
+ hash_operation = va_arg(valist, psa_hash_operation_t *);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ return psa_hash_update(hash_operation,
+ input,
+ input_length);
+ break;
+ case PAL_CRYPTO_HASH_VERIFY:
+ hash_operation = va_arg(valist, psa_hash_operation_t *);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ return psa_hash_verify(hash_operation,
+ input,
+ input_length);
+ break;
+ case PAL_CRYPTO_IMPORT_KEY:
+ c_attributes = va_arg(valist, const psa_key_attributes_t *);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ p_key = va_arg(valist, psa_key_id_t *);
+ return psa_import_key(c_attributes,
+ input,
+ input_length,
+ p_key);
+ break;
+ case PAL_CRYPTO_KEY_ATTRIBUTES_INIT:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ attributes_temp = psa_key_attributes_init();
+ memcpy((void *)attributes, (void *)&attributes_temp,\
+ sizeof(psa_key_attributes_t));
+ return 0;
+ break;
+ case PAL_CRYPTO_KEY_DERIVATION_ABORT:
+ derivation_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ return psa_key_derivation_abort(derivation_operation);
+ break;
+ case PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY:
+ c_derivation_operation = va_arg(valist, const psa_key_derivation_operation_t *);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_key_derivation_get_capacity(c_derivation_operation,\
+ p_output_length);
+ break;
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES:
+ derivation_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ return psa_key_derivation_input_bytes(derivation_operation,
+ step,
+ input,
+ input_length);
+ break;
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY:
+ derivation_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key = va_arg(valist, psa_key_id_t);
+ return psa_key_derivation_input_key(derivation_operation,
+ step,
+ key);
+ break;
+ case PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT:
+ derivation_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key = va_arg(valist, psa_key_id_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ return psa_key_derivation_key_agreement(derivation_operation,
+ step,
+ key,
+ input,
+ input_length);
+ break;
+ case PAL_CRYPTO_KEY_DERIVATION_OPERATION_INIT:
+ derivation_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ derivation_operation_temp = psa_key_derivation_operation_init();
+ memcpy((void *)derivation_operation, (void *)&derivation_operation_temp,
+ sizeof(psa_key_derivation_operation_t));
+ return 0;
+ break;
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES:
+ derivation_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ output = va_arg(valist, uint8_t *);
+ output_length = va_arg(valist, size_t);
+ return psa_key_derivation_output_bytes(derivation_operation,
+ output,
+ output_length);
+ break;
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY:
+ c_attributes = va_arg(valist, const psa_key_attributes_t *);
+ derivation_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ p_key = va_arg(valist, psa_key_id_t *);
+ return psa_key_derivation_output_key(c_attributes,
+ derivation_operation,
+ p_key);
+ break;
+ case PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY:
+ derivation_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ input_length = va_arg(valist, size_t);
+ return psa_key_derivation_set_capacity(derivation_operation,
+ input_length);
+ break;
+ case PAL_CRYPTO_KEY_DERIVATION_SETUP:
+ derivation_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_key_derivation_setup(derivation_operation,
+ alg);
+ break;
+ case PAL_CRYPTO_MAC_ABORT:
+ mac_operation = va_arg(valist, psa_mac_operation_t *);
+ return psa_mac_abort(mac_operation);
+ break;
+#ifdef CRYPTO_1_0
+ case PAL_CRYPTO_MAC_COMPUTE:
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_mac_compute(key,
+ alg,
+ input,
+ input_length,
+ output,
+ output_size,
+ p_output_length);
+ break;
+#endif
+ case PAL_CRYPTO_MAC_OPERATION_INIT:
+ mac_operation = va_arg(valist, psa_mac_operation_t *);
+ mac_operation_temp = psa_mac_operation_init();
+ memcpy((void *)mac_operation, (void *)&mac_operation_temp, \
+ sizeof(psa_mac_operation_t));
+ return 0;
+ break;
+ case PAL_CRYPTO_MAC_SIGN_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t *);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_mac_sign_finish(mac_operation,
+ output,
+ output_size,
+ p_output_length);
+ break;
+ case PAL_CRYPTO_MAC_SIGN_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t *);
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_sign_setup(mac_operation,
+ key,
+ alg);
+ break;
+ case PAL_CRYPTO_MAC_UPDATE:
+ mac_operation = va_arg(valist, psa_mac_operation_t *);
+ input = va_arg(valist, uint8_t *);
+ input_length = va_arg(valist, size_t);
+ return psa_mac_update(mac_operation,
+ input,
+ input_length);
+ break;
+#if HOST_GCC_MISSING_CRYPTO_1_0 == 0
+ case PAL_CRYPTO_MAC_VERIFY:
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ input1 = va_arg(valist, const uint8_t *);
+ input_length1 = va_arg(valist, size_t);
+ return psa_mac_verify(key,
+ alg,
+ input,
+ input_length,
+ input1,
+ input_length1);
+ break;
+#endif
+ case PAL_CRYPTO_MAC_VERIFY_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t *);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ return psa_mac_verify_finish(mac_operation,
+ input,
+ input_length);
+ break;
+ case PAL_CRYPTO_MAC_VERIFY_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t *);
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_verify_setup(mac_operation,
+ key,
+ alg);
+ break;
+ case PAL_CRYPTO_PURGE_KEY:
+ key = va_arg(valist, psa_key_id_t);
+ return psa_purge_key(key);
+ break;
+ case PAL_CRYPTO_RAW_KEY_AGREEMENT:
+ alg = va_arg(valist, psa_algorithm_t);
+ key = va_arg(valist, psa_key_id_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_raw_key_agreement(alg,
+ key,
+ input,
+ input_length,
+ output,
+ output_size,
+ p_output_length);
+ break;
+ case PAL_CRYPTO_RESET_KEY_ATTRIBUTES:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ psa_reset_key_attributes(attributes);
+ return 0;
+ break;
+ case PAL_CRYPTO_SET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ alg = va_arg(valist, psa_algorithm_t);
+ psa_set_key_algorithm(attributes,
+ alg);
+ return 0;
+ break;
+ case PAL_CRYPTO_SET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ bits = va_arg(valist, size_t);
+ psa_set_key_bits(attributes,
+ bits);
+ return 0;
+ break;
+ case PAL_CRYPTO_SET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ id = va_arg(valist, psa_key_id_t);
+ psa_set_key_id(attributes,
+ id);
+ return 0;
+ break;
+ case PAL_CRYPTO_SET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ lifetime = va_arg(valist, psa_key_lifetime_t);
+ psa_set_key_lifetime(attributes,
+ lifetime);
+ return 0;
+ break;
+ case PAL_CRYPTO_SET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ type = (psa_key_type_t)va_arg(valist, int);
+ psa_set_key_type(attributes,
+ type);
+ return 0;
+ break;
+ case PAL_CRYPTO_SET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage_flags = va_arg(valist, psa_key_usage_t);
+ psa_set_key_usage_flags(attributes,
+ usage_flags);
+ return 0;
+ break;
+ case PAL_CRYPTO_SIGN_HASH:
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_sign_hash(key,
+ alg,
+ input,
+ input_length,
+ output,
+ output_size,
+ p_output_length);
+ break;
+#ifdef CRYPTO_1_0
+ case PAL_CRYPTO_SIGN_MESSAGE:
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ output = va_arg(valist, uint8_t *);
+ output_size = va_arg(valist, size_t);
+ p_output_length = va_arg(valist, size_t *);
+ return psa_sign_message(key,
+ alg,
+ input,
+ input_length,
+ output,
+ output_size,
+ p_output_length);
+ break;
+ case PAL_CRYPTO_VERIFY_MESSAGE:
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ input1 = va_arg(valist, const uint8_t *);
+ input_length1 = va_arg(valist, size_t);
+ return psa_verify_message(key,
+ alg,
+ input,
+ input_length,
+ input1,
+ input_length1);
+ break;
+#endif
+ case PAL_CRYPTO_VERIFY_HASH:
+ key = va_arg(valist, psa_key_id_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ input = va_arg(valist, const uint8_t *);
+ input_length = va_arg(valist, size_t);
+ input1 = va_arg(valist, const uint8_t *);
+ input_length1 = va_arg(valist, size_t);
+ return psa_verify_hash(key,
+ alg,
+ input,
+ input_length,
+ input1,
+ input_length1);
+ break;
+ case PAL_CRYPTO_RESET:
+ return pal_system_reset();
+ break;
+ case PAL_CRYPTO_FREE:
+ for (int i = 0; i < PAL_KEY_SLOT_COUNT; i++)
+ psa_destroy_key((psa_key_id_t)i);
+ return 0;
+ break;
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
}
}
diff --git a/api-tests/platform/targets/common/nspe/crypto/pal_crypto_intf.h b/api-tests/platform/targets/common/nspe/crypto/pal_crypto_intf.h
index e9039f6..2bf2785 100644
--- a/api-tests/platform/targets/common/nspe/crypto/pal_crypto_intf.h
+++ b/api-tests/platform/targets/common/nspe/crypto/pal_crypto_intf.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,82 +21,91 @@
#include "pal_common.h"
enum crypto_function_code {
- PAL_CRYPTO_INIT = 0x1,
- PAL_CRYPTO_GENERATE_RANDOM = 0x2,
- PAL_CRYPTO_IMPORT_KEY = 0x3,
- PAL_CRYPTO_EXPORT_KEY = 0x4,
- PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
- PAL_CRYPTO_DESTROY_KEY = 0x6,
- PAL_CRYPTO_HASH_SETUP = 0x7,
- PAL_CRYPTO_HASH_UPDATE = 0x8,
- PAL_CRYPTO_HASH_VERIFY = 0x9,
- PAL_CRYPTO_HASH_FINISH = 0xA,
- PAL_CRYPTO_HASH_ABORT = 0xB,
- PAL_CRYPTO_GENERATE_KEY = 0xC,
- PAL_CRYPTO_AEAD_ENCRYPT = 0xD,
- PAL_CRYPTO_AEAD_DECRYPT = 0xE,
- PAL_CRYPTO_MAC_SIGN_SETUP = 0xF,
- PAL_CRYPTO_MAC_UPDATE = 0x10,
- PAL_CRYPTO_MAC_SIGN_FINISH = 0x11,
- PAL_CRYPTO_MAC_VERIFY_SETUP = 0x12,
- PAL_CRYPTO_MAC_VERIFY_FINISH = 0x13,
- PAL_CRYPTO_MAC_ABORT = 0x14,
- PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x15,
- PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x16,
- PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x17,
- PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x18,
- PAL_CRYPTO_CIPHER_GENERATE_IV = 0x19,
- PAL_CRYPTO_CIPHER_SET_IV = 0x1A,
- PAL_CRYPTO_CIPHER_UPDATE = 0x1B,
- PAL_CRYPTO_CIPHER_FINISH = 0x1C,
- PAL_CRYPTO_CIPHER_ABORT = 0x1D,
- PAL_CRYPTO_ASYMMTERIC_SIGN = 0x1E,
- PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x1F,
- PAL_CRYPTO_COPY_KEY = 0x20,
- PAL_CRYPTO_SET_KEY_TYPE = 0x21,
- PAL_CRYPTO_SET_KEY_BITS = 0x22,
- PAL_CRYPTO_GET_KEY_ATTRIBUTES = 0x23,
- PAL_CRYPTO_GET_KEY_TYPE = 0x24,
- PAL_CRYPTO_SET_KEY_USAGE_FLAGS = 0x25,
- PAL_CRYPTO_RESET_KEY_ATTRIBUTES = 0x26,
- PAL_CRYPTO_SET_KEY_ID = 0x27,
- PAL_CRYPTO_SET_KEY_LIFETIME = 0x28,
- PAL_CRYPTO_SET_KEY_ALGORITHM = 0x29,
- PAL_CRYPTO_GET_KEY_ID = 0x2A,
- PAL_CRYPTO_GET_KEY_LIFETIME = 0x2B,
- PAL_CRYPTO_GET_KEY_USAGE_FLAGS = 0x2C,
- PAL_CRYPTO_GET_KEY_ALGORITHM = 0x2D,
- PAL_CRYPTO_GET_KEY_BITS = 0x2E,
- PAL_CRYPTO_HASH_COMPUTE = 0x2F,
- PAL_CRYPTO_HASH_COMPARE = 0x30,
- PAL_CRYPTO_KEY_DERIVATION_SETUP = 0x31,
- PAL_CRYPTO_KEY_DERIVATION_ABORT = 0x32,
- PAL_CRYPTO_RAW_KEY_AGREEMENT = 0x33,
- PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES = 0x34,
- PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY = 0x35,
- PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT = 0x36,
- PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES = 0x37,
- PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY = 0x38,
- PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY = 0x39,
- PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY = 0x3A,
- PAL_CRYPTO_HASH_CLONE = 0x3B,
- PAL_CRYPTO_MAC_COMPUTE = 0x3C,
- PAL_CRYPTO_MAC_VERIFY = 0x3D,
- PAL_CRYPTO_CIPHER_ENCRYPT = 0x3F,
- PAL_CRYPTO_CIPHER_DECRYPT = 0x40,
- PAL_CRYPTO_OPEN_KEY = 0x41,
- PAL_CRYPTO_CLOSE_KEY = 0x42,
- PAL_CRYPTO_AEAD_ENCRYPT_SETUP = 0x43,
- PAL_CRYPTO_AEAD_DECRYPT_SETUP = 0x44,
- PAL_CRYPTO_AEAD_GENERATE_NONCE = 0x45,
- PAL_CRYPTO_AEAD_SET_NONCE = 0x46,
- PAL_CRYPTO_AEAD_SET_LENGTHS = 0X47,
- PAL_CRYPTO_AEAD_UPDATE_AD = 0x48,
- PAL_CRYPTO_AEAD_UPDATE = 0x49,
- PAL_CRYPTO_AEAD_FINISH = 0x4A,
- PAL_CRYPTO_AEAD_VERIFY = 0x4B,
- PAL_CRYPTO_AEAD_ABORT = 0x4C,
- PAL_CRYPTO_RESET = 0xFD,
+ PAL_CRYPTO_AEAD_ABORT = 0x1,
+ PAL_CRYPTO_AEAD_DECRYPT,
+ PAL_CRYPTO_AEAD_DECRYPT_SETUP,
+ PAL_CRYPTO_AEAD_ENCRYPT,
+ PAL_CRYPTO_AEAD_ENCRYPT_SETUP,
+ PAL_CRYPTO_AEAD_FINISH,
+ PAL_CRYPTO_AEAD_GENERATE_NONCE,
+ PAL_CRYPTO_AEAD_OPERATION_INIT,
+ PAL_CRYPTO_AEAD_SET_LENGTHS,
+ PAL_CRYPTO_AEAD_SET_NONCE,
+ PAL_CRYPTO_AEAD_UPDATE,
+ PAL_CRYPTO_AEAD_UPDATE_AD,
+ PAL_CRYPTO_AEAD_VERIFY,
+ PAL_CRYPTO_ASYMMETRIC_DECRYPT,
+ PAL_CRYPTO_ASYMMETRIC_ENCRYPT,
+ PAL_CRYPTO_CIPHER_ABORT,
+ PAL_CRYPTO_CIPHER_DECRYPT,
+ PAL_CRYPTO_CIPHER_DECRYPT_SETUP,
+ PAL_CRYPTO_CIPHER_ENCRYPT,
+ PAL_CRYPTO_CIPHER_ENCRYPT_SETUP,
+ PAL_CRYPTO_CIPHER_FINISH,
+ PAL_CRYPTO_CIPHER_GENERATE_IV,
+ PAL_CRYPTO_CIPHER_OPERATION_INIT,
+ PAL_CRYPTO_CIPHER_SET_IV,
+ PAL_CRYPTO_CIPHER_UPDATE,
+ PAL_CRYPTO_COPY_KEY,
+ PAL_CRYPTO_INIT,
+ PAL_CRYPTO_DESTROY_KEY,
+ PAL_CRYPTO_EXPORT_KEY,
+ PAL_CRYPTO_EXPORT_PUBLIC_KEY,
+ PAL_CRYPTO_GENERATE_KEY,
+ PAL_CRYPTO_GENERATE_RANDOM,
+ PAL_CRYPTO_GET_KEY_ALGORITHM,
+ PAL_CRYPTO_GET_KEY_ATTRIBUTES,
+ PAL_CRYPTO_GET_KEY_BITS,
+ PAL_CRYPTO_GET_KEY_ID,
+ PAL_CRYPTO_GET_KEY_LIFETIME,
+ PAL_CRYPTO_GET_KEY_TYPE,
+ PAL_CRYPTO_GET_KEY_USAGE_FLAGS,
+ PAL_CRYPTO_HASH_ABORT,
+ PAL_CRYPTO_HASH_CLONE,
+ PAL_CRYPTO_HASH_COMPARE,
+ PAL_CRYPTO_HASH_COMPUTE,
+ PAL_CRYPTO_HASH_FINISH,
+ PAL_CRYPTO_HASH_OPERATION_INIT,
+ PAL_CRYPTO_HASH_RESUME,
+ PAL_CRYPTO_HASH_SETUP,
+ PAL_CRYPTO_HASH_SUSPEND,
+ PAL_CRYPTO_HASH_UPDATE,
+ PAL_CRYPTO_HASH_VERIFY,
+ PAL_CRYPTO_IMPORT_KEY,
+ PAL_CRYPTO_KEY_ATTRIBUTES_INIT,
+ PAL_CRYPTO_KEY_DERIVATION_ABORT,
+ PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY,
+ PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT,
+ PAL_CRYPTO_KEY_DERIVATION_OPERATION_INIT,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY,
+ PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY,
+ PAL_CRYPTO_KEY_DERIVATION_SETUP,
+ PAL_CRYPTO_MAC_ABORT,
+ PAL_CRYPTO_MAC_COMPUTE,
+ PAL_CRYPTO_MAC_OPERATION_INIT,
+ PAL_CRYPTO_MAC_SIGN_FINISH,
+ PAL_CRYPTO_MAC_SIGN_SETUP,
+ PAL_CRYPTO_MAC_UPDATE,
+ PAL_CRYPTO_MAC_VERIFY,
+ PAL_CRYPTO_MAC_VERIFY_FINISH,
+ PAL_CRYPTO_MAC_VERIFY_SETUP,
+ PAL_CRYPTO_PURGE_KEY,
+ PAL_CRYPTO_RAW_KEY_AGREEMENT,
+ PAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ PAL_CRYPTO_SET_KEY_ALGORITHM,
+ PAL_CRYPTO_SET_KEY_BITS,
+ PAL_CRYPTO_SET_KEY_ID,
+ PAL_CRYPTO_SET_KEY_LIFETIME,
+ PAL_CRYPTO_SET_KEY_TYPE,
+ PAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ PAL_CRYPTO_SIGN_HASH,
+ PAL_CRYPTO_SIGN_MESSAGE,
+ PAL_CRYPTO_VERIFY_HASH,
+ PAL_CRYPTO_VERIFY_MESSAGE,
+ PAL_CRYPTO_RESET = 0xF0,
PAL_CRYPTO_FREE = 0xFE,
};
diff --git a/api-tests/platform/targets/common/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/common/nspe/initial_attestation/pal_attestation_crypto.c
index 7f748c2..7b233a2 100644
--- a/api-tests/platform/targets/common/nspe/initial_attestation/pal_attestation_crypto.c
+++ b/api-tests/platform/targets/common/nspe/initial_attestation/pal_attestation_crypto.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -187,8 +187,10 @@
return status;
}
-static int32_t pal_attest_get_public_key(uint8_t *public_key_buff, size_t public_key_buf_size,
- size_t *public_key_len, psa_ecc_curve_t *elliptic_curve_type)
+static int32_t pal_attest_get_public_key(uint8_t *public_key_buff,
+ size_t public_key_buf_size,
+ size_t *public_key_len,
+ psa_ecc_family_t *elliptic_family_type)
{
int32_t status = PAL_ATTEST_ERROR;
@@ -197,14 +199,14 @@
return PAL_ATTEST_ERR_SMALL_BUFFER;
*public_key_len = (attest_key.pubx_key_size + attest_key.puby_key_size + 1);
- *elliptic_curve_type = PSA_ECC_CURVE_SECP256R1;
+ *elliptic_family_type = PSA_ECC_FAMILY_SECP_R1;
memcpy(public_key_buff, (void *)&attest_public_key, *public_key_len);
status = PSA_SUCCESS;
#else
status = tfm_initial_attest_get_public_key(public_key_buff,
public_key_buf_size,
public_key_len,
- elliptic_curve_type);
+ elliptic_family_type);
#endif
return status;
@@ -214,7 +216,7 @@
{
psa_status_t status = PAL_ATTEST_ERROR;
psa_key_usage_t usage = PSA_KEY_USAGE_VERIFY;
- psa_ecc_curve_t ecc_curve;
+ psa_ecc_family_t ecc_family;
psa_key_type_t attest_key_type;
size_t public_key_size;
uint8_t public_key_buff[ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH] = {0};
@@ -227,12 +229,15 @@
status = pal_attest_get_public_key(public_key_buff,
sizeof(public_key_buff),
&public_key_size,
- &ecc_curve);
+ &ecc_family);
if (status != PSA_SUCCESS)
return PAL_ATTEST_ERR_KEY_FAIL;
+ if (ecc_family == (psa_ecc_family_t)USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
/* Set key type for public key */
- attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_family);
/* Setup the key policy for public key */
policy = psa_key_policy_init();
@@ -265,12 +270,15 @@
status = pal_attest_get_public_key(public_key_buff,
sizeof(public_key_buff),
&public_key_size,
- &ecc_curve);
+ &ecc_family);
if (status != PSA_SUCCESS)
return PAL_ATTEST_ERR_KEY_FAIL;
+ if (ecc_family == (psa_ecc_family_t)USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
/* Set key type for public key */
- attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_family);
/* Set the attributes for the public key */
psa_set_key_type(&attributes, attest_key_type);
@@ -325,7 +333,7 @@
return status;
/* Verify the signature */
- status = psa_asymmetric_verify(public_key_handle,
+ status = psa_verify_hash(public_key_handle,
key_alg, token_hash.ptr, token_hash.len,
signature.ptr, signature.len);
if (status != PSA_SUCCESS)
diff --git a/api-tests/platform/targets/tgt_dev_apis_linux/README.md b/api-tests/platform/targets/tgt_dev_apis_linux/README.md
new file mode 100755
index 0000000..c3fc003
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_linux/README.md
@@ -0,0 +1,15 @@
+# Linux Host Target
+
+There are a couple of limitations to this target when it comes to a test which involves system reset or test process due to Watch Dog Timer (WDT) and NVMEM implementation.
+
+- **WDT**: Lacks functionality to recover after a hang as they just return failure or success.
+
+- **NVMEM**: Stores data in an array in memory, which means NVMEM would be lost as it isn't a non-volatile implementation.
+
+## License
+
+Arm PSA test suite is distributed under Apache v2.0 License.
+
+--------------
+
+*Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/main.c b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/main.c
new file mode 100755
index 0000000..a503b6e
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/main.c
@@ -0,0 +1,33 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <stdint.h>
+
+int32_t val_entry(void);
+
+/**
+ @brief - PSA C main function, used for generating tgt_dev_apis_stdc test binaries.
+ @param - argc : the number of command line arguments.
+ argv : array containing command line arguments.
+ @return - error status
+**/
+int main(int argc, char **argv)
+{
+ (void)argc;
+ (void)argv;
+ return val_entry();
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_attestation_config.h b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_attestation_config.h
new file mode 100755
index 0000000..a6aaf4f
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_attestation_config.h
@@ -0,0 +1,107 @@
+/** @file
+ * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_CONFIG_H_
+#define _PAL_ATTESTATION_CONFIG_H_
+
+#define COSE_ALGORITHM_ES256 -7
+#define COSE_ALG_SHA256_PROPRIETARY -72000
+
+#define USEFUL_BUF_MAKE_STACK_UB UsefulBuf_MAKE_STACK_UB
+
+#define COSE_SIG_CONTEXT_STRING_SIGNATURE1 "Signature1"
+
+/* Private value. Intentionally not documented for Doxygen.
+ * This is the size allocated for the encoded protected headers. It
+ * needs to be big enough for make_protected_header() to succeed. It
+ * currently sized for one header with an algorithm ID up to 32 bits
+ * long -- one byte for the wrapping map, one byte for the label, 5
+ * bytes for the ID. If this is made accidentially too small, QCBOR will
+ * only return an error, and not overrun any buffers.
+ *
+ * 9 extra bytes are added, rounding it up to 16 total, in case some
+ * other protected header is to be added.
+ */
+#define T_COSE_SIGN1_MAX_PROT_HEADER (1+1+5+9)
+
+/**
+ * This is the size of the first part of the CBOR encoded TBS
+ * bytes. It is around 20 bytes. See create_tbs_hash().
+ */
+#define T_COSE_SIZE_OF_TBS \
+ 1 + /* For opening the array */ \
+ sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \
+ 2 + /* Overhead for encoding string */ \
+ T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \
+ 3 * (/* 3 NULL bstrs for fields not used */ \
+ 1 /* size of a NULL bstr */ \
+ )
+#define NULL_USEFUL_BUF_C NULLUsefulBufC
+
+#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH (1 + 2 * PSA_BITS_TO_BYTES(256))
+
+typedef struct {
+ uint8_t *pubx_key;
+ size_t pubx_key_size;
+ uint8_t *puby_key;
+ size_t puby_key_size;
+} ecc_key_t;
+
+struct ecc_public_key_t {
+ const uint8_t a;
+ uint8_t public_key[]; /* X-coordinate || Y-coordinate */
+};
+
+static const struct ecc_public_key_t attest_public_key = {
+ /* Constant byte */
+ 0x04,
+ /* X-coordinate */
+ {0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
+ 0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
+ 0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
+ 0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F,
+ /* Y-coordinate */
+ 0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
+ 0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
+ 0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
+ 0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64},
+};
+
+static const uint8_t initial_attestation_public_x_key[] = {
+ 0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
+ 0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
+ 0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
+ 0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F
+};
+
+static const uint8_t initial_attestation_public_y_key[] = {
+ 0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
+ 0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
+ 0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
+ 0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64
+};
+
+/* Initialize the structure with given public key */
+static const ecc_key_t attest_key = {
+ (uint8_t *)initial_attestation_public_x_key,
+ sizeof(initial_attestation_public_x_key),
+ (uint8_t *)initial_attestation_public_y_key,
+ sizeof(initial_attestation_public_y_key)
+};
+
+#endif /* _PAL_ATTESTATION_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h
new file mode 100755
index 0000000..6112ba7
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h
@@ -0,0 +1,107 @@
+/** @file
+ * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CONFIG_H_
+#define _PAL_CONFIG_H_
+
+#include "pal_crypto_config.h"
+#include "pal_storage_config.h"
+#include "pal_attestation_config.h"
+
+#define TARGET_SPECIFIC_TYPES
+
+#ifdef TARGET_SPECIFIC_TYPES
+/* typedef's */
+typedef uint8_t bool_t;
+typedef uintptr_t addr_t;
+typedef uint32_t test_id_t;
+typedef uint32_t block_id_t;
+typedef char char8_t;
+typedef uint32_t cfg_id_t;
+#endif
+
+/* Define PSA test suite dependent macros for non-cmake build */
+#if !defined(PSA_CMAKE_BUILD)
+
+/* Print verbosity = TEST */
+#define VERBOSE 3
+
+/* NSPE or SPE VAL build? */
+#define VAL_NSPE_BUILD
+
+/* NSPE or SPE TEST build? */
+#define NONSECURE_TEST_BUILD
+
+/* If not defined, skip watchdog programming */
+#define WATCHDOG_AVAILABLE
+
+/* Are Dynamic memory APIs available to secure partition? */
+#define SP_HEAP_MEM_SUPP
+
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
+#endif /* PSA_CMAKE_BUILD */
+
+/* Version of crypto spec used in attestation */
+#define CRYPTO_VERSION_BETA3
+
+/* Use hardcoded public key */
+#define PLATFORM_OVERRIDE_ATTEST_PK
+
+/*
+ * Include of PSA defined Header files
+ */
+#ifdef IPC
+/* psa/client.h: Contains the PSA Client API elements */
+#include "psa/client.h"
+
+/*
+ * psa_manifest/sid.h: Macro definitions derived from manifest files that map from RoT Service
+ * names to Service IDs (SIDs). Partition manifest parse build tool must provide the implementation
+ * of this file.
+*/
+#include "psa_manifest/sid.h"
+
+/*
+ * psa_manifest/pid.h: Secure Partition IDs
+ * Macro definitions that map from Secure Partition names to Secure Partition IDs.
+ * Partition manifest parse build tool must provide the implementation of this file.
+*/
+#include "psa_manifest/pid.h"
+#endif
+
+#ifdef CRYPTO
+/* psa/crypto.h: Contains the PSA Crypto API elements */
+#include "psa/crypto.h"
+#endif
+
+#if defined(INTERNAL_TRUSTED_STORAGE) || defined(STORAGE)
+/* psa/internal_trusted_storage.h: Contains the PSA ITS API elements */
+#include "psa/internal_trusted_storage.h"
+#endif
+
+#if defined(PROTECTED_STORAGE) || defined(STORAGE)
+/* psa/protected_storage.h: Contains the PSA PS API elements */
+#include "psa/protected_storage.h"
+#endif
+
+#ifdef INITIAL_ATTESTATION
+/* psa/initial_attestation.h: Contains the PSA Initial Attestation API elements */
+#include "psa/initial_attestation.h"
+#endif
+
+#endif /* _PAL_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_crypto_config.h b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_crypto_config.h
new file mode 100755
index 0000000..f849287
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_crypto_config.h
@@ -0,0 +1,328 @@
+/** @file
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+/*
+ * \file pal_crypto_config.h
+ *
+ * \brief Configuration options for crypto tests (set of defines)
+ *
+ * This set of compile-time options may be used to enable
+ * or disable features selectively for crypto test suite
+ */
+
+#ifndef _PAL_CRYPTO_CONFIG_H_
+#define _PAL_CRYPTO_CONFIG_H_
+/**
+ * \def ARCH_TEST_RSA
+ *
+ * Enable the RSA public-key cryptosystem.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_RSA
+#define ARCH_TEST_RSA_1024
+#define ARCH_TEST_RSA_2048
+#define ARCH_TEST_RSA_3072
+
+/**
+ * \def ARCH_TEST_ECC
+ * \def ARCH_TEST_ECC_CURVE_SECPXXXR1
+ *
+ * Enable the elliptic curve
+ * Enable specific curves within the Elliptic Curve
+ * module. By default all supported curves are enabled.
+ *
+ * Requires: ARCH_TEST_ECC
+ * Comment macros to disable the curve
+ */
+#define ARCH_TEST_ECC
+#define ARCH_TEST_ECC_CURVE_SECP192R1
+#define ARCH_TEST_ECC_CURVE_SECP224R1
+#define ARCH_TEST_ECC_CURVE_SECP256R1
+#define ARCH_TEST_ECC_CURVE_SECP384R1
+
+/**
+ * \def ARCH_TEST_AES
+ *
+ * Enable the AES block cipher.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_AES
+#define ARCH_TEST_AES_128
+#define ARCH_TEST_AES_192
+#define ARCH_TEST_AES_256
+#define ARCH_TEST_AES_512
+
+/**
+ * \def ARCH_TEST_DES
+ *
+ * Enable the DES block cipher.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_DES
+#define ARCH_TEST_DES_1KEY
+#define ARCH_TEST_DES_2KEY
+#define ARCH_TEST_DES_3KEY
+
+/**
+ * \def ARCH_TEST_RAW
+ *
+ * A "key" of this type cannot be used for any cryptographic operation.
