diff options
author | Jamie Fox <jamie.fox@arm.com> | 2019-12-19 16:40:41 +0000 |
---|---|---|
committer | Jamie Fox <jamie.fox@arm.com> | 2020-01-13 11:23:56 +0000 |
commit | c0b668593dba12c17aa1bec8cd2dc653d52ce8c5 (patch) | |
tree | d466738b09ed06360fc0d2cb910b22931d15932b | |
parent | 52c65f0f18ca0890ee5ebe87d8861fe5b23a826f (diff) | |
download | trusted-firmware-m-c0b668593dba12c17aa1bec8cd2dc653d52ce8c5.tar.gz |
Test: Add Crypto test for key access control
Adds a test for access control for keys in the Crypto service based on
partition ID. Uses the Secure Client 2 test partition to attempt to
destroy a key belonging to another partition.
Change-Id: I2f3dfd2dfca0a9f7e9391836b190862b1df5dc18
Signed-off-by: Jamie Fox <jamie.fox@arm.com>
5 files changed, 104 insertions, 7 deletions
diff --git a/secure_fw/spm/tfm_spm_db.inc b/secure_fw/spm/tfm_spm_db.inc index 2fbdd90fc4..ce05fd6f0d 100644 --- a/secure_fw/spm/tfm_spm_db.inc +++ b/secure_fw/spm/tfm_spm_db.inc @@ -591,6 +591,7 @@ static int32_t dependencies_TFM_SP_SST_TEST[] = static int32_t dependencies_TFM_SP_SECURE_CLIENT_2[] = { TFM_ITS_GET_SID, + TFM_CRYPTO_SID, }; #endif /* TFM_PARTITION_TEST_SECURE_SERVICES */ @@ -843,7 +844,7 @@ const struct spm_partition_static_data_t static_data_list[] = , .partition_priority = TFM_PRIORITY(NORMAL), .partition_init = tfm_secure_client_2_init, - .dependencies_num = 1, + .dependencies_num = 2, .p_dependencies = dependencies_TFM_SP_SECURE_CLIENT_2, }, #endif /* TFM_PARTITION_TEST_SECURE_SERVICES */ diff --git a/test/suites/crypto/secure/crypto_sec_interface_testsuite.c b/test/suites/crypto/secure/crypto_sec_interface_testsuite.c index e8dc27e2c7..f9762ec7f7 100644 --- a/test/suites/crypto/secure/crypto_sec_interface_testsuite.c +++ b/test/suites/crypto/secure/crypto_sec_interface_testsuite.c @@ -1,11 +1,12 @@ /* - * Copyright (c) 2018-2019, Arm Limited. All rights reserved. + * Copyright (c) 2018-2020, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * */ #include "test/framework/test_framework_helpers.h" +#include "test/test_services/tfm_secure_client_2/tfm_secure_client_2_api.h" #include "tfm_api.h" #include "../crypto_tests_common.h" @@ -31,6 +32,7 @@ static void tfm_crypto_test_5030(struct test_result_t *ret); static void tfm_crypto_test_5031(struct test_result_t *ret); static void tfm_crypto_test_5032(struct test_result_t *ret); static void tfm_crypto_test_5033(struct test_result_t *ret); +static void tfm_crypto_test_5034(struct test_result_t *ret); static struct test_t crypto_tests[] = { {&tfm_crypto_test_5001, "TFM_CRYPTO_TEST_5001", @@ -75,6 +77,8 @@ static struct test_t crypto_tests[] = { "Secure key policy interface", {0} }, {&tfm_crypto_test_5033, "TFM_CRYPTO_TEST_5033", "Secure key policy check permissions", {0} }, + {&tfm_crypto_test_5034, "TFM_CRYPTO_TEST_5034", + "Key access control", {0} }, }; void register_testsuite_s_crypto_interface(struct test_suite_t *p_test_suite) @@ -200,3 +204,45 @@ static void tfm_crypto_test_5033(struct test_result_t *ret) { psa_policy_invalid_policy_usage_test(ret); } + +/** + * \brief Tests key access control based on partition ID + * + * \param[out] ret Test result + */ +static void tfm_crypto_test_5034(struct test_result_t *ret) +{ + psa_status_t status; + psa_key_handle_t key_handle; + psa_key_policy_t policy = PSA_KEY_POLICY_INIT; + + /* Allocate a transient key */ + status = psa_allocate_key(&key_handle); + if (status != PSA_SUCCESS) { + TEST_FAIL("Failed to allocate key"); + return; + } + + /* Setup the key policy */ + psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR); + status = psa_set_key_policy(key_handle, &policy); + if (status != PSA_SUCCESS) { + TEST_FAIL("Failed to set key policy"); + return; + } + + /* Attempt to destroy the key handle from the Secure Client 2 partition */ + status = tfm_secure_client_2_call_test( + TFM_SECURE_CLIENT_2_ID_CRYPTO_ACCESS_CTRL, + &key_handle, sizeof(key_handle)); + if (status != PSA_ERROR_NOT_PERMITTED) { + TEST_FAIL("Should not be able to destroy key from another partition"); + return; + } + + /* Destroy the key */ + status = psa_destroy_key(key_handle); + if (status != PSA_SUCCESS) { + TEST_FAIL("Error destroying a key"); + } +} diff --git a/test/test_services/tfm_secure_client_2/tfm_secure_client_2.c b/test/test_services/tfm_secure_client_2/tfm_secure_client_2.c index 463eb9b7aa..153caaccc0 100644 --- a/test/test_services/tfm_secure_client_2/tfm_secure_client_2.c +++ b/test/test_services/tfm_secure_client_2/tfm_secure_client_2.