diff --git a/README.md b/README.md
index 3d48e21a..bc119d98 100755
--- a/README.md
+++ b/README.md
@@ -11,11 +11,15 @@ For more information, visit the PSA webpage [here](https://developer.arm.com/pro
### PSA APIs specifications
-PSA APIs reference header files are located at [api-specs](api-specs/include) directory.
+PSA APIs reference header files are located at [api-specs](api-specs/) directory.
### PSA Functional API Certification
The [PSA Dev API tests](api-tests/dev_apis) are the basis for getting the PSA Functional API Certification. For more information on the certification program, see [psacertified.org](https://www.psacertified.org/functional-api-certification/)
+## GitHub branch
+ - For functional API certification, use the release branch and pick the appropriate release tag.
+ - To get the latest version of the code with bug fixes and new features, use the master branch.
+
## Architecture test suite
The current implementation of the Architecture test suite contains tests for following PSA specifications. Arm licensees may contact their partner manager to obtain a copy of this specification.
diff --git a/api-specs/include/psa/initial_attestation.h b/api-specs/attestation/v1.0-beta0/include/psa/initial_attestation.h
similarity index 100%
rename from api-specs/include/psa/initial_attestation.h
rename to api-specs/attestation/v1.0-beta0/include/psa/initial_attestation.h
diff --git a/api-specs/attestation/v1.0/doc/IHI0085-PSA_Attestation_API-1.0.0.pdf b/api-specs/attestation/v1.0/doc/IHI0085-PSA_Attestation_API-1.0.0.pdf
new file mode 100755
index 00000000..2e8d7eae
Binary files /dev/null and b/api-specs/attestation/v1.0/doc/IHI0085-PSA_Attestation_API-1.0.0.pdf differ
diff --git a/api-specs/include/psa/crypto.h b/api-specs/crypto/v1.0-beta1/include/psa/crypto.h
similarity index 100%
rename from api-specs/include/psa/crypto.h
rename to api-specs/crypto/v1.0-beta1/include/psa/crypto.h
diff --git a/api-specs/include/psa/crypto_extra.h b/api-specs/crypto/v1.0-beta1/include/psa/crypto_extra.h
similarity index 100%
rename from api-specs/include/psa/crypto_extra.h
rename to api-specs/crypto/v1.0-beta1/include/psa/crypto_extra.h
diff --git a/api-specs/include/psa/crypto_platform.h b/api-specs/crypto/v1.0-beta1/include/psa/crypto_platform.h
similarity index 100%
rename from api-specs/include/psa/crypto_platform.h
rename to api-specs/crypto/v1.0-beta1/include/psa/crypto_platform.h
diff --git a/api-specs/include/psa/crypto_sizes.h b/api-specs/crypto/v1.0-beta1/include/psa/crypto_sizes.h
similarity index 100%
rename from api-specs/include/psa/crypto_sizes.h
rename to api-specs/crypto/v1.0-beta1/include/psa/crypto_sizes.h
diff --git a/api-specs/include/psa/crypto_struct.h b/api-specs/crypto/v1.0-beta1/include/psa/crypto_struct.h
similarity index 100%
rename from api-specs/include/psa/crypto_struct.h
rename to api-specs/crypto/v1.0-beta1/include/psa/crypto_struct.h
diff --git a/api-specs/include/psa/crypto_types.h b/api-specs/crypto/v1.0-beta1/include/psa/crypto_types.h
similarity index 100%
rename from api-specs/include/psa/crypto_types.h
rename to api-specs/crypto/v1.0-beta1/include/psa/crypto_types.h
diff --git a/api-specs/include/psa/crypto_values.h b/api-specs/crypto/v1.0-beta1/include/psa/crypto_values.h
similarity index 100%
rename from api-specs/include/psa/crypto_values.h
rename to api-specs/crypto/v1.0-beta1/include/psa/crypto_values.h
diff --git a/api-specs/crypto/v1.0-beta3/doc/IHI0086-PSA_Cryptography_API-1.0.0-beta.3.pdf b/api-specs/crypto/v1.0-beta3/doc/IHI0086-PSA_Cryptography_API-1.0.0-beta.3.pdf
new file mode 100755
index 00000000..ada13ba8
Binary files /dev/null and b/api-specs/crypto/v1.0-beta3/doc/IHI0086-PSA_Cryptography_API-1.0.0-beta.3.pdf differ
diff --git a/api-specs/crypto/v1.0/doc/IHI0086-PSA_Cryptography_API-1.0.0.pdf b/api-specs/crypto/v1.0/doc/IHI0086-PSA_Cryptography_API-1.0.0.pdf
new file mode 100755
index 00000000..0bf442a2
Binary files /dev/null and b/api-specs/crypto/v1.0/doc/IHI0086-PSA_Cryptography_API-1.0.0.pdf differ
diff --git a/api-specs/include/psa/internal_trusted_storage.h b/api-specs/storage/v1.0-beta2/include/psa/internal_trusted_storage.h
similarity index 100%
rename from api-specs/include/psa/internal_trusted_storage.h
rename to api-specs/storage/v1.0-beta2/include/psa/internal_trusted_storage.h
diff --git a/api-specs/include/psa/protected_storage.h b/api-specs/storage/v1.0-beta2/include/psa/protected_storage.h
similarity index 100%
rename from api-specs/include/psa/protected_storage.h
rename to api-specs/storage/v1.0-beta2/include/psa/protected_storage.h
diff --git a/api-specs/storage/v1.0/doc/IHI0087-PSA_Storage_API-1.0.0.pdf b/api-specs/storage/v1.0/doc/IHI0087-PSA_Storage_API-1.0.0.pdf
new file mode 100755
index 00000000..8153e080
Binary files /dev/null and b/api-specs/storage/v1.0/doc/IHI0087-PSA_Storage_API-1.0.0.pdf differ
diff --git a/api-tests/CMakeLists.txt b/api-tests/CMakeLists.txt
new file mode 100644