+ * Applications may use this type to store arbitrary data in the keystore.
+ */
+#define ARCH_TEST_RAW
+
+/**
+ * \def ARCH_TEST_CIPHER
+ *
+ * Enable the generic cipher layer.
+ */
+
+#define ARCH_TEST_CIPHER
+
+/**
+ * \def ARCH_TEST_ARC4
+ *
+ * Enable the ARC4 key type.
+ */
+#define ARCH_TEST_ARC4
+
+/**
+ * \def ARCH_TEST_CIPHER_MODE_CTR
+ *
+ * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPHER
+ */
+#define ARCH_TEST_CIPHER_MODE_CTR
+
+/**
+ * \def ARCH_TEST_CIPHER_MODE_CFB
+ *
+ * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPHER
+ */
+#define ARCH_TEST_CIPHER_MODE_CFB
+
+/**
+ * \def ARCH_TEST_CIPHER_MODE_CBC
+ *
+ * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPHER
+ */
+#define ARCH_TEST_CIPHER_MODE_CBC
+
+/**
+ * \def ARCH_TEST_CTR_AES
+ *
+ * Requires: ARCH_TEST_CIPHER, ARCH_TEST_AES, ARCH_TEST_CIPHER_MODE_CTR
+ */
+#define ARCH_TEST_CTR_AES
+
+/**
+ * \def ARCH_TEST_CBC_AES
+ *
+ * Requires: ARCH_TEST_CIPHER, ARCH_TEST_AES, ARCH_TEST_CIPHER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_AES
+#define ARCH_TEST_CBC_AES_NO_PADDING
+
+/**
+ * \def ARCH_TEST_CBC_NO_PADDING
+ *
+ * Requires: ARCH_TEST_CIPHER, ARCH_TEST_CIPHER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_NO_PADDING
+
+/**
+ * \def ARCH_TEST_CFB_AES
+ *
+ * Requires: ARCH_TEST_CIPHER, ARCH_TEST_AES, ARCH_TEST_CIPHER_MODE_CFB
+ */
+#define ARCH_TEST_CFB_AES
+
+/**
+ * \def ARCH_TEST_PKCS1V15_*
+ *
+ * Enable support for PKCS#1 v1.5 encoding.
+ * Enable support for PKCS#1 v1.5 operations.
+ * Enable support for RSA-OAEP
+ *
+ * Requires: ARCH_TEST_RSA, ARCH_TEST_PKCS1V15
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_PKCS1V15
+#define ARCH_TEST_RSA_PKCS1V15_SIGN
+#define ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
+#define ARCH_TEST_RSA_PKCS1V15_CRYPT
+#define ARCH_TEST_RSA_OAEP
+
+/**
+ * \def ARCH_TEST_CBC_PKCS7
+ *
+ * Requires: ARCH_TEST_CIPHER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_PKCS7
+
+/**
+ * \def ARCH_TEST_ASYMMETRIC_ENCRYPTION
+ *
+ * Enable support for Asymmetric encryption algorithms
+ */
+#define ARCH_TEST_ASYMMETRIC_ENCRYPTION
+
+/**
+ * \def ARCH_TEST_HASH
+ *
+ * Enable the hash algorithm.
+ */
+#define ARCH_TEST_HASH
+
+/**
+ * \def ARCH_TEST_HMAC
+ *
+ * The key policy determines which underlying hash algorithm the key can be
+ * used for.
+ *
+ * Requires: ARCH_TEST_HASH
+ */
+#define ARCH_TEST_HMAC
+
+/**
+ * \def ARCH_TEST_MDX
+ * \def ARCH_TEST_SHAXXX
+ *
+ * Enable the MDX algorithm.
+ * Enable the SHAXXX algorithm.
+ *
+ * Requires: ARCH_TEST_HASH
+ *
+ * Comment macros to disable the types
+ */
+// #define ARCH_TEST_MD2
+// #define ARCH_TEST_MD4
+#define ARCH_TEST_MD5
+#define ARCH_TEST_RIPEMD160
+#define ARCH_TEST_SHA1
+#define ARCH_TEST_SHA224
+#define ARCH_TEST_SHA256
+#define ARCH_TEST_SHA384
+#define ARCH_TEST_SHA512
+// #define ARCH_TEST_SHA512_224
+// #define ARCH_TEST_SHA512_256
+// #define ARCH_TEST_SHA3_224
+// #define ARCH_TEST_SHA3_256
+// #define ARCH_TEST_SHA3_384
+// #define ARCH_TEST_SHA3_512
+
+/**
+ * \def ARCH_TEST_HKDF
+ *
+ * Enable the HKDF algorithm (RFC 5869).
+ *
+ * Requires: ARCH_TEST_HASH
+*/
+#define ARCH_TEST_HKDF
+
+/**
+ * \def ARCH_TEST_xMAC
+ *
+ * Enable the xMAC (Cipher/Hash/G-based Message Authentication Code) mode for block
+ * ciphers.
+ * Requires: ARCH_TEST_AES or ARCH_TEST_DES
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CMAC
+#define ARCH_TEST_HMAC
+
+/**
+ * \def ARCH_TEST_CCM
+ *
+ * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
+ *
+ * Requires: ARCH_TEST_AES
+ */
+#define ARCH_TEST_CCM
+
+/**
+ * \def ARCH_TEST_GCM
+ *
+ * Enable the Galois/Counter Mode (GCM) for AES.
+ *
+ * Requires: ARCH_TEST_AES
+ *
+ */
+#define ARCH_TEST_GCM
+
+/**
+ * \def ARCH_TEST_TRUNCATED_MAC
+ *
+ * Enable support for RFC 6066 truncated HMAC in SSL.
+ *
+ * Comment this macro to disable support for truncated HMAC in SSL
+ */
+#define ARCH_TEST_TRUNCATED_MAC
+
+
+/**
+ * \def ARCH_TEST_ECDH
+ *
+ * Enable the elliptic curve Diffie-Hellman library.
+ *
+ * Requires: ARCH_TEST_ECC
+ */
+#define ARCH_TEST_ECDH
+
+/**
+ * \def ARCH_TEST_ECDSA
+ *
+ * Enable the elliptic curve DSA library.
+ * Requires: ARCH_TEST_ECC
+ */
+#define ARCH_TEST_ECDSA
+
+/**
+ * \def ARCH_TEST_DETERMINISTIC_ECDSA
+ *
+ * Enable deterministic ECDSA (RFC 6979).
+*/
+#define ARCH_TEST_DETERMINISTIC_ECDSA
+
+/**
+ * \def ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
+ *
+ * Enable ECC support for asymmetric API.
+*/
+//#define ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
+#include "pal_crypto_config_check.h"
+
+#endif /* _PAL_CRYPTO_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_driver_intf.c b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_driver_intf.c
new file mode 100755
index 0000000..e91e160
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_driver_intf.c
@@ -0,0 +1,200 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <inttypes.h>
+#include <limits.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "pal_common.h"
+
+/* This stdc implementation doesn't support tests that involve resets of the
+ * test process or the system, so we don't actually need non-volatile memory.
+ * Just implement the "nvmem" as an array in memory.
+ */
+
+/* Using zero as NVMEM_BASE is a bit arbitrary - we don't actually need callers
+ * to specify a base address but the nvmem function signatures have "base" params.
+ * Zero is the value used in our target.cfg file so that's what we should receive.
+ */
+#define NVMEM_BASE 0
+
+#define NVMEM_SIZE (1024)
+static uint8_t g_nvmem[NVMEM_SIZE];
+
+/**
+ @brief - Check that an nvmem access is within the bounds of the nvmem
+ @param - base : Base address of nvmem (must be zero)
+ offset : Offset into nvmem
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+static int nvmem_check_bounds(addr_t base, uint32_t offset, int size)
+{
+ if (base != NVMEM_BASE)
+ return PAL_STATUS_ERROR;
+ if (offset > NVMEM_SIZE)
+ return PAL_STATUS_ERROR;
+ if (size < 0)
+ return PAL_STATUS_ERROR;
+ if (offset > (uint32_t)(INT_MAX - size))
+ return PAL_STATUS_ERROR;
+ if (offset + size > NVMEM_SIZE)
+ return PAL_STATUS_ERROR;
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Reads from given non-volatile address.
+ @param - base : Base address of nvmem (must be zero)
+ offset : Offset
+ buffer : Pointer to dest address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ if (nvmem_check_bounds(base, offset, size) != PAL_STATUS_SUCCESS)
+ {
+ return PAL_STATUS_ERROR;
+ }
+ memcpy(buffer, g_nvmem + offset, size);
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Writes into given non-volatile address.
+ @param - base : Base address of nvmem (must be zero)
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ if (nvmem_check_bounds(base, offset, size) != PAL_STATUS_SUCCESS)
+ {
+ return PAL_STATUS_ERROR;
+ }
+ memcpy(g_nvmem + offset, buffer, size);
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - This function initializes the UART
+
+ This implementation doesn't actually use a UART to print test output, we
+ just send it to stdout. No init necessary.
+
+ @param - uart base addr (ignored)
+ @return - SUCCESS/FAILURE
+**/
+int pal_uart_init_ns(uint32_t uart_base_addr)
+{
+ (void)uart_base_addr;
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - This function parses the input string and writes bytes into UART TX FIFO
+
+ This implementation doesn't actually use a UART to print test output, we
+ just send it to stdout.
+
+ @param - str : Input String
+ - data : Value for format specifier
+ @return - SUCCESS/FAILURE
+**/
+int pal_print_ns(const char *str, int32_t data)
+{
+ if (printf(str, data) < 0)
+ {
+ return PAL_STATUS_ERROR;
+ }
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Initializes an hardware watchdog timer
+
+ This implementation doesn't support watchdogs so this is a noop.
+
+ @param - base_addr : Base address of the watchdog module
+ - time_us : Time in micro seconds
+ - timer_tick_us : Number of ticks per micro second
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
+{
+ (void)base_addr;
+ (void)time_us;
+ (void)timer_tick_us;
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Enables a hardware watchdog timer
+
+ This implementation doesn't support watchdogs so this is a noop.
+
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_enable_ns(addr_t base_addr)
+{
+ (void)base_addr;
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Disables a hardware watchdog timer
+
+ This implementation doesn't support watchdogs so this is a noop.
+
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_disable_ns(addr_t base_addr)
+{
+ (void)base_addr;
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Terminates the simulation at the end of all tests completion.
+
+ This implementation just calls exit.
+
+ @param - void
+ @return - void
+**/
+void pal_terminate_simulation(void)
+{
+ ;
+}
+
+/**
+ * @brief - Resets the system.
+ * @param - void
+ * @return - SUCCESS/FAILURE
+**/
+int pal_system_reset(void)
+{
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_storage_config.h b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_storage_config.h
new file mode 100755
index 0000000..bbb3741
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_storage_config.h
@@ -0,0 +1,24 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_STORAGE_CONFIG_H_
+#define _PAL_STORAGE_CONFIG_H_
+
+/* Platform specific max UID's size */
+#define ARCH_TEST_STORAGE_UID_MAX_SIZE 512
+
+#endif /* _PAL_STORAGE_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_linux/target.cfg b/api-tests/platform/targets/tgt_dev_apis_linux/target.cfg
new file mode 100755
index 0000000..c720583
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_linux/target.cfg
@@ -0,0 +1,47 @@
+///** @file
+// * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+// * SPDX-License-Identifier : Apache-2.0
+// *
+// * Licensed under the Apache License, Version 2.0 (the "License");
+// * you may not use this file except in compliance with the License.
+// * You may obtain a copy of the License at
+// *
+// * http://www.apache.org/licenses/LICENSE-2.0
+// *
+// * Unless required by applicable law or agreed to in writing, software
+// * distributed under the License is distributed on an "AS IS" BASIS,
+// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// * See the License for the specific language governing permissions and
+// * limitations under the License.
+//**/
+
+// UART device info
+// In this implementation we don't assume there's a UART device, we just print
+// to stdout, so the values below don't mean much.
+uart.num=1;
+uart.0.base = 0x00000000;
+uart.0.size = 0x0;
+uart.0.intr_id = 0x0;
+uart.0.permission = TYPE_READ_WRITE;
+
+// Watchdog device info
+// In this implementation we don't assume there's a watchdog. Watchdog PAL
+// functions all just return SUCCESS, so the values below don't mean much.
+watchdog.num = 1;
+watchdog.0.base = 0x0;
+watchdog.0.size = 0x0;
+watchdog.0.intr_id = 0x0;
+watchdog.0.permission = TYPE_READ_WRITE;
+watchdog.0.num_of_tick_per_micro_sec = 0x0;
+watchdog.0.timeout_in_micro_sec_low = 0x0;
+watchdog.0.timeout_in_micro_sec_medium = 0x0;
+watchdog.0.timeout_in_micro_sec_high = 0x0;
+watchdog.0.timeout_in_micro_sec_crypto = 0x0;
+
+// In this implementation we don't actually use NV memory - we don't support
+// tests that require process or system restarts so NV memory isn't required.
+// The implementation just uses an array in memory.
+nvmem.num =1;
+nvmem.0.start = 0x0;
+nvmem.0.end = 0x0;
+nvmem.0.permission = TYPE_READ_WRITE;
diff --git a/api-tests/platform/targets/tgt_dev_apis_linux/target.cmake b/api-tests/platform/targets/tgt_dev_apis_linux/target.cmake
new file mode 100755
index 0000000..407bcab
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_linux/target.cmake
@@ -0,0 +1,94 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+
+# PAL C source files part of NSPE library
+list(APPEND PAL_SRC_C_NSPE )
+
+# PAL ASM source files part of NSPE library
+list(APPEND PAL_SRC_ASM_NSPE )
+
+# PAL C source files part of SPE library - driver partition
+list(APPEND PAL_SRC_C_DRIVER_SP )
+
+# PAL ASM source files part of SPE library - driver partition
+list(APPEND PAL_SRC_ASM_DRIVER_SP )
+
+# Listing all the sources required for given target
+if(${SUITE} STREQUAL "IPC")
+ message(FATAL_ERROR "IPC not supported")
+else()
+ list(APPEND PAL_SRC_C_NSPE
+ # driver files will be compiled as part of NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/pal_driver_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "CRYPTO")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/common/nspe/crypto/pal_crypto_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "PROTECTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/common/nspe/protected_storage/pal_protected_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/common/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/common/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/common/nspe/protected_storage/pal_protected_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/common/nspe/initial_attestation/pal_attestation_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/common/nspe/initial_attestation/pal_attestation_crypto.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c
+ )
+endif()
+
+# Create NSPE library
+add_library(${PSA_TARGET_PAL_NSPE_LIB} STATIC ${PAL_SRC_C_NSPE} ${PAL_SRC_ASM_NSPE})
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE ${psa_inc_path})
+endforeach()
+
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PSA_ROOT_DIR}/platform/targets/common/nspe
+ ${PSA_ROOT_DIR}/platform/targets/common/nspe/crypto
+ ${PSA_ROOT_DIR}/platform/targets/common/nspe/protected_storage
+ ${PSA_ROOT_DIR}/platform/targets/common/nspe/internal_trusted_storage
+ ${PSA_ROOT_DIR}/platform/targets/common/nspe/initial_attestation
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe
+)
+
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PSA_QCBOR_INCLUDE_PATH}
+ )
+endif()
diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/pal_attestation_config.h b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/pal_attestation_config.h
new file mode 100644
index 0000000..1089d8d
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/pal_attestation_config.h
@@ -0,0 +1,107 @@
+/** @file
+ * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_CONFIG_H_
+#define _PAL_ATTESTATION_CONFIG_H_
+
+#define COSE_ALGORITHM_ES256 -7
+#define COSE_ALG_SHA256_PROPRIETARY -72000
+
+#define USEFUL_BUF_MAKE_STACK_UB UsefulBuf_MAKE_STACK_UB
+
+#define COSE_SIG_CONTEXT_STRING_SIGNATURE1 "Signature1"
+
+/* Private value. Intentionally not documented for Doxygen.
+ * This is the size allocated for the encoded protected headers. It
+ * needs to be big enough for make_protected_header() to succeed. It
+ * currently sized for one header with an algorithm ID up to 32 bits
+ * long -- one byte for the wrapping map, one byte for the label, 5
+ * bytes for the ID. If this is made accidentially too small, QCBOR will
+ * only return an error, and not overrun any buffers.
+ *
+ * 9 extra bytes are added, rounding it up to 16 total, in case some
+ * other protected header is to be added.
+ */
+#define T_COSE_SIGN1_MAX_PROT_HEADER (1+1+5+9)
+
+/**
+ * This is the size of the first part of the CBOR encoded TBS
+ * bytes. It is around 20 bytes. See create_tbs_hash().
+ */
+#define T_COSE_SIZE_OF_TBS \
+ 1 + /* For opening the array */ \
+ sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \
+ 2 + /* Overhead for encoding string */ \
+ T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \
+ 3 * (/* 3 NULL bstrs for fields not used */ \
+ 1 /* size of a NULL bstr */ \
+ )
+#define NULL_USEFUL_BUF_C NULLUsefulBufC
+
+#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH (1 + 2 * PSA_BITS_TO_BYTES(256))
+
+typedef struct {
+ uint8_t *pubx_key;
+ size_t pubx_key_size;
+ uint8_t *puby_key;
+ size_t puby_key_size;
+} ecc_key_t;
+
+struct ecc_public_key_t {
+ const uint8_t a;
+ uint8_t public_key[]; /* X-coordinate || Y-coordinate */
+};
+
+static const struct ecc_public_key_t attest_public_key = {
+ /* Constant byte */
+ 0x04,
+ /* X-coordinate */
+ {0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
+ 0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
+ 0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
+ 0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F,
+ /* Y-coordinate */
+ 0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
+ 0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
+ 0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
+ 0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64},
+};
+
+static const uint8_t initial_attestation_public_x_key[] = {
+ 0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
+ 0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
+ 0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
+ 0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F
+};
+
+static const uint8_t initial_attestation_public_y_key[] = {
+ 0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
+ 0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
+ 0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
+ 0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64
+};
+
+/* Initialize the structure with given public key */
+static const ecc_key_t attest_key = {
+ (uint8_t *)initial_attestation_public_x_key,
+ sizeof(initial_attestation_public_x_key),
+ (uint8_t *)initial_attestation_public_y_key,
+ sizeof(initial_attestation_public_y_key)
+};
+
+#endif /* _PAL_ATTESTATION_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/pal_config.h
index df6cef0..e3fb297 100644
--- a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -56,10 +56,10 @@
#endif /* PSA_CMAKE_BUILD */
/* Version of crypto spec used in attestation */
-#define CRYPTO_VERSION_BETA2
+#define CRYPTO_VERSION_BETA3
/* Use hardcoded public key */
-//#define PLATFORM_OVERRIDE_ATTEST_PK
+#define PLATFORM_OVERRIDE_ATTEST_PK
/*
* Include of PSA defined Header files
diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/target.cmake b/api-tests/platform/targets/tgt_dev_apis_stdc/target.cmake
index 7d002d1..6d97160 100644
--- a/api-tests/platform/targets/tgt_dev_apis_stdc/target.cmake
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/target.cmake
@@ -1,5 +1,5 @@
#/** @file
-# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -114,7 +114,19 @@
_create_psa_stdc_exe(psa-arch-tests-storage storage)
endif()
if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
- message(FATAL_ERROR "Initial attestation not supported")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/common/nspe/initial_attestation/pal_attestation_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/common/nspe/initial_attestation/pal_attestation_crypto.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c
+ )
+ if(NOT DEFINED PSA_INITIAL_ATTESTATION_LIB_FILENAME)
+ message(FATAL_ERROR "ERROR: PSA_STORAGE_LIB_FILENAME undefined.")
+ endif()
+_create_psa_stdc_exe(psa-arch-tests-initial-attestation initial-attestation)
+
endif()
# Create NSPE library
@@ -130,5 +142,16 @@
${PSA_ROOT_DIR}/platform/targets/common/nspe/crypto
${PSA_ROOT_DIR}/platform/targets/common/nspe/protected_storage
${PSA_ROOT_DIR}/platform/targets/common/nspe/internal_trusted_storage
+ ${PSA_ROOT_DIR}/platform/targets/common/nspe/initial_attestation
${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe
)
+
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PSA_QCBOR_INCLUDE_PATH}
+ )
+# if(NOT DEFINED PSA_INITIAL_ATTESTATION_LIB_FILENAME)
+# message(FATAL_ERROR "ERROR: PSA_STORAGE_LIB_FILENAME undefined.")
+# endif()
+#_create_psa_stdc_exe(psa-arch-tests-initial-attestation initial-attestation)
+endif()
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/pal_config.h
index c9a3597..304ee56 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -48,7 +48,7 @@
#define CRYPTO_VERSION_BETA3
/* Use hardcoded public key */
-//#define PLATFORM_OVERRIDE_ATTEST_PK
+#define PLATFORM_OVERRIDE_ATTEST_PK
/*
* Include of PSA defined Header files
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/pal_config.h
index c9a3597..304ee56 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -48,7 +48,7 @@
#define CRYPTO_VERSION_BETA3
/* Use hardcoded public key */
-//#define PLATFORM_OVERRIDE_ATTEST_PK
+#define PLATFORM_OVERRIDE_ATTEST_PK
/*
* Include of PSA defined Header files
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an539/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an539/nspe/pal_config.h
index 59ff02a..089a0c9 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an539/nspe/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an539/nspe/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -48,7 +48,7 @@
#define CRYPTO_VERSION_BETA3
/* Use hardcoded public key */
-//#define PLATFORM_OVERRIDE_ATTEST_PK
+#define PLATFORM_OVERRIDE_ATTEST_PK
/*
* Include of PSA defined Header files
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_config.h
index c9a3597..304ee56 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -48,7 +48,7 @@
#define CRYPTO_VERSION_BETA3
/* Use hardcoded public key */
-//#define PLATFORM_OVERRIDE_ATTEST_PK
+#define PLATFORM_OVERRIDE_ATTEST_PK
/*
* Include of PSA defined Header files
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/pal_config.h
index c9a3597..304ee56 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -48,7 +48,7 @@
#define CRYPTO_VERSION_BETA3
/* Use hardcoded public key */
-//#define PLATFORM_OVERRIDE_ATTEST_PK
+#define PLATFORM_OVERRIDE_ATTEST_PK
/*
* Include of PSA defined Header files
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_s1/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_s1/nspe/pal_config.h
index 59ff02a..089a0c9 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_s1/nspe/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_s1/nspe/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -48,7 +48,7 @@
#define CRYPTO_VERSION_BETA3
/* Use hardcoded public key */
-//#define PLATFORM_OVERRIDE_ATTEST_PK
+#define PLATFORM_OVERRIDE_ATTEST_PK
/*
* Include of PSA defined Header files
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/nspe/pal_attestation_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/nspe/pal_attestation_config.h
index 6817b5f..dc7aa2e 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/nspe/pal_attestation_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/nspe/pal_attestation_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -42,14 +42,16 @@
* This is the size of the first part of the CBOR encoded TBS
* bytes. It is around 20 bytes. See create_tbs_hash().