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019, Arm Limited. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -7,6 +7,7 @@ #include "tfm_secure_client_2_api.h" #include "psa/internal_trusted_storage.h" +#include "psa/crypto.h" #ifdef TFM_PSA_API #include "psa/service.h" @@ -15,7 +16,40 @@ #include "psa/client.h" #endif +#ifdef ENABLE_CRYPTO_SERVICE_TESTS +/** + * \brief Tests calling psa_destroy_key() with the supplied key handle. + * + * \param[in] arg Pointer to key handle + * \param[in] arg_len Length of arg in bytes + * + * \return Returns test result as specified in \ref psa_status_t + */ +static psa_status_t secure_client_2_test_crypto_access_ctrl(const void *arg, + size_t arg_len) +{ + psa_key_handle_t key_handle; + + if (arg_len != sizeof(key_handle)) { + return PSA_ERROR_PROGRAMMER_ERROR; + } + + key_handle = *((psa_key_handle_t *)arg); + + /* Attempt to destroy the key handle */ + return psa_destroy_key(key_handle); +} +#endif /* ENABLE_CRYPTO_SERVICE_TESTS */ + #ifdef ENABLE_INTERNAL_TRUSTED_STORAGE_SERVICE_TESTS +/** + * \brief Tests calling psa_its_get() with the supplied uid. + * + * \param[in] arg Pointer to uid + * \param[in] arg_len Length of arg in bytes + * + * \return Returns test result as specified in \ref psa_status_t + */ static psa_status_t secure_client_2_test_its_access_ctrl(const void *arg, size_t arg_len) { @@ -32,8 +66,18 @@ static psa_status_t secure_client_2_test_its_access_ctrl(const void *arg, /* Attempt to get one byte from the UID and return the resulting status */ return psa_its_get(uid, 0, sizeof(data), data, &p_data_length); } -#endif +#endif /* ENABLE_INTERNAL_TRUSTED_STORAGE_SERVICE_TESTS */ +/** + * \brief Calls the test function with the supplied ID and returns the result + * from the test function. + * + * \param[in] id The ID of the test function + * \param[in] arg Pointer to argument to pass to test function + * \param[in] arg_len Length of argument in bytes + * + * \return Returns test result as specified in \ref psa_status_t + */ static psa_status_t secure_client_2_dispatch(int32_t id, const void *arg, size_t arg_len) { @@ -42,6 +86,10 @@ static psa_status_t secure_client_2_dispatch(int32_t id, const void *arg, case TFM_SECURE_CLIENT_2_ID_ITS_ACCESS_CTRL: return secure_client_2_test_its_access_ctrl(arg, arg_len); #endif +#ifdef ENABLE_CRYPTO_SERVICE_TESTS + case TFM_SECURE_CLIENT_2_ID_CRYPTO_ACCESS_CTRL: + return secure_client_2_test_crypto_access_ctrl(arg, arg_len); +#endif default: return PSA_ERROR_PROGRAMMER_ERROR; } diff --git a/test/test_services/tfm_secure_client_2/tfm_secure_client_2.yaml b/test/test_services/tfm_secure_client_2/tfm_secure_client_2.yaml index c750c45360..0ae20c8b90 100644 --- a/test/test_services/tfm_secure_client_2/tfm_secure_client_2.yaml +++ b/test/test_services/tfm_secure_client_2/tfm_secure_client_2.yaml @@ -31,7 +31,8 @@ } ], "dependencies": [ - "TFM_ITS_GET" + "TFM_ITS_GET", + "TFM_CRYPTO" ], "linker_pattern": { "object_list": [ diff --git a/test/test_services/tfm_secure_client_2/tfm_secure_client_2_api.h b/test/test_services/tfm_secure_client_2/tfm_secure_client_2_api.h index 43877100a7..a6018c559f 100644 --- a/test/test_services/tfm_secure_client_2/tfm_secure_client_2_api.h +++ b/test/test_services/tfm_secure_client_2/tfm_secure_client_2_api.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019, Arm Limited. All rights reserved. + * Copyright (c) 2019-2020, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -17,7 +17,8 @@ extern "C" { #endif -#define TFM_SECURE_CLIENT_2_ID_ITS_ACCESS_CTRL 1001 +#define TFM_SECURE_CLIENT_2_ID_ITS_ACCESS_CTRL 1001 +#define TFM_SECURE_CLIENT_2_ID_CRYPTO_ACCESS_CTRL 2001 /** * \brief Calls the test function with the supplied ID within the execution |