index 00000000..e1508b54
--- /dev/null
+++ b/api-tests/CMakeLists.txt
@@ -0,0 +1,429 @@
+#/** @file
+# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+# Set the minimum required version of CMake for the project
+cmake_minimum_required(VERSION 3.10)
+
+# cmake_policy
+cmake_policy(SET CMP0057 NEW)
+
+# Find python interpreter version 3 or greater
+find_package(PythonInterp 3 REQUIRED)
+# Find Git package
+find_package(Git REQUIRED)
+
+get_filename_component(PSA_ROOT_DIR . ABSOLUTE)
+
+list(APPEND CMAKE_MODULE_PATH ${PSA_ROOT_DIR}/tools/cmake)
+include("common/Utils")
+include(${PSA_ROOT_DIR}/tools/cmake/common/CMakeSettings.cmake)
+include(${PSA_ROOT_DIR}/tools/cmake/common/CMakeExternal.cmake)
+
+# list of supported suites
+list(APPEND PSA_SUITES
+ "IPC"
+ "CRYPTO"
+ "PROTECTED_STORAGE"
+ "INTERNAL_TRUSTED_STORAGE"
+ "INITIAL_ATTESTATION"
+)
+
+# list of ipc files required
+list(APPEND PSA_IPC_FILES
+ "psa/client.h"
+ "psa/service.h"
+ "psa/lifecycle.h"
+ "psa_manifest/sid.h"
+ "psa_manifest/pid.h"
+ "psa_manifest/driver_partition_psa.h"
+ "psa_manifest/client_partition_psa.h"
+ "psa_manifest/server_partition_psa.h"
+)
+
+# list of crypto files required
+list(APPEND PSA_CRYPTO_FILES
+ "psa/crypto.h"
+)
+
+# list of protected_storage files required
+list(APPEND PSA_PROTECTED_STORAGE_FILES
+ "psa/protected_storage.h"
+)
+
+# list of internal_trusted_storage files required
+list(APPEND PSA_INTERNAL_TRUSTED_STORAGE_FILES
+ "psa/internal_trusted_storage.h"
+)
+
+# list of initial_attestation files required
+list(APPEND PSA_INITIAL_ATTESTATION_FILES
+ "psa/initial_attestation.h"
+ "psa/crypto.h"
+)
+
+# list of supported toolchains
+list(APPEND PSA_TOOLCHAIN_SUPPORT
+ GNUARM
+ ARMCLANG
+ HOST_GCC
+)
+
+# list of suported CPU arch
+list(APPEND PSA_CPU_ARCH_SUPPORT
+ armv8m_ml
+ armv8m_bl
+ armv7m
+)
+
+# list of VERBOSE options
+list(APPEND PSA_VERBOSE_OPTIONS 1 2 3 4 5)
+
+# list of PLATFORM_PSA_ISOLATION_LEVEL options
+list(APPEND PLATFORM_PSA_ISOLATION_LEVEL_OPTIONS 1 2 3)
+
+message(STATUS "[PSA] : ----------Process input arguments- start-------------")
+
+# Check for TARGET command line argument
+_check_arguments("TARGET")
+# Check for SUTIE command line argument
+_check_arguments("SUITE")
+# Check for PSA_INCLUDE_PATHS command line argument
+_check_arguments("PSA_INCLUDE_PATHS")
+
+string(TOLOWER ${SUITE} SUITE_LOWER)
+
+# Check for valid targets
+_get_sub_dir_list(PSA_TARGET_LIST ${PSA_ROOT_DIR}/platform/targets)
+if(NOT ${TARGET} IN_LIST PSA_TARGET_LIST)
+ message(FATAL_ERROR "[PSA] : Error: Unspported value for -DTARGET=, supported targets are : ${PSA_TARGET_LIST}")
+else()
+ message(STATUS "[PSA] : TARGET is set to ${TARGET}")
+endif()
+
+# Check for the presence of required test suite directories
+if((NOT IS_DIRECTORY ${PSA_ROOT_DIR}/dev_apis) OR (NOT IS_DIRECTORY ${PSA_ROOT_DIR}/ff))
+ message(STATUS "[PSA] : Error: Could not find architecture test suite directories in psa root path ${PSA_ROOT_DIR}")
+endif()
+
+if(FALSE)
+# Check for build directory specified
+if(NOT DEFINED BUILD)
+ set(BUILD ${CMAKE_CURRENT_BINARY_DIR}/BUILD CACHE INTERNAL "Defaulting build directory to ${BUILD}" FORCE)
+else()
+ set(BUILD ${CMAKE_CURRENT_BINARY_DIR}/${BUILD}/BUILD CACHE INTERNAL "Defaulting build directory to ${BUILD}" FORCE)
+endif()
+endif()
+
+# Check for valid suite cmake argument passed
+if(NOT ${SUITE} IN_LIST PSA_SUITES)
+ message(FATAL_ERROR "[PSA] : Error: Unsupported value for -DSUITE=, select one from supported suites which are : ${PSA_SUITES}")
+else()
+ message(STATUS "[PSA] : SUITE is set to ${SUITE}")
+endif()
+
+# Project variables
+set(PSA_TARGET_PRE_BUILD psa_pre_build)
+set(PSA_TARGET_GENERATE_DATABASE_PRE psa_generate_database_prerequisite)
+set(PSA_TARGET_GENERATE_DATABASE psa_generate_database)
+set(PSA_TARGET_GENERATE_DATABASE_POST psa_generate_database_cleanup)
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ set(PSA_TARGET_QCBOR psa_qcbor)
+endif()
+set(PSA_TARGET_PAL_NSPE_LIB pal_nspe)
+set(PSA_TARGET_VAL_NSPE_LIB val_nspe)
+set(PSA_TARGET_TEST_COMBINE_LIB test_combine)
+set(PSA_TARGET_DRIVER_PARTITION_LIB driver_partition)
+set(PSA_TARGET_CLIENT_PARTITION_LIB client_partition)
+set(PSA_TARGET_SERVER_PARTITION_LIB server_partition)
+if(${SUITE} STREQUAL "IPC")
+ set(PSA_SUITE_DIR ${PSA_ROOT_DIR}/ff/${SUITE_LOWER})
+ set(PSA_SUITE_OUT_DIR ${CMAKE_CURRENT_BINARY_DIR}/ff/${SUITE_LOWER})
+else()
+ set(PSA_SUITE_DIR ${PSA_ROOT_DIR}/dev_apis/${SUITE_LOWER})
+ set(PSA_SUITE_OUT_DIR ${CMAKE_CURRENT_BINARY_DIR}/dev_apis/${SUITE_LOWER})
+endif()
+set(PSA_TARGET_CONFIG_HEADER_GENERATOR ${PSA_ROOT_DIR}/tools/scripts/target_cfg/targetConfigGen.py)
+set(PSA_TESTLIST_GENERATOR ${PSA_ROOT_DIR}/tools/scripts/gen_tests_list.py)
+set(TARGET_CONFIGURATION_FILE ${PSA_ROOT_DIR}/platform/targets/${TARGET}/target.cfg)
+set(TGT_CONFIG_SOURCE_C ${CMAKE_CURRENT_BINARY_DIR}/targetConfigGen.c)
+set(OUTPUT_HEADER target_database.h)
+set(DATABASE_TABLE_NAME target_database)