*/
-#define T_COSE_SIZE_OF_TBS \
+#define T_COSE_SIZE_OF_TBS { \
1 + /* For opening the array */ \
sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \
2 + /* Overhead for encoding string */ \
T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \
3 * (/* 3 NULL bstrs for fields not used */ \
1 /* size of a NULL bstr */ \
- )
+ ) \
+}
+
#define NULL_USEFUL_BUF_C NULLUsefulBufC
#define ATTEST_PUBLIC_KEY_SLOT 4
@@ -105,3 +107,4 @@
};
#endif /* _PAL_ATTESTATION_CONFIG_H_ */
+
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/nspe/pal_config.h
index c9a3597..b05dcba 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/nspe/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/nspe/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -22,6 +22,7 @@
#include "pal_attestation_config.h"
#include "pal_storage_config.h"
+
/* Define PSA test suite dependent macros for non-cmake build */
#if !defined(PSA_CMAKE_BUILD)
@@ -48,7 +49,7 @@
#define CRYPTO_VERSION_BETA3
/* Use hardcoded public key */
-//#define PLATFORM_OVERRIDE_ATTEST_PK
+#define PLATFORM_OVERRIDE_ATTEST_PK
/*
* Include of PSA defined Header files
@@ -92,4 +93,19 @@
#include "psa/initial_attestation.h"
#endif
+extern int tfm_log_printf(const char *, ...);
+extern int32_t tfm_platform_system_reset(void);
+
+/* Initialize the timer with the given number of ticks. */
+extern void pal_timer_init_ns(uint32_t ticks);
+
+/* Start the timer. */
+extern void pal_timer_start_ns(void);
+
+/* Stop and reset the timer. */
+extern void pal_timer_stop_ns(void);
+
+/* Get the address of a free, word-aligned, 1K memory area. */
+extern uint32_t pal_nvmem_get_addr(void);
+
#endif /* _PAL_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/nspe/pal_driver_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/nspe/pal_driver_intf.c
index 7ffe64c..126628a 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/nspe/pal_driver_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/nspe/pal_driver_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,22 +18,6 @@
#include "pal_common.h"
#include "pal_nvmem.h"
-
-extern int tfm_log_printf(const char *, ...);
-extern int32_t tfm_platform_system_reset(void);
-
-/* Initialize the timer with the given number of ticks. */
-extern void pal_timer_init_ns(uint32_t ticks);
-
-/* Start the timer. */
-extern void pal_timer_start_ns(void);
-
-/* Stop and reset the timer. */
-extern void pal_timer_stop_ns(void);
-
-/* Get the address of a free, word-aligned, 1K memory area. */
-extern uint32_t pal_nvmem_get_addr(void);
-
/**
@brief - This function initializes the UART
@param - uart base addr
@@ -107,7 +91,7 @@
**/
int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
{
- if (base != 0){
+ if (base != 0) {
/* Unexpected base address */
return PAL_STATUS_ERROR;
}
@@ -126,7 +110,7 @@
**/
int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
{
- if (base != 0){
+ if (base != 0) {
/* Unexpected base address */
return PAL_STATUS_ERROR;
}
@@ -145,7 +129,7 @@
{
/* Add logic to terminate the simluation */
- while(1)
+ while (1)
{
__asm volatile("WFI");
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/target.cfg b/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/target.cfg
index 2a31380..8e3b5dc 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/target.cfg
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_nrf/target.cfg
@@ -1,5 +1,5 @@
///** @file
-// * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+// * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
// * SPDX-License-Identifier : Apache-2.0
// *
// * Licensed under the Apache License, Version 2.0 (the "License");
@@ -29,6 +29,6 @@
watchdog.0.timeout_in_micro_sec_crypto = 60000000; //60 secs
// Range of 1KB Non-volatile memory to preserve data over reset. Ex, NVRAM and FLASH
-nvmem.num = 1;
+nvmem.num =1;
nvmem.0.start = 0; // Unused value;
nvmem.0.end = 0x3ff;
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_psoc64/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_psoc64/nspe/pal_config.h
index ffb6a26..58aca3a 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_psoc64/nspe/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_psoc64/nspe/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -48,7 +48,7 @@
#define CRYPTO_VERSION_BETA3
/* Use hardcoded public key */
-//#define PLATFORM_OVERRIDE_ATTEST_PK
+#define PLATFORM_OVERRIDE_ATTEST_PK
/*
* Include of PSA defined Header files
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_stm32l562e_dk/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_stm32l562e_dk/nspe/pal_config.h
index c9a3597..304ee56 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_stm32l562e_dk/nspe/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_stm32l562e_dk/nspe/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -48,7 +48,7 @@
#define CRYPTO_VERSION_BETA3
/* Use hardcoded public key */
-//#define PLATFORM_OVERRIDE_ATTEST_PK
+#define PLATFORM_OVERRIDE_ATTEST_PK
/*
* Include of PSA defined Header files
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/pal_config.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/pal_config.h
index 0c956f5..e5578d9 100644
--- a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/pal_config.h
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -44,7 +44,7 @@
#define CRYPTO_VERSION_BETA3
/* Use hardcoded public key */
-//#define PLATFORM_OVERRIDE_ATTEST_PK
+#define PLATFORM_OVERRIDE_ATTEST_PK
/*
* Include of PSA defined Header files
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/pal_driver_ipc_intf.c
index ba4b84b..dbc87a9 100644
--- a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/pal_driver_ipc_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -24,7 +24,6 @@
**/
int pal_uart_init_ns(uint32_t uart_base_addr)
{
- psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
uart_fn_type_t uart_fn = UART_INIT;
@@ -32,13 +31,21 @@
{&uart_base_addr, sizeof(uart_base_addr)},
{NULL, 0}};
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_UART_HANDLE, 0, data, 3, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t print_handle = 0;
print_handle = psa_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
if (PSA_HANDLE_IS_VALID(print_handle))
{
- status_of_call = psa_call(print_handle, 0, data, 3, NULL, 0);
- psa_close(print_handle);
- if (status_of_call != PSA_SUCCESS)
- return PAL_STATUS_ERROR;
+ status_of_call = psa_call(print_handle, 0, data, 3, NULL, 0);
+ psa_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
return PAL_STATUS_SUCCESS;
}
@@ -46,6 +53,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -59,7 +67,6 @@
{
int string_len = 0;
const char *p = str;
- psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
uart_fn_type_t uart_fn = UART_PRINT;
@@ -72,7 +79,14 @@
psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)},
{str, string_len+1},
{&data, sizeof(data)}};
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_UART_HANDLE, 0, data1, 3, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t print_handle = 0;
print_handle = psa_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
if (PSA_HANDLE_IS_VALID(print_handle))
{
@@ -87,6 +101,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -99,7 +114,6 @@
int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
{
wd_param_t wd_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
wd_param.wd_fn_type = WD_INIT_SEQ;
@@ -108,6 +122,15 @@
wd_param.wd_timer_tick_us = timer_tick_us;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_WATCHDOG_HANDLE, 0, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -122,6 +145,8 @@
{
return PAL_STATUS_ERROR;
}
+#endif
+
}
/**
@@ -132,7 +157,6 @@
int pal_wd_timer_enable_ns(addr_t base_addr)
{
wd_param_t wd_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
wd_param.wd_fn_type = WD_ENABLE_SEQ;
@@ -141,6 +165,14 @@
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_WATCHDOG_HANDLE, 0, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -155,6 +187,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -165,7 +198,6 @@
int pal_wd_timer_disable_ns(addr_t base_addr)
{
wd_param_t wd_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
wd_param.wd_fn_type = WD_DISABLE_SEQ;
@@ -173,6 +205,14 @@
wd_param.wd_time_us = 0;
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_WATCHDOG_HANDLE, 0, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
@@ -188,6 +228,8 @@
{
return PAL_STATUS_ERROR;
}
+#endif
+
}
/**
@@ -201,7 +243,6 @@
int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
{
nvmem_param_t nvmem_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
nvmem_param.nvmem_fn_type = NVMEM_READ;
@@ -210,7 +251,14 @@
nvmem_param.size = size;
psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)}};
psa_outvec outvec[1] = {{buffer, size}};
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_NVMEM_HANDLE, 0, invec, 1, outvec, 1);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -225,6 +273,8 @@
{
return PAL_STATUS_ERROR;
}
+#endif
+
}
/**
@@ -238,7 +288,7 @@
int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
{
nvmem_param_t nvmem_param;
- psa_handle_t handle = 0;
+
psa_status_t status_of_call = PSA_SUCCESS;
nvmem_param.nvmem_fn_type = NVMEM_WRITE;
@@ -246,7 +296,14 @@
nvmem_param.offset = offset;
nvmem_param.size = size;
psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_NVMEM_HANDLE, 0, invec, 2, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -261,6 +318,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/pal_config.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/pal_config.h
index 0c956f5..e5578d9 100644
--- a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/pal_config.h
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -44,7 +44,7 @@
#define CRYPTO_VERSION_BETA3
/* Use hardcoded public key */
-//#define PLATFORM_OVERRIDE_ATTEST_PK
+#define PLATFORM_OVERRIDE_ATTEST_PK
/*
* Include of PSA defined Header files
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/pal_driver_ipc_intf.c
index ba4b84b..9f8b708 100644
--- a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/pal_driver_ipc_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -24,7 +24,6 @@
**/
int pal_uart_init_ns(uint32_t uart_base_addr)
{
- psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
uart_fn_type_t uart_fn = UART_INIT;
@@ -32,6 +31,14 @@
{&uart_base_addr, sizeof(uart_base_addr)},
{NULL, 0}};
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_UART_HANDLE, 0, data, 3, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t print_handle = 0;
print_handle = psa_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
if (PSA_HANDLE_IS_VALID(print_handle))
{
@@ -46,6 +53,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -59,7 +67,6 @@
{
int string_len = 0;
const char *p = str;
- psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
uart_fn_type_t uart_fn = UART_PRINT;
@@ -73,6 +80,14 @@
{str, string_len+1},
{&data, sizeof(data)}};
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_UART_HANDLE, 0, data1, 3, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t print_handle = 0;
print_handle = psa_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
if (PSA_HANDLE_IS_VALID(print_handle))
{
@@ -87,6 +102,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -99,7 +115,6 @@
int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
{
wd_param_t wd_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
wd_param.wd_fn_type = WD_INIT_SEQ;
@@ -108,6 +123,14 @@
wd_param.wd_timer_tick_us = timer_tick_us;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_WATCHDOG_HANDLE, 0, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -122,6 +145,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -132,7 +156,6 @@
int pal_wd_timer_enable_ns(addr_t base_addr)
{
wd_param_t wd_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
wd_param.wd_fn_type = WD_ENABLE_SEQ;
@@ -141,6 +164,14 @@
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_WATCHDOG_HANDLE, 0, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -155,6 +186,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -165,7 +197,6 @@
int pal_wd_timer_disable_ns(addr_t base_addr)
{
wd_param_t wd_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
wd_param.wd_fn_type = WD_DISABLE_SEQ;
@@ -174,6 +205,14 @@
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_WATCHDOG_HANDLE, 0, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -188,6 +227,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -201,7 +241,6 @@
int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
{
nvmem_param_t nvmem_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
nvmem_param.nvmem_fn_type = NVMEM_READ;
@@ -211,6 +250,14 @@
psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)}};
psa_outvec outvec[1] = {{buffer, size}};
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_NVMEM_HANDLE, 0, invec, 1, outvec, 1);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -225,6 +272,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -238,7 +286,6 @@
int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
{
nvmem_param_t nvmem_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
nvmem_param.nvmem_fn_type = NVMEM_WRITE;
@@ -247,6 +294,14 @@
nvmem_param.size = size;
psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_NVMEM_HANDLE, 0, invec, 2, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -261,6 +316,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/pal_config.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/pal_config.h
index 5dc14f1..7957254 100644
--- a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/pal_config.h
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -44,7 +44,7 @@
#define CRYPTO_VERSION_BETA3
/* Use hardcoded public key */
-//#define PLATFORM_OVERRIDE_ATTEST_PK
+#define PLATFORM_OVERRIDE_ATTEST_PK
/*
* Include of PSA defined Header files
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/pal_driver_ipc_intf.c
index 7c3b02f..47768d7 100644
--- a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/pal_driver_ipc_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -24,7 +24,6 @@
**/
int pal_uart_init_ns(uint32_t uart_base_addr)
{
- psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
uart_fn_type_t uart_fn = UART_INIT;
@@ -32,6 +31,14 @@
{&uart_base_addr, sizeof(uart_base_addr)},
{NULL, 0} };
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_UART_HANDLE, 0, data, 3, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t print_handle = 0;
print_handle = psa_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
if (PSA_HANDLE_IS_VALID(print_handle))
{
@@ -46,6 +53,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -59,7 +67,6 @@
{
int string_len = 0;
const char *p = str;
- psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
uart_fn_type_t uart_fn = UART_PRINT;
@@ -73,6 +80,14 @@
{str, string_len+1},
{&data, sizeof(data)} };
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_UART_HANDLE, 0, data1, 3, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t print_handle = 0;
print_handle = psa_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
if (PSA_HANDLE_IS_VALID(print_handle))
{
@@ -87,6 +102,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -99,7 +115,6 @@
int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
{
wd_param_t wd_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
wd_param.wd_fn_type = WD_INIT_SEQ;
@@ -108,6 +123,15 @@
wd_param.wd_timer_tick_us = timer_tick_us;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} };
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_WATCHDOG_HANDLE, 0, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -122,6 +146,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -132,7 +157,6 @@
int pal_wd_timer_enable_ns(addr_t base_addr)
{
wd_param_t wd_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
wd_param.wd_fn_type = WD_ENABLE_SEQ;
@@ -141,6 +165,14 @@
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} };
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_WATCHDOG_HANDLE, 0, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -155,6 +187,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -165,7 +198,6 @@
int pal_wd_timer_disable_ns(addr_t base_addr)
{
wd_param_t wd_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
wd_param.wd_fn_type = WD_DISABLE_SEQ;
@@ -174,6 +206,14 @@
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} };
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_WATCHDOG_HANDLE, 0, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -188,6 +228,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -201,7 +242,6 @@
int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
{
nvmem_param_t nvmem_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
nvmem_param.nvmem_fn_type = NVMEM_READ;
@@ -210,7 +250,14 @@
nvmem_param.size = size;
psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)} };
psa_outvec outvec[1] = {{buffer, size} };
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_NVMEM_HANDLE, 0, invec, 1, outvec, 1);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -225,6 +272,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -238,7 +286,6 @@
int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
{
nvmem_param_t nvmem_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
nvmem_param.nvmem_fn_type = NVMEM_WRITE;
@@ -246,7 +293,14 @@
nvmem_param.offset = offset;
nvmem_param.size = size;
psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size} };
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_NVMEM_HANDLE, 0, invec, 2, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -261,6 +315,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cfg b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cfg
index 2e5ac7f..f9ac826 100644
--- a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cfg
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cfg
@@ -28,11 +28,11 @@
watchdog.0.size = 0xFFF;
watchdog.0.intr_id = 0xFF;
watchdog.0.permission = TYPE_READ_WRITE;
-watchdog.0.num_of_tick_per_micro_sec = 0x3; //(sys_feq/1000000)
-watchdog.0.timeout_in_micro_sec_low = 0xF4240; //1.0 sec : 1 * 1000 * 1000
-watchdog.0.timeout_in_micro_sec_medium = 0x1E8480; //2.0 sec : 2 * 1000 * 1000
-watchdog.0.timeout_in_micro_sec_high = 0x4C4B40; //5.0 sec : 5 * 1000 * 1000
-watchdog.0.timeout_in_micro_sec_crypto = 0x1312D00; //18.0 sec : 18 * 1000 * 1000
+watchdog.0.num_of_tick_per_micro_sec = 0x3; //(sys_feq/1000000)
+watchdog.0.timeout_in_micro_sec_low = 20000000; //20.0 sec : 20 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_medium = 20000000; //20.0 sec : 20 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_high = 20000000; //20.0 sec : 20 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_crypto = 20000000; //20.0 sec : 20 * 1000 * 1000
// Range of 1KB Non-volatile memory to preserve data over reset. Ex, NVRAM and FLASH
nvmem.num =1;
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_s1/nspe/pal_config.h b/api-tests/platform/targets/tgt_ff_tfm_musca_s1/nspe/pal_config.h
index d0b8ac0..fc2eed3 100644
--- a/api-tests/platform/targets/tgt_ff_tfm_musca_s1/nspe/pal_config.h
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_s1/nspe/pal_config.h
@@ -44,7 +44,7 @@
#define CRYPTO_VERSION_BETA3
/* Use hardcoded public key */
-//#define PLATFORM_OVERRIDE_ATTEST_PK
+#define PLATFORM_OVERRIDE_ATTEST_PK
/*
* Include of PSA defined Header files
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_s1/nspe/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_s1/nspe/pal_driver_ipc_intf.c
index bcf7ccf..47768d7 100644
--- a/api-tests/platform/targets/tgt_ff_tfm_musca_s1/nspe/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_s1/nspe/pal_driver_ipc_intf.c
@@ -24,7 +24,6 @@
**/
int pal_uart_init_ns(uint32_t uart_base_addr)
{
- psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
uart_fn_type_t uart_fn = UART_INIT;
@@ -32,6 +31,14 @@
{&uart_base_addr, sizeof(uart_base_addr)},
{NULL, 0} };
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_UART_HANDLE, 0, data, 3, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t print_handle = 0;
print_handle = psa_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
if (PSA_HANDLE_IS_VALID(print_handle))
{
@@ -46,6 +53,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -59,7 +67,6 @@
{
int string_len = 0;
const char *p = str;
- psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
uart_fn_type_t uart_fn = UART_PRINT;
@@ -73,6 +80,14 @@
{str, string_len+1},
{&data, sizeof(data)} };
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_UART_HANDLE, 0, data1, 3, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t print_handle = 0;
print_handle = psa_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
if (PSA_HANDLE_IS_VALID(print_handle))
{
@@ -87,6 +102,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -99,7 +115,6 @@
int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
{
wd_param_t wd_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
wd_param.wd_fn_type = WD_INIT_SEQ;
@@ -108,6 +123,15 @@
wd_param.wd_timer_tick_us = timer_tick_us;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} };
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_WATCHDOG_HANDLE, 0, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -122,6 +146,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -132,7 +157,6 @@
int pal_wd_timer_enable_ns(addr_t base_addr)
{
wd_param_t wd_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
wd_param.wd_fn_type = WD_ENABLE_SEQ;
@@ -141,6 +165,14 @@
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} };
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_WATCHDOG_HANDLE, 0, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -155,6 +187,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -165,7 +198,6 @@
int pal_wd_timer_disable_ns(addr_t base_addr)
{
wd_param_t wd_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
wd_param.wd_fn_type = WD_DISABLE_SEQ;
@@ -174,6 +206,14 @@
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} };
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_WATCHDOG_HANDLE, 0, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -188,6 +228,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -201,7 +242,6 @@
int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
{
nvmem_param_t nvmem_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
nvmem_param.nvmem_fn_type = NVMEM_READ;
@@ -210,7 +250,14 @@
nvmem_param.size = size;
psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)} };
psa_outvec outvec[1] = {{buffer, size} };
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_NVMEM_HANDLE, 0, invec, 1, outvec, 1);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -225,6 +272,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
@@ -238,7 +286,6 @@
int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
{
nvmem_param_t nvmem_param;
- psa_handle_t handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
nvmem_param.nvmem_fn_type = NVMEM_WRITE;
@@ -246,7 +293,14 @@
nvmem_param.offset = offset;
nvmem_param.size = size;
psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size} };
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_NVMEM_HANDLE, 0, invec, 2, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+ return PAL_STATUS_SUCCESS;
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -261,6 +315,7 @@
{
return PAL_STATUS_ERROR;
}
+#endif
}
/**
diff --git a/api-tests/tools/cmake/compiler/GCC_LINUX.cmake b/api-tests/tools/cmake/compiler/GCC_LINUX.cmake
new file mode 100755
index 0000000..fea82d1
--- /dev/null
+++ b/api-tests/tools/cmake/compiler/GCC_LINUX.cmake
@@ -0,0 +1,61 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+set(CMAKE_SYSTEM_NAME Generic)
+if(CPU_ARCH STREQUAL "armv8a")
+ set(CMKE_SYSTEM_PROCESSOR ARM)
+else()
+ set(CMKE_SYSTEM_PROCESSOR x86_64)
+endif()
+
+if(DEFINED COMPILER_NAME)
+ set(_C_TOOLCHAIN_NAME ${COMPILER_NAME})
+else()
+ set(_C_TOOLCHAIN_NAME gcc)
+endif()
+
+
+if(WIN32)
+ if (NOT DEFINED GCC_LINUX_PATH)
+ set(GCC_LINUX_PATH "C:" CACHE PATH "Install directory for Host GCC Compiler")
+ endif()
+else(WIN32)
+ if (NOT DEFINED GCC_LINUX_PATH)
+ set(GCC_LINUX_PATH "/" CACHE PATH "Install directory for Host GCC Compiler")
+ endif()
+endif(WIN32)
+
+find_program(
+ _C_TOOLCHAIN_PATH
+ ${_C_TOOLCHAIN_NAME}
+ PATHS env PATH
+ HINTS ${GCC_LINUX_PATH}
+ HINTS bin
+)
+
+if(_C_TOOLCHAIN_PATH STREQUAL "_C_TOOLCHAIN_PATH-NOTFOUND")
+ message(FATAL_ERROR "[PSA] : Couldn't find ${_C_TOOLCHAIN_NAME}."
+ " Either put ${_C_TOOLCHAIN_NAME} on the PATH or set GNUARM_PATH set properly.")
+endif()
+
+set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY)
+
+foreach(_LNG IN ITEMS "C" "ASM")
+ set(CMAKE_${_LNG}_COMPILER ${_C_TOOLCHAIN_PATH})
+ set(CMAKE_C_FLAGS "-g -Wall -Werror -Werror -std=c99")
+ message(STATUS "[PSA] : ${_LNG} compiler used '${CMAKE_${_LNG}_COMPILER}'")
+endforeach()
diff --git a/api-tests/tools/cmake/compiler/GNUARM.cmake b/api-tests/tools/cmake/compiler/GNUARM.cmake
index faf1755..20102e1 100644
--- a/api-tests/tools/cmake/compiler/GNUARM.cmake
+++ b/api-tests/tools/cmake/compiler/GNUARM.cmake
@@ -18,11 +18,7 @@
set(CMAKE_SYSTEM_NAME Generic)
set(CMKE_SYSTEM_PROCESSOR ARM)
-if (DEFINED CROSS_COMPILE)
- set(_C_TOOLCHAIN_NAME ${CROSS_COMPILE}-gcc)
-else()
- set(_C_TOOLCHAIN_NAME arm-none-eabi-gcc)
-endif()
+set(_C_TOOLCHAIN_NAME arm-none-eabi-gcc)
if(WIN32)
if (NOT DEFINED GNUARM_PATH)
@@ -44,7 +40,7 @@
if(_C_TOOLCHAIN_PATH STREQUAL "_C_TOOLCHAIN_PATH-NOTFOUND")
message(FATAL_ERROR "[PSA] : Couldn't find ${_C_TOOLCHAIN_NAME}."
- " Either put ${_C_TOOLCHAIN_NAME} on the PATH or set GNUARM_PATH or CROSS_COMPILE properly.")
+ " Either put ${_C_TOOLCHAIN_NAME} on the PATH or set GNUARM_PATH set properly.")
endif()
set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY)
diff --git a/api-tests/tools/cmake/compiler/HOST_GCC.cmake b/api-tests/tools/cmake/compiler/HOST_GCC.cmake
index 35c9d54..2071b12 100644
--- a/api-tests/tools/cmake/compiler/HOST_GCC.cmake
+++ b/api-tests/tools/cmake/compiler/HOST_GCC.cmake
@@ -1,5 +1,5 @@
#/** @file
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2019-2021, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -50,3 +50,4 @@
set(CMAKE_C_FLAGS "-g -Wall -Werror -Werror -std=c99")
message(STATUS "[PSA] : ${_LNG} compiler used '${CMAKE_${_LNG}_COMPILER}'")
endforeach()
+add_definitions(-DHOST_GCC_MISSING_CRYPTO_1_0=1)
diff --git a/api-tests/tools/utils/README.md b/api-tests/tools/utils/README.md
new file mode 100644
index 0000000..01adabe
--- /dev/null
+++ b/api-tests/tools/utils/README.md
@@ -0,0 +1,37 @@
+
+# Log Analysis Tool
+
+Prerequisites :
+Python 3.7 with Tkinter Package
+
+This Directory contain script for analysis of log result.
+Log Analysis Tool wil take test logs as input and display results in tree format. It will show the tests accroding to the APIs.
+
+## How to execute:
+```
+python log_analysis_tool.py
+```
+
+By running the script GUI will be open.
+
+## How to use GUI Tool:
+1. When GUI is opened on top left side Menu option will come.
+
+2. From Menu there will be 3 submenu options.
+ Select Log File: For selecting single test suite log file.
+ Select Log Folder: For selecting folder for multiple test suite files.
+ Exit: For exiting from GUI Tool.
+ Note: While selecting make sure you have only log files in selected folder and not more than one log file for one test suite.
+
+3. The test suite tree node will be generated. User can expand and collapse the nodes.
+
+4. By double clicking on TEST node, it will show detail description of that test on right hand side of window.
+
+5. By right clicking on any node, menu will be open. This menu will contain three options.
+ Summary: Display summary result of the node on the right hand side window.
+ Expand: For expanding all nodes for all level from current expanding level.
+ Collapse: For collapsing all nodes for all level from current collapsing level.
+ Note: The node which has not any leaf nodes will not perform any of right click menu functionality.
+
+
+*Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/tools/utils/log_analysis_tool.py b/api-tests/tools/utils/log_analysis_tool.py
new file mode 100644
index 0000000..abcd4af
--- /dev/null
+++ b/api-tests/tools/utils/log_analysis_tool.py
@@ -0,0 +1,772 @@
+#! /usr/bin/env python
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+import os, sys, re
+
+gtoplevel = None
+filename=''
+filename_dir = []
+testsuite_list = []
+f_temp=[]
+testsuite_temp=[]
+
+
+try:
+ import Tkinter as tk
+ from Tkinter import tkFileDialog as fd
+ from Tkinter import *
+except ImportError:
+ import tkinter as tk
+ from tkinter import filedialog as fd
+ from tkinter import *
+
+try:
+ import ttk
+ py3 = False
+except ImportError:
+ import tkinter.ttk as ttk
+ py3 = True
+
+try:
+ from tkinter import messagebox
+except:
+ import tkMessageBox as messagebox
+
+# Browse the single testsuite log file
+def browseLogFile():
+ clearText()
+ clearTree()
+ filename_dir.clear()
+ testsuite_list.clear()
+ f_temp.clear()
+ global filename
+ global gtoplevel
+ try:
+ ftypes = [('all types', '*.*')]
+ filename = fd.askopenfilename(initialdir="/", title="Select A File", filetypes=ftypes)
+ if filename == "":
+ clearText()
+ gtoplevel.Scrolledtext1.insert("end", "\nPlease Select File\n")
+ return;
+ filename_dir.append(filename)
+ findTestSuite(filename)
+
+ except Exception as e:
+ gtoplevel.Scrolledtext1.insert("end", "EXCEPTION : " + str(e) + "\n")
+ pass
+
+# Browse multiple testsuite log files in single folder
+def browseLogFolder():
+ global filename_dir
+ global gtoplevel
+ testsuite_list.clear()
+ clearText()
+ clearTree()
+ filename_dir.clear()
+ f_temp.clear()
+ testsuite_temp.clear()
+
+
+ try:
+ dirname = fd.askdirectory()
+ if dirname == "":
+ clearText()
+ gtoplevel.Scrolledtext1.insert("end", "\nPlease Select Directory\n")
+ return;
+ for path in os.listdir(dirname):
+ full_path = os.path.join(dirname, path)
+ if os.path.isfile(full_path):
+ filename_dir.append(full_path)
+ for file in filename_dir:
+ findTestSuite(file)
+ for f1 in f_temp:
+ filename_dir.remove(f1)
+
+ if testsuite_temp:
+ testsuite_temp1 = set(testsuite_temp)
+ messagebox.showwarning("Warning","{} Test Suite file is already exists. \nAll the duplicate test suite will not be added.".format(testsuite_temp1))
+ testsuite_temp1.clear()
+
+ except Exception as e:
+ gtoplevel.Scrolledtext1.insert("end", "EXCEPTION : " + str(e) + "\n")
+ pass
+
+# Find testsuite from file.
+def findTestSuite(filename):
+ ut = False
+ global gtoplevel
+ f = open(filename, 'r+')
+ try:
+
+ for line in f:
+ if re.search(r'PSA\sArchitecture\sTest\sSuite\s-\sVersion\s(.*?)\s',line):
+ testsuite_version = re.search(r'PSA\sArchitecture\sTest\sSuite\s-\sVersion\s(.*?)\s',line).group(1)
+ gtoplevel.Scrolledtreeview1.heading("#0", text="PSA Arch Test Suite "+testsuite_version)
+ break
+ for line in f:
+ if re.search(r'^Running..\s(.*?)\sSuite$', line):
+ testsuite = re.search("Running..\s(.*?)\sSuite", line).group(1)
+ if testsuite in testsuite_list:
+ f_temp.append(filename)
+ testsuite_temp.append(testsuite)
+ else:
+ testsuite_list.append(testsuite)
+
+ for line in f:
+ if re.search(r'^TEST:\s[0-9]+\s\|\sDESCRIPTION:\sTesting\s.*\s.*\sAPIs\s\|\sUT:\s.*\n', line):
+ ut = True
+ break
+ if testsuite == "":
+ gtoplevel.Scrolledtext1.insert("end","Please Select Proper File")
+ if ut is True:
+ if testsuite == "Storage":
+ storageDataExtraction(filename, testsuite)
+ else:
+ testsuiteDataExtraction(filename, testsuite)
+ else:
+ if testsuite=="Attestation":
+ attestationDataExtraction(filename, testsuite)
+ elif testsuite=="Storage":
+ storageDataExtraction(filename, testsuite)
+ elif testsuite=="Crypto":
+ cryptoDataExtraction(filename, testsuite)
+ break
+
+ except Exception as e:
+ gtoplevel.Scrolledtext1.insert("end", "EXCEPTION : " + str(e) + "\n")
+ pass
+
+
+# Tests extraction from file. It will create list of tests.
+def testsExtraction(fname):
+ f = open(fname, 'r+')
+ test = None
+ tests = []
+ is_test = False
+ for line in f:
+ if not is_test and line.startswith('TEST:'):
+ is_test = True
+ test = []
+
+ elif is_test and line.startswith('TEST RESULT:'):
+ test.append(line)
+ is_test = False
+ tests.append(''.join(test))
+ test = None
+
+ if is_test:
+ test.append(line)
+ return tests
+
+
+# Crypto testsuite data extaction
+def cryptoDataExtraction(fname, testsuite):
+ global gtoplevel
+ tests = testsExtraction(fname)
+ testsuite = testsuite.lower()
+ firstlevel = []
+ secondlevel = []
+ thirdlevel = []
+
+ gtoplevel.Scrolledtreeview1.insert(parent='', index='end', iid=testsuite, text=testsuite)
+
+ for i in tests:
+ if re.search(r'^TEST:\s201',i):
+ gtoplevel.Scrolledtreeview1.insert(parent=testsuite, index='end', iid="basic", text="Basic")
+ gtoplevel.Scrolledtreeview1.insert(parent="basic", index='end', iid="psa_crypto_init", text="psa_crypto_init")
+ test_num = re.search(r'(.*?)\sDESCRIPTION:', i).group(1)
+ test_result = re.search(r'TEST\sRESULT:\s(.*?)\s', i).group(1)
+ b = test_num + " " + test_result
+ b_temp = b.replace(" ","")
+ gtoplevel.Scrolledtreeview1.insert(parent="psa_crypto_init", index='end', iid=b_temp, text=b)
+
+ if re.search(rf'^TEST:\s[0-9]+\s\|\sDESCRIPTION:\sTesting\s{testsuite}\s(.*?)\sAPIs', i):
+ x = re.search(rf'^TEST:\s[0-9]+\s\|\sDESCRIPTION:\sTesting\s{testsuite}\s(.*?)\sAPIs', i).group(1)
+ firstlevel.append(x) if x not in firstlevel else firstlevel
+
+ if not firstlevel:
+ messagebox.showerror("Error", "Test Suite File must be in required format.")
+ clearTree()
+ return
+
+ for record in firstlevel:
+ r_temp = record.replace(" ", "")
+ gtoplevel.Scrolledtreeview1.insert(parent=testsuite, index='end', iid=r_temp, text=record)
+
+ for i in firstlevel:
+ secondlevel.clear()
+ for j in tests:
+ if re.search(rf'^TEST:\s[0-9]+\s\|\sDESCRIPTION:\sTesting\s{testsuite}\s{i}\sAPIs\n', j):
+ if re.search(r'\[Check\s1\]\sTest\s(.*?)\s.*\n', j):
+ y = re.search(r'\[Check\s1\]\sTest\s(.*?)\s.*\n', j).group(1)
+ secondlevel.append(y) if y not in secondlevel else secondlevel
+
+ for r in secondlevel:
+ i_temp = i.replace(" ", "")
+ gtoplevel.Scrolledtreeview1.insert(parent=i_temp, index='end', iid=r, text=r)
+
+ for k in secondlevel:
+ thirdlevel.clear()
+ for m in tests:
+ if re.search(rf'^TEST:\s[0-9]+\s\|\sDESCRIPTION:\sTesting\s{testsuite}\s{i}\sAPIs\n', m):
+ if re.search(rf'\[Check\s1\]\sTest\s{k}\s.*\n', m):
+ test_num = re.search(r'(.*?)\sDESCRIPTION:', m).group(1)
+ test_result = re.search(r'TEST\sRESULT:\s(.*?)\s', m).group(1)
+ b = test_num + " " + test_result
+ thirdlevel.append(b) if b not in thirdlevel else thirdlevel
+
+ for rec in thirdlevel:
+ rec_temp = rec.replace(" ", "")
+ gtoplevel.Scrolledtreeview1.insert(parent=k, index='end', iid=rec_temp, text=rec)
+
+ if not secondlevel or not thirdlevel:
+ messagebox.showerror("Error", "Test Suite File must be in required format.")
+ clearTree()
+
+
+# Attestation testsuite data extraction
+def attestationDataExtraction(fname, testsuite):
+ global gtoplevel
+ tests = testsExtraction(fname)
+ testsuite = testsuite.lower()
+ attest = []
+
+ gtoplevel.Scrolledtreeview1.insert(parent='', index='end', iid=testsuite, text=testsuite)
+ testsuite_new="initial attestation"
+ for i in tests:
+ if re.search(rf'^TEST:\s[0-9]+\s\|\sDESCRIPTION:\sTesting\s{testsuite_new}\sAPIs', i):
+ if re.search(r'\[Check\s1\]\sTest\s(.*?)\s.*\n', i):
+ y = re.search(r'\[Check\s1\]\sTest\s(.*?)\s.*\n', i).group(1)
+ attest.append(y) if y not in attest else attest
+
+ for r in attest:
+ gtoplevel.Scrolledtreeview1.insert(parent=testsuite, index='end', iid=r, text=r)
+
+
+ for j in attest:
+ for t in tests:
+ if re.search(rf'\[Check\s1\]\sTest\s{j}\s.*\n', t):
+ test_num = re.search(r'(.*?)\sDESCRIPTION:', t).group(1)
+ test_result = re.search(r'TEST\sRESULT:\s(.*?)\s', t).group(1)
+ b = test_num + " " + test_result
+ gtoplevel.Scrolledtreeview1.insert(parent=j, index='end', iid=b, text=b)
+
+# Storage testsuite data extraction
+def storageDataExtraction(fname, testsuite):
+ global gtoplevel
+ tests = testsExtraction(fname)
+ testsuite = testsuite.lower()
+
+ gtoplevel.Scrolledtreeview1.insert(parent='', index='end', iid=testsuite, text=testsuite)
+ gtoplevel.Scrolledtreeview1.insert(parent=testsuite, index='end', iid="ITS", text="ITS")
+ gtoplevel.Scrolledtreeview1.insert(parent=testsuite, index='end', iid="PS", text="PS")
+ for i in tests:
+ test_num = re.search(r'(.*?)\sDESCRIPTION:', i).group(1)
+ test_result = re.search(r'TEST\sRESULT:\s(.*?)\s', i).group(1)
+ b = test_num + " " + test_result
+ b_temp = b.replace(" ", "")
+ if re.search(r'\[Info\]\sExecuting\sITS\stests\n', i):
+ b_temp1 = "its_"+b_temp
+ gtoplevel.Scrolledtreeview1.insert(parent="ITS", index='end', iid=b_temp1, text=b)
+
+ if re.search(r'\[Info\]\sExecuting\sPS\stests\n', i):
+ b_temp2 = "ps_" + b_temp
+ gtoplevel.Scrolledtreeview1.insert(parent="PS", index='end', iid=b_temp2, text=b)
+
+ its_child = gtoplevel.Scrolledtreeview1.get_children("ITS")
+ if not its_child:
+ gtoplevel.Scrolledtreeview1.delete("ITS")
+ ps_child = gtoplevel.Scrolledtreeview1.get_children("PS")
+ if not ps_child:
+ gtoplevel.Scrolledtreeview1.delete("PS")
+
+
+# Generic testsuite data extraction
+def testsuiteDataExtraction(fname, testsuite):
+ global gtoplevel
+ tests = testsExtraction(fname)
+ firstlevel = []
+ secondlevel = []
+ thirdlevel = []
+ testsuite = testsuite.lower()
+
+ gtoplevel.Scrolledtreeview1.insert(parent='', index='end', iid=testsuite, text=testsuite)
+
+ for i in tests:
+ if re.search(rf'^TEST:\s[0-9]+\s\|\sDESCRIPTION:\sTesting\s{testsuite}\s(.*?)\sAPIs', i):
+ x = re.search(rf'^TEST:\s[0-9]+\s\|\sDESCRIPTION:\sTesting\s{testsuite}\s(.*?)\sAPIs', i).group(1)
+ firstlevel.append(x) if x not in firstlevel else firstlevel
+
+ if not firstlevel:
+ messagebox.showerror("Error","Test Suite File must be in required format.")
+ clearTree()
+ return
+
+ for record in firstlevel:
+ r_temp = record.replace(" ", "")
+ gtoplevel.Scrolledtreeview1.insert(parent=testsuite, index='end', iid=r_temp, text=record)
+
+ for i in firstlevel:
+ secondlevel.clear()
+ for j in tests:
+ if re.search(rf'^TEST:\s[0-9]+\s\|\sDESCRIPTION:\sTesting\s{testsuite}\s{i}\sAPIs\s\|\sUT:\s(.*?)\n', j):
+ y = re.search(rf'^TEST:\s[0-9]+\s\|\sDESCRIPTION:\sTesting\s{testsuite}\s{i}\sAPIs\s\|\sUT:\s(.*?)\n', j).group(1)
+ secondlevel.append(y) if y not in secondlevel else secondlevel
+
+ for r in secondlevel:
+ i_temp = i.replace(" ","")
+ gtoplevel.Scrolledtreeview1.insert(parent=i_temp, index='end', iid=r, text=r)
+
+ for k in secondlevel:
+ thirdlevel.clear()
+ for m in tests:
+ if re.search(rf'^TEST:\s[0-9]+\s\|\sDESCRIPTION:\sTesting\s{testsuite}\s{i}\sAPIs\s\|\sUT:\s{k}\n', m):
+ test_num = re.search(r'(.*?)\sDESCRIPTION:',m).group(1)
+ test_result = re.search(r'TEST\sRESULT:\s(.*?)\s',m).group(1)
+ b = test_num+" "+test_result
+ thirdlevel.append(b) if b not in thirdlevel else thirdlevel
+
+ for rec in thirdlevel:
+ rec_temp=rec.replace(" ","")
+ gtoplevel.Scrolledtreeview1.insert(parent=k, index='end', iid=rec_temp, text=rec)
+
+ if not secondlevel or not thirdlevel:
+ messagebox.showerror("Error", "Test Suite File must be in required format.")
+ clearTree()
+
+
+# Get the summary result of selected tree node
+def summary_result():
+ global gtoplevel
+ passed = 0
+ failed = 0
+ skipped = 0
+ sim_error = 0
+ clearText()
+ selected_item = gtoplevel.Scrolledtreeview1.selection()[0]
+
+ if selected_item == "storage" :
+ firstlevel = gtoplevel.Scrolledtreeview1.get_children(selected_item)
+ for child in firstlevel:
+ passed = 0
+ failed = 0
+ skipped = 0
+ sim_error = 0
+ secondlevel = gtoplevel.Scrolledtreeview1.get_children(child)
+ if not secondlevel:
+ result = gtoplevel.Scrolledtreeview1.item(child)['text']
+ if re.search(r'TEST:\s[0-9]+\s\|\s(.*?)', result):
+ r = re.search(r'TEST:\s[0-9]+\s\|\s(.*?)$', result).group(1)
+ if r == "PASSED":
+ passed = passed + 1
+ if r == "FAILED":
+ failed = failed + 1
+ if r == "SKIPPED":
+ skipped = skipped + 1
+ if r == "SIM ERROR":
+ sim_error = sim_error + 1
+
+ else:
+ for c in secondlevel:
+ thirdlevel = gtoplevel.Scrolledtreeview1.get_children(c)
+
+ if not thirdlevel:
+ result = gtoplevel.Scrolledtreeview1.item(c)['text']
+ if re.search(r'TEST:\s[0-9]+\s\|\s(.*?)', result):
+ r = re.search(r'TEST:\s[0-9]+\s\|\s(.*?)$', result).group(1)
+ if r == "PASSED":
+ passed = passed + 1
+ if r == "FAILED":
+ failed = failed + 1
+ if r == "SKIPPED":
+ skipped = skipped + 1
+ if r == "SIM ERROR":
+ sim_error = sim_error + 1
+
+ total_test = passed + failed + skipped + sim_error
+ data1 = "************ "+child+" Summary Report ************\nTOTAL TESTS :" + str(
+ total_test) + "\nTOTAL PASSED :" + str(
+ passed) + "\nTOTAL SIM ERROR :" + str(sim_error) + "\nTOTAL FAILED :" + str(
+ failed) + "\nTOTAL SKIPPED :" + str(skipped) + "\n***********************************************\n"
+ gtoplevel.Scrolledtext1.insert(END, data1)
+ else:
+ firstlevel = gtoplevel.Scrolledtreeview1.get_children(selected_item)
+
+ if not firstlevel:
+ gtoplevel.Scrolledtext1.insert(END,"This node has not any leaf nodes.")
+ else:
+ for child in firstlevel:
+ secondlevel = gtoplevel.Scrolledtreeview1.get_children(child)
+ if not secondlevel:
+ result = gtoplevel.Scrolledtreeview1.item(child)['text']
+ if re.search(r'TEST:\s[0-9]+\s\|\s(.*?)', result):
+ r = re.search(r'TEST:\s[0-9]+\s\|\s(.*?)$', result).group(1)
+ if r == "PASSED":
+ passed = passed + 1
+ if r == "FAILED":
+ failed = failed + 1
+ if r == "SKIPPED":
+ skipped = skipped + 1
+ if r == "SIM ERROR":
+ sim_error = sim_error + 1
+ else:
+ for c in secondlevel:
+ thirdlevel = gtoplevel.Scrolledtreeview1.get_children(c)
+
+ if not thirdlevel:
+ result = gtoplevel.Scrolledtreeview1.item(c)['text']
+ if re.search(r'TEST:\s[0-9]+\s\|\s(.*?)', result):
+ r = re.search(r'TEST:\s[0-9]+\s\|\s(.*?)$', result).group(1)
+ if r == "PASSED":
+ passed = passed + 1
+ if r == "FAILED":
+ failed = failed + 1
+ if r == "SKIPPED":
+ skipped = skipped + 1
+ if r == "SIM ERROR":
+ sim_error = sim_error + 1
+ else:
+ for c1 in thirdlevel:
+ fourthlevel = gtoplevel.Scrolledtreeview1.get_children(c1)
+ if not fourthlevel:
+ result = gtoplevel.Scrolledtreeview1.item(c1)['text']
+ if re.search(r'TEST:\s[0-9]+\s\|\s(.*?)', result):
+ r = re.search(r'TEST:\s[0-9]+\s\|\s(.*?)$', result).group(1)
+ if r == "PASSED":
+ passed = passed + 1
+ if r == "FAILED":
+ failed = failed + 1
+ if r == "SKIPPED":
+ skipped = skipped + 1
+ if r == "SIM ERROR":
+ sim_error = sim_error + 1
+
+ total_test = passed + failed + skipped + sim_error
+ data1 = "************ Summary Report ************\nTOTAL TESTS :" + str(total_test) + "\nTOTAL PASSED :" + str(
+ passed) + "\nTOTAL SIM ERROR :" + str(sim_error) + "\nTOTAL FAILED :" + str(
+ failed) + "\nTOTAL SKIPPED :" + str(skipped) + "\n******************************************"
+ gtoplevel.Scrolledtext1.insert(END, data1)
+
+
+# On Right click of tree item it will display summary result of that tree node
+def onRightClick(e):
+ global gtoplevel
+ try:
+ e.widget.focus()
+ item = gtoplevel.Scrolledtreeview1.identify('item', e.x, e.y)
+ rmenu = Menu(None, tearoff=0, takefocus=0)
+ rmenu.add_command(label="Summary", command=summary_result)
+ rmenu.add_command(label="Expand", command=lambda: open_tree(item))
+ rmenu.add_command(label="Collapse", command=lambda: close_tree(item))
+ rmenu.tk_popup(e.x_root + 40, e.y_root + 10, entry="0")
+ except TclError:
+ print(' - rClick menu, something wrong')
+ pass
+
+ return "break"
+
+# On clicking double click on tree item for test it will fetch the test data from file and insert in text widget
+def onDoubleClick(a):
+ global gtoplevel
+ global filename
+ global filename_dir
+
+ clearText()
+ selected_item = gtoplevel.Scrolledtreeview1.selection()[0]
+ cur_item = gtoplevel.Scrolledtreeview1.item(selected_item)['text']
+
+
+ if re.search(r'^TEST:', cur_item):
+ for file in filename_dir:
+ data = showTest(file,cur_item)
+ try:
+ if data:
+ gtoplevel.Scrolledtext1.insert(END, data)
+ pass
+ except Exception as e:
+ print ('error : '+e)
+
+
+# Get specific selected test from file
+def showTest(fname,selected_item):
+ tests = testsExtraction(fname)
+ x = selected_item.split('|')
+ for i in tests:
+ if re.search(rf'{x[0]}',i):
+ return i
+
+
+# Clear Tree Widget Data
+def clearTree():
+ global gtoplevel
+ for i in gtoplevel.Scrolledtreeview1.get_children():
+ gtoplevel.Scrolledtreeview1.delete(i)
+
+
+# Clear Text Widget Data
+def clearText():
+ global gtoplevel
+ gtoplevel.Scrolledtext1.delete("1.0", "end")
+
+# Collapse tree nodes
+def close_tree(parent):
+ global gtoplevel
+ gtoplevel.Scrolledtreeview1.item(parent, open=False)
+ for child in gtoplevel.Scrolledtreeview1.get_children(parent):
+ close_tree(child)
+
+# Expand tree nodes
+def open_tree(parent):
+ global gtoplevel
+ gtoplevel.Scrolledtreeview1.item(parent, open=True)
+ for child in gtoplevel.Scrolledtreeview1.get_children(parent):
+ open_tree(child)
+
+
+def vp_start_gui():
+ '''Starting point when module is the main routine.'''
+ global gtoplevel
+ global val, w, root
+ root = tk.Tk()
+ top = Toplevel1 (root)
+
+ if platform.system() == 'Linux':
+ root.attributes('-zoomed', True)
+ elif platform.system() == 'Windows':
+ root.state('zoomed')
+ gtoplevel = top
+ gui_init(root, top)
+ root.mainloop()
+
+w = None
+def create_Toplevel1(rt, *args, **kwargs):
+ '''Starting point when module is imported by another module.
+ Correct form of call: 'create_Toplevel1(root, *args, **kwargs)' .'''
+ global w, w_win, root
+ #rt = root
+ root = rt
+ w = tk.Toplevel (root)
+ top = Toplevel1 (w)
+ gui_init(w, top, *args, **kwargs)
+ return (w, top)
+
+def destroy_Toplevel1():
+ global w
+ w.destroy()
+ w = None
+
+def gui_init(top, gui, *args, **kwargs):
+ global w, top_level, root
+ w = gui
+ top_level = top
+ root = top
+
+def destroy_window():
+ # Function which closes the window.
+ global top_level
+ top_level.destroy()
+ top_level = None
+
+class Toplevel1:
+ def __init__(self, top=None):
+ '''This class configures and populates the toplevel window.
+ top is the toplevel containing window.'''
+ _bgcolor = '#d9d9d9' # X11 color: 'gray85'
+ _fgcolor = '#000000' # X11 color: 'black'
+ _compcolor = '#d9d9d9' # X11 color: 'gray85'
+ _ana1color = '#d9d9d9' # X11 color: 'gray85'
+ _ana2color = '#ececec' # Closest X11 color: 'gray92'
+ self.style = ttk.Style()
+ if sys.platform == "win32":
+ self.style.theme_use('winnative')
+ self.style.configure('.',background="white")
+ self.style.configure('.',foreground=_fgcolor)
+ self.style.configure('.',font="TkDefaultFont")
+ self.style.map('.',background=
+ [('selected', _compcolor), ('active',_ana2color)])
+
+ self.style.configure('Treeview', font="TkDefaultFont")
+ top.geometry("1250x500")
+ top.minsize(176, 1)
+ top.maxsize(1924, 1050)
+ top.resizable(1, 1)
+
+ top.title("PSA Test Suite Log Analysis Tool")
+ top.configure(background="white")
+ top.configure(highlightbackground="#d9d9d9")
+ top.configure(highlightcolor="black")
+ top.columnconfigure(0, weight=1)
+ top.columnconfigure(1, weight=2)
+ top.rowconfigure(0, weight=1)
+
+ self.Scrolledtext1 = ScrolledText(top, borderwidth=1)
+ self.Scrolledtext1.grid(row = 0, column = 1, sticky="NSEW")
+ self.Scrolledtext1.configure(background="white")
+ self.Scrolledtext1.configure(font="TkTextFont")
+ self.Scrolledtext1.configure(foreground="black")
+ self.Scrolledtext1.configure(highlightbackground="#d9d9d9")
+ self.Scrolledtext1.configure(highlightcolor="black")
+ self.Scrolledtext1.configure(insertbackground="black")
+ self.Scrolledtext1.configure(insertborderwidth="3")
+ self.Scrolledtext1.configure(selectbackground="#c4c4c4")
+ self.Scrolledtext1.configure(selectforeground="black")
+ self.Scrolledtext1.configure(wrap="none")
+
+ self.Scrolledtreeview1 = ScrolledTreeView(top)
+ self.Scrolledtreeview1.grid(row=0, column=0, sticky="NSEW")
+ self.Scrolledtreeview1.heading("#0",text="Test Suite")
+ self.Scrolledtreeview1.heading("#0",anchor="center")
+ self.Scrolledtreeview1.column("#0", width="10")
+ self.Scrolledtreeview1.column("#0",minwidth="250")
+ self.Scrolledtreeview1.column("#0",anchor="w")
+ self.Scrolledtreeview1.bind('<Double-Button-1>', onDoubleClick)
+ self.Scrolledtreeview1.bind('<Button-3>', onRightClick)
+
+ self.Menu1 = tk.Menu(top)
+ top.configure(menu=self.Menu1)
+ self.filemenu=tk.Menu(top)
+ self.Menu1.add_cascade(menu=self.filemenu, label="Menu")
+ self.filemenu.add_command(label="Select Log File", command=browseLogFile)
+ self.filemenu.add_command(label="Select Log Folder", command=browseLogFolder)
+ self.filemenu.add_command(label="Exit", command=top.quit)
+
+
+# The following code is added to facilitate the Scrolled widgets you specified.
+class AutoScroll(object):
+ '''Configure the scrollbars for a widget.'''
+ def __init__(self, master):
+ # Rozen. Added the try-except clauses so that this class
+ # could be used for scrolled entry widget for which vertical
+ # scrolling is not supported. 5/7/14.
+ try:
+ vsb = ttk.Scrollbar(master, orient='vertical', command=self.yview)
+ except:
+ pass
+ hsb = ttk.Scrollbar(master, orient='horizontal', command=self.xview)
+ try:
+ self.configure(yscrollcommand=self._autoscroll(vsb))
+ except:
+ pass
+ self.configure(xscrollcommand=self._autoscroll(hsb))
+ self.grid(column=0, row=0, sticky='nsew')
+ try:
+ vsb.grid(column=1, row=0, sticky='ns')
+ except:
+ pass
+ hsb.grid(column=0, row=1, sticky='ew')
+ master.grid_columnconfigure(0, weight=1)
+ master.grid_rowconfigure(0, weight=1)
+ # Copy geometry methods of master (taken from ScrolledText.py)
+ if py3:
+ methods = tk.Pack.__dict__.keys() | tk.Grid.__dict__.keys() \
+ | tk.Place.__dict__.keys()
+ else:
+ methods = tk.Pack.__dict__.keys() + tk.Grid.__dict__.keys() \
+ + tk.Place.__dict__.keys()
+ for meth in methods:
+ if meth[0] != '_' and meth not in ('config', 'configure'):
+ setattr(self, meth, getattr(master, meth))
+
+ @staticmethod
+ def _autoscroll(sbar):
+ '''Hide and show scrollbar as needed.'''
+ def wrapped(first, last):
+ first, last = float(first), float(last)
+ if first <= 0 and last >= 1:
+ sbar.grid_remove()
+ else:
+ sbar.grid()
+ sbar.set(first, last)
+ return wrapped
+
+ def __str__(self):
+ return str(self.master)
+
+def _create_container(func):
+ '''Creates a ttk Frame with a given master, and use this new frame to
+ place the scrollbars and the widget.'''
+ def wrapped(cls, master, **kw):
+ container = ttk.Frame(master)
+ container.bind('<Enter>', lambda e: _bound_to_mousewheel(e, container))
+ container.bind('<Leave>', lambda e: _unbound_to_mousewheel(e, container))
+ return func(cls, container, **kw)
+ return wrapped
+
+class ScrolledText(AutoScroll, tk.Text):
+ '''A standard Tkinter Text widget with scrollbars that will
+ automatically show/hide as needed.'''
+ @_create_container
+ def __init__(self, master, **kw):
+ tk.Text.__init__(self, master, **kw)
+ AutoScroll.__init__(self, master)
+
+class ScrolledTreeView(AutoScroll, ttk.Treeview):
+ '''A standard ttk Treeview widget with scrollbars that will
+ automatically show/hide as needed.'''
+ @_create_container
+ def __init__(self, master, **kw):
+ ttk.Treeview.__init__(self, master, **kw)
+ AutoScroll.__init__(self, master)
+
+
+import platform
+def _bound_to_mousewheel(event, widget):
+ child = widget.winfo_children()[0]
+ if platform.system() == 'Windows' or platform.system() == 'Darwin':
+ child.bind_all('<MouseWheel>', lambda e: _on_mousewheel(e, child))
+ child.bind_all('<Shift-MouseWheel>', lambda e: _on_shiftmouse(e, child))
+ else:
+ child.bind_all('<Button-4>', lambda e: _on_mousewheel(e, child))
+ child.bind_all('<Button-5>', lambda e: _on_mousewheel(e, child))
+ child.bind_all('<Shift-Button-4>', lambda e: _on_shiftmouse(e, child))
+ child.bind_all('<Shift-Button-5>', lambda e: _on_shiftmouse(e, child))
+
+def _unbound_to_mousewheel(event, widget):
+ if platform.system() == 'Windows' or platform.system() == 'Darwin':
+ widget.unbind_all('<MouseWheel>')
+ widget.unbind_all('<Shift-MouseWheel>')
+ else:
+ widget.unbind_all('<Button-4>')
+ widget.unbind_all('<Button-5>')
+ widget.unbind_all('<Shift-Button-4>')
+ widget.unbind_all('<Shift-Button-5>')
+
+def _on_mousewheel(event, widget):
+ if platform.system() == 'Windows':
+ widget.yview_scroll(-1*int(event.delta/120),'units')
+ elif platform.system() == 'Darwin':
+ widget.yview_scroll(-1*int(event.delta),'units')
+ else:
+ if event.num == 4:
+ widget.yview_scroll(-1, 'units')
+ elif event.num == 5:
+ widget.yview_scroll(1, 'units')
+
+def _on_shiftmouse(event, widget):
+ if platform.system() == 'Windows':
+ widget.xview_scroll(-1*int(event.delta/120), 'units')
+ elif platform.system() == 'Darwin':
+ widget.xview_scroll(-1*int(event.delta), 'units')
+ else:
+ if event.num == 4:
+ widget.xview_scroll(-1, 'units')
+ elif event.num == 5:
+ widget.xview_scroll(1, 'units')
+
+if __name__ == '__main__':
+ vp_start_gui()
diff --git a/api-tests/val/nspe/val_crypto.h b/api-tests/val/nspe/val_crypto.h
index 7270a40..86f41e8 100644
--- a/api-tests/val/nspe/val_crypto.h
+++ b/api-tests/val/nspe/val_crypto.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -48,88 +48,112 @@
#define PSA_KEY_LIFETIME_INVALID 0xFFFFFFFF
#define PSA_KEY_USAGE_INVALID 0xFFFFFFFF
-#define PSA_HASH_ALG_INVALID 0x01FFFFFF
+#define PSA_HASH_ALG_INVALID 0x02FFFFFF
#define PSA_ALG_INVALID 0xFFFFFFFF
#define PSA_KEY_DERIVATION_STEP_INVALID 0x0000FFFF
+#define PSA_ALG_NONE ((psa_algorithm_t)0)
+#define PSA_KEY_ID_NULL ((psa_key_id_t)0)
+
+#if 0
+#define PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(aead_alg) \
+ ((((aead_alg) & ~0x003f0000) == 0x05400100) ? PSA_ALG_CCM : \
+ (((aead_alg) & ~0x003f0000) == 0x05400200) ? PSA_ALG_GCM : \
+ (((aead_alg) & ~0x003f0000) == 0x05000500) ? PSA_ALG_CHACHA20_POLY1305 : \
+ PSA_ALG_NONE)
+
+#define PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length) \
+ ((psa_algorithm_t) (((aead_alg) & ~0x003f0000) | (((tag_length) & 0x3f) << 16)))
+#endif
+
+
enum crypto_function_code {
- VAL_CRYPTO_INIT = 0x1,
- VAL_CRYPTO_GENERATE_RANDOM = 0x2,
- VAL_CRYPTO_IMPORT_KEY = 0x3,
- VAL_CRYPTO_EXPORT_KEY = 0x4,
- VAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
- VAL_CRYPTO_DESTROY_KEY = 0x6,
- VAL_CRYPTO_HASH_SETUP = 0x7,
- VAL_CRYPTO_HASH_UPDATE = 0x8,
- VAL_CRYPTO_HASH_VERIFY = 0x9,
- VAL_CRYPTO_HASH_FINISH = 0xA,
- VAL_CRYPTO_HASH_ABORT = 0xB,
- VAL_CRYPTO_GENERATE_KEY = 0xC,
- VAL_CRYPTO_AEAD_ENCRYPT = 0xD,
- VAL_CRYPTO_AEAD_DECRYPT = 0xE,
- VAL_CRYPTO_MAC_SIGN_SETUP = 0xF,
- VAL_CRYPTO_MAC_UPDATE = 0x10,
- VAL_CRYPTO_MAC_SIGN_FINISH = 0x11,
- VAL_CRYPTO_MAC_VERIFY_SETUP = 0x12,
- VAL_CRYPTO_MAC_VERIFY_FINISH = 0x13,
- VAL_CRYPTO_MAC_ABORT = 0x14,
- VAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x15,
- VAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x16,
- VAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x17,
- VAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x18,
- VAL_CRYPTO_CIPHER_GENERATE_IV = 0x19,
- VAL_CRYPTO_CIPHER_SET_IV = 0x1A,
- VAL_CRYPTO_CIPHER_UPDATE = 0x1B,
- VAL_CRYPTO_CIPHER_FINISH = 0x1C,
- VAL_CRYPTO_CIPHER_ABORT = 0x1D,
- VAL_CRYPTO_ASYMMTERIC_SIGN = 0x1E,
- VAL_CRYPTO_ASYMMTERIC_VERIFY = 0x1F,
- VAL_CRYPTO_COPY_KEY = 0x20,
- VAL_CRYPTO_SET_KEY_TYPE = 0x21,
- VAL_CRYPTO_SET_KEY_BITS = 0x22,
- VAL_CRYPTO_GET_KEY_ATTRIBUTES = 0x23,
- VAL_CRYPTO_GET_KEY_TYPE = 0x24,
- VAL_CRYPTO_SET_KEY_USAGE_FLAGS = 0x25,
- VAL_CRYPTO_RESET_KEY_ATTRIBUTES = 0x26,
- VAL_CRYPTO_SET_KEY_ID = 0x27,
- VAL_CRYPTO_SET_KEY_LIFETIME = 0x28,
- VAL_CRYPTO_SET_KEY_ALGORITHM = 0x29,
- VAL_CRYPTO_GET_KEY_ID = 0x2A,
- VAL_CRYPTO_GET_KEY_LIFETIME = 0x2B,
- VAL_CRYPTO_GET_KEY_USAGE_FLAGS = 0x2C,
- VAL_CRYPTO_GET_KEY_ALGORITHM = 0x2D,
- VAL_CRYPTO_GET_KEY_BITS = 0x2E,
- VAL_CRYPTO_HASH_COMPUTE = 0x2F,
- VAL_CRYPTO_HASH_COMPARE = 0x30,
- VAL_CRYPTO_KEY_DERIVATION_SETUP = 0x31,
- VAL_CRYPTO_KEY_DERIVATION_ABORT = 0x32,
- VAL_CRYPTO_RAW_KEY_AGREEMENT = 0x33,
- VAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES = 0x34,
- VAL_CRYPTO_KEY_DERIVATION_INPUT_KEY = 0x35,
- VAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT = 0x36,
- VAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES = 0x37,
- VAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY = 0x38,
- VAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY = 0x39,
- VAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY = 0x3A,
- VAL_CRYPTO_HASH_CLONE = 0x3B,
- VAL_CRYPTO_MAC_COMPUTE = 0x3C,
- VAL_CRYPTO_MAC_VERIFY = 0x3D,
- VAL_CRYPTO_CIPHER_ENCRYPT = 0x3F,
- VAL_CRYPTO_CIPHER_DECRYPT = 0x40,
- VAL_CRYPTO_OPEN_KEY = 0x41,
- VAL_CRYPTO_CLOSE_KEY = 0x42,
- VAL_CRYPTO_AEAD_ENCRYPT_SETUP = 0x43,
- VAL_CRYPTO_AEAD_DECRYPT_SETUP = 0x44,
- VAL_CRYPTO_AEAD_GENERATE_NONCE = 0x45,
- VAL_CRYPTO_AEAD_SET_NONCE = 0x46,
- VAL_CRYPTO_AEAD_SET_LENGTHS = 0x47,
- VAL_CRYPTO_AEAD_UPDATE_AD = 0x48,
- VAL_CRYPTO_AEAD_UPDATE = 0x49,
- VAL_CRYPTO_AEAD_FINISH = 0x4A,
- VAL_CRYPTO_AEAD_VERIFY = 0x4B,
- VAL_CRYPTO_AEAD_ABORT = 0x4C,
- VAL_CRYPTO_RESET = 0xFD,
- VAL_CRYPTO_FREE = 0xFE,
+ VAL_CRYPTO_AEAD_ABORT = 0x1,
+ VAL_CRYPTO_AEAD_DECRYPT,
+ VAL_CRYPTO_AEAD_DECRYPT_SETUP,
+ VAL_CRYPTO_AEAD_ENCRYPT,
+ VAL_CRYPTO_AEAD_ENCRYPT_SETUP,
+ VAL_CRYPTO_AEAD_FINISH,
+ VAL_CRYPTO_AEAD_GENERATE_NONCE,
+ VAL_CRYPTO_AEAD_OPERATION_INIT,
+ VAL_CRYPTO_AEAD_SET_LENGTHS,
+ VAL_CRYPTO_AEAD_SET_NONCE,
+ VAL_CRYPTO_AEAD_UPDATE,
+ VAL_CRYPTO_AEAD_UPDATE_AD,
+ VAL_CRYPTO_AEAD_VERIFY,
+ VAL_CRYPTO_ASYMMETRIC_DECRYPT,
+ VAL_CRYPTO_ASYMMETRIC_ENCRYPT,
+ VAL_CRYPTO_CIPHER_ABORT,
+ VAL_CRYPTO_CIPHER_DECRYPT,
+ VAL_CRYPTO_CIPHER_DECRYPT_SETUP,
+ VAL_CRYPTO_CIPHER_ENCRYPT,
+ VAL_CRYPTO_CIPHER_ENCRYPT_SETUP,
+ VAL_CRYPTO_CIPHER_FINISH,
+ VAL_CRYPTO_CIPHER_GENERATE_IV,
+ VAL_CRYPTO_CIPHER_OPERATION_INIT,
+ VAL_CRYPTO_CIPHER_SET_IV,
+ VAL_CRYPTO_CIPHER_UPDATE,
+ VAL_CRYPTO_COPY_KEY,
+ VAL_CRYPTO_INIT,
+ VAL_CRYPTO_DESTROY_KEY,
+ VAL_CRYPTO_EXPORT_KEY,
+ VAL_CRYPTO_EXPORT_PUBLIC_KEY,
+ VAL_CRYPTO_GENERATE_KEY,
+ VAL_CRYPTO_GENERATE_RANDOM,
+ VAL_CRYPTO_GET_KEY_ALGORITHM,
+ VAL_CRYPTO_GET_KEY_ATTRIBUTES,
+ VAL_CRYPTO_GET_KEY_BITS,
+ VAL_CRYPTO_GET_KEY_ID,
+ VAL_CRYPTO_GET_KEY_LIFETIME,
+ VAL_CRYPTO_GET_KEY_TYPE,
+ VAL_CRYPTO_GET_KEY_USAGE_FLAGS,
+ VAL_CRYPTO_HASH_ABORT,
+ VAL_CRYPTO_HASH_CLONE,
+ VAL_CRYPTO_HASH_COMPARE,
+ VAL_CRYPTO_HASH_COMPUTE,
+ VAL_CRYPTO_HASH_FINISH,
+ VAL_CRYPTO_HASH_OPERATION_INIT,
+ VAL_CRYPTO_HASH_RESUME,
+ VAL_CRYPTO_HASH_SETUP,
+ VAL_CRYPTO_HASH_SUSPEND,
+ VAL_CRYPTO_HASH_UPDATE,
+ VAL_CRYPTO_HASH_VERIFY,
+ VAL_CRYPTO_IMPORT_KEY,
+ VAL_CRYPTO_KEY_ATTRIBUTES_INIT,
+ VAL_CRYPTO_KEY_DERIVATION_ABORT,
+ VAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY,
+ VAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES,
+ VAL_CRYPTO_KEY_DERIVATION_INPUT_KEY,
+ VAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT,
+ VAL_CRYPTO_KEY_DERIVATION_OPERATION_INIT,
+ VAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES,
+ VAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY,
+ VAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY,
+ VAL_CRYPTO_KEY_DERIVATION_SETUP,
+ VAL_CRYPTO_MAC_ABORT,
+ VAL_CRYPTO_MAC_COMPUTE,
+ VAL_CRYPTO_MAC_OPERATION_INIT,
+ VAL_CRYPTO_MAC_SIGN_FINISH,
+ VAL_CRYPTO_MAC_SIGN_SETUP,
+ VAL_CRYPTO_MAC_UPDATE,
+ VAL_CRYPTO_MAC_VERIFY,
+ VAL_CRYPTO_MAC_VERIFY_FINISH,
+ VAL_CRYPTO_MAC_VERIFY_SETUP,
+ VAL_CRYPTO_PURGE_KEY,
+ VAL_CRYPTO_RAW_KEY_AGREEMENT,
+ VAL_CRYPTO_RESET_KEY_ATTRIBUTES,
+ VAL_CRYPTO_SET_KEY_ALGORITHM,
+ VAL_CRYPTO_SET_KEY_BITS,
+ VAL_CRYPTO_SET_KEY_ID,
+ VAL_CRYPTO_SET_KEY_LIFETIME,
+ VAL_CRYPTO_SET_KEY_TYPE,
+ VAL_CRYPTO_SET_KEY_USAGE_FLAGS,
+ VAL_CRYPTO_SIGN_HASH,
+ VAL_CRYPTO_SIGN_MESSAGE,
+ VAL_CRYPTO_VERIFY_HASH,
+ VAL_CRYPTO_VERIFY_MESSAGE,
+ VAL_CRYPTO_RESET = 0xF0,
+ VAL_CRYPTO_FREE = 0xFE,
};
int32_t val_crypto_function(int type, ...);
diff --git a/api-tests/val/nspe/val_dispatcher.c b/api-tests/val/nspe/val_dispatcher.c
index faf10d6..57de976 100644
--- a/api-tests/val/nspe/val_dispatcher.c
+++ b/api-tests/val/nspe/val_dispatcher.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,6 +28,38 @@
addr_t g_test_info_addr;
/**
+ @brief - This function prints PSA_{SUITE}_API_VERSION_MAJOR
+ PSA_{SUITE}_API_VERSION_MINOR details.