+set(DATABASE_TABLE_SECTION_NAME "NOSECTION")
+set(TARGET_HEADER_GEN_INCLUDE_PATHS "${PSA_ROOT_DIR}/val/nspe|${PSA_ROOT_DIR}/val/common|${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common|${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto")
+set(TESTSUITE_DB ${PSA_SUITE_DIR}/testsuite.db)
+set(PSA_TESTLIST_FILE ${CMAKE_CURRENT_BINARY_DIR}/testlist.txt)
+set(PSA_TEST_ENTRY_LIST_INC ${CMAKE_CURRENT_BINARY_DIR}/test_entry_list.inc)
+set(PSA_TEST_ENTRY_FUN_DECLARE_INC ${CMAKE_CURRENT_BINARY_DIR}/test_entry_fn_declare_list.inc)
+set(PSA_CLIENT_TEST_LIST_DELCARE_INC ${CMAKE_CURRENT_BINARY_DIR}/client_tests_list_declare.inc)
+set(PSA_CLIENT_TEST_LIST_INC ${CMAKE_CURRENT_BINARY_DIR}/client_tests_list.inc)
+set(PSA_SERVER_TEST_LIST_DECLARE_INC ${CMAKE_CURRENT_BINARY_DIR}/server_tests_list_declare.inc)
+set(PSA_SERVER_TEST_LIST ${CMAKE_CURRENT_BINARY_DIR}/server_tests_list.inc)
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ set(PSA_QCBOR_INCLUDE_PATH ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/inc)
+endif()
+
+# Validity check for required files for a given suite
+if(NOT DEFINED PSA_${SUITE}_FILES)
+ message(FATAL_ERROR "[PSA] : List of file/s to verify against ${suite} is not defined")
+endif()
+foreach(file_item ${PSA_${SUITE}_FILES})
+ set(PSA_FILE_FOUND FALSE)
+ foreach(include_path ${PSA_INCLUDE_PATHS})
+ if((EXISTS ${include_path}/${file_item}) AND
+ (NOT PSA_FILE_FOUND))
+ set(PSA_FILE_FOUND TRUE)
+ break()
+ endif()
+ endforeach()
+ if(NOT PSA_FILE_FOUND)
+ message(FATAL_ERROR "[PSA] : Couldn't find ${file_item} in ${PSA_INCLUDE_PATHS}")
+ endif()
+endforeach()
+
+# Check for TOOLCHAIN command line argument
+if(NOT DEFINED TOOLCHAIN)
+ set(TOOLCHAIN "GNUARM" CACHE INTERNAL "Compiler used" FORCE)
+ message(STATUS "[PSA] : Defaulting compiler to ${TOOLCHAIN}")
+else()
+ message(STATUS "[PSA] : TOOLCHAIN is set to ${TOOLCHAIN}")
+endif()
+
+if(${TOOLCHAIN} STREQUAL "ARMCLANG" OR ${TOOLCHAIN} STREQUAL "GNUARM")
+ if(NOT DEFINED CPU_ARCH)
+ message(FATAL_ERROR "[PSA] : Error: -DCPU_ARCH option missing")
+ else()
+ # Check for CPU architecture
+ if(NOT ${CPU_ARCH} IN_LIST PSA_CPU_ARCH_SUPPORT)
+ message(FATAL_ERROR "[PSA] : Error: Unsupported value for -DCPU_ARCH=, supported CPU arch are : ${PSA_CPU_ARCH_SUPPORT}")
+ endif()
+ endif()
+ message(STATUS "[PSA] : CPU_ARCH is set to ${CPU_ARCH}")
+endif()
+
+# Check for VERBOSE
+if(NOT DEFINED VERBOSE)
+ set(VERBOSE 3 CACHE INTERNAL "Default VERBOSE value" FORCE)
+ message(STATUS "[PSA] : Defaulting VERBOSE to ${VERBOSE}")
+else()
+ if(NOT ${VERBOSE} IN_LIST PSA_VERBOSE_OPTIONS)
+ message(FATAL_ERROR "[PSA] : Error: Unspported value for -DVERBOSE=, supported values are : ${PSA_VERBOSE_OPTIONS}")
+ endif()
+ message(STATUS "[PSA] : VERBOSE is set to ${VERBOSE}")
+endif()
+
+# Check for PLATFORM_PSA_ISOLATION_LEVEL
+if(NOT DEFINED PLATFORM_PSA_ISOLATION_LEVEL)
+ set(PLATFORM_PSA_ISOLATION_LEVEL 3 CACHE INTERNAL "Default PLATFORM_PSA_ISOLATION_LEVEL value" FORCE)
+ if(${SUITE} STREQUAL "IPC")
+ message(STATUS "[PSA] : Defaulting PLATFORM_PSA_ISOLATION_LEVEL to ${PLATFORM_PSA_ISOLATION_LEVEL}")
+ endif()
+else()
+ if(NOT ${PLATFORM_PSA_ISOLATION_LEVEL} IN_LIST PLATFORM_PSA_ISOLATION_LEVEL_OPTIONS)
+ message(FATAL_ERROR "[PSA] : Error: Unspported value for -DPLATFORM_PSA_ISOLATION_LEVEL=, supported values are : ${PLATFORM_PSA_ISOLATION_LEVEL_OPTIONS}")
+ endif()
+ if(${SUITE} STREQUAL "IPC")
+ message(STATUS "[PSA] : PLATFORM_PSA_ISOLATION_LEVEL is set to ${PLATFORM_PSA_ISOLATION_LEVEL}")
+ endif()
+endif()
+
+if(NOT DEFINED INCLUDE_PANIC_TESTS)
+ #By default panic tests are disabled
+ set(INCLUDE_PANIC_TESTS 0 CACHE INTERNAL "Default INCLUDE_PANIC_TESTS value" FORCE)
+ message(STATUS "[PSA] : Defaulting INCLUDE_PANIC_TESTS to ${INCLUDE_PANIC_TESTS}")
+else()
+ if(INCLUDE_PANIC_TESTS EQUAL 1)
+ message(STATUS "[PSA] : "
+ "INCLUDE_PANIC_TESTS set to 1, therefore including PSA APIs panic tests into the regression,\n"
+ "\tensure that watchdog.num is set to 1 in ${PSA_ROOT_DIR}/platform/targets/${TARGET}/target.cfg")
+ endif()
+endif()
+
+if(NOT DEFINED WATCHDOG_AVAILABLE)
+ #Assuming watchdog is available to program by test suite
+ set(WATCHDOG_AVAILABLE 1 CACHE INTERNAL "Default WATCHDOG_AVAILABLE value" FORCE)
+ message(STATUS "[PSA] : Defaulting WATCHDOG_AVAILABLE to ${WATCHDOG_AVAILABLE}")
+else()
+ message(STATUS "[PSA] : WATCHDOG_AVAILABLE is set to ${WATCHDOG_AVAILABLE}")
+endif()
+
+if((INCLUDE_PANIC_TESTS EQUAL 1) AND
+ (WATCHDOG_AVAILABLE EQUAL 0))
+ message(WARNING "[PSA]: "
+ "Note that to test PSA APIs panic conditions, test harness may require to access"
+ "the watchdog timer in oder to recover from panic and to be able to continue with"
+ "next test. Ignore this warning if system under test has capability to reset the"
+ "system when it encounters panic condition.")
+endif()
+
+if(NOT DEFINED SP_HEAP_MEM_SUPP)
+ #Are dynamic memory functions available to secure partition?
+ set(SP_HEAP_MEM_SUPP 1 CACHE INTERNAL "Default SP_HEAP_MEM_SUPP value" FORCE)
+ message(STATUS "[PSA] : Defaulting SP_HEAP_MEM_SUPP to ${SP_HEAP_MEM_SUPP}")
+endif()
+
+if(NOT DEFINED TEST_COMBINE_ARCHIVE)
+ #Default option is to create archive
+ set(TEST_COMBINE_ARCHIVE 1 CACHE INTERNAL "Default TEST_COMBINE_ARCHIVE value" FORCE)
+ message(STATUS "[PSA] : Defaulting TEST_COMBINE_ARCHIVE to ${TEST_COMBINE_ARCHIVE}")
+else()
+ message(STATUS "[PSA] : TEST_COMBINE_ARCHIVE is set to ${TEST_COMBINE_ARCHIVE}")
+endif()
+
+message(STATUS "[PSA] : ----------Process input arguments- complete-------------")
+
+
+if((${SUITE} STREQUAL "INITIAL_ATTESTATION") AND (NOT EXISTS ${PSA_TARGET_QCBOR}))
+# Clone QCBOR and move to specified tag
+execute_process(COMMAND ${GIT_EXECUTABLE} clone ${PSA_QCBOR_GIT_REPO_LINK} ${PSA_TARGET_QCBOR}
+ RESULT_VARIABLE ${PSA_TARGET_QCBOR}_clone_result
+ WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR})
+if(${PSA_TARGET_QCBOR}_clone_result)
+ message(FATAL_ERROR "git clone failed for ${PSA_QCBOR_GIT_REPO_LINK}")
+endif()
+
+if(NOT ${PSA_TARGET_QCBOR}_clone_result)
+execute_process(COMMAND ${GIT_EXECUTABLE} checkout -q "${PSA_QCBOR_GIT_REPO_TAG}"
+ RESULT_VARIABLE ${PSA_TARGET_QCBOR}_checkout_result
+ WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR})
+if(${PSA_TARGET_QCBOR}_checkout_result)
+ message(FATAL_ERROR "git checkout failed for Repo : ${PSA_QCBOR_GIT_REPO_LINK}, Tag : ${PSA_QCBOR_GIT_REPO_TAG}")
+endif()
+endif()
+endif()
+
+# Create PSA clean list
+list(APPEND PSA_CLEAN_LIST
+ ${CMAKE_CURRENT_BINARY_DIR}/${OUTPUT_HEADER}
+ ${PSA_TESTLIST_FILE}
+ ${PSA_TEST_ENTRY_LIST_INC}
+ ${PSA_TEST_ENTRY_FUN_DECLARE_INC}
+ ${PSA_CLIENT_TEST_LIST_DELCARE_INC}
+ ${PSA_CLIENT_TEST_LIST_INC}
+ ${PSA_SERVER_TEST_LIST_DECLARE_INC}
+ ${PSA_SERVER_TEST_LIST}
+)
+
+# Process testsuite.db
+message(STATUS "[PSA] : Creating testlist.txt 'available at ${PSA_TESTLIST_FILE}'")
+execute_process(COMMAND ${PYTHON_EXECUTABLE} ${PSA_TESTLIST_GENERATOR}
+ ${SUITE_LOWER}
+ ${TESTSUITE_DB}
+ ${INCLUDE_PANIC_TESTS}
+ ${PSA_TESTLIST_FILE}
+ ${PSA_TEST_ENTRY_LIST_INC}
+ ${PSA_TEST_ENTRY_FUN_DECLARE_INC}
+ ${PSA_CLIENT_TEST_LIST_DELCARE_INC}
+ ${PSA_CLIENT_TEST_LIST_INC}
+ ${PSA_SERVER_TEST_LIST_DECLARE_INC}
+ ${PSA_SERVER_TEST_LIST})
+
+# Creating CMake list variable from file
+file(READ ${PSA_TESTLIST_FILE} PSA_TEST_LIST)
+string(REGEX REPLACE "\n" ";" PSA_TEST_LIST "${PSA_TEST_LIST}")
+
+add_custom_target(
+ ${PSA_TARGET_GENERATE_DATABASE_PRE}
+ COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/platform
+ COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/val
+ COMMAND ${CMAKE_COMMAND} -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/partition
+ COMMAND ${CMAKE_COMMAND} -E make_directory ${PSA_SUITE_OUT_DIR}
+)
+
+# Generate target files from User provided data base
+include(ExternalProject)
+ExternalProject_Add(
+ ${PSA_TARGET_GENERATE_DATABASE}
+ PREFIX ${CMAKE_CURRENT_BINARY_DIR}
+ DOWNLOAD_COMMAND ""
+ UPDATE_COMMAND ""
+ PATCH_COMMAND ""
+ BUILD_COMMAND ""
+ SOURCE_DIR "${PSA_ROOT_DIR}/tools/scripts/target_cfg"
+ CMAKE_ARGS -DPYTHON_EXECUTABLE=${PYTHON_EXECUTABLE}
+ -DOUT_DIR=${CMAKE_CURRENT_BINARY_DIR}
+ -DTARGET=${TARGET}
+ -DGENERATOR_FILE=${PSA_TARGET_CONFIG_HEADER_GENERATOR}
+ -DINCLUDE_DIR=${PSA_ROOT_DIR}/val/common
+ -DTARGET_CONFIGURATION_FILE=${TARGET_CONFIGURATION_FILE}
+ -DTGT_CONFIG_SOURCE_C=${TGT_CONFIG_SOURCE_C}
+ -DOUTPUT_HEADER=${OUTPUT_HEADER}
+ -DDATABASE_TABLE_NAME=${DATABASE_TABLE_NAME}
+ -DDATABASE_TABLE_SECTION_NAME=${DATABASE_TABLE_SECTION_NAME}
+ -DTARGET_HEADER_GEN_INCLUDE_PATHS=${TARGET_HEADER_GEN_INCLUDE_PATHS}
+ LIST_SEPARATOR |
+ TEST_COMMAND ""
+)
+
+# Add custom target to clean generated files of the external project
+add_custom_target(
+ ${PSA_TARGET_GENERATE_DATABASE_POST}
+ COMMAND ${CMAKE_COMMAND} --build ${CMAKE_CURRENT_BINARY_DIR}/src/${PSA_TARGET_GENERATE_DATABASE}-build/ -- clean
+)
+
+# Check for supported toolchain/s
+if(${TOOLCHAIN} IN_LIST PSA_TOOLCHAIN_SUPPORT)
+ include(${PSA_ROOT_DIR}/tools/cmake/compiler/${TOOLCHAIN}.cmake)
+else()
+ message(FATAL_ERROR "[PSA] : Error: Unspported value for -DTOOLCHAIN=, supported toolchain are : ${PSA_TOOLCHAIN_SUPPORT}")
+endif()
+
+# Global macro to identify the PSA test suite cmake build
+add_definitions(-DPSA_CMAKE_BUILD)
+add_definitions(-D${SUITE})
+add_definitions(-DVERBOSE=${VERBOSE})
+add_definitions(-DPLATFORM_PSA_ISOLATION_LEVEL=${PLATFORM_PSA_ISOLATION_LEVEL})
+
+if(${SP_HEAP_MEM_SUPP} EQUAL 1)
+ add_definitions(-DSP_HEAP_MEM_SUPP)
+endif()
+
+# Build PAL NSPE LIB
+include(${PSA_ROOT_DIR}/platform/targets/${TARGET}/target.cmake)
+# Build VAL NSPE LIB
+#add_definitions(-DVAL_NSPE_BUILD)
+include(${PSA_ROOT_DIR}/val/val_nspe.cmake)
+# Build test
+include(${PSA_SUITE_DIR}/suite.cmake)
+if(${SUITE} STREQUAL "IPC")
+# Build SPE LIB
+include(${PSA_ROOT_DIR}/val/val_spe.cmake)
+endif()
+
+add_dependencies(${PSA_TARGET_GENERATE_DATABASE} ${PSA_TARGET_GENERATE_DATABASE_PRE})
+add_dependencies(${PSA_TARGET_GENERATE_DATABASE_POST} ${PSA_TARGET_GENERATE_DATABASE})
+add_dependencies(${PSA_TARGET_PAL_NSPE_LIB} ${PSA_TARGET_GENERATE_DATABASE_POST})
+add_dependencies(${PSA_TARGET_VAL_NSPE_LIB} ${PSA_TARGET_PAL_NSPE_LIB})
+add_dependencies(${PSA_TARGET_TEST_COMBINE_LIB} ${PSA_TARGET_VAL_NSPE_LIB})
+if(${SUITE} STREQUAL "IPC")
+add_dependencies(${PSA_TARGET_DRIVER_PARTITION_LIB} ${PSA_TARGET_TEST_COMBINE_LIB})
+add_dependencies(${PSA_TARGET_CLIENT_PARTITION_LIB} ${PSA_TARGET_DRIVER_PARTITION_LIB})