+ @param - None
+ @return - None
+**/
+__attribute__((unused)) static void val_print_api_version(void)
+{
+#ifdef CRYPTO
+ val_print(PRINT_ALWAYS, " %d.", PSA_CRYPTO_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_CRYPTO_API_VERSION_MINOR);
+#endif
+#ifdef INTERNAL_TRUSTED_STORAGE
+ val_print(PRINT_ALWAYS, " %d.", PSA_ITS_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_ITS_API_VERSION_MINOR);
+#endif
+#ifdef PROTECTED_STORAGE
+ val_print(PRINT_ALWAYS, " %d.", PSA_PS_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_PS_API_VERSION_MINOR);
+#endif
+#ifdef STORAGE
+ val_print(PRINT_ALWAYS, " ITS %d.", PSA_ITS_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_ITS_API_VERSION_MINOR);
+ val_print(PRINT_ALWAYS, " and PS %d.", PSA_PS_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_PS_API_VERSION_MINOR);
+#endif
+#ifdef INITIAL_ATTESTATION
+ val_print(PRINT_ALWAYS, " %d.", PSA_INITIAL_ATTEST_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_INITIAL_ATTEST_API_VERSION_MINOR);
+#endif
+}
+
+/**
@brief - This function reads the test ELFs from RAM or secondary storage and loads into
system memory
@param - test_id : Returns the current test ID
@@ -196,6 +228,7 @@
{
val_print(PRINT_ALWAYS, "\nRunning.. ", 0);
val_print(PRINT_ALWAYS, val_get_comp_name(test_id), 0);
+ // val_print_api_version();
val_print(PRINT_ALWAYS, "\n******************************************\n", 0);
}
diff --git a/api-tests/val/nspe/val_entry.h b/api-tests/val/nspe/val_entry.h
index b8d6b6f..ba333ef 100644
--- a/api-tests/val/nspe/val_entry.h
+++ b/api-tests/val/nspe/val_entry.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,7 +21,7 @@
#include "val_framework.h"
#define PSA_ACS_MAJOR_VER 1
-#define PSA_ACS_MINOR_VER 1
+#define PSA_ACS_MINOR_VER 2
/**
@brief - PSA Test Suite C main function, does VAL init and calls test dispatcher
diff --git a/api-tests/val/nspe/val_framework.c b/api-tests/val/nspe/val_framework.c
index 9e7df32..ec6b1cc 100644
--- a/api-tests/val/nspe/val_framework.c
+++ b/api-tests/val/nspe/val_framework.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -154,8 +154,14 @@
{
/* Handshake with server tests */
test_info.block_num = i;
+#if STATELESS_ROT == 1
+ status = val_execute_secure_test_func(&handle, test_info,
+ SERVER_TEST_DISPATCHER_HANDLE);
+ handle = (int32_t)SERVER_TEST_DISPATCHER_HANDLE;
+#else
status = val_execute_secure_test_func(&handle, test_info,
SERVER_TEST_DISPATCHER_SID);
+#endif
if (VAL_ERROR(status))
{
val_set_status(RESULT_FAIL(status));
@@ -258,7 +264,12 @@
}
/* switch to secure client */
+#if STATELESS_ROT == 1
+ status = val_execute_secure_test_func(&handle, test_info, CLIENT_TEST_DISPATCHER_HANDLE);
+ handle = (int32_t)CLIENT_TEST_DISPATCHER_HANDLE;
+#else
status = val_execute_secure_test_func(&handle, test_info, CLIENT_TEST_DISPATCHER_SID);
+#endif
if (VAL_ERROR(status))
{
goto exit;
@@ -299,12 +310,25 @@
@param - sid : RoT service to be connected. Partition dispatcher sid
@return - val_status_t
**/
-val_status_t val_execute_secure_test_func(psa_handle_t *handle, test_info_t test_info, uint32_t sid)
+val_status_t val_execute_secure_test_func(__attribute__((unused)) psa_handle_t *handle,
+ test_info_t test_info, uint32_t sid)
{
uint32_t test_data;
val_status_t status = VAL_STATUS_SUCCESS;
psa_status_t status_of_call = PSA_SUCCESS;
+#if STATELESS_ROT == 1
+ test_data = ((uint32_t)(test_info.test_num) | ((uint32_t)(test_info.block_num) << BLOCK_NUM_POS)
+ | ((uint32_t)(TEST_EXECUTE_FUNC) << ACTION_POS));
+ psa_invec data[1] = { {&test_data, sizeof(test_data)} };
+ status_of_call = psa_call(sid, 0, data, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ val_print(PRINT_ERROR, "Call to dispatch SF failed. Status=%x\n", status_of_call);
+ }
+ return status;
+#else
*handle = psa_connect(sid, 1);
if (*handle > 0)
{
@@ -327,6 +351,7 @@
}
return status;
+#endif
}
/**
@@ -352,8 +377,9 @@
status = VAL_STATUS_CALL_FAILED;
val_print(PRINT_ERROR, "Call to dispatch SF failed. Status=%x\n", status_of_call);
}
-
+#if STATELESS_ROT != 1
psa_close(*handle);
+#endif
return status;
}
#endif
diff --git a/api-tests/val/spe/val_partition_common.h b/api-tests/val/spe/val_partition_common.h
index 0b1d6be..f52c340 100644
--- a/api-tests/val/spe/val_partition_common.h
+++ b/api-tests/val/spe/val_partition_common.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -102,7 +102,7 @@
{
int string_len = 0;
char *p = string;
- psa_handle_t print_handle = 0;
+
psa_status_t status_of_call = PSA_SUCCESS;
val_status_t status = VAL_STATUS_SUCCESS;
uart_fn_type_t uart_fn = UART_PRINT;
@@ -117,8 +117,17 @@
string_len++;
p++;
}
-
psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)}, {string, string_len+1}, {&data, sizeof(data)}};
+#if STATELESS_ROT == 1
+
+ status_of_call = psa_call(DRIVER_UART_HANDLE, 0, data1, 3, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ }
+ return status;
+#else
+ psa_handle_t print_handle = 0;
print_handle = psa_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
if (PSA_HANDLE_IS_VALID(print_handle))
@@ -135,6 +144,7 @@
}
psa_close(print_handle);
return status;
+#endif
}
/**
@@ -332,7 +342,12 @@
/* Handshake with server tests */
test_info.block_num = i;
+#if STATELESS_ROT == 1
+ status = val_execute_secure_test_func(&handle, test_info, SERVER_TEST_DISPATCHER_HANDLE);
+ handle = (int32_t)SERVER_TEST_DISPATCHER_HANDLE;
+#else
status = val_execute_secure_test_func(&handle, test_info, SERVER_TEST_DISPATCHER_SID);
+#endif
if (VAL_ERROR(status))
{
val_print(PRINT_ERROR, "[Check %d] START\n", i);
@@ -379,14 +394,26 @@
@param - sid : RoT service to be connected. Partition dispatcher sid
@return - val_status_t
**/
-STATIC_DECLARE val_status_t val_execute_secure_test_func(psa_handle_t *handle,
- test_info_t test_info,
- uint32_t sid)
+STATIC_DECLARE val_status_t val_execute_secure_test_func
+ (__attribute__((unused)) psa_handle_t *handle, test_info_t test_info, uint32_t sid)
{
uint32_t test_data;
val_status_t status = VAL_STATUS_SUCCESS;
psa_status_t status_of_call = PSA_SUCCESS;
+#if STATELESS_ROT == 1
+ test_data = ((uint32_t)(test_info.test_num) | ((uint32_t)(test_info.block_num) << BLOCK_NUM_POS)
+ | ((uint32_t)(TEST_EXECUTE_FUNC) << ACTION_POS));
+ psa_invec data[1] = { {&test_data, sizeof(test_data)} };
+ status_of_call = psa_call(sid, 0, data, 1, NULL, 0);
+
+ if (status_of_call != PSA_SUCCESS)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ val_print(PRINT_ERROR, "Call to dispatch SF failed. Status=%x\n", status_of_call);
+ }
+ return status;
+#else
*handle = psa_connect(sid, 1);
if (*handle < 0)
@@ -408,6 +435,7 @@
psa_close(*handle);
}
return status;
+#endif
}
/**
@@ -433,8 +461,9 @@
status = VAL_STATUS_CALL_FAILED;
val_print(PRINT_ERROR, "Call to dispatch SF failed. Status=%x\n", status_of_call);
}
-
+#if STATELESS_ROT != 1
psa_close(*handle);
+#endif
return status;
}
@@ -471,7 +500,7 @@
STATIC_DECLARE val_status_t val_nvmem_write(uint32_t offset, void *buffer, int size)
{
nvmem_param_t nvmem_param;
- psa_handle_t handle = 0;
+
psa_status_t status_of_call = PSA_SUCCESS;
val_status_t status = VAL_STATUS_SUCCESS;
memory_desc_t *memory_desc;
@@ -491,6 +520,16 @@
nvmem_param.size = size;
psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
+#if STATELESS_ROT == 1
+ status_of_call = psa_call(DRIVER_NVMEM_HANDLE, 0, invec, 2, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ return VAL_STATUS_CALL_FAILED;
+ }
+ return VAL_STATUS_SUCCESS;
+
+#else
+ psa_handle_t handle = 0;
handle = psa_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
if (PSA_HANDLE_IS_VALID(handle))
{
@@ -507,6 +546,7 @@
}
psa_close(handle);
return VAL_STATUS_SUCCESS;
+#endif
}
/**
diff --git a/secure-debug/CMakeLists.txt b/secure-debug/CMakeLists.txt
new file mode 100644
index 0000000..8266ccb
--- /dev/null
+++ b/secure-debug/CMakeLists.txt
@@ -0,0 +1,221 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+
+# Set the minimum required version of CMake for the project
+cmake_minimum_required(VERSION 3.10)
+# cmake_policy
+cmake_policy(SET CMP0057 NEW)
+PROJECT (psa_adac_tests)
+
+# Find python interpreter version 3 or greater
+find_package(PythonInterp 3 REQUIRED)
+
+get_filename_component(PSA_ROOT_DIR . ABSOLUTE)
+include(${PSA_ROOT_DIR}/tools/cmake/common/Utils.cmake)
+
+set(CMAKE_C_STANDARD 99)
+set(CMAKE_C_EXTENSIONS Off)
+set(CMAKE_CXX_STANDARD 14)
+set(CMAKE_CXX_EXTENSIONS Off)
+
+if(NOT DEFINED RDDI_LIB)
+ set(DEPENDS_INC_PATH ${CMAKE_SOURCE_DIR}/platform/native/include)
+else()
+ set(DEPENDS_INC_PATH ${CMAKE_SOURCE_DIR}/platform/rddi/include)
+
+ if(WIN32)
+ set(DEPENDS_LIB_PATH ${CMAKE_SOURCE_DIR}/depends/rddi/win_32-x86_64)
+ else()
+ set(DEPENDS_LIB_PATH ${CMAKE_SOURCE_DIR}/depends/rddi/linux-x86_64)
+ endif()
+endif()
+
+if(NOT DEFINED PSA_ADAC_ROOT)
+ get_filename_component(PSA_ADAC_ROOT ${CMAKE_SOURCE_DIR}/psa-adac ABSOLUTE)
+endif()
+include(${PSA_ADAC_ROOT}/cmake/psa_adac.cmake OPTIONAL)
+
+configure_file(${PSA_ADAC_ROOT}/psa-adac/core/include/psa_adac_config.h.in psa_adac_config.h)
+include_directories (
+ ${DEPENDS_INC_PATH}
+ ${CMAKE_BINARY_DIR}
+ ${PSA_ADAC_ROOT}/psa-adac/core/include
+ ${PSA_ADAC_ROOT}/ports/include
+ )
+
+set(MBEDTLS_CONFIG_FILE "${PSA_ADAC_ROOT}/ports/crypto/manager-crypto-config.h")
+add_compile_options(-DMBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
+if (UNIX)
+ add_compile_options(-fPIC -fpic)
+else ()
+ # Silence warning about standard C APIs not being secure.
+ add_compile_definitions(_CRT_SECURE_NO_WARNINGS)
+endif ()
+
+# Generate ADAC LIB
+add_subdirectory(${PSA_ADAC_ROOT}/psa-adac/core adac_core)
+add_subdirectory(${PSA_ADAC_ROOT}/psa-adac/sdm adac_sdm)
+add_subdirectory(${PSA_ADAC_ROOT}/ports/crypto/psa-crypto psa_adac_psa_crypto)
+
+set(ADAC_LIBS psa_adac_sdm psa_adac_core psa_adac_psa_crypto mbedcrypto)
+
+if(NOT DEFINED TFM_PROFILE)
+ message(STATUS "[PSA] : Building Default profile")
+list(APPEND PSA_SUITES #PSA_SUITES
+ "ADAC"
+)
+endif()
+
+# list of VERBOSE options
+list(APPEND PSA_VERBOSE_OPTIONS 1 2 3 4 5)
+
+message(STATUS "[PSA] : ----------Process input arguments- start-------------")
+
+# Check for TARGET command line argument
+_check_arguments("TARGET")
+# Check for SUITE command line argument
+_check_arguments("SUITE")
+
+string(TOLOWER ${SUITE} SUITE_LOWER)
+
+# Check for valid targets
+_get_sub_dir_list(PSA_TARGET_LIST ${PSA_ROOT_DIR}/platform)
+if(NOT ${TARGET} IN_LIST PSA_TARGET_LIST)
+ message(FATAL_ERROR "[PSA] : Error: Unsupported value for -DTARGET=${TARGET}, supported targets are : ${PSA_TARGET_LIST}")
+else()
+ message(STATUS "[PSA] : TARGET is set to ${TARGET}")
+endif()
+
+# Check for the presence of required test suite directories
+if(NOT IS_DIRECTORY ${PSA_ROOT_DIR}/tests)
+ message(STATUS "[PSA] : Error: Could not find architecture test suite directories in psa root path ${PSA_ROOT_DIR}")
+endif()
+
+# Check for valid suite cmake argument passed
+if(NOT ${SUITE} IN_LIST PSA_SUITES)
+ message(FATAL_ERROR "[PSA] : Error: Unsupported value for -DSUITE=${SUITE}, select one from supported suites which are : ${PSA_SUITES}")
+else()
+ message(STATUS "[PSA] : SUITE is set to ${SUITE}")
+endif()
+
+# Project variables
+set(ADAC_HOST_VAL_LIB psa_adac_val)
+set(ADAC_HOST_PAL_LIB psa_adac_pal)
+set(TEST_COMBINE_LIB test_combine)
+set(ADAC_HOST_EXE psa_adac_test)
+
+set(PSA_SUITE_DIR ${PSA_ROOT_DIR}/tests/${SUITE_LOWER})
+set(PSA_TESTLIST_GENERATOR ${PSA_ROOT_DIR}/tools/scripts/gen_tests_list.py)
+set(TESTSUITE_DB ${PSA_SUITE_DIR}/testsuite.db)
+set(PSA_TESTLIST_FILE ${CMAKE_CURRENT_BINARY_DIR}/${SUITE_LOWER}_testlist.txt)
+set(PSA_TEST_ENTRY_LIST_INC ${CMAKE_CURRENT_BINARY_DIR}/test_entry_list.inc)
+set(PSA_TEST_ENTRY_FUN_DECLARE_INC ${CMAKE_CURRENT_BINARY_DIR}/test_entry_fn_declare_list.inc)
+
+# Check for VERBOSE
+if(NOT DEFINED VERBOSE)
+ set(VERBOSE 3 CACHE INTERNAL "Default VERBOSE value" FORCE)
+ message(STATUS "[PSA] : Defaulting VERBOSE to ${VERBOSE}")
+else()
+ if(NOT ${VERBOSE} IN_LIST PSA_VERBOSE_OPTIONS)
+ message(FATAL_ERROR "[PSA] : Error: Unsupported value for -DVERBOSE=${VERBOSE}, supported values are : ${PSA_VERBOSE_OPTIONS}")
+ endif()
+ message(STATUS "[PSA] : VERBOSE is set to ${VERBOSE}")
+endif()
+
+if(NOT DEFINED SUITE_TEST_RANGE)
+ set(SUITE_TEST_RANGE_MIN None)
+ set(SUITE_TEST_RANGE_MAX None)
+else()
+ list(LENGTH SUITE_TEST_RANGE SUITE_TEST_RANGE_LENGTH)
+ if(${SUITE_TEST_RANGE_LENGTH} GREATER "2")
+ message(FATAL_ERROR "[PSA] : -DSUITE_TEST_RANGE=<...> value error! accepts two "
+ " numbers in quotes separated with ';'")
+ endif()
+ if(${SUITE_TEST_RANGE_LENGTH} EQUAL "2")
+ list(GET SUITE_TEST_RANGE 0 SUITE_TEST_RANGE_MIN)
+ list(GET SUITE_TEST_RANGE 1 SUITE_TEST_RANGE_MAX)
+ message(STATUS "[PSA] : Testing (${SUITE_TEST_RANGE_MIN}, ${SUITE_TEST_RANGE_MAX}) of ${SUITE} suite")
+ endif()
+ if(${SUITE_TEST_RANGE_LENGTH} EQUAL "1")
+ set(SUITE_TEST_RANGE_MIN ${SUITE_TEST_RANGE})
+ set(SUITE_TEST_RANGE_MAX ${SUITE_TEST_RANGE})
+ message(STATUS "[PSA] : Testing ${SUITE_TEST_RANGE_MIN} of ${SUITE} suite")
+ endif()
+endif()
+
+message(STATUS "[PSA] : ----------Process input arguments- complete-------------")
+
+# Create PSA clean list
+list(APPEND PSA_CLEAN_LIST
+ ${PSA_TESTLIST_FILE}
+ ${PSA_TEST_ENTRY_LIST_INC}
+ ${PSA_TEST_ENTRY_FUN_DECLARE_INC}
+)
+
+# Process testsuite.db
+message(STATUS "[PSA] : Creating testlist.txt 'available at ${PSA_TESTLIST_FILE}'")
+execute_process(COMMAND ${PYTHON_EXECUTABLE} ${PSA_TESTLIST_GENERATOR}
+ ${SUITE_LOWER}
+ ${TESTSUITE_DB}
+ ${PSA_TESTLIST_FILE}
+ ${PSA_TEST_ENTRY_LIST_INC}
+ ${PSA_TEST_ENTRY_FUN_DECLARE_INC}
+ ${SUITE_TEST_RANGE_MIN}
+ ${SUITE_TEST_RANGE_MAX})
+
+# Creating CMake list variable from file
+file(READ ${PSA_TESTLIST_FILE} PSA_TEST_LIST)
+if(NOT PSA_TEST_LIST)
+ message(FATAL_ERROR "[PSA] : Invalid test number!")
+endif()
+string(REGEX REPLACE "\n" ";" PSA_TEST_LIST "${PSA_TEST_LIST}")
+
+# Global macro to identify the PSA test suite cmake build
+add_definitions(-D${SUITE})
+add_definitions(-DVERBOSE=${VERBOSE})
+add_definitions(-D${TARGET})
+
+# Build PAL LIB
+if(NOT DEFINED RDDI_LIB)
+ add_subdirectory(${CMAKE_SOURCE_DIR}/platform/native)
+ set(ADAC_HOST_PAL_LIB platform_native)
+else()
+ add_subdirectory(${CMAKE_SOURCE_DIR}/platform/csapbcom)
+ set(ADAC_HOST_PAL_LIB csapbcom)
+endif()
+
+# Generate VAL LIB
+include(${CMAKE_SOURCE_DIR}/val/val.cmake)
+
+# Build test
+include(${PSA_SUITE_DIR}/suite.cmake)
+
+#add_dependencies(${TEST_COMBINE_LIB} ${ADAC_HOST_VAL_LIB} ${ADAC_HOST_PAL_LIB} ${ADAC_LIBS})
+add_executable(${ADAC_HOST_EXE} ${SUITE_CC_SOURCE})
+target_include_directories(${ADAC_HOST_EXE} PRIVATE
+ ${CMAKE_SOURCE_DIR}/val/include
+ )
+target_link_libraries (${ADAC_HOST_EXE} ${TEST_COMBINE_LIB}
+ ${ADAC_HOST_VAL_LIB}
+ ${ADAC_HOST_PAL_LIB}
+ ${ADAC_LIBS}
+ )
+
+# Include the files for make clean
+foreach(clean_item ${PSA_CLEAN_LIST})
+ set_property(DIRECTORY APPEND PROPERTY ADDITIONAL_MAKE_CLEAN_FILES ${clean_item})
+endforeach()
+
diff --git a/secure-debug/README.md b/secure-debug/README.md
new file mode 100644
index 0000000..8947afa
--- /dev/null
+++ b/secure-debug/README.md
@@ -0,0 +1,157 @@
+
+# PSA Secure Debug : Arm ADAC Test Suite
+
+## Introduction
+
+### ADAC Specification
+
+The ADAC specification defines the protocol that allows a target to securely authenticate a debug host. The specification targets software-only layers that sit above the physical debug link.
+
+The ADAC specification can be obtained at [ADAC specification](https://developer.arm.com/documentation/den0101/0000).
+
+### ADAC test suite
+
+The ADAC test suite checks if a device-side implementation conforms to the behavior described in the ADAC specification. The tests are self-checking, portable C-based tests with directed stimulus. The tests are expected to run on the host platform only. The tests drive the commands from the host platform via the debug link and verify the response obtained from the target platform.
+
+The tests are available as open source. The tests and the corresponding abstraction layers are available with an Apache v2.0 license allowing for external contribution.
+
+## Release details
+ - Release Version - 0.5
+ - Code Quality: Alpha <br />
+ The suite is in development. This indicates that the suite contains tests that has not been validated on any hardware platform. Please use this opportunity to suggest enhancements and point out errors.
+
+ - The ADAC tests are written for version Beta of the [ADAC specification](https://developer.arm.com/documentation/den0101/0000).
+ - This test suite is not a substitute for design verification.
+
+## Layers
+
+ADAC tests use a layered software-stack approach to enable porting across different test platforms. The constituents of the layered stack are:
+ - Test suite
+ - Validation Abstraction Layer (VAL)
+ - Platform Abstraction Layer (PAL)
+
+These tests are written on top of Validation Abstraction Layer (VAL) and Platform Abstraction Layer (PAL).
+
+The abstraction layers provide platform information and runtime environment to enable execution of the tests.
+
+In this release, PAL implementation uses unix sockets as the link layer for sending commands and receiving responses.
+
+Partners can also write their own abstraction layer implementations to allow ADAC tests to be run in other host platforms and support the debug link layer.
+
+## Scenarios
+
+The mapping of the rules in the specification to the test cases and the steps followed in the tests are mentioned in the [Scenario document](docs/psa_adac_scenarios.md) present in the docs/ folder.
+
+## Getting started
+
+
+Follow the instructions in the subsequent sections to get a copy of the source code on your local machine and build the tests. <br />
+See User guide document to get details on the steps involved in porting the test suite to your platform.
+This test suite is provided as a separate directory within the psa-arch-tests repository.
+
+### Prerequisites
+
+Before starting the test suite build, ensure that the following requirements are met:
+
+- Host Operating System : Ubuntu 16.04.4, RHEL 7, Windows 10
+- Scripting tools : Python 3.7.1
+- Other open-source tools : GNUARM 6.3.1, GCC 5.4.0 32-Bit (Linux Host), mingw 6.3.0 32-Bit (Windows Host)
+ CMake 3.1 or later
+
+
+## Download source
+To download the master branch of the repository, type the following command:
+
+ git clone https://github.com/ARM-software/psa-arch-tests.git
+
+To download the master branch of the psa-adac repository, type the following command:
+
+ git clone git@github.com:ARMmbed/psa-adac.git
+
+Note:
+ To obtain the access to the psa-adac repository and some of its dependent submodules, Arm Licensees may contact Arm through their partner managers.
+
+
+## Porting steps
+
+Refer to the [Porting Guide](docs/porting_guide_adac_host.md) document for porting steps for your host platform.
+Refer to the [User Guide](docs/Arm_Authenticated_Debug_Access_Control_Test_Suite_User_Guide.pdf) document in the docs folder for additional details.
+
+## Build steps
+
+To build ADAC test suite for a given host platform, execute the following commands: <br/>
+~~~
+ cd psa-arch-tests/secure-debug
+ git clone git@github.com:ARMmbed/psa-adac.git --recurse-submodules
+ mkdir <host_build_dir>
+ cd <host_build_dir>
+ cmake ../ -G<generator-name> -DTARGET=<target-name> -DCOMPILER=<compiler-selection> -DSUITE=<suite-selection>
+ where:
+ - <generator-name> "Unix Makefiles" - to generate Makefiles for Linux and Cygwin
+ "MinGW Makefiles" - to generate Makefiles for cmd.exe on Windows
+ - <target-name> target to build, as created in the platform/board directory
+ - <compiler-selection> GNU
+ Defaults to GNU if not specified
+ - <suite-selection> ADAC - specify the ADAC suite
+
+ To build project
+ cmake --build .
+ To clean
+ cmake --build . -- clean
+
+ For example:
+ cmake ../ -G"Unix Makefiles" -DTARGET=native -DSUITE=ADAC
+ cmake --build .
+~~~
+
+Note:
+ It is recommended to build each different build configurations in separate directories.
+
+### Build output
+The following ADAC test suite build outputs are available under host build directory, as created.
+
+ - psa_adac_test executable
+ - val and platform layer libraries
+
+## Test Suite Execution
+
+The current release provides a reference implementation of ADAC target which communicates with the host platform using unix sockets. In order to execute the test suite, please follow the steps below:
+
+ cd psa-arch-tests/secure-debug/psa-adac
+ make native
+
+To launch the target to run as a server instance, run the target executable in another terminal as shown:
+
+ cd psa-arch-tests/secure-debug/psa-adac
+ ./build/native/Debug/psa_adac_server coms.socket tools/test/resources/chains/chain.EcdsaP256-0
+
+To run the test suite, execute the following command from your host build directory <host_build_dir>:
+
+ ./psa_adac_test ../psa-adac/tools/test/resources/keys/EcdsaP256Key-0.pem \../psa-adac/tools/test/resources/chains/chain.EcdsaP256-0 ../psa-adac/coms.socket
+
+Note:
+ - Please look at the psa-adac directory for details about other target platforms.
+ - The keys and the certificate credentials for a supported cryptosystem can be generated using the tools provided in the psa-adac repository.
+ - The test suite is designed to run once per supported cryptosystem. Partners must ensure that the device must be provisioned with the correct certificates installed in the device's RoT.
+
+
+## Security implication
+
+ADAC test suite may run at higher privilege level. An attacker can utilize these tests to elevate privilege which can potentially reveal the platform secure attests. To prevent such security vulnerabilities into the production system, it is strongly recommended that ADAC test suite is run on development platforms. If it is run on production system, make sure system is scrubbed after running the test suite.
+
+## License
+
+Arm ADAC Architecture test suite is distributed under Apache v2.0 License.
+The psa-adac code repository is distributed under BSD-3-Clause License.
+
+
+## Feedback, contributions, and support
+
+ - For feedback, use the GitHub Issue Tracker that is associated with this repository.
+ - For support, send an email to support-psa-arch-tests@arm.com with details.
+ - Arm licensees can contact Arm directly through their partner managers.
+ - Arm welcomes code contributions through GitHub pull requests.
+
+--------------
+
+*Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.*
diff --git a/secure-debug/depends/rddi/linux-x86_64/README.txt b/secure-debug/depends/rddi/linux-x86_64/README.txt
new file mode 100644
index 0000000..80b9a82
--- /dev/null
+++ b/secure-debug/depends/rddi/linux-x86_64/README.txt
@@ -0,0 +1,6 @@
+This directory should include Linux x86_64 RDDI redistributables.
+
+These can be found in:
+- <Arm DS Install Directory>/sw/debugger/RDDI/redistributables/linux-x86_64/<compiler choice>/rel/
+
+<compiler choice>: Choose a compiler which matches your host system
diff --git a/secure-debug/depends/rddi/win_32-x86_64/README.txt b/secure-debug/depends/rddi/win_32-x86_64/README.txt
new file mode 100644
index 0000000..f78ccd8
--- /dev/null
+++ b/secure-debug/depends/rddi/win_32-x86_64/README.txt
@@ -0,0 +1,12 @@
+This directory should include Windows x86_64 RDDI redistributable and development libraries.
+
+Redistributables can be found in:
+- <Arm DS Install Directory>/sw/debugger/RDDI/redistributables/win_32-x86_64/<compiler choice>/rel/
+
+Development libraries can be found in:
+- <Arm DS Install Directory>/sw/debugger/RDDI/lib/win_32-x86_64/<compiler choice>/rel/
+
+<compiler choice>: Choose a compiler which matches your host system
+ Example compilers:
+ cl-16.00.40219.01 = Microsoft Visual Studio 2010
+ cl-19.00.24215.1 = Microsoft Visual Studio 2015 Update 3
diff --git a/secure-debug/docs/Arm_Authenticated_Debug_Access_Control_Test_Suite_User_Guide.pdf b/secure-debug/docs/Arm_Authenticated_Debug_Access_Control_Test_Suite_User_Guide.pdf
new file mode 100644
index 0000000..8f78f6d
--- /dev/null
+++ b/secure-debug/docs/Arm_Authenticated_Debug_Access_Control_Test_Suite_User_Guide.pdf
Binary files differ
diff --git a/secure-debug/docs/porting_guide_adac_host.md b/secure-debug/docs/porting_guide_adac_host.md
new file mode 100644
index 0000000..07f1c03
--- /dev/null
+++ b/secure-debug/docs/porting_guide_adac_host.md
@@ -0,0 +1,36 @@
+
+# Porting Guide: ADAC Test Suite
+-----------------------------------------------------
+
+## Introduction
+The ADAC test suite contains the *Platform Abstraction Layer* (PAL) which abstracts platform-specific information from the tests. You must implement and port the PAL interface functions to your host platform.
+
+This document provides the porting steps and the list of PAL APIs.
+
+## Porting steps
+
+### Adding a new target
+
+ 1. Create a new directory in **platform/<platform_name>**. For reference, see the existing platform **native** directory.
+ 2. Execute `cp -rf platform/native/ platform/<platform_name>/`.
+ 3. Update **platform/<platform_name>/CMakeLists.txt** appropriately to select the correct instances of PAL files for compilation.
+ 4. Refer to the **List of PAL APIs** section to view the list of PAL APIs that must be ported for your target platform. These API definitions are available in **val/include/pal_interfaces.h**. These APIs are written for native target platform. You can reuse the code if it works for your platform. Otherwise, you must port them for your platform-specific peripherals.
+ 5. The main.c requires path to the key and certificate chain that point to the host credentials. This must be provided as command-line arguments. You can provide debug link layer specific parameters as additional command-line arguments.
+ 6. If you want to use a pre-built debug communication interface, create a new directory under the depends directory and list your shared libraries within it. A placeholder for RDDI libraries is provided. You can then link these libraries to your platform.
+
+## List of PAL APIs
+Since the test suite is agnostic to various system platforms, you must port the following PAL APIs before building the tests. Implement these functions for your host platform. <br/>
+
+| No | Prototype | Description | Parameters |
+|----|-------------------------------------------------------|-----------------------------------------------------------------------------|-------------------------------------------------------------------------|
+| 01 | int pal_print(char *str, int32_t data); | Parses the input string and writes bytes into the message interface | str : Input String<br/>data : Value for format specifier<br/> |
+| 02 | int request_packet_send(request_packet_t *packet); | Writes the ADAC command frame into the communication buffer for transmit | request packet<br/> |
+| 03 | response_packet_t *response_packet_receive(); | Reads the ADAC command response from the communication buffer | None<br/> |
+| 04 | int pal_system_reset(void) | Resets the system and disconnects from device | None |
+
+## License
+Arm PSA test suite is distributed under Apache v2.0 License.
+
+--------------
+
+*Copyright (c) 2021 Arm Limited and Contributors. All rights reserved.*
diff --git a/secure-debug/docs/psa_adac_scenarios.md b/secure-debug/docs/psa_adac_scenarios.md
new file mode 100644
index 0000000..8d8fcae
--- /dev/null
+++ b/secure-debug/docs/psa_adac_scenarios.md
@@ -0,0 +1,28 @@
+# PSA ADAC Scenarios
+
+| Scenario ID | Section | Description | Test Cases |
+|-------------|------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------|
+| S_ADAC_001 | Commands | Verify that the following commands are recognized by the target and do not return SDP_INVALID_COMMAND status.<br />1. Discovery<br/>2. Authentication Start<br\>3. Authentication Response<br/>4. Close Session<br/>5. Lock Debug<br/> | TBD <br/> |
+| S_ADAC_002 | Commands | Send two authentication start commands back-to-back and verify that the challenge vector obtained in the response is different. | test_a001 <br/> |
+| S_ADAC_003 | Commands | Use discovery command to query the target for supported response fragment formats. Check that the following response fragments are supported: <br\>1. 0x200 token_adac<br\>2. 0x201 cert_adac<br\>| TBD <br/> |
+| S_ADAC_004 | Commands | Issue invalid response fragment as part of Authentication response and check that the target responds with SDP_FAILURE status.| TBD <br/> |
+| S_ADAC_005 | Commands | Issue a different command after starting the Authentication response command and check that the target responds with SDP_FAILURE status. | TBD <br/> |
+| S_ADAC_006 | Commands | Verify that for a multiple fragment Authentication response request, the device responds with a SDP_MORE_DATA_NEEDED status code after each response fragment.| TBD <br/> |
+| S_ADAC_007 | Commands | Check that the Close Session command always returns a SDP_SUCCESS status.| TBD <br/> |
+| S_ADAC_008 | Constraints| Provide a leaf certificate before a root certificate and verify that an error response is generated by the target.| TBD <br/> |
+| S_ADAC_009 | Constraints| Check that a certificate is rejected due to each of the following scope-limiting feature:1. Role<br/>2. Lifecycle<br/>| TBD <br/> |
+| S_ADAC_010 | Constraints| Check that if two or more distinct non-neutral values are present in the certificate chain, a failure response is obtained.| TBD <br/> |
+| S_ADAC_011 | Constraints| Request a permission value (perm_req) via authentication token which is denied due to a restrictive perm_mask field. Check that the authentication response is successful.| TBD <br/> |
+| S_ADAC_012 | Constraints| Request access to software partition with no software partition ID listed in the certificate chain. Check that success status is reported.| TBD <br/> |
+
+## Note
+
+1. The list of identified scenarios are not exhaustive and is subject to change.<br/>
+2. Some of the listed scenarios could be descoped or classified as testing limitation.<br />
+
+# License
+Arm PSA test suite is distributed under Apache v2.0 License.
+
+--------------
+
+*Copyright (c) 2021 Arm Limited and Contributors. All rights reserved.*
diff --git a/secure-debug/platform/native/CMakeLists.txt b/secure-debug/platform/native/CMakeLists.txt
new file mode 100644
index 0000000..a517d01
--- /dev/null
+++ b/secure-debug/platform/native/CMakeLists.txt
@@ -0,0 +1,31 @@
+#/** @file
+# * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+
+# Set the minimum required version of CMake for the project
+cmake_minimum_required(VERSION 3.10)
+PROJECT (platform_native)
+
+include_directories(
+ ${CMAKE_SOURCE_DIR}/platform/native/include
+ )
+
+add_library(platform_native STATIC)
+target_sources(platform_native PUBLIC
+ ${CMAKE_SOURCE_DIR}/platform/native/src/pal_interfaces.c
+ ${CMAKE_SOURCE_DIR}/platform/native/src/unix_msg.c
+ ${CMAKE_SOURCE_DIR}/platform/native/src/main.c
+ )
+target_link_libraries(platform_native mbedcrypto)
diff --git a/secure-debug/platform/native/include/pal_common.h b/secure-debug/platform/native/include/pal_common.h
new file mode 100644
index 0000000..c88dcf5
--- /dev/null
+++ b/secure-debug/platform/native/include/pal_common.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _PAL_COMMON_H_
+#define _PAL_COMMON_H_
+#include <platform.h>
+#include <stddef.h>
+/**
+ * @brief - Initialise the host-side channel for communication with device.
+ * @param - ctx Hook for platform-specific descriptor
+ * buffer Pointer to memory used for TX/RX
+ * buffer_size Size of allocated memory for TX/RX
+ * @return - SUCCESS/FAILURE
+**/
+int msg_interface_init(void *ctx, uint8_t buffer[], size_t size);
+
+/**
+ * @brief - Release the host-side channel for communication with device.
+ * @param - ctx Hook for platform-specific descriptor
+ * @return - SUCCESS/FAILURE
+**/
+int msg_interface_free(void *ctx);
+
+#endif
diff --git a/secure-debug/platform/native/include/platform.h b/secure-debug/platform/native/include/platform.h
new file mode 100644
index 0000000..2df84d9
--- /dev/null
+++ b/secure-debug/platform/native/include/platform.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef PSA_ADAC_PLATFORM_H
+#define PSA_ADAC_PLATFORM_H
+
+#include <stdint.h>
+#include <stddef.h>
+
+#ifdef PSA_ADAC_PLATFORM_CONFIG_FILE
+#include PSA_ADAC_PLATFORM_CONFIG_FILE
+#else
+#include <psa_adac_platform.h>
+#endif
+
+#ifndef PSA_ADAC_PLATFORM_BANNER
+#define PSA_ADAC_PLATFORM_BANNER "PSA ADAC "
+#endif
+
+void platform_init(void);
+void psa_adac_platform_init(void);
+
+#endif //PSA_ADAC_PLATFORM_H
diff --git a/secure-debug/platform/native/include/psa_adac_platform.h b/secure-debug/platform/native/include/psa_adac_platform.h
new file mode 100644
index 0000000..5e4e272
--- /dev/null
+++ b/secure-debug/platform/native/include/psa_adac_platform.h
@@ -0,0 +1,23 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef PSA_ADAC_NATIVE_PSA_ADAC_PLATFORM_H
+#define PSA_ADAC_NATIVE_PSA_ADAC_PLATFORM_H
+
+#define PSA_ADAC_MANAGER_IMPLICIT_TRANSPORT
+
+#endif //PSA_ADAC_NATIVE_PSA_ADAC_PLATFORM_H
diff --git a/secure-debug/platform/native/include/unix_msg.h b/secure-debug/platform/native/include/unix_msg.h
new file mode 100644
index 0000000..a21a165
--- /dev/null
+++ b/secure-debug/platform/native/include/unix_msg.h
@@ -0,0 +1,41 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef PSA_ADAC_UNIX_MSG_H
+#define PSA_ADAC_UNIX_MSG_H
+
+#include <stdint.h>
+#include <stdbool.h>
+
+#if !defined(_MSC_VER)
+#include <sys/types.h>
+#else // !defined(_MSC_VER)
+#include <BaseTsd.h>
+typedef SSIZE_T ssize_t;
+#endif // !defined(_MSC_VER)
+
+bool unix_socket_init(void);
+
+int unix_socket_server(const char *path);
+int unix_socket_client(const char *path);
+
+void unix_socket_close(int fd);
+
+ssize_t nwrite(int fd, const uint8_t *buf, size_t count);
+ssize_t nread(int fd, uint8_t *buf, size_t count);
+
+#endif //PSA_ADAC_UNIX_MSG_H
diff --git a/secure-debug/platform/native/src/main.c b/secure-debug/platform/native/src/main.c
new file mode 100644
index 0000000..86c563f
--- /dev/null
+++ b/secure-debug/platform/native/src/main.c
@@ -0,0 +1,57 @@
+/** @file
+ * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "pal_common.h"
+#include "unix_msg.h"
+
+int32_t val_entry(void);
+
+/**
+ @brief - PSA C main function, used for generating host-side test binaries.
+ @param - argc : the number of command line arguments.
+ argv : array containing command line arguments.
+ @return - error status
+**/
+extern uint8_t buffer[4096];
+uint8_t buffer[4096];
+char *key_file, *chain_file;
+
+int main(int argc, char *argv[])
+{
+ if (argc < 4) {
+ printf("Usage:\n\tpsa_adac_test <keyfile> <chainfile> <socket>\n\n");
+ exit(-1);
+ }
+
+ key_file = argv[1];
+ chain_file = argv[2];
+ char *socket_path = argv[3];
+ int fd;
+
+ fd = unix_socket_client(socket_path);
+ if (-1 == fd)
+ exit(-1);
+
+ msg_interface_init((void *) &fd, buffer, sizeof(buffer));
+
+ return val_entry();
+
+ msg_interface_free(NULL);
+ return 0;
+}
diff --git a/secure-debug/platform/native/src/pal_interfaces.c b/secure-debug/platform/native/src/pal_interfaces.c
new file mode 100644
index 0000000..9c33a5a
--- /dev/null
+++ b/secure-debug/platform/native/src/pal_interfaces.c
@@ -0,0 +1,245 @@
+/** @file
+ * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <psa_adac.h>
+#include <psa_adac_debug.h>
+#include "unix_msg.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#if !defined(_MSC_VER)
+ #include <unistd.h>
+#else // !defined(_MSC_VER)
+ #include <io.h>
+
+ // Disable warning about POSIX function names.
+ #pragma warning(disable : 4996)
+#endif // !defined(_MSC_VER)
+
+int static_buffer_msg_init(uint8_t *buffer, size_t size);
+int static_buffer_msg_release(void);
+
+#define PAL_STATUS_UNSUPPORTED_FUNC 0xFF
+
+typedef enum {
+ PAL_STATUS_SUCCESS = 0x0,
+ PAL_STATUS_ERROR = 0x80
+} pal_status_t;
+
+enum {
+ BUFFER_UNINITIALIZED = 0,
+ BUFFER_EMPTY,
+ BUFFER_REQUEST,
+ BUFFER_RESPONSE
+};
+static size_t static_buffer_size;
+static uint8_t *static_buffer_pointer;
+static uint8_t static_buffer_status = BUFFER_UNINITIALIZED;
+static int _fd;
+
+
+int pal_print(const char *str, int32_t data)
+{
+ if (printf(str, data) < 0)
+ {
+ return PAL_STATUS_ERROR;
+ }
+ return PAL_STATUS_SUCCESS;
+}
+
+void pal_terminate_simulation(void)
+{
+ ;
+}
+
+int pal_system_reset(void)
+{
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+}
+
+int static_buffer_msg_init(uint8_t *buffer, size_t size)
+{
+ int ret = -1;
+
+ if (static_buffer_status == BUFFER_UNINITIALIZED) {
+ static_buffer_size = size;
+ static_buffer_pointer = buffer;
+ static_buffer_status = BUFFER_EMPTY;
+ ret = 0;
+ }
+ return ret;
+}
+
+int static_buffer_msg_release(void)
+{
+ int ret = -1;
+
+ if (static_buffer_status == BUFFER_EMPTY) {
+ static_buffer_size = 0;
+ static_buffer_pointer = NULL;
+ static_buffer_status = BUFFER_UNINITIALIZED;
+ ret = 0;
+ }
+ return ret;
+}
+
+request_packet_t *request_packet_build(uint16_t command, uint8_t *data, size_t data_size)
+{
+ request_packet_t *request = NULL;
+
+ if ((static_buffer_status == BUFFER_EMPTY) &&
+ (data_size <= (static_buffer_size - sizeof(request_packet_t)))) {
+ request = (request_packet_t *) static_buffer_pointer;
+ request->command = command;
+ request->data_count = data_size / 4UL;
+ (void) memcpy((void *) request->data, (void *) data, data_size);
+ static_buffer_status = BUFFER_REQUEST;
+ }
+ return request;
+}
+
+request_packet_t *request_packet_lock(size_t *max_data_size)
+{
+ request_packet_t *request = NULL;
+
+ if (static_buffer_status == BUFFER_EMPTY) {
+ if (max_data_size != NULL)
+ *max_data_size = static_buffer_size - sizeof(response_packet_t);
+
+ request = (request_packet_t *) static_buffer_pointer;
+ static_buffer_status = BUFFER_REQUEST;
+ }
+ return request;
+}
+
+int request_packet_release(request_packet_t *packet)
+{
+ int ret = -1;
+
+ if (static_buffer_status == BUFFER_REQUEST) {
+ static_buffer_status = BUFFER_EMPTY;
+ ret = 0;
+ }
+ return ret;
+}
+
+response_packet_t *response_packet_lock(size_t *max_data_size)
+{
+ response_packet_t *response = NULL;
+
+ if (static_buffer_status == BUFFER_EMPTY) {
+ if (max_data_size != NULL)
+ *max_data_size = static_buffer_size - sizeof(response_packet_t);
+
+ response = (response_packet_t *) static_buffer_pointer;
+ static_buffer_status = BUFFER_RESPONSE;
+ }
+ return response;
+}
+
+int response_packet_release(response_packet_t *packet)
+{
+ int ret = -1;
+
+ if (static_buffer_status == BUFFER_RESPONSE) {
+ static_buffer_status = BUFFER_EMPTY;
+ ret = 0;
+ }
+ return ret;
+}
+
+int msg_interface_init(void *ctx, uint8_t buffer[], size_t buffer_size)
+{
+ unix_socket_init();
+
+ if (ctx == NULL)
+ return -1;
+
+ _fd = *((int *) ctx);
+ return static_buffer_msg_init(buffer, buffer_size);
+}
+
+int msg_interface_free(void *ctx)
+{
+ unix_socket_close(_fd);
+ _fd = -1;
+ return static_buffer_msg_release();
+}
+
+static int message_receive(int fd, uint8_t buffer[], size_t max, size_t *size)
+{
+ if (nread(fd, buffer, sizeof(request_packet_t)) != sizeof(request_packet_t)) {
+ PSA_ADAC_LOG_ERR("transport_unix", "Error receiving message header\n");
+ return -1;
+ }
+ request_packet_t *p = (request_packet_t *) buffer;
+
+ if (4 + p->data_count * 4 > max) {
+ PSA_ADAC_LOG_ERR("transport_unix", "Message would overflow buffer (%d > %d)\n",
+ 4 + p->data_count * 4, (int) max);
+ return -1;
+ }
+ if (p->data_count) {
+ if (nread(fd, (uint8_t *) p->data, p->data_count * 4) != p->data_count * 4) {
+ PSA_ADAC_LOG_ERR("transport_unix", "Error receiving message body\n");
+ return -1;
+ }
+ }
+ //PSA_ADAC_LOG_DUMP("msg", "receive", buffer, 4 + p->data_count * 4);
+ return 0;
+}
+
+static int message_send(int fd, uint8_t buffer[], size_t size)
+{
+ //PSA_ADAC_LOG_DUMP("msg", "send", buffer, size);
+ return nwrite(fd, (uint8_t *) buffer, size) == size ? 0 : -1;
+}
+
+int request_packet_send(request_packet_t *packet)
+{
+ if (packet == NULL)
+ return -1;
+
+ size_t size = sizeof(request_packet_t) + 4 * packet->data_count;
+
+ return message_send(_fd, (uint8_t *) packet, size);
+}
+
+response_packet_t *response_packet_receive()
+{
+ size_t max = 0;
+ response_packet_t *r = response_packet_lock(&max);
+
+ if (r != NULL) {
+ if (message_receive(_fd, (uint8_t *) r, max, NULL) == 0)
+ return r;
+
+ PSA_ADAC_LOG_ERR("transport_unix", "Error Receiving Response");
+ response_packet_release(r);
+ } else {
+ PSA_ADAC_LOG_ERR("transport_unix", "Error Locking Response");
+ }
+ return NULL;
+}
+
+void psa_adac_platform_init(void)
+{
+ ;
+}
+
diff --git a/secure-debug/platform/native/src/unix_msg.c b/secure-debug/platform/native/src/unix_msg.c
new file mode 100644
index 0000000..9a6e301
--- /dev/null
+++ b/secure-debug/platform/native/src/unix_msg.c
@@ -0,0 +1,156 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "unix_msg.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdbool.h>
+
+#if !defined(_MSC_VER)
+ #include <unistd.h>
+ #include <sys/socket.h>
+ #include <sys/un.h>
+#else // !defined(_MSC_VER)
+ #include <WinSock2.h>
+ #include <afunix.h>
+ #include <io.h>
+
+ // Disable warning about POSIX function names.
+ #pragma warning(disable : 4996)
+#endif // !defined(_MSC_VER)
+
+void unix_socket_close(int fd)
+{
+ if (fd != -1) {
+#if defined(_MSC_VER)
+ closesocket(fd);
+#else
+ close(fd);
+#endif
+ }
+}
+
+bool unix_socket_init(void)
+{
+#if defined(_MSC_VER)
+ static bool did_init_winsock;
+
+ did_init_winsock = false;
+ if (!did_init_winsock) {
+ WSADATA wsa_data = { 0 };
+
+ int result = WSAStartup(MAKEWORD(2, 2), &wsa_data);
+
+ if (result != 0) {
+ printf("WSAStartup failed with error: %d\n", result);
+ return false;
+ }
+ }
+#endif
+ return true;
+}
+
+int unix_socket_server(const char *path)
+{
+ struct sockaddr_un addr;
+ int fd;
+
+ fd = socket(AF_UNIX, SOCK_STREAM, 0);
+ if (fd == -1) {
+ perror("Error while calling socket()");
+ goto error;
+ }
+
+ memset(&addr, 0, sizeof(addr));
+ addr.sun_family = AF_UNIX;
+ strncpy(addr.sun_path, path, sizeof(addr.sun_path) - 1);
+
+ if (bind(fd, (struct sockaddr *) &addr, sizeof(addr)) != 0) {
+ perror("Error while calling bind()");
+ goto error;
+ }
+
+ if (listen(fd, 1) == -1) {
+ perror("Error while calling listen()");
+ goto error;
+ }
+ return fd;
+
+error:
+ unix_socket_close(fd);
+ return -1;
+}
+
+int unix_socket_client(const char *path)
+{
+ struct sockaddr_un addr;
+ int fd;
+
+ fd = socket(AF_UNIX, SOCK_STREAM, 0);
+ if (fd == -1) {
+ perror("Error while calling socket()");
+ goto error;
+ }
+
+ memset(&addr, 0, sizeof(addr));
+ addr.sun_family = AF_UNIX;
+ strncpy(addr.sun_path, path, sizeof(addr.sun_path) - 1);
+
+ if (connect(fd, (struct sockaddr *) &addr, sizeof(addr)) == -1) {
+ perror("Error while calling connect()");
+ goto error;
+ }
+ return fd;
+
+error:
+ unix_socket_close(fd);
+ return -1;
+}
+
+ssize_t nwrite(int fd, const uint8_t *buf, size_t count)
+{
+ const char *ptr = (const char *) buf;
+ ssize_t t;
+ size_t left = count;
+
+ while (left) {
+ t = send(fd, ptr, left, 0);
+ if (t < 0)
+ return -1;
+ left -= t;
+ ptr += t;
+ }
+ return count;
+}
+
+ssize_t nread(int fd, uint8_t *buf, size_t count)
+{
+ char *ptr = (char *) buf; /* Removes warning on pointer operation */
+ ssize_t t = 0;
+ size_t left = count;
+
+ while (left) {
+ t = recv(fd, ptr, left, 0);
+ if (t < 0)
+ return -1;
+ left -= t;
+ ptr += t;
+ }
+ return count;
+}
diff --git a/secure-debug/tests/adac/suite.cmake b/secure-debug/tests/adac/suite.cmake
new file mode 100644
index 0000000..167d305
--- /dev/null
+++ b/secure-debug/tests/adac/suite.cmake
@@ -0,0 +1,41 @@
+#/** @file
+# * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+foreach(test ${PSA_TEST_LIST})
+ include(${PSA_SUITE_DIR}/${test}/test.cmake)
+ foreach(source_file ${CC_SOURCE})
+ list(APPEND SUITE_CC_SOURCE
+ ${PSA_SUITE_DIR}/${test}/${source_file}
+ )
+ endforeach()
+ unset(CC_SOURCE)
+endforeach()
+
+add_definitions(${CC_OPTIONS})
+add_library(${TEST_COMBINE_LIB} STATIC ${SUITE_CC_SOURCE})
+
+# Test related Include directories
+foreach(test ${PSA_TEST_LIST})
+ target_include_directories(${TEST_COMBINE_LIB} PRIVATE ${PSA_SUITE_DIR}/${test})
+endforeach()
+
+target_include_directories(${TEST_COMBINE_LIB} PRIVATE
+ ${CMAKE_BINARY_DIR}
+ ${PSA_ROOT_DIR}/val/include
+ ${PSA_ROOT_DIR}/platform/${TARGET}/include
+)
+target_link_libraries(${TEST_COMBINE_LIB} mbedcrypto)
diff --git a/secure-debug/tests/adac/test_a001/test.cmake b/secure-debug/tests/adac/test_a001/test.cmake
new file mode 100644
index 0000000..c38649e
--- /dev/null
+++ b/secure-debug/tests/adac/test_a001/test.cmake
@@ -0,0 +1,21 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_a001.c
+)
+list(APPEND CC_OPTIONS )
diff --git a/secure-debug/tests/adac/test_a001/test_a001.c b/secure-debug/tests/adac/test_a001/test_a001.c
new file mode 100644
index 0000000..66f878e
--- /dev/null
+++ b/secure-debug/tests/adac/test_a001/test_a001.c
@@ -0,0 +1,86 @@
+/** @file
+ * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <psa_adac.h>
+#include <val_adac.h>
+#include "val_interfaces.h"
+
+#include "test_a001.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_SECURE_DEBUG_BASE, 1)
+#define TEST_DESC "Testing ADAC Protocol Host API| UT: psa_challenge\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+
+void test_entry(val_api_t *val_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ val_api_t *val = NULL;
+
+ val = val_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC);
+ val_adac_host_init();
+
+ uint8_t challenge1[CHALLENGE_SIZE], challenge2[CHALLENGE_SIZE], i;
+
+ request_packet_t *request;
+ response_packet_t *response;
+
+ if (PSA_SUCCESS != val_issue_command(SDP_AUTH_START_CMD, request, NULL, 0))
+ goto test_fail_exit;
+
+ response = val_await_response();
+ if (PSA_SUCCESS != val_parse_response(SDP_AUTH_START_CMD, response))
+ goto test_fail_exit;
+
+ psa_auth_challenge_t *challenge = (psa_auth_challenge_t *) response->data;
+
+ *challenge1 = (uint8_t)(challenge->challenge_vector);
+ response_packet_release(response);
+
+ if (PSA_SUCCESS != val_issue_command(SDP_AUTH_START_CMD, request, NULL, 0))
+ goto test_fail_exit;
+
+ response = val_await_response();
+ if (PSA_SUCCESS != val_parse_response(SDP_AUTH_START_CMD, response))
+ goto test_fail_exit;
+
+ challenge = (psa_auth_challenge_t *) response->data;
+
+ *challenge2 = (uint8_t)(challenge->challenge_vector);
+ response_packet_release(response);
+
+ for (i = 0; i < CHALLENGE_SIZE; i++) {
+ if (challenge1[i] != challenge2[i])
+ break;
+ }
+
+ if (i == CHALLENGE_SIZE) {
+ val->print(PRINT_ERROR, "Challenge response obtained is not unique\n", 0);
+ goto test_fail_exit;
+ } else {
+ val->print(PRINT_INFO, "Challenge response obtained is unique\n", 0);
+ goto test_end;
+ }
+
+test_fail_exit:
+ val_set_status(RESULT_FAIL(VAL_STATUS_TEST_FAILED));
+test_end:
+ val->test_exit();
+}
+
diff --git a/secure-debug/tests/adac/test_a001/test_a001.h b/secure-debug/tests/adac/test_a001/test_a001.h
new file mode 100644
index 0000000..5212fed
--- /dev/null
+++ b/secure-debug/tests/adac/test_a001/test_a001.h
@@ -0,0 +1,26 @@
+/** @file
+ * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_A001_TESTS_H_
+#define _TEST_A001_TESTS_H_
+
+#define test_entry CONCAT(test_entry_, a001)
+
+extern val_api_t *val;
+extern char *key_file;
+extern char *chain_file;
+
+#endif /* _TEST_A001_TESTS_H_ */
diff --git a/secure-debug/tests/adac/test_a002/test.cmake b/secure-debug/tests/adac/test_a002/test.cmake
new file mode 100644
index 0000000..c6318e9
--- /dev/null
+++ b/secure-debug/tests/adac/test_a002/test.cmake
@@ -0,0 +1,21 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_a002.c
+)
+list(APPEND CC_OPTIONS )
diff --git a/secure-debug/tests/adac/test_a002/test_a002.c b/secure-debug/tests/adac/test_a002/test_a002.c
new file mode 100644
index 0000000..dabbc34
--- /dev/null
+++ b/secure-debug/tests/adac/test_a002/test_a002.c
@@ -0,0 +1,124 @@
+/** @file
+ * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <psa_adac.h>
+#include <val_adac.h>
+#include "val_interfaces.h"
+
+#include "test_a002.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_SECURE_DEBUG_BASE, 2)
+#define TEST_DESC "Testing ADAC Protocol Host API| UT: psa_connect\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+
+void test_entry(val_api_t *val_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ val_api_t *val = NULL;
+
+ val = val_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC);
+ val_adac_host_init();
+
+ uint8_t *chain = NULL;
+ size_t chain_size = 0;
+
+ if (PSA_SUCCESS != val_load_certificate_chain(chain_file, &chain, &chain_size))
+ goto test_fail_exit;
+
+ psa_tlv_t *exts[MAX_EXTENSIONS];
+ size_t exts_count = 0;
+ uint8_t key_type;
+
+ if (PSA_SUCCESS != val_infer_cryptosystem((uint32_t *) chain, chain_size, exts,
+ &exts_count, &key_type)) {
+ goto test_fail_exit;
+ }
+
+ request_packet_t *request;
+
+ if (PSA_SUCCESS != val_issue_command(SDP_DISCOVERY_CMD, request, NULL, 0))
+ goto test_fail_exit;
+
+ response_packet_t *response;
+
+ response = val_await_response();
+ if (PSA_SUCCESS != val_parse_response(SDP_DISCOVERY_CMD, response))
+ goto test_fail_exit;
+
+ if (!val_check_cryptosystem_support(response, key_type))
+ goto test_fail_exit;
+
+ response_packet_release(response);
+
+ psa_key_handle_t handle;
+ uint8_t *key = NULL;
+ size_t key_size = 0;
+
+ if (PSA_SUCCESS != val_get_private_key(key_file, &key_type, &handle, &key, &key_size))
+ goto test_fail_exit;
+
+ if (PSA_SUCCESS != val_issue_command(SDP_AUTH_START_CMD, request, NULL, 0))
+ goto test_fail_exit;
+
+ response = val_await_response();
+ if (PSA_SUCCESS != val_parse_response(SDP_AUTH_START_CMD, response))
+ goto test_fail_exit;
+
+ psa_auth_challenge_t *challenge = (psa_auth_challenge_t *) response->data;
+
+ uint8_t *token = NULL;
+ size_t token_size = 0;
+
+ if (PSA_SUCCESS != val_sign_token(challenge->challenge_vector,
+ sizeof(challenge->challenge_vector),
+ key_type, NULL, 0, &token, &token_size,
+ handle, key, key_size)) {
+ goto test_fail_exit;
+ }
+ response_packet_release(response);
+
+ if (PSA_SUCCESS != val_send_certificate(exts, exts_count))
+ goto test_fail_exit;
+
+ val->print(PRINT_INFO, "Sending token\n", 0);
+ if (PSA_SUCCESS != val_issue_command(SDP_AUTH_RESPONSE_CMD, request,
+ (uint8_t *)token, token_size)) {
+ goto test_fail_exit;
+ }
+
+ val->print(PRINT_INFO, "Receiving token_authentication response\n", 0);
+ response = val_await_response();
+ if (PSA_SUCCESS != val_parse_response(SDP_AUTH_RESPONSE_CMD, response))
+ goto test_fail_exit;
+
+ if (response->status == SDP_SUCCESS)
+ val->print(PRINT_INFO, "Target unlocked successfully\n", 0);
+ else
+ goto test_fail_exit;
+
+ response_packet_release(response);
+ goto test_end;
+
+test_fail_exit:
+ val_set_status(RESULT_FAIL(VAL_STATUS_TEST_FAILED));
+test_end:
+ val->test_exit();
+}
+
diff --git a/secure-debug/tests/adac/test_a002/test_a002.h b/secure-debug/tests/adac/test_a002/test_a002.h
new file mode 100644
index 0000000..da5f094
--- /dev/null
+++ b/secure-debug/tests/adac/test_a002/test_a002.h
@@ -0,0 +1,26 @@
+/** @file
+ * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_A002_TESTS_H_
+#define _TEST_A002_TESTS_H_
+
+#define test_entry CONCAT(test_entry_, a002)
+
+extern val_api_t *val;
+extern char *key_file;
+extern char *chain_file;
+
+#endif /* _TEST_A002_TESTS_H_ */
diff --git a/secure-debug/tests/adac/testsuite.db b/secure-debug/tests/adac/testsuite.db
new file mode 100644
index 0000000..9695860
--- /dev/null
+++ b/secure-debug/tests/adac/testsuite.db
@@ -0,0 +1,26 @@
+#/** @file
+# * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of initial_attestation suite
+
+(START)
+
+test_a001
+test_a002
+
+(END)
diff --git a/secure-debug/tools/cmake/common/CMakeSettings.cmake b/secure-debug/tools/cmake/common/CMakeSettings.cmake
new file mode 100644
index 0000000..e709dc0
--- /dev/null
+++ b/secure-debug/tools/cmake/common/CMakeSettings.cmake
@@ -0,0 +1,25 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+#Stop built in CMakeDetermine<lang>.cmake scripts to run.
+set (CMAKE_C_COMPILER_ID_RUN 1)
+#Stop cmake run compiler tests.
+set (CMAKE_C_COMPILER_FORCED true)
+
+set(CMAKE_STATIC_LIBRARY_PREFIX "")
+set(CMAKE_STATIC_LIBRARY_SUFFIX ".a")
+set(CMAKE_SHARED_LIBRARY_SUFFIX "")
diff --git a/secure-debug/tools/cmake/common/Utils.cmake b/secure-debug/tools/cmake/common/Utils.cmake
new file mode 100644
index 0000000..6013fef
--- /dev/null
+++ b/secure-debug/tools/cmake/common/Utils.cmake
@@ -0,0 +1,37 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+# Function to CMake arguments
+function(_check_arguments)
+ foreach(_ARG IN LISTS ARGV)
+ if(NOT DEFINED ${_ARG})
+ message(FATAL_ERROR "[PSA] : ${_ARG} is not passed! Please specify -D${_ARG}=<...> to CMake.")
+ endif()
+ endforeach()
+endfunction(_check_arguments)
+
+# Function to get all the folders inside given parent directory
+function(_get_sub_dir_list result parent_dir)
+ file(GLOB parent_dir_items RELATIVE ${parent_dir} ${parent_dir}/*)
+ set(dir_list "")
+ foreach(item ${parent_dir_items})
+ if(IS_DIRECTORY ${parent_dir}/${item})
+ list(APPEND dir_list ${item})
+ endif()
+ endforeach()
+ set(${result} ${dir_list} PARENT_SCOPE)
+endfunction(_get_sub_dir_list)
diff --git a/secure-debug/tools/cmake/compiler/ARMCLANG.cmake b/secure-debug/tools/cmake/compiler/ARMCLANG.cmake
new file mode 100644
index 0000000..c6a8b0d
--- /dev/null
+++ b/secure-debug/tools/cmake/compiler/ARMCLANG.cmake
@@ -0,0 +1,63 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+set(CMAKE_SYSTEM_NAME Generic)
+set(CMKE_SYSTEM_PROCESSOR ARM)
+
+set(_C_TOOLCHAIN_NAME armclang)
+
+if(WIN32)
+ if (NOT DEFINED ARMCLANG_PATH)
+ set(ARMCLANG_PATH "C:" CACHE PATH "Install directory for ARMCLANG Compiler")
+ endif()
+else(WIN32)
+ if (NOT DEFINED ARMCLANG_PATH)
+ set(ARMCLANG_PATH "/" CACHE PATH "Install directory for ARMCLANG Compiler")
+ endif()
+endif(WIN32)
+
+find_program(
+ _C_TOOLCHAIN_PATH
+ ${_C_TOOLCHAIN_NAME}
+ PATHS env PATH
+ HINTS ${ARMCLANG_PATH}
+ HINTS bin
+)
+
+if(_C_TOOLCHAIN_PATH STREQUAL "_C_TOOLCHAIN_PATH-NOTFOUND")
+ message(FATAL_ERROR "[PSA] : Couldn't find ${_C_TOOLCHAIN_NAME}."