+add_dependencies(${PSA_TARGET_SERVER_PARTITION_LIB} ${PSA_TARGET_CLIENT_PARTITION_LIB})
+endif()
+
+# Include the files for make clean
+foreach(clean_item ${PSA_CLEAN_LIST})
+ set_property(DIRECTORY APPEND PROPERTY ADDITIONAL_MAKE_CLEAN_FILES ${clean_item})
+endforeach()
+
+set_property(TARGET ${PSA_TARGET_VAL_NSPE_LIB} PROPERTY ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/val)
+set_property(TARGET ${PSA_TARGET_PAL_NSPE_LIB} PROPERTY ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/platform)
+set_property(TARGET ${PSA_TARGET_TEST_COMBINE_LIB} PROPERTY ARCHIVE_OUTPUT_DIRECTORY ${PSA_SUITE_OUT_DIR})
+if(${SUITE} STREQUAL "IPC")
+set_property(TARGET ${PSA_TARGET_DRIVER_PARTITION_LIB} PROPERTY ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/partition)
+set_property(TARGET ${PSA_TARGET_CLIENT_PARTITION_LIB} PROPERTY ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/partition)
+set_property(TARGET ${PSA_TARGET_SERVER_PARTITION_LIB} PROPERTY ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/partition)
+endif()
diff --git a/api-tests/README.md b/api-tests/README.md
index cb664216..aa989847 100644
--- a/api-tests/README.md
+++ b/api-tests/README.md
@@ -18,20 +18,19 @@ The test suite for this specification is located in the **ff** directory of this
The test suite for this specification is located in the **dev_apis** directory of this repository. See the [PSA Developer APIs README](dev_apis/README.md) file for more details.
## Release Update
- - Release Version: 0.9
- - Code quality: Arm welcomes suggestions for enhancements and error corrections.
+ - Code Quality : REL v1.0
- This release contains following tests:
1. Developer APIs test list:
-| Test Category | Specification Version | Header File |
-|--------------------------|--------------------------------------|-----------------------------------------------------------------------------------|
-| Crypto | PSA Crypto API 1.0-Beta([mbedcrypto-1.0.0](https://github.com/ARMmbed/mbed-crypto/tree/mbedcrypto-1.0.0)) | [crypto.h](../api-specs/include/psa/crypto.h) |
-| Protected Storage | PSA Protected Storage API 1.0-Beta2 | [protected_storage.h](../api-specs/include/psa/protected_storage.h) |
-| Internal Trusted Storage | PSA Internal Trusted Storage API 1.0-Beta2 | [internal_trusted_storage.h](../api-specs/include/psa/internal_trusted_storage.h) |
-| Initial Attestation | PSA Initial Attestation API 1.0-Beta0 | [initial_attestation.h](../api-specs/include/psa/initial_attestation.h) |
+| Test Category | Specification Version |
+|--------------------------|--------------------------------------|
+| Crypto | [PSA Crypto API 1.0-Beta3](../api-specs/crypto/v1.0-beta3/doc/) |
+| Protected Storage | [PSA Protected Storage API 1.0.0](../api-specs/storage/v1.0/doc/) |
+| Internal Trusted Storage | [PSA Internal Trusted Storage API 1.0.0](../api-specs/storage/v1.0/doc/) |
+| Initial Attestation | [PSA Initial Attestation API 1.0.0](../api-specs/attestation/v1.0/doc/) |
-2. PSA-FF tests that are written for version 1.0-Beta1 of the PSA FF specification.
+2. PSA-FF tests that are written for the PSA FF 1.0 specification.
## License
@@ -46,4 +45,4 @@ Arm PSA test suite is distributed under Apache v2.0 License.
--------------
-*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2018-2020, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/dev_apis/README.md b/api-tests/dev_apis/README.md
index 518fe60e..2cdff611 100644
--- a/api-tests/dev_apis/README.md
+++ b/api-tests/dev_apis/README.md
@@ -31,32 +31,41 @@ Refer to the [PSA Developer APIs Test Suite Porting Guide](../docs/porting_guide
To build the test suite for your target platform, execute the following commands:
```
-cd api-tests
-./tools/scripts/setup.sh --target --cpu_arch --suite --build --include --archive_tests
+ cd api-tests
+ mkdir
+ cd
+ cmake ../ -G"" -DTARGET= -DCPU_ARCH= -DSUITE= -DPSA_INCLUDE_PATHS=";;...;"
+ cmake --build .
+```
+ Options information:
+
+- -G"" : "Unix Makefiles" to generate Makefiles for Linux and Cygwin. "MinGW Makefiles" to generate Makefiles for cmd.exe on Windows
+- -DTARGET= is the same as the name of the target-specific directory created in the **platform/targets/** directory. The current release has been tested on **tgt_dev_apis_tfm_an521**, **tgt_dev_apis_tfm_musca_b1** and **tgt_dev_apis_tfm_musca_a** platforms. Refer [Test_failure analysis](../docs/test_failure_analysis.md) document to know the reason for any known test fail.
+- -DTOOLCHAIN= Compiler toolchain to be used for test suite compilation. Supported values are GNUARM (GNU Arm Embedded), ARMCLANG (ARM Compiler 6.x) and HOST_GCC. Default is GNUARM.
+- -DCPU_ARCH= is the Arm Architecture version name for which the tests should be compiled. Supported CPU arch are armv8m_ml, armv8m_bl and armv7m. Default is empty. This option is unused when TOOLCHAIN type is HOST_GCC.
+- -DSUITE= is the suite name that is the same as the suite name available in **dev_apis/** directory.
+- -DVERBOSE=. Print verbosity level. Default is 3. Supported print levels are 1(INFO & above), 2(DEBUG & above), 3(TEST & above), 4(WARN & ERROR) and 5(ERROR).
+- -DBUILD= : To select the build directory to keep output files. Default is BUILD/ inside current directory.
+- -DWATCHDOG_AVAILABLE=<0|1>: Test harness may require to access watchdog timer to recover system hang. 0 means skip watchdog programming in the test suite and 1 means program the watchdog. Default is 1. Note, watchdog must be available for the tests which check the PSA API behaviour on the system reset.
+- -DPSA_INCLUDE_PATHS=";;...;" is an additional directory to be included into the compiler search path.You must provide Developer APIs header files implementation to the test suite build system using this option. For example, to compile Crypto tests, the include path must point to the path where **psa/crypto.h** is located in your build system. Bydefault, PSA_INCLUDE_PATHS accepts absolute path. However, relative path can be provided using below format:
+```
+ -DPSA_INCLUDE_PATHS=`readlink -f `
```
- where:
-
-- is the same as the name of the target-specific directory created in the **platform/targets/** directory.
-- is the Arm Architecture version name for which the tests should be compiled. For example, Armv7M, Armv8M-Baseline and Armv8M-Mainline Architecture.
-- is the suite name that is the same as the suite name available in **dev_apis/** directory.
-- is a directory to store build output files.
-- is an additional directory to be included into the compiler search path.
-Note: You must provide Developer APIs header file implementation to the test suite build system using this option. For example, to compile Crypto tests, the include path must point to the path where **psa/crypto.h** is located in your build system.
-- Use **--archive_tests** option to create a combined test archive (**test_combine.a**) file by combining available test object files. Absence of this option creates a combined test binary (**test_elf_combine.bin**) by combining the available test ELF files.
-
-For details about options, refer to **./tools/scripts/setup.sh --help**.
-To compile Crypto tests for **tgt_dev_apis_mbedos_fvp_mps2_m4** platform, execute the following commands:
+To compile Crypto tests for **tgt_dev_apis_tfm_an521** platform, execute the following commands:
```
-cd api-tests
-./tools/scripts/setup.sh --target tgt_dev_apis_mbedos_fvp_mps2_m4 --cpu_arch armv7m --suite crypto --build BUILD_CRYPTO --include --archive_tests
+ cd api-tests
+ mkdir BUILD
+ cd BUILD
+ cmake ../ -G"Unix Makefiles" -DTARGET=tgt_dev_apis_tfm_an521 -DCPU_ARCH=armv8m_ml -DSUITE=CRYPTO -DPSA_INCLUDE_PATHS=";;...;"
+ cmake --build .
```
### Build output
Building the test suite generates the following NSPE binaries:
-- **/BUILD/val/val_nspe.a**
-- **/BUILD/platform/pal_nspe.a**
-- **/BUILD/dev_apis//test_combine.a**
+- **/val/val_nspe.a**
+- **/platform/pal_nspe.a**
+- **/dev_apis//test_combine.a**
### Integrating the libraries into your target platform
@@ -68,16 +77,19 @@ Building the test suite generates the following NSPE binaries:
The following steps describe the execution flow before the test execution:
1. The target platform must load the above binaries into appropriate memory.
-3. Upon booting firmware and Non-secure OS, the SUT boot software gives control to the test suite entry point void **val_entry(void);** as an Non-secure application entry point.
+3. Upon booting firmware and Non-secure OS, the SUT boot software gives control to the test suite entry point **int32_t val_entry(void);** as an Non-secure application entry point returning test status code.
4. The tests are executed sequentially in a loop in the test_dispatcher function.
For details on test suite integration, refer to the **Integrating the test suite with the SUT** section of [Validation Methodology](../docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf).
+## Security implication
+
+PSA API test suite may run at higher privilege level. An attacker can utilize these tests as a means to elevate privilege which can potentially reveal the platform secure attests. To prevent such security vulnerabilities into the production system, it is strongly recommended that PSA API test suite is run on development platforms. If it is run on production system, make sure system is scrubbed after running the test suite.
+
## License
Arm PSA test suite is distributed under Apache v2.0 License.
-
## Feedback, contributions, and support
- For feedback, use the GitHub Issue Tracker that is associated with this repository.
@@ -87,4 +99,4 @@ Arm PSA test suite is distributed under Apache v2.0 License.
--------------
-*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2018-2020, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/dev_apis/crypto/suite.cmake b/api-tests/dev_apis/crypto/suite.cmake
new file mode 100644
index 00000000..ddb3128e
--- /dev/null
+++ b/api-tests/dev_apis/crypto/suite.cmake
@@ -0,0 +1,56 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+foreach(test ${PSA_TEST_LIST})
+ include(${PSA_SUITE_DIR}/${test}/test.cmake)
+ foreach(source_file ${CC_SOURCE})
+ list(APPEND SUITE_CC_SOURCE
+ ${PSA_SUITE_DIR}/${test}/${source_file}
+ )
+ endforeach()
+ foreach(asm_file ${AS_SOURCE})
+ list(APPEND SUITE_AS_SOURCE
+ ${PSA_SUITE_DIR}/${test}/${asm_file}
+ )
+ endforeach()
+ unset(CC_SOURCE)
+ unset(AS_SOURCE)
+endforeach()
+
+add_definitions(${CC_OPTIONS})
+add_definitions(${AS_OPTIONS})
+add_library(${PSA_TARGET_TEST_COMBINE_LIB} STATIC ${SUITE_CC_SOURCE} ${SUITE_AS_SOURCE})
+
+# Test related Include directories
+foreach(test ${PSA_TEST_LIST})
+ target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE ${PSA_SUITE_DIR}/${test})
+endforeach()
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE
+ ${psa_inc_path}
+ )
+endforeach()
+
+target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE
+ ${CMAKE_CURRENT_BINARY_DIR}
+ ${PSA_ROOT_DIR}/val/common
+ ${PSA_ROOT_DIR}/val/nspe
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto
+)
diff --git a/api-tests/dev_apis/crypto/test_c016/source.mk b/api-tests/dev_apis/crypto/test_c001/test.cmake