+ " Either put ${_C_TOOLCHAIN_NAME} on the PATH or set ARMCLANG_PATH set properly.")
+endif()
+
+set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY)
+
+foreach(_LNG IN ITEMS "C" "ASM")
+ set(CMAKE_${_LNG}_COMPILER ${_C_TOOLCHAIN_PATH})
+ message(STATUS "[PSA] : ${_LNG} compiler used '${CMAKE_${_LNG}_COMPILER}'")
+endforeach()
+
+if(${CPU_ARCH} STREQUAL armv7m)
+ set(TARGET_SWITCH "-march=armv7-m")
+elseif(${CPU_ARCH} STREQUAL armv8m_ml)
+ set(TARGET_SWITCH "-march=armv8-m.main -mcmse")
+elseif(${CPU_ARCH} STREQUAL armv8m_bl)
+ set(TARGET_SWITCH "-march=armv8-m.base -mcmse")
+endif()
+
+set(CMAKE_C_FLAGS "--target=arm-arm-none-eabi ${TARGET_SWITCH} -g -Wall -Werror -Wextra -fshort-enums -fshort-wchar -funsigned-char -fdata-sections -ffunction-sections -mno-unaligned-access -mfpu=none")
+set(CMAKE_ASM_FLAGS "${TARGET_SWITCH} -mthumb")
+set(CMAKE_EXE_LINKER_FLAGS "--strict --map --symbols --xref --info=summarysizes,sizes,totals,unused,veneers --diag_warning=L6204")
diff --git a/secure-debug/tools/cmake/compiler/GNUARM.cmake b/secure-debug/tools/cmake/compiler/GNUARM.cmake
new file mode 100644
index 0000000..3bd8347
--- /dev/null
+++ b/secure-debug/tools/cmake/compiler/GNUARM.cmake
@@ -0,0 +1,63 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+set(CMAKE_SYSTEM_NAME Generic)
+set(CMKE_SYSTEM_PROCESSOR ARM)
+
+set(_C_TOOLCHAIN_NAME arm-none-eabi-gcc)
+
+if(WIN32)
+ if (NOT DEFINED GNUARM_PATH)
+ set(GNUARM_PATH "C:" CACHE PATH "Install directory for GNUARM Compiler")
+ endif()
+else(WIN32)
+ if (NOT DEFINED GNUARM_PATH)
+ set(GNUARM_PATH "/" CACHE PATH "Install directory for GNUARM Compiler")
+ endif()
+endif(WIN32)
+
+find_program(
+ _C_TOOLCHAIN_PATH
+ ${_C_TOOLCHAIN_NAME}
+ PATHS env PATH
+ HINTS ${GNUARM_PATH}
+ HINTS bin
+)
+
+if(_C_TOOLCHAIN_PATH STREQUAL "_C_TOOLCHAIN_PATH-NOTFOUND")
+ message(FATAL_ERROR "[PSA] : Couldn't find ${_C_TOOLCHAIN_NAME}."
+ " Either put ${_C_TOOLCHAIN_NAME} on the PATH or set GNUARM_PATH set properly.")
+endif()
+
+set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY)
+
+foreach(_LNG IN ITEMS "C" "ASM")
+ set(CMAKE_${_LNG}_COMPILER ${_C_TOOLCHAIN_PATH})
+ message(STATUS "[PSA] : ${_LNG} compiler used '${CMAKE_${_LNG}_COMPILER}'")
+endforeach()
+
+if(${CPU_ARCH} STREQUAL armv7m)
+ set(TARGET_SWITCH "-march=armv7-m")
+elseif(${CPU_ARCH} STREQUAL armv8m_ml)
+ set(TARGET_SWITCH "-march=armv8-m.main -mcmse")
+elseif(${CPU_ARCH} STREQUAL armv8m_bl)
+ set(TARGET_SWITCH "-march=armv8-m.base -mcmse")
+endif()
+
+set(CMAKE_C_FLAGS "${TARGET_SWITCH} -g -Wall -Werror -Wextra -fdata-sections -ffunction-sections -mno-unaligned-access")
+set(CMAKE_ASM_FLAGS "${TARGET_SWITCH} -mthumb")
+set(CMAKE_EXE_LINKER_FLAGS "-Xlinker --fatal-warnings -Xlinker --gc-sections -z max-page-size=0x400 -lgcc -lc -lnosys")
diff --git a/secure-debug/tools/cmake/compiler/HOST_GCC.cmake b/secure-debug/tools/cmake/compiler/HOST_GCC.cmake
new file mode 100644
index 0000000..5b43cb0
--- /dev/null
+++ b/secure-debug/tools/cmake/compiler/HOST_GCC.cmake
@@ -0,0 +1,52 @@
+#/** @file
+# * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+set(CMAKE_SYSTEM_NAME Generic)
+set(CMKE_SYSTEM_PROCESSOR x86_64)
+
+set(_C_TOOLCHAIN_NAME gcc)
+
+if(WIN32)
+ if (NOT DEFINED HOST_GCC_PATH)
+ set(HOST_GCC_PATH "C:" CACHE PATH "Install directory for Host GCC Compiler")
+ endif()
+else(WIN32)
+ if (NOT DEFINED HOST_GCC_PATH)
+ set(HOST_GCC_PATH "/" CACHE PATH "Install directory for Host GCC Compiler")
+ endif()
+endif(WIN32)
+
+find_program(
+ _C_TOOLCHAIN_PATH
+ ${_C_TOOLCHAIN_NAME}
+ PATHS env PATH
+ HINTS ${HOST_GCC_PATH}
+ HINTS bin
+)
+
+if(_C_TOOLCHAIN_PATH STREQUAL "_C_TOOLCHAIN_PATH-NOTFOUND")
+ message(FATAL_ERROR "[PSA] : Couldn't find ${_C_TOOLCHAIN_NAME}."
+ " Either put ${_C_TOOLCHAIN_NAME} on the PATH or set GNUARM_PATH set properly.")
+endif()
+
+set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY)
+
+foreach(_LNG IN ITEMS "C" "ASM")
+ set(CMAKE_${_LNG}_COMPILER ${_C_TOOLCHAIN_PATH})
+ set(CMAKE_C_FLAGS "-g -Wall -Werror -Werror -std=c99")
+ message(STATUS "[PSA] : ${_LNG} compiler used '${CMAKE_${_LNG}_COMPILER}'")
+endforeach()
diff --git a/secure-debug/tools/scripts/gen_tests_list.py b/secure-debug/tools/scripts/gen_tests_list.py
new file mode 100644
index 0000000..2bd0ab3
--- /dev/null
+++ b/secure-debug/tools/scripts/gen_tests_list.py
@@ -0,0 +1,87 @@
+#!/usr/bin/python
+#/** @file
+# * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+import sys
+
+if (len(sys.argv) != 8):
+ print("\nScript requires following inputs")
+ print("\narg1 : <INPUT SUITE identifier>")
+ print("\narg2 : <INPUT testsuite.db file>")
+ print("\narg3 : <OUTPUT testlist file>")
+ print("\narg4 : <OUTPUT test_entry_list>")
+ print("\narg5 : <OUTPUT test_entry_fn_declare_list>")
+ print("\narg6 : <OUTPUT Suite test start number")
+ print("\narg7 : <OUTPUT Suite test end number")
+ sys.exit(1)
+
+suite = sys.argv[1]
+testsuite_db_file = sys.argv[2]
+testlist_file = sys.argv[3]
+test_entry_list = sys.argv[4]
+test_entry_fn_declare_list = sys.argv[5]
+if sys.argv[6] != "None":
+ suite_test_start_number = int(sys.argv[6])
+else:
+ suite_test_start_number = 0
+if sys.argv[7] != "None":
+ suite_test_end_number = int(sys.argv[7])
+else:
+ suite_test_end_number = sys.maxsize
+
+# Dictionary to hold the mapping between suite and the base number
+suite_with_base_dict = {"adac":4}
+
+def gen_test_list():
+ """
+ Read the input testsuite.db file and generates the output file with list of tests
+ """
+ with open(testlist_file, mode='w') as o_f:
+ with open(testsuite_db_file, mode='r') as i_f:
+ for line in i_f:
+ if (('test_' == line[0:5]) and
+ (int(line[6:9]) >= suite_test_start_number) and
+ (int(line[6:9]) <= suite_test_end_number)):
+ o_f.write(line)
+
+def gen_test_entry_info():
+ """
+ Generate inc files
+ """
+ test_num = 0
+ uniq_test_string = ''
+ max_test_per_suite = 200
+ suite_base = 0
+
+ if (suite not in suite_with_base_dict.keys()):
+ print("\nProvide a valid SUITE identifier")
+ sys.exit()
+
+ with open(test_entry_list, mode='w') as o_f1, \
+ open(test_entry_fn_declare_list, mode='w') as o_f2,\
+ open(testlist_file, mode='r') as i_f:
+ for line in i_f:
+ line = line.strip()
+ test_num = int(line[6:9]) + (max_test_per_suite * suite_with_base_dict[suite])
+ uniq_test_string = line[5:9]
+ o_f1.write("\t{%d, &test_entry_%s},\n" %(test_num, uniq_test_string))
+ o_f2.write("void test_entry_%s(val_api_t *val_api);\n" %(uniq_test_string))
+ print("Test entry symbol list:\n\t%s,\n\t%s" %(test_entry_list, test_entry_fn_declare_list))
+
+# Call routines
+gen_test_list()
+gen_test_entry_info()
diff --git a/secure-debug/val/include/pal_interfaces.h b/secure-debug/val/include/pal_interfaces.h
new file mode 100644
index 0000000..9f7390f
--- /dev/null
+++ b/secure-debug/val/include/pal_interfaces.h
@@ -0,0 +1,93 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _PAL_INTERFACES_H_
+#define _PAL_INTERFACES_H_
+
+#include <stdarg.h>
+#include <psa_adac.h>
+
+/**
+ * @brief - This function parses the input string and writes bytes into logger TX FIFO
+ * @param - str : Input String
+ * - data : Value for format specifier
+ * @return - SUCCESS/FAILURE
+**/
+
+int pal_print(const char *str, int32_t data);
+
+/**
+ * @brief - Terminates the simulation at the end of all tests completion.
+ * By default, it put cpus into power down mode.
+ * @param - void
+ * @return - void
+**/
+void pal_terminate_simulation(void);
+
+/**
+ * @brief - Resets the system.
+ * @param - void
+ * @return - SUCCESS/FAILURE
+**/
+int pal_system_reset(void);
+
+request_packet_t *request_packet_lock(size_t *max_data_size);
+
+/**
+ * @brief - Reserve the communication buffer memory for receive packet.
+ * @param - max_data_size Valid size of command frame
+ * @return - Pointer to the command frame to be read
+**/
+response_packet_t *response_packet_lock(size_t *max_data_size);
+
+/**
+ * @brief - Release the lock held by transmit packet.
+ * @param - packet Most recent command frame sent
+ * @return - SUCCESS/FAILURE
+**/
+int request_packet_release(request_packet_t *packet);
+
+/**
+ * @brief - Release the lock held by receive packet.
+ * @param - packet Most recent response packet received
+ * @return - SUCCESS/FAILURE
+**/
+int response_packet_release(response_packet_t *packet);
+
+/**
+ * @brief - Construct the Request packet for the specified ADAC command.
+ * @param - command ADAC command
+ * data Pointer to payload
+ * data_size Size of the command payload
+ * @return - Pointer to the command frame to be written
+**/
+request_packet_t *request_packet_build(uint16_t command, uint8_t *data, size_t data_size);
+
+/**
+ * @brief - Write the Request packet into the communication buffer for transmit.
+ * @param - packet Request packet built for dispatch
+ * @return - SUCCESS/FAILURE
+**/
+int request_packet_send(request_packet_t *packet);
+
+/**
+ * @brief - Read the Response packet from the communication buffer.
+ * @param - None
+ * @return - Response packet received from target.
+**/
+response_packet_t *response_packet_receive();
+
+#endif
diff --git a/secure-debug/val/include/val.h b/secure-debug/val/include/val.h
new file mode 100644
index 0000000..8ac9a98
--- /dev/null
+++ b/secure-debug/val/include/val.h
@@ -0,0 +1,332 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_COMMON_H_
+#define _VAL_COMMON_H_
+
+#include <string.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <limits.h>
+#include <stdarg.h>
+
+typedef uint8_t bool_t;
+typedef uintptr_t addr_t;
+typedef uint32_t test_id_t;
+typedef uint32_t block_id_t;
+typedef char char8_t;
+typedef uint32_t cfg_id_t;
+
+/* Print verbosity = TEST */
+#ifndef VERBOSE
+#define VERBOSE 9
+#endif
+
+#ifndef VAL_NSPE_BUILD
+#define STATIC_DECLARE static
+#else
+#define STATIC_DECLARE
+#endif
+
+#ifndef __WEAK
+#define __WEAK __attribute__((weak))
+#endif
+
+#ifndef __UNUSED
+#define __UNUSED __attribute__((unused))
+#endif
+
+#ifndef TRUE
+#define TRUE 0
+#endif
+#ifndef FALSE
+#define FALSE 1
+#endif
+
+#define _CONCAT(A, B) A##B
+#define CONCAT(A, B) _CONCAT(A, B)
+
+/* test status defines */
+#define TEST_START 0x01
+#define TEST_END 0x02
+#define TEST_PASS 0x04
+#define TEST_FAIL 0x08
+#define TEST_SKIP 0x10
+#define TEST_PENDING 0x20
+
+#define TEST_NUM_BIT 32
+#define TEST_STATE_BIT 8
+#define TEST_STATUS_BIT 0
+
+#define TEST_NUM_MASK 0xFFFFFFFF
+#define TEST_STATE_MASK 0xFF
+#define TEST_STATUS_MASK 0xFF
+
+#define RESULT_START(status) (((TEST_START) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+#define RESULT_END(status) (((TEST_END) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+#define RESULT_PASS(status) (((TEST_PASS) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+#define RESULT_FAIL(status) (((TEST_FAIL) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+#define RESULT_SKIP(status) (((TEST_SKIP) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+#define RESULT_PENDING(status) (((TEST_PENDING) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+
+#define IS_TEST_FAIL(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_FAIL)
+#define IS_TEST_PASS(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_PASS)
+#define IS_TEST_SKIP(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_SKIP)
+#define IS_TEST_PENDING(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_PENDING)
+#define IS_TEST_START(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_START)
+#define IS_TEST_END(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_END)
+#define VAL_ERROR(status) ((status & TEST_STATUS_MASK) ? 1 : 0)
+
+
+
+/* Test Defines */
+#define TEST_PUBLISH(test_id, entry) \
+ const val_test_info_t __attribute__((section(".acs_test_info"))) \
+ CONCAT(acs_test_info, entry) = {test_id, entry}
+
+#define VAL_MAX_TEST_PER_COMP 200
+#define VAL_SECURE_DEBUG_BASE 4
+
+
+#define VAL_GET_COMP_NUM(test_id) \
+ ((test_id - (test_id % VAL_MAX_TEST_PER_COMP)) / VAL_MAX_TEST_PER_COMP)
+#define VAL_GET_TEST_NUM(test_id) (test_id % VAL_MAX_TEST_PER_COMP)
+#define VAL_CREATE_TEST_ID(comp, num) ((comp*VAL_MAX_TEST_PER_COMP) + num)
+
+#define TEST_FIELD(num1, num2) (num2 << 8 | num1)
+#define GET_TEST_ISOLATION_LEVEL(num) (num & 0x3)
+#define GET_WD_TIMOUT_TYPE(num) ((num >> 8) & 0x7)
+
+#define TEST_CHECKPOINT_NUM(n) n
+#define TEST(n) n
+#define BLOCK(n) n
+
+#define BLOCK_NUM_POS 8
+#define ACTION_POS 16
+#define GET_TEST_NUM(n) (0xff & n)
+#define GET_BLOCK_NUM(n) ((n >> BLOCK_NUM_POS) & 0xff)
+
+#define GET_ACTION_NUM(n) ((n >> ACTION_POS) & 0xff)
+#define TEST_EXECUTE_FUNC 1
+#define TEST_RETURN_RESULT 2
+#define INVALID_HANDLE 0x1234DEAD
+
+#define VAL_NVMEM_BLOCK_SIZE 4
+#define VAL_NVMEM_OFFSET(nvmem_idx) (nvmem_idx * VAL_NVMEM_BLOCK_SIZE)
+
+#define UART_INIT_SIGN 0xff
+#define UART_PRINT_SIGN 0xfe
+
+#define TEST_PANIC() \
+ do { \
+ } while (1)
+
+#define TEST_ASSERT_EQUAL(arg1, arg2, checkpoint) \
+ do { \
+ if ((arg1) != arg2) \
+ { \
+ val->print(PRINT_ERROR, "\tFailed at Checkpoint: %d\n", checkpoint); \
+ val->print(PRINT_ERROR, "\tActual: %d\n", arg1); \
+ val->print(PRINT_ERROR, "\tExpected: %d\n", arg2); \
+ return 1; \
+ } \
+ } while (0)
+
+#define TEST_ASSERT_DUAL(arg1, status1, status2, checkpoint) \
+ do { \
+ if ((arg1) != status1 && (arg1) != status2) \
+ { \
+ val->print(PRINT_ERROR, "\tFailed at Checkpoint: %d\n", checkpoint); \
+ val->print(PRINT_ERROR, "\tActual: %d\n", arg1); \
+ val->print(PRINT_ERROR, "\tExpected: %d", status1); \
+ val->print(PRINT_ERROR, "or %d\n", status2); \
+ return 1; \
+ } \
+ } while (0)
+
+#define TEST_ASSERT_NOT_EQUAL(arg1, arg2, checkpoint) \
+ do { \
+ if ((arg1) == arg2) \
+ { \
+ val->print(PRINT_ERROR, "\tFailed at Checkpoint: %d\n", checkpoint); \
+ val->print(PRINT_ERROR, "\tValue: %d\n", arg1); \
+ return 1; \
+ } \
+ } while (0)
+
+#define TEST_ASSERT_MEMCMP(buf1, buf2, size, checkpoint) \
+ do { \
+ if (memcmp(buf1, buf2, size)) \
+ { \
+ val->print(PRINT_ERROR, "\tFailed at Checkpoint: %d : ", checkpoint); \
+ val->print(PRINT_ERROR, "Unequal data in compared buffers\n", 0); \
+ return 1; \
+ } \
+ } while (0)
+
+#define TEST_ASSERT_RANGE(arg1, range1, range2, checkpoint) \
+ do { \
+ if ((arg1) < range1 || (arg1) > range2) \
+ { \
+ val->print(PRINT_ERROR, "\tFailed at Checkpoint: %d\n", checkpoint); \
+ val->print(PRINT_ERROR, "\tActual: %d\n", arg1); \
+ val->print(PRINT_ERROR, "\tExpected range: %d to ", range1); \
+ val->print(PRINT_ERROR, "%d", range2); \
+ return 1; \
+ } \
+ } while (0)
+
+/* enums */
+typedef enum {
+ CALLER_NONSECURE = 0x0,
+ CALLER_SECURE = 0x1,
+} caller_security_t;
+
+typedef enum {
+ TEST_ISOLATION_L1 = 0x1,
+ TEST_ISOLATION_L2 = 0x2,
+ TEST_ISOLATION_L3 = 0x3,
+} test_isolation_level_t;
+
+typedef enum {
+ LEVEL1 = 0x1,
+ LEVEL2,
+ LEVEL3,
+} isolation_level_t;
+
+typedef enum {
+ /* VAL uses this boot flag to mark first time boot of the system */
+ BOOT_UNKNOWN = 0x1,
+ /* VAL/Test uses this boot flag to catch any unwanted system reboot - SIM ERROR Cases*/
+ BOOT_NOT_EXPECTED = 0x2,
+ /* Test performs panic check for non-secure test run and expect reboot */
+ BOOT_EXPECTED_NS = 0x3,
+ /* Test performs panic check for secure test run and expect reboot */
+ BOOT_EXPECTED_S = 0x4,
+ /* Test expects reboot but it didn't happen */
+ BOOT_EXPECTED_BUT_FAILED = 0x5,
+ /* Test expects reboot for secure/non-secure test run. If reboot happens,
+ * re-enter the same test and execute the next check function
+ */
+ BOOT_EXPECTED_REENTER_TEST = 0x6,
+ /* Test expect reboot for the test run. If reboot happens,
+ * re-enter the same test and continue executing the same check function
+ */
+ BOOT_EXPECTED_CONT_TEST_EXEC = 0x7,
+} boot_state_t;
+
+typedef enum {
+ NV_BOOT = 0x0,
+ NV_TEST_ID_PREVIOUS = 0x1,
+ NV_TEST_ID_CURRENT = 0x2,
+ NV_TEST_CNT = 0x3,
+ NV_TEST_DATA1 = 0x4,
+ NV_TEST_DATA2 = 0x5,
+ NV_TEST_DATA3 = 0x6,
+} nvmem_index_t;
+
+/* enums to report test sub-state */
+typedef enum {
+ VAL_STATUS_SUCCESS = 0x0,
+ VAL_STATUS_INVALID = 0x10,
+ VAL_STATUS_ERROR = 0x11,
+ VAL_STATUS_NOT_FOUND = 0x12,
+ VAL_STATUS_LOAD_ERROR = 0x13,
+ VAL_STATUS_INSUFFICIENT_SIZE = 0x14,
+ VAL_STATUS_CONNECTION_FAILED = 0x15,
+ VAL_STATUS_CALL_FAILED = 0x16,
+ VAL_STATUS_READ_FAILED = 0x17,
+ VAL_STATUS_WRITE_FAILED = 0x18,
+ VAL_STATUS_ISOLATION_LEVEL_NOT_SUPP = 0x19,
+ VAL_STATUS_INIT_FAILED = 0x1A,
+ VAL_STATUS_SPM_FAILED = 0x1B,
+ VAL_STATUS_SPM_UNEXPECTED_BEH = 0x1C,
+ VAL_STATUS_FRAMEWORK_VERSION_FAILED = 0x1D,
+ VAL_STATUS_VERSION_API_FAILED = 0x1E,
+ VAL_STATUS_INVALID_HANDLE = 0x1F,
+ VAL_STATUS_INVALID_MSG_TYPE = 0x20,
+ VAL_STATUS_WRONG_IDENTITY = 0x21,
+ VAL_STATUS_MSG_INSIZE_FAILED = 0x22,
+ VAL_STATUS_MSG_OUTSIZE_FAILED = 0x23,
+ VAL_STATUS_SKIP_FAILED = 0x24,
+ VAL_STATUS_CRYPTO_FAILURE = 0x25,
+ VAL_STATUS_INVALID_SIZE = 0x26,
+ VAL_STATUS_DATA_MISMATCH = 0x27,
+ VAL_STATUS_BOOT_EXPECTED_BUT_FAILED = 0x28,
+ VAL_STATUS_INIT_ALREADY_DONE = 0x29,
+ VAL_STATUS_HEAP_NOT_AVAILABLE = 0x2A,
+ VAL_STATUS_UNSUPPORTED = 0x2B,
+ VAL_STATUS_DRIVER_FN_FAILED = 0x2C,
+ VAL_STATUS_NO_TESTS = 0X2D,
+ VAL_STATUS_TEST_FAILED = 0x2E,
+ VAL_STATUS_ERROR_MAX = INT_MAX,
+} val_status_t;
+
+/* verbosity enums */
+typedef enum {
+ PRINT_INFO = 1,
+ PRINT_DEBUG = 2,
+ PRINT_TEST = 3,
+ PRINT_WARN = 4,
+ PRINT_ERROR = 5,
+ PRINT_ALWAYS = 9
+} print_verbosity_t;
+
+/* Driver test function id enums */
+typedef enum {
+ TEST_PSA_EOI_WITH_NON_INTR_SIGNAL = 1,
+ TEST_PSA_EOI_WITH_MULTIPLE_SIGNALS = 2,
+ TEST_PSA_EOI_WITH_UNASSERTED_SIGNAL = 3,
+ TEST_INTR_SERVICE = 4,
+ TEST_ISOLATION_PSA_ROT_DATA_RD = 5,
+ TEST_ISOLATION_PSA_ROT_DATA_WR = 6,
+ TEST_ISOLATION_PSA_ROT_STACK_RD = 7,
+ TEST_ISOLATION_PSA_ROT_STACK_WR = 8,
+ TEST_ISOLATION_PSA_ROT_HEAP_RD = 9,
+ TEST_ISOLATION_PSA_ROT_HEAP_WR = 10,
+ TEST_ISOLATION_PSA_ROT_MMIO_RD = 11,
+ TEST_ISOLATION_PSA_ROT_MMIO_WR = 12,
+} driver_test_fn_id_t;
+
+/* typedef's */
+typedef struct {
+ boot_state_t state;
+} boot_t;
+
+typedef struct {
+ uint32_t pass_cnt:8;
+ uint32_t skip_cnt:8;
+ uint32_t fail_cnt:8;
+ uint32_t sim_error_cnt:8;
+} test_count_t;
+
+typedef struct {
+ uint16_t test_num;
+ uint8_t block_num;
+} test_info_t;
+
+
+/* struture to capture test state */
+typedef struct {
+ uint16_t reserved;
+ uint8_t state;
+ uint8_t status;
+} test_status_buffer_t;
+
+typedef int32_t (*client_test_t)(caller_security_t caller);
+typedef int32_t (*server_test_t)(void);
+#endif /* VAL_COMMON_H */
diff --git a/secure-debug/val/include/val_adac.h b/secure-debug/val/include/val_adac.h
new file mode 100644
index 0000000..6086df9
--- /dev/null
+++ b/secure-debug/val/include/val_adac.h
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2021, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_ADAC_H_
+#define _VAL_ADAC_H_
+#include <psa_adac.h>
+
+/** \brief Token header
+ *
+ */
+typedef struct {
+ uint16_t type;
+ uint8_t *data;
+ size_t size;
+} adac_command_frame_t;
+
+void val_adac_host_init(void);
+psa_status_t val_load_certificate_chain(const char *chain_file, uint8_t **chain,
+ size_t *chain_size);
+psa_status_t val_infer_cryptosystem(uint32_t *chain, size_t chain_size, psa_tlv_t **extns_list,
+ size_t *extns_count, uint8_t *key_system);
+psa_status_t val_get_private_key(const char *key_file, uint8_t *type, psa_key_handle_t *handle,
+ uint8_t **key_ptr, size_t *size);
+request_packet_t *val_construct_command(uint16_t command, uint8_t *data, size_t data_size);
+psa_status_t val_issue_command(uint32_t command, request_packet_t *packet,
+ uint8_t *data, size_t data_size);
+response_packet_t *val_await_response(void);
+psa_status_t val_parse_response(uint32_t command, response_packet_t *packet);
+
+psa_status_t val_sign_token(uint8_t challenge[], size_t challenge_size, uint8_t signature_type,
+ uint8_t exts[], size_t exts_size, uint8_t *fragment[],
+ size_t *fragment_size, psa_key_handle_t handle,
+ uint8_t *key, size_t key_size);
+psa_status_t val_send_certificate(psa_tlv_t **extns_list, size_t extns_count);
+int val_check_cryptosystem_support(response_packet_t *packet, uint8_t key_system);
+
+#endif /* _VAL_ADAC_H_ */
diff --git a/secure-debug/val/include/val_dispatcher.h b/secure-debug/val/include/val_dispatcher.h
new file mode 100644
index 0000000..1419387
--- /dev/null
+++ b/secure-debug/val/include/val_dispatcher.h
@@ -0,0 +1,70 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_DISPATCHER_H_
+#define _VAL_DISPATCHER_H_
+
+#include "val.h"
+
+#define ELF_IDENT 16
+#define VAL_INVALID_TEST_ID 0xffffffff
+#define VAL_TEST_START_MARKER 0xfaceface
+#define VAL_TEST_END_MARKER 0xc3c3c3c3
+
+/* typedef's */
+typedef uint32_t elf32_word;
+typedef int32_t elf32_sword;
+typedef uint16_t elf32_half;
+typedef uint32_t elf32_off;
+typedef uint32_t elf32_addr;
+
+typedef struct {
+ unsigned char e_ident[ELF_IDENT]; /* ident bytes */
+ elf32_half e_type; /* file type */
+ elf32_half e_machine; /* target machine */
+ elf32_word e_version; /* file version */
+ elf32_addr e_entry; /* start address */
+ elf32_off e_phoff; /* phdr file offset */
+ elf32_off e_shoff; /* shdr file offset */
+ elf32_word e_flags; /* file flags */
+ elf32_half e_ehsize; /* sizeof ehdr */
+ elf32_half e_phentsize; /* sizeof phdr */
+ elf32_half e_phnum; /* number phdrs */
+ elf32_half e_shentsize; /* sizeof shdr */
+ elf32_half e_shnum; /* number shdrs */
+ elf32_half e_shstrndx; /* shdr string index */
+} elf_header_t;
+
+typedef struct {
+ elf32_word p_type; /* Segment type */
+ elf32_off p_offset; /* Segment file offset */
+ elf32_addr p_vaddr; /* Segment virtual address */
+ elf32_addr p_paddr; /* Segment physical address */
+ elf32_word p_filesz; /* Segment size in file */
+ elf32_word p_memsz; /* Segment size in memory */
+ elf32_word p_flags; /* Segment flags */
+ elf32_word p_align; /* Segment alignment */
+} elf_pheader_t;
+
+typedef struct {
+ uint32_t start_marker;
+ test_id_t test_id;
+ uint32_t elf_size;
+} test_header_t;
+
+int32_t val_dispatcher(test_id_t test_id_prev);
+#endif
diff --git a/secure-debug/val/include/val_entry.h b/secure-debug/val/include/val_entry.h
new file mode 100644
index 0000000..f4d173f
--- /dev/null
+++ b/secure-debug/val/include/val_entry.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_ENTRY_H_
+#define _VAL_ENTRY_H_
+
+#include "val_framework.h"
+
+#define PSA_ACS_MAJOR_VER 1
+#define PSA_ACS_MINOR_VER 2
+
+/**
+ @brief - PSA Test Suite C main function, does VAL init and calls test dispatcher
+ @param - None
+ @return - int32_t
+**/
+extern int32_t val_entry(void);
+#endif
diff --git a/secure-debug/val/include/val_framework.h b/secure-debug/val/include/val_framework.h
new file mode 100644
index 0000000..5d53cbb
--- /dev/null
+++ b/secure-debug/val/include/val_framework.h
@@ -0,0 +1,33 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#ifndef _VAL_INFRA_H_
+#define _VAL_INFRA_H_
+
+#include "val.h"
+#include "val_interfaces.h"
+
+/* prototypes */
+uint32_t val_report_status(void);
+val_status_t val_set_status(uint32_t status);
+uint32_t val_get_status(void);
+val_status_t val_err_check_set(uint32_t checkpoint, val_status_t status);
+void val_test_init(uint32_t test_num, char8_t *desc);
+void val_test_exit(void);
+
+#endif
diff --git a/secure-debug/val/include/val_interfaces.h b/secure-debug/val/include/val_interfaces.h
new file mode 100644
index 0000000..eca9a63
--- /dev/null
+++ b/secure-debug/val/include/val_interfaces.h
@@ -0,0 +1,79 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_INTERFACES_H_
+#define _VAL_INTERFACES_H_
+
+#include "val.h"
+#include "pal_interfaces.h"
+
+/* typedef's */
+typedef struct {
+ val_status_t (*print) (print_verbosity_t verbosity,
+ const char *string, int32_t data);
+ val_status_t (*set_status) (uint32_t status);
+ uint32_t (*get_status) (void);
+ void (*test_init) (uint32_t test_num, char8_t *desc);
+ void (*test_exit) (void);
+ val_status_t (*err_check_set) (uint32_t checkpoint, val_status_t status);
+} val_api_t;
+
+typedef void (*test_fptr_t)(val_api_t *val);
+
+typedef struct {
+ test_id_t test_id;
+ test_fptr_t entry_addr;
+} val_test_info_t;
+
+typedef enum {
+ VAL_TEST_IDX0 = 0x0,
+ VAL_TEST_IDX1 = 0x1,
+ VAL_TEST_IDX2 = 0x2,
+ VAL_TEST_IDX3 = 0x3,
+ VAL_TEST_IDX4 = 0x4,
+ VAL_TEST_IDX5 = 0x5,
+ VAL_TEST_IDX6 = 0x6,
+ VAL_TEST_IDX7 = 0x7,
+ VAL_TEST_IDX8 = 0x8,
+ VAL_TEST_IDX9 = 0x9,
+ VAL_TEST_IDX10 = 0xA,
+ VAL_TEST_IDX11 = 0xB,
+ VAL_TEST_IDX12 = 0xC,
+ VAL_TEST_IDX13 = 0xD,
+ VAL_TEST_IDX14 = 0xE,
+ VAL_TEST_IDX15 = 0xF,
+ VAL_TEST_IDX16 = 0x10,
+ VAL_TEST_IDX17 = 0x11,
+ VAL_TEST_IDX18 = 0x12,
+ VAL_TEST_IDX19 = 0x13,
+ VAL_TEST_IDX20 = 0x14,
+ VAL_TEST_IDX21 = 0x15,
+ VAL_TEST_IDX22 = 0x16,
+ VAL_TEST_IDX23 = 0x17,
+ VAL_TEST_IDX24 = 0x18,
+ VAL_TEST_IDX25 = 0x19,
+ VAL_TEST_IDX26 = 0x1A,
+ VAL_TEST_IDX27 = 0x1B,
+ VAL_TEST_IDX28 = 0x1C,
+ VAL_TEST_IDX29 = 0x1D,
+ VAL_TEST_IDX30 = 0x1E,
+} val_test_index_t;
+
+#include "test_entry_fn_declare_list.inc"
+
+void test_entry(val_api_t *val);
+#endif
diff --git a/secure-debug/val/include/val_peripherals.h b/secure-debug/val/include/val_peripherals.h
new file mode 100644
index 0000000..d5fa4e9
--- /dev/null
+++ b/secure-debug/val/include/val_peripherals.h
@@ -0,0 +1,26 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_PERIPHERALS_H_
+#define _VAL_PERIPHERALS_H_
+
+#include "val.h"
+
+val_status_t val_logger_init(void);
+val_status_t val_print(print_verbosity_t verbosity, const char *string, int32_t data);
+
+#endif
diff --git a/secure-debug/val/src/val_adac.c b/secure-debug/val/src/val_adac.c
new file mode 100644
index 0000000..53f02d1
--- /dev/null
+++ b/secure-debug/val/src/val_adac.c
@@ -0,0 +1,332 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include <val_adac.h>
+#include <psa_adac_cryptosystems.h>
+#include <psa_adac_sdm.h>
+#include <psa_adac_debug.h>
+#include <pal_interfaces.h>
+
+void val_adac_host_init(void)
+{
+ psa_adac_platform_init();
+ psa_crypto_init();
+}
+
+psa_status_t val_load_certificate_chain(const char *chain_file, uint8_t **chain, size_t *chain_size)
+{
+ int ret_val;
+ psa_status_t r = PSA_SUCCESS;
+
+ if (chain_file == NULL) {
+ printf("Error:Path not found\n");
+ r = PSA_ERROR_INVALID_ARGUMENT;
+ return r;
+ }
+ ret_val = load_trust_chain(chain_file, chain, chain_size);
+ if (ret_val != 0) {
+ printf("Error loading trust chain (%s)\n", chain_file);
+ r = PSA_ERROR_GENERIC_ERROR;
+ }
+ return r;
+}
+
+psa_status_t val_infer_cryptosystem(uint32_t *chain, size_t chain_size, psa_tlv_t **extns_list,
+ size_t *extns_count, uint8_t *key_system)
+{
+ int ret_val;
+ psa_status_t r = PSA_SUCCESS;
+ uint8_t key_type;
+ size_t count, i;
+ psa_tlv_t *current_extn;
+
+ ret_val = split_tlv_static(chain, chain_size, extns_list, MAX_EXTENSIONS, extns_count);
+ if (ret_val != 0) {
+ PSA_ADAC_LOG_ERR("host", "Error parsing trust chain\n");
+ r = PSA_ERROR_GENERIC_ERROR;
+ return r;
+ }
+ count = *extns_count;
+ if (count > MAX_EXTENSIONS) {
+ printf("Error:Extension count exceeded maximum allowed\n");
+ r = PSA_ERROR_NOT_PERMITTED;
+ return r;
+ }
+
+ PSA_ADAC_LOG_INFO("host", "Found %zu certificates\n", count);
+ for (i = 0; i < count; i++) {
+ current_extn = extns_list[i];
+ if ((current_extn)->type_id == 0x0201)
+ key_type = ((certificate_header_t *) current_extn->value)->key_type;
+ }
+ *key_system = key_type;
+ PSA_ADAC_LOG_INFO("host", "Cryptosystem detected: %d\n", key_type);
+ return r;
+}
+
+psa_status_t val_get_private_key(const char *key_file, uint8_t *type, psa_key_handle_t *handle,
+ uint8_t **key_ptr, size_t *size)
+{
+ int ret_val;
+ psa_status_t r = PSA_SUCCESS;
+ uint8_t key_type = *type;
+
+ if (key_file == NULL) {
+ printf("Error:Path not found\n");
+ r = PSA_ERROR_INVALID_ARGUMENT;
+ return r;
+ }
+
+ switch (key_type) {
+ case ECDSA_P256_SHA256:
+ case ECDSA_P521_SHA512:
+ case RSA_3072_SHA256:
+ case RSA_4096_SHA256:
+ case ED_25519_SHA512:
+ case ED_448_SHAKE256:
+ case SM_SM2_SM3:
+ ret_val = import_private_key(key_file, type, handle);
+ if (ret_val != 0) {
+ printf("Error importing private key (%s)\n", key_file);
+ r = PSA_ERROR_GENERIC_ERROR;
+ } else {
+ key_ptr = NULL;
+ size = 0;
+ }
+ break;
+
+ case CMAC_AES:
+ case HMAC_SHA256:
+ ret_val = load_secret_key(key_file, key_type, key_ptr, size);
+ if (ret_val != 0) {
+ printf("Error importing secret key (%s)\n", key_file);
+ r = PSA_ERROR_GENERIC_ERROR;
+ } else {
+ handle = NULL;
+ }
+ break;
+
+ default:
+ printf("Error: unsupported key type (0x%x)\n", key_type);
+ r = PSA_ERROR_NOT_SUPPORTED;
+ }
+ return r;
+}
+
+request_packet_t *val_construct_command(uint16_t cmd_type, uint8_t *data, size_t data_size)
+{
+ request_packet_t *packet = NULL;
+
+ switch (cmd_type) {
+ case SDP_RESUME_BOOT_CMD:
+ case SDP_LOCK_DEBUG_CMD:
+ case SDP_DISCOVERY_CMD:
+ case SDP_AUTH_START_CMD:
+ packet = request_packet_build(cmd_type, NULL, 0);
+ break;
+ case SDP_AUTH_RESPONSE_CMD:
+ if (data == NULL || data_size == 0) {
+ printf("Error: No payload specified\n");
+ break;
+ }
+ packet = request_packet_build((uint16_t)cmd_type, data, data_size);
+ break;
+ default:
+ //TO DO: Callback for vendor specific command construction
+ printf("Error: Unrecognized command. ID=(0x%x)\n", cmd_type);
+ }
+ return packet;
+}
+
+psa_status_t val_issue_command(uint32_t command, request_packet_t *packet,
+ uint8_t *data, size_t data_size)
+{
+ int ret_val;
+ psa_status_t r = PSA_SUCCESS;
+
+ packet = val_construct_command((uint16_t)command, data, data_size);
+
+ if (packet == NULL) {
+ printf("Command construction failed\n");
+ r = PSA_ERROR_GENERIC_ERROR;
+ return r;
+ }
+
+ switch (command) {
+ case SDP_DISCOVERY_CMD:
+ printf("Sending discovery request\n");
+ break;
+ case SDP_AUTH_START_CMD:
+ printf("Sending challenge request\n");
+ break;
+ case SDP_AUTH_RESPONSE_CMD:
+ printf("Sending authentication response\n");
+ break;
+ case SDP_RESUME_BOOT_CMD:
+ printf("Sending close session command\n");
+ break;
+ case SDP_LOCK_DEBUG_CMD:
+ printf("Sending lock debug request\n");
+ default:
+ //TO DO: Vendor specific message
+ printf("Error: Unrecognized command. ID=(0x%x)\n", command);
+ r = PSA_ERROR_NOT_SUPPORTED;
+ }
+ ret_val = request_packet_send(packet);
+ if (ret_val < 0)
+ r = PSA_ERROR_GENERIC_ERROR;
+
+ request_packet_release(packet);
+ return r;
+}
+
+response_packet_t *val_await_response(void)
+{
+ return response_packet_receive();
+}
+
+psa_status_t val_parse_response(uint32_t command, response_packet_t *packet)
+{
+ int ret_val;
+ psa_status_t r = PSA_SUCCESS;
+ size_t i;
+ psa_tlv_t *tlv;
+ psa_auth_challenge_t *challenge;
+
+ if (packet == NULL) {
+ printf("Error: Target response not obtained\n");
+ r = PSA_ERROR_COMMUNICATION_FAILURE;
+ return r;
+ }
+
+ switch (command) {
+ case SDP_DISCOVERY_CMD:
+ printf("Receiving discovery response...\n");
+ for (i = 0; (i + 4) < (packet->data_count * 4);) {
+ tlv = (psa_tlv_t *) (((uint8_t *)packet->data) + i);
+ i += sizeof(psa_tlv_t) + tlv->length_in_bytes;
+ }
+ break;
+ case SDP_AUTH_START_CMD:
+ printf("Receiving challenge\n");
+ printf("status = 0x%04x, data_count = %d\n", packet->status, packet->data_count);
+ if (packet->data_count * 4 != sizeof(psa_auth_challenge_t)) {
+ r = PSA_ERROR_GENERIC_ERROR;
+ return r;
+ }
+ challenge = (psa_auth_challenge_t *) packet->data;
+ PSA_ADAC_LOG_DUMP("host", "challenge", challenge->challenge_vector,
+ sizeof(challenge->challenge_vector));
+ break;
+ case SDP_AUTH_RESPONSE_CMD:
+ case SDP_RESUME_BOOT_CMD:
+ case SDP_LOCK_DEBUG_CMD:
+ printf("status = 0x%04x, data_count = %d\n", packet->status, packet->data_count);
+ break;
+ default:
+ r = PSA_ERROR_NOT_SUPPORTED;
+ }
+ return r;
+}
+
+psa_status_t val_sign_token(uint8_t challenge[], size_t challenge_size, uint8_t signature_type,
+ uint8_t exts[], size_t exts_size, uint8_t *fragment[],
+ size_t *fragment_size, psa_key_handle_t handle,
+ uint8_t *key, size_t key_size)
+{
+ psa_status_t r;
+
+ r = psa_adac_sign_token(challenge, challenge_size, signature_type, exts, exts_size,
+ fragment, fragment_size, handle, key, key_size);
+ if (r == PSA_SUCCESS) {
+ PSA_ADAC_LOG_DUMP("host", "token", *fragment, *fragment_size);
+ } else {
+ PSA_ADAC_LOG_ERR("host", "Error signing token\n");
+ r = PSA_ERROR_GENERIC_ERROR;
+ }
+ return r;
+}
+
+psa_status_t val_send_certificate(psa_tlv_t **extns_list, size_t extns_count)
+{
+ request_packet_t *request;
+ response_packet_t *response;
+ psa_status_t r;
+ uint8_t *payload;
+ size_t i, payload_size;
+ psa_tlv_t *current_extn;
+
+ for (size_t i = 0; i < extns_count; i++) {
+ current_extn = extns_list[i];
+ if (current_extn->type_id == 0x0201) {
+ payload = (uint8_t *)current_extn;
+ payload_size = current_extn->length_in_bytes + sizeof(psa_tlv_t);
+
+ printf("Sending Certificate\n");
+ r = val_issue_command(SDP_AUTH_RESPONSE_CMD, request, payload, payload_size);
+ if (r != PSA_SUCCESS)
+ return r;
+
+ printf("Receiving token_authentication response\n");
+ response = val_await_response();
+ r = val_parse_response(SDP_AUTH_RESPONSE_CMD, response);
+ if (r != PSA_SUCCESS)
+ return r;
+
+ if (response->status == SDP_NEED_MORE_DATA)
+ response_packet_release(response);
+ }
+ }
+ if (response->status != SDP_NEED_MORE_DATA) {
+ PSA_ADAC_LOG_ERR("host", "Unexpected response status %x\n", response->status);
+ r = PSA_ERROR_GENERIC_ERROR;
+ return r;
+ }
+ response_packet_release(response);
+ return r;
+}
+
+int val_check_cryptosystem_support(response_packet_t *packet, uint8_t key_system)
+{
+ int found = 0, j;
+ size_t i = 0;
+ psa_tlv_t *tlv;
+ uint8_t *key_support_types = NULL;
+
+ while ((i + 4) < (packet->data_count * 4)) {
+ tlv = (psa_tlv_t *) (((uint8_t *)packet->data) + i);
+ if (tlv->type_id == 0x0102) {
+ key_support_types = tlv->value;
+ for (j = 0; j < (tlv->length_in_bytes); j++) {
+ if (*(key_support_types+j) == key_system) {
+ found = 1;
+ break;
+ }
+ }
+ }
+ i += sizeof(psa_tlv_t) + tlv->length_in_bytes;
+ }
+
+ if (key_support_types == NULL)
+ printf("Cryptosystem Type ID not found in target's response\n");
+ else if (!found)
+ printf("Cryptosystem not supported by target\n");
+ else
+ printf("Cryptosystem supported by target\n");
+
+ return found;
+}
diff --git a/secure-debug/val/src/val_dispatcher.c b/secure-debug/val/src/val_dispatcher.c
new file mode 100644
index 0000000..86426cc
--- /dev/null
+++ b/secure-debug/val/src/val_dispatcher.c
@@ -0,0 +1,222 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_framework.h"
+#include "val_dispatcher.h"
+#include "val_interfaces.h"
+#include "val_peripherals.h"
+
+
+extern val_api_t val_api;
+
+/* gloabls */
+addr_t g_test_info_addr;
+
+/**
+ @brief - This function prints PSA_{SUITE}_API_VERSION_MAJOR
+ PSA_{SUITE}_API_VERSION_MINOR details.
+ @param - None
+ @return - None
+**/
+static void val_print_api_version(void)
+{
+#ifdef CRYPTO
+ val_print(PRINT_ALWAYS, " %d.", PSA_CRYPTO_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_CRYPTO_API_VERSION_MINOR);
+#endif
+#ifdef INTERNAL_TRUSTED_STORAGE
+ val_print(PRINT_ALWAYS, " %d.", PSA_ITS_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_ITS_API_VERSION_MINOR);
+#endif
+#ifdef PROTECTED_STORAGE
+ val_print(PRINT_ALWAYS, " %d.", PSA_PS_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_PS_API_VERSION_MINOR);
+#endif
+#ifdef STORAGE
+ val_print(PRINT_ALWAYS, " ITS %d.", PSA_ITS_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_ITS_API_VERSION_MINOR);
+ val_print(PRINT_ALWAYS, " and PS %d.", PSA_PS_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_PS_API_VERSION_MINOR);
+#endif
+#ifdef INITIAL_ATTESTATION
+ val_print(PRINT_ALWAYS, " %d.", PSA_INITIAL_ATTEST_API_VERSION_MAJOR);
+ val_print(PRINT_ALWAYS, "%d", PSA_INITIAL_ATTEST_API_VERSION_MINOR);
+#endif
+}
+
+/**
+ @brief - This function reads the test ELFs from RAM or secondary storage and loads into
+ system memory
+ @param - test_id : Returns the current test ID
+ - test_id_prev : Previous test ID.
+ @return - Error code
+**/
+val_status_t val_test_load(test_id_t *test_id, test_id_t test_id_prev)
+{
+ int i;
+ val_test_info_t test_list[] = {
+#include "test_entry_list.inc"
+ {VAL_INVALID_TEST_ID, NULL}
+ };
+
+ for (i = 0; i < (int)(sizeof(test_list)/sizeof(test_list[0])); i++)
+ {
+ if (test_id_prev == VAL_INVALID_TEST_ID)
+ {
+ *test_id = test_list[i].test_id;
+ g_test_info_addr = (addr_t) test_list[i].entry_addr;
+ return VAL_STATUS_SUCCESS;
+ }
+ else if (test_id_prev == test_list[i].test_id)
+ {
+ *test_id = test_list[i+1].test_id;
+ g_test_info_addr = (addr_t) test_list[i+1].entry_addr;
+ return VAL_STATUS_SUCCESS;
+ }
+ else if (test_list[i].test_id == VAL_INVALID_TEST_ID)
+ {
+ val_print(PRINT_DEBUG, "\n\nNo more valid tests found. Exiting.", 0);
+ *test_id = VAL_INVALID_TEST_ID;
+ return VAL_STATUS_SUCCESS;
+ }
+ }
+
+ *test_id = VAL_INVALID_TEST_ID;
+ val_print(PRINT_ERROR, "\n\nError: No more valid tests found. Exiting.", 0);
+ return VAL_STATUS_LOAD_ERROR;
+}
+
+/**
+ @brief - This function reads the function pointer addresses for
+ test_entry
+ @param - paddr : Returns the Test function address
+ @return - Returns val_status_t
+**/
+val_status_t val_get_test_entry_addr(addr_t *paddr)
+{
+ *paddr = g_test_info_addr;
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Execute the function pointer which was given to us by the test
+ @param - void
+**/
+void val_execute_test_fn(void)
+{
+ test_fptr_t fn_ptr;
+ addr_t addr;
+
+ val_get_test_entry_addr(&addr);
+ fn_ptr = (test_fptr_t)addr;
+ fn_ptr(&val_api);
+ return;
+}
+
+/*
+ @brief - Reads the pre-defined component name against given test_id
+ @param - test_id : Current Test ID
+ @return - Component name
+*/
+char *val_get_comp_name(test_id_t test_id)
+{
+ switch (VAL_GET_COMP_NUM(test_id))
+ {
+ case VAL_SECURE_DEBUG_BASE:
+ return "Secure Debug Suite";
+ default:
+ return "Unknown Suite";
+ }
+}
+
+/**
+ @brief - This function is responsible for setting up VAL infrastructure.
+ Loads test one by one from combine binary and calls test_entry
+ function of each test image.
+ @return - 0 if success Or error code for the failure.
+**/
+int32_t val_dispatcher(test_id_t test_id_prev)
+{
+
+ test_id_t test_id;
+ val_status_t status;
+ boot_t boot;
+ test_count_t test_count = {0,};
+ uint32_t test_result;
+
+ do
+ {
+ status = val_test_load(&test_id, test_id_prev);
+
+ if (VAL_ERROR(status))
+ {
+ return status;
+ }
+ else if (test_id == VAL_INVALID_TEST_ID)
+ {
+ break;
+ }
+ if (VAL_GET_COMP_NUM(test_id_prev) != VAL_GET_COMP_NUM(test_id))
+ {
+ val_print(PRINT_ALWAYS, "\nRunning.. ", 0);
+ val_print(PRINT_ALWAYS, val_get_comp_name(test_id), 0);
+ val_print(PRINT_ALWAYS, "\n******************************\n", 0);
+ }
+
+ val_execute_test_fn();
+
+ test_result = val_report_status();
+
+ switch (test_result)
+ {
+ case TEST_PASS:
+ test_count.pass_cnt += 1;
+ break;
+ case TEST_FAIL:
+ test_count.fail_cnt += 1;
+ break;
+ case TEST_SKIP:
+ test_count.skip_cnt += 1;
+ break;
+ case TEST_PENDING:
+ test_count.sim_error_cnt += 1;
+ break;
+ }
+
+ test_id_prev = test_id;
+ } while (1);
+
+ val_print(PRINT_ALWAYS, "\n************ ", 0);
+ val_print(PRINT_ALWAYS, val_get_comp_name(test_id_prev), 0);
+ val_print(PRINT_ALWAYS, " Report **********\n", 0);
+ val_print(PRINT_ALWAYS, "TOTAL TESTS : %d\n", test_count.pass_cnt + test_count.fail_cnt
+ + test_count.skip_cnt + test_count.sim_error_cnt);
+ val_print(PRINT_ALWAYS, "TOTAL PASSED : %d\n", test_count.pass_cnt);
+ val_print(PRINT_ALWAYS, "TOTAL SIM ERROR : %d\n", test_count.sim_error_cnt);
+ val_print(PRINT_ALWAYS, "TOTAL FAILED : %d\n", test_count.fail_cnt);
+ val_print(PRINT_ALWAYS, "TOTAL SKIPPED : %d\n", test_count.skip_cnt);
+ val_print(PRINT_ALWAYS, "******************************************\n", 0);
+
+ return (test_count.fail_cnt > 0) ? VAL_STATUS_TEST_FAILED : VAL_STATUS_SUCCESS;
+}
+
+
+
+
+
+
+
diff --git a/secure-debug/val/src/val_entry.c b/secure-debug/val/src/val_entry.c
new file mode 100644
index 0000000..1d13bcb
--- /dev/null
+++ b/secure-debug/val/src/val_entry.c
@@ -0,0 +1,64 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_entry.h"
+#include "val_framework.h"
+#include "val_peripherals.h"
+#include "val_dispatcher.h"
+
+int32_t val_entry(void);
+
+/**
+ @brief - PSA C main function, does VAL init and calls test dispatcher
+ @param - None
+ @return - status - error code
+**/
+int32_t val_entry(void)
+{
+ test_id_t test_id = VAL_INVALID_TEST_ID;
+ int32_t status;
+
+ status = val_logger_init();
+ if (VAL_ERROR(status))
+ {
+ goto exit;
+ }
+
+ /* Compliance header print */
+ if (test_id == VAL_INVALID_TEST_ID)
+ {
+ val_print(PRINT_ALWAYS, "\n***** PSA Architecture Test Suite - Version %d.",
+ PSA_ACS_MAJOR_VER);
+ val_print(PRINT_ALWAYS, "%d *****\n", PSA_ACS_MINOR_VER);
+ }
+
+ /* Call dispatcher routine*/
+ status = val_dispatcher(test_id);
+
+exit:
+ val_print(PRINT_ALWAYS, "\nEntering standby.. \n", 0);
+
+ pal_terminate_simulation();
+
+ return status;
+}
+
+//int main()
+//{
+// val_entry();
+// return 0;
+//}
diff --git a/secure-debug/val/src/val_framework.c b/secure-debug/val/src/val_framework.c
new file mode 100644
index 0000000..2a700b4
--- /dev/null
+++ b/secure-debug/val/src/val_framework.c
@@ -0,0 +1,172 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_framework.h"
+#include "val_interfaces.h"
+#include "val_dispatcher.h"
+#include "val_peripherals.h"
+#include "pal_interfaces.h"
+
+
+extern val_api_t val_api;
+
+
+/* globals */
+test_status_buffer_t g_status_buffer;
+
+/**
+ @brief - Parses input status for a given test and
+ outputs appropriate information on the console
+ @return - Test state
+**/
+uint32_t val_report_status(void)
+{
+ uint32_t status, state;
+
+ status = val_get_status();
+
+ state = (status >> TEST_STATE_BIT) & TEST_STATE_MASK;
+ status = status & TEST_STATUS_MASK;
+
+ switch (state)
+ {
+ case TEST_START:
+ state = TEST_FAIL;
+ val_print(PRINT_ALWAYS, "\nTEST RESULT: FAILED (Error Code=0x%x)\n",
+ VAL_STATUS_INIT_FAILED);
+ break;
+
+ case TEST_END:
+ state = TEST_PASS;
+ val_print(PRINT_ALWAYS, "\nTEST RESULT: PASSED\n", 0);
+ break;
+
+ case TEST_FAIL:
+ val_print(PRINT_ALWAYS, "\nTEST RESULT: FAILED (Error Code=0x%x)\n", status);
+ break;
+
+ case TEST_SKIP:
+ state = TEST_SKIP;
+ val_print(PRINT_ALWAYS, "\nTEST RESULT: SKIPPED (Skip Code=0x%x)\n", status);
+ break;
+
+ case TEST_PENDING:
+ val_print(PRINT_ALWAYS, "\nTEST RESULT: SIM ERROR (Error Code=0x%x)\n", status);
+ break;
+
+ default:
+ state = TEST_FAIL;
+ val_print(PRINT_ALWAYS, "\nTEST RESULT: FAILED(Error Code=0x%x)\n", VAL_STATUS_INVALID);
+ break;
+
+ }
+
+ val_print(PRINT_ALWAYS, "\n******************************************\n", 0);
+ return state;
+}
+
+/**
+ @brief - Records the state and status of test
+ @return - val_status_t
+**/
+val_status_t val_set_status(uint32_t status)
+{
+ g_status_buffer.state = ((status >> TEST_STATE_BIT) & TEST_STATE_MASK);
+ g_status_buffer.status = (status & TEST_STATUS_MASK);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Updates the state and status for a given test
+ @return - test status
+**/
+uint32_t val_get_status(void)
+{
+ return ((g_status_buffer.state) << TEST_STATE_BIT) | (g_status_buffer.status);
+}
+
+/*
+ @brief - This function checks if the input status argument is an error.
+ On error, we print the checkpoint value and set the status.
+ @param - checkpoint : Test debug checkpoint
+ - val_status_t : Test status
+ @return - returns the input status back to the program.
+*/
+
+val_status_t val_err_check_set(uint32_t checkpoint, val_status_t status)
+{
+ if (VAL_ERROR(status)) {
+ val_print(PRINT_ERROR, "\tCheckpoint %d : ", checkpoint);
+ val_print(PRINT_ERROR, "Error Code=0x%x \n", status);
+ val_set_status(RESULT_FAIL(status));
+ } else {
+ status = (val_get_status() & TEST_STATUS_MASK);
+ if (VAL_ERROR(status)) {
+ val_print(PRINT_ERROR, "\tCheckpoint %d : ", checkpoint);
+ val_print(PRINT_ERROR, "Error Code=0x%x \n", status);
+ } else {
+ val_print(PRINT_DEBUG, "\tCheckpoint %d \n", checkpoint);
+ }
+ }
+ return status;
+}
+
+/**
+ @brief This API prints the test number, description and
+ sets the test state to TEST_START on successful execution.
+ @param test_num :unique number identifying this test
+ @param desc :brief description of the test
+ @param test_bitfield :Addition test info such as
+ - test isolation level requirement
+ - Watchdog timeout type
+ @return void
+**/
+
+void val_test_init(uint32_t test_num, char8_t *desc)
+{
+ val_status_t status = VAL_STATUS_SUCCESS;
+
+ /*global init*/
+ g_status_buffer.state = TEST_FAIL;
+ g_status_buffer.status = VAL_STATUS_INVALID;
+
+ val_print(PRINT_ALWAYS, "\nTEST: %d | DESCRIPTION: ", test_num);
+ val_print(PRINT_ALWAYS, desc, 0);
+
+ val_set_status(RESULT_START(status));
+ return;
+}
+
+/**
+ @brief This API sets the test state to TEST_END if test is successfully passed.
+ @param none
+ @return none
+**/
+
+void val_test_exit(void)
+{
+ val_status_t status = VAL_STATUS_SUCCESS;
+
+ status = val_get_status();
+
+ /* return if test skipped or failed */
+ if (IS_TEST_FAIL(status) || IS_TEST_SKIP(status))
+ return;
+ else
+ val_set_status(RESULT_END(VAL_STATUS_SUCCESS));
+}
diff --git a/secure-debug/val/src/val_interfaces.c b/secure-debug/val/src/val_interfaces.c
new file mode 100644
index 0000000..63c041d
--- /dev/null
+++ b/secure-debug/val/src/val_interfaces.c
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "val_framework.h"
+#include "val_interfaces.h"
+#include "val_peripherals.h"
+
+/*VAL APIs to be used by test */
+const val_api_t val_api = {
+ .print = val_print,
+ .set_status = val_set_status,
+ .get_status = val_get_status,
+ .test_init = val_test_init,
+ .test_exit = val_test_exit,
+ .err_check_set = val_err_check_set,
+};
+
diff --git a/secure-debug/val/src/val_peripherals.c b/secure-debug/val/src/val_peripherals.c
new file mode 100644
index 0000000..e804485
--- /dev/null
+++ b/secure-debug/val/src/val_peripherals.c
@@ -0,0 +1,55 @@
+/** @file
+ * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_peripherals.h"
+#include "pal_interfaces.h"
+#include "val_framework.h"
+
+/* Global */
+uint32_t is_logger_init_done = 0;
+
+/*
+ @brief - Initialize UART.
+ This is client interface API of secure partition UART INIT API.
+ @param - None
+ @return - val_status_t
+*/
+val_status_t val_logger_init(void)
+{
+ is_logger_init_done = 1;
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Print module. This is client interface API of secure partition
+ val_print_sf API for nspe world
+ @param - verbosity: Print verbosity level
+ - string : Input string
+ - data : Value for format specifier
+ @return - val_status_t
+**/
+val_status_t val_print(print_verbosity_t verbosity, const char *string, int32_t data)
+{
+ if ((is_logger_init_done == 0) && (verbosity < VERBOSE))
+ {
+ return VAL_STATUS_SUCCESS;
+ }
+ return pal_print(string, data);
+}
+
+
+
diff --git a/secure-debug/val/val.cmake b/secure-debug/val/val.cmake
new file mode 100644
index 0000000..665db48
--- /dev/null
+++ b/secure-debug/val/val.cmake
@@ -0,0 +1,42 @@
+#/** @file
+# * Copyright (c) 2021 Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+if(NOT DEFINED PSA_ADAC_ROOT)
+ get_filename_component(PSA_ADAC_ROOT ${CMAKE_SOURCE_DIR}/psa-adac ABSOLUTE)
+endif()
+
+# Listing all the sources from val
+list(APPEND VAL_SRC_C
+ ${CMAKE_SOURCE_DIR}/val/src/val_entry.c
+ ${CMAKE_SOURCE_DIR}/val/src/val_adac.c
+ ${CMAKE_SOURCE_DIR}/val/src/val_dispatcher.c
+ ${CMAKE_SOURCE_DIR}/val/src/val_framework.c
+ ${CMAKE_SOURCE_DIR}/val/src/val_interfaces.c
+ ${CMAKE_SOURCE_DIR}/val/src/val_peripherals.c
+)
+
+# Create VAL library
+add_library(${ADAC_HOST_VAL_LIB} STATIC ${VAL_SRC_C})
+
+target_include_directories(${ADAC_HOST_VAL_LIB} PRIVATE
+ ${CMAKE_SOURCE_DIR}/val/include
+ ${CMAKE_BINARY_DIR}
+ ${PSA_ADAC_ROOT}/psa-adac/core/include
+ ${PSA_ADAC_ROOT}/psa-adac/sdm/include
+ )
+
+target_link_libraries(${ADAC_HOST_VAL_LIB} mbedcrypto)