similarity index 82%
rename from api-tests/dev_apis/crypto/test_c016/source.mk
rename to api-tests/dev_apis/crypto/test_c001/test.cmake
index 320e43be..bed11f85 100644
--- a/api-tests/dev_apis/crypto/test_c016/source.mk
+++ b/api-tests/dev_apis/crypto/test_c001/test.cmake
@@ -1,3 +1,4 @@
+#/** @file
# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
@@ -14,7 +15,10 @@
# * limitations under the License.
#**/
-CC_SOURCE = test_entry.c test_c016.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
+list(APPEND CC_SOURCE
+ test_entry_c001.c
+ test_c001.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c001/test_c001.c b/api-tests/dev_apis/crypto/test_c001/test_c001.c
index 0b334fcf..4f32416c 100644
--- a/api-tests/dev_apis/crypto/test_c001/test_c001.c
+++ b/api-tests/dev_apis/crypto/test_c001/test_c001.c
@@ -27,7 +27,7 @@ client_test_t test_c001_crypto_list[] = {
NULL,
};
-int32_t psa_generate_random_without_init_test(security_t caller)
+int32_t psa_generate_random_without_init_test(caller_security_t caller)
{
uint8_t output[GENERATE_SIZE];
int32_t status;
@@ -44,7 +44,7 @@ int32_t psa_generate_random_without_init_test(security_t caller)
return VAL_STATUS_SUCCESS;
}
-int32_t psa_crypto_init_test(security_t caller)
+int32_t psa_crypto_init_test(caller_security_t caller)
{
int32_t status;
@@ -57,7 +57,7 @@ int32_t psa_crypto_init_test(security_t caller)
return VAL_STATUS_SUCCESS;
}
-int32_t multiple_psa_crypto_init_test(security_t caller)
+int32_t multiple_psa_crypto_init_test(caller_security_t caller)
{
int32_t i, status;
diff --git a/api-tests/dev_apis/crypto/test_c001/test_c001.h b/api-tests/dev_apis/crypto/test_c001/test_c001.h
index 02a8c6b9..0c9c4c99 100644
--- a/api-tests/dev_apis/crypto/test_c001/test_c001.h
+++ b/api-tests/dev_apis/crypto/test_c001/test_c001.h
@@ -18,9 +18,9 @@
#define _TEST_C001_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c001)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c001)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#define GENERATE_SIZE 32
@@ -28,7 +28,7 @@ extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c001_crypto_list[];
-int32_t psa_crypto_init_test(security_t caller);
-int32_t multiple_psa_crypto_init_test(security_t caller);
-int32_t psa_generate_random_without_init_test(security_t caller);
+int32_t psa_crypto_init_test(caller_security_t caller);
+int32_t multiple_psa_crypto_init_test(caller_security_t caller);
+int32_t psa_generate_random_without_init_test(caller_security_t caller);
#endif /* _TEST_C001_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c001/test_entry.c b/api-tests/dev_apis/crypto/test_c001/test_entry_c001.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c001/test_entry.c
rename to api-tests/dev_apis/crypto/test_c001/test_entry_c001.c
index e1ba064c..5ae3163e 100644
--- a/api-tests/dev_apis/crypto/test_c001/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c001/test_entry_c001.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 1)
#define TEST_DESC "Testing psa_crypto_init API: Basic\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c002/source.mk b/api-tests/dev_apis/crypto/test_c002/source.mk
deleted file mode 100644
index d56ef668..00000000
--- a/api-tests/dev_apis/crypto/test_c002/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c002.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c017/source.mk b/api-tests/dev_apis/crypto/test_c002/test.cmake
similarity index 82%
rename from api-tests/dev_apis/crypto/test_c017/source.mk
rename to api-tests/dev_apis/crypto/test_c002/test.cmake
index fbb15fd0..c4762aad 100644
--- a/api-tests/dev_apis/crypto/test_c017/source.mk
+++ b/api-tests/dev_apis/crypto/test_c002/test.cmake
@@ -1,3 +1,4 @@
+#/** @file
# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
@@ -14,7 +15,10 @@
# * limitations under the License.
#**/
-CC_SOURCE = test_entry.c test_c017.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
+list(APPEND CC_SOURCE
+ test_entry_c002.c
+ test_c002.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c002/test_c002.c b/api-tests/dev_apis/crypto/test_c002/test_c002.c
index e5c15a5e..a23a7978 100644
--- a/api-tests/dev_apis/crypto/test_c002/test_c002.c
+++ b/api-tests/dev_apis/crypto/test_c002/test_c002.c
@@ -24,22 +24,28 @@
client_test_t test_c002_crypto_list[] = {
NULL,
psa_import_key_test,
- psa_import_key_negative_test,
NULL,
};
static int g_test_count = 1;
-int32_t psa_import_key_test(security_t caller)
+int32_t psa_import_key_test(caller_security_t caller)
{
- uint32_t length, i;
- uint8_t data[BUFFER_SIZE];
- const uint8_t *key_data;
- psa_key_policy_t policy;
- psa_key_type_t key_type;
- size_t bits;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- int32_t status;
+ int32_t i, status;
+ uint8_t data[BUFFER_SIZE];
+ size_t length;
+ const uint8_t *key_data;
+ psa_key_type_t get_key_type;
+ size_t get_key_bits;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_attributes_t get_attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -55,14 +61,9 @@ int32_t psa_import_key_test(security_t caller)
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
{
if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
key_data = rsa_384_keypair;
@@ -83,7 +84,7 @@ int32_t psa_import_key_test(security_t caller)
}
else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
key_data = ec_keypair;
else
key_data = ec_keydata;
@@ -91,130 +92,63 @@ int32_t psa_import_key_test(security_t caller)
else
key_data = check1[i].key_data;
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &attributes, check1[i].attr_bits);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(3));
+ /* If failure is expected, continue with the next data set */
if (check1[i].expected_status != PSA_SUCCESS)
continue;
- /* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_handle,
- &key_type, &bits);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ /* Get the attributes of the imported key and check if it matches the given value */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, check1[i].key_handle,
+ &get_attributes);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
- TEST_ASSERT_EQUAL(key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(7));
+ val->crypto_function(VAL_CRYPTO_GET_KEY_TYPE, &get_attributes, &get_key_type);
+ TEST_ASSERT_EQUAL(get_key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(5));
- TEST_ASSERT_EQUAL(bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(8));
+ val->crypto_function(VAL_CRYPTO_GET_KEY_BITS, &get_attributes, &get_key_bits);
+ TEST_ASSERT_EQUAL(get_key_bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(6));
/* Export a key in binary format */
status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_handle, data,
BUFFER_SIZE, &length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
- TEST_ASSERT_EQUAL(length, check1[i].expected_key_length, TEST_CHECKPOINT_NUM(10));
+ /* Check the attributes of the exported key */
+ TEST_ASSERT_EQUAL(length, check1[i].expected_key_length, TEST_CHECKPOINT_NUM(8));
if (PSA_KEY_TYPE_IS_UNSTRUCTURED(check1[i].key_type))
{
- TEST_ASSERT_MEMCMP(data, check1[i].key_data, length, TEST_CHECKPOINT_NUM(11));
+ TEST_ASSERT_MEMCMP(data, check1[i].key_data, length, TEST_CHECKPOINT_NUM(9));
}
else if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type) || PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- TEST_ASSERT_MEMCMP(key_data, data, length, TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_MEMCMP(key_data, data, length, TEST_CHECKPOINT_NUM(10));
}
else
{
return VAL_STATUS_INVALID;
}
- /* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(13));
- }
-
- return VAL_STATUS_SUCCESS;
-}
-
-int32_t psa_import_key_negative_test(security_t caller)
-{
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- int32_t i, status;
- psa_key_policy_t policy;
- psa_key_handle_t invalid_key_handle;
-
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
- for (i = 0; i < num_checks; i++)
- {
- val->print(PRINT_TEST, "[Check %d] Test psa_import_key with already occupied key slot\n",
- g_test_count++);
+ val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
- memset(&invalid_key_handle, 0xDEADDEAD, sizeof(invalid_key_handle));
- /* Set the usage policy on a key slot */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
-
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_handle,
- check2[i].key_type, check2[i].key_data, check2[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
-
- /* Import the key data into the occupied key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_handle,
- check2[i].key_type, check2[i].key_data, check2[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_ALREADY_EXISTS, TEST_CHECKPOINT_NUM(5));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_import_key with zero as key handle\n",
- g_test_count++);
- /* Import the key data with zero as key handle */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, 0, check2[i].key_type,
- check2[i].key_data, check2[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_import_key with destroyed handle\n",
- g_test_count++);
- /* Destroy the handle */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_NOT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
- /* Import the key data with destroyed handle */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_handle,
- check2[i].key_type, check2[i].key_data, check2[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(8));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_import_key with unallocated key handle\n",
- g_test_count++);
- /* Import the key data with unallocated key handle */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, invalid_key_handle, check2[i].key_type,
- check2[i].key_data, check2[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(check1[i].key_handle, 0, TEST_CHECKPOINT_NUM(13));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c002/test_c002.h b/api-tests/dev_apis/crypto/test_c002/test_c002.h
index 4081d294..fecfedb6 100644
--- a/api-tests/dev_apis/crypto/test_c002/test_c002.h
+++ b/api-tests/dev_apis/crypto/test_c002/test_c002.h
@@ -18,14 +18,13 @@
#define _TEST_C002_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c002)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c002)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c002_crypto_list[];
-int32_t psa_import_key_test(security_t caller);
-int32_t psa_import_key_negative_test(security_t caller);
+int32_t psa_import_key_test(caller_security_t caller);
#endif /* _TEST_C002_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c002/test_data.h b/api-tests/dev_apis/crypto/test_c002/test_data.h
index 0b2faea1..38db0a5f 100644
--- a/api-tests/dev_apis/crypto/test_c002/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c002/test_data.h
@@ -23,6 +23,7 @@ typedef struct {
psa_key_type_t key_type;
uint8_t key_data[34];
uint32_t key_length;
+ size_t attr_bits;
psa_key_usage_t usage;
psa_algorithm_t key_alg;
uint32_t expected_bit_length;
@@ -167,7 +168,7 @@ static test_data check1[] = {
{"Test psa_import_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9, 0x77},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -176,7 +177,7 @@ static test_data check1[] = {
{"Test psa_import_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9, 0x05},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ AES_24B_KEY_SIZE, BYTES_TO_BITS(AES_24B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -186,23 +187,22 @@ static test_data check1[] = {
{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ AES_32B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
},
#endif
-#endif
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
#ifdef ARCH_TEST_RSA_2048
{"Test psa_import_key 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
{0},
- 270, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 270, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
2048, 270, PSA_SUCCESS
},
-{"Test psa_import_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_import_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0},
- 1193, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 1193, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
2048, 1193, PSA_SUCCESS
},
#endif
@@ -212,7 +212,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_DES_1KEY
{"Test psa_import_key with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ DES_8B_KEY_SIZE, BYTES_TO_BITS(DES_8B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -221,7 +221,7 @@ static test_data check1[] = {
{"Test psa_import_key with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ DES3_2KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -231,7 +231,7 @@ static test_data check1[] = {
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ DES3_3KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -242,16 +242,16 @@ static test_data check1[] = {
{"Test psa_import_key with EC Public key\n", 9,
PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
{0},
- 65, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY,
+ 65, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY,
256, 65, PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
{"Test psa_import_key with EC keypair\n", 10,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1),
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
{0},
- 28, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY,
+ 28, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY,
224, 28, PSA_SUCCESS
},
#endif
@@ -263,14 +263,14 @@ static test_data check1[] = {
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_34B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ AES_34B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_34B_KEY_SIZE), AES_34B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
{"Test psa_import_key with incorrect key data size\n", 12, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77},
-AES_18B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+AES_18B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_18B_KEY_SIZE), AES_18B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
#endif
@@ -278,22 +278,9 @@ BYTES_TO_BITS(AES_18B_KEY_SIZE), AES_18B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
{"Test psa_import_key with incorrect key type\n", 13, PSA_KEY_TYPE_VENDOR_FLAG,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9, 0x05},
-AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+AES_24B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_ERROR_NOT_SUPPORTED,
},
#endif
-};
-
-static test_data check2[] = {
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_import_key negative cases\n", 1, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0x77},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_ALREADY_EXISTS
-},
-#endif
#endif
-
};
diff --git a/api-tests/dev_apis/crypto/test_c002/test_entry.c b/api-tests/dev_apis/crypto/test_c002/test_entry_c002.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c002/test_entry.c
rename to api-tests/dev_apis/crypto/test_c002/test_entry_c002.c
index 6f31df0d..1ea3d4fb 100644
--- a/api-tests/dev_apis/crypto/test_c002/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c002/test_entry_c002.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 2)
#define TEST_DESC "Testing crypto key management APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c003/source.mk b/api-tests/dev_apis/crypto/test_c003/source.mk
deleted file mode 100644
index 350748f1..00000000
--- a/api-tests/dev_apis/crypto/test_c003/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c003.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c018/source.mk b/api-tests/dev_apis/crypto/test_c003/test.cmake
similarity index 82%
rename from api-tests/dev_apis/crypto/test_c018/source.mk
rename to api-tests/dev_apis/crypto/test_c003/test.cmake
index e78ff20f..4d1ef6bd 100644
--- a/api-tests/dev_apis/crypto/test_c018/source.mk
+++ b/api-tests/dev_apis/crypto/test_c003/test.cmake
@@ -1,3 +1,4 @@
+#/** @file
# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
@@ -14,7 +15,10 @@
# * limitations under the License.
#**/
-CC_SOURCE = test_entry.c test_c018.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
+list(APPEND CC_SOURCE
+ test_entry_c003.c
+ test_c003.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c003/test_c003.c b/api-tests/dev_apis/crypto/test_c003/test_c003.c
index 1968cb15..47607d86 100644
--- a/api-tests/dev_apis/crypto/test_c003/test_c003.c
+++ b/api-tests/dev_apis/crypto/test_c003/test_c003.c
@@ -23,22 +23,25 @@
client_test_t test_c003_crypto_list[] = {
NULL,
psa_export_key_test,
- psa_export_key_negative_test,
NULL,
};
static int g_test_count = 1;
static uint8_t data[BUFFER_SIZE];
-int32_t psa_export_key_test(security_t caller)
+int32_t psa_export_key_test(caller_security_t caller)
{
- uint32_t length, i;
- const uint8_t *key_data;
- psa_key_policy_t policy;
- psa_key_type_t key_type;
- size_t bits;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- int32_t status;
+ int32_t i, status;
+ size_t length;
+ const uint8_t *key_data;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -50,10 +53,7 @@ int32_t psa_export_key_test(security_t caller)
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ memset(data, 0, BUFFER_SIZE);
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
@@ -61,7 +61,7 @@ int32_t psa_export_key_test(security_t caller)
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
{
if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
key_data = rsa_384_keypair;
@@ -82,7 +82,7 @@ int32_t psa_export_key_test(security_t caller)
}
else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
key_data = ec_keypair;
else
key_data = ec_keydata;
@@ -90,131 +90,48 @@ int32_t psa_export_key_test(security_t caller)
else
key_data = check1[i].key_data;
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &attributes, check1[i].attr_bits);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_handle,
- &key_type, &bits);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Make sure the metada matches with the given data */
- TEST_ASSERT_EQUAL(key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(7));
- TEST_ASSERT_EQUAL(bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(8));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Export a key in binary format */
status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_handle, data,
check1[i].buffer_size, &length);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+ /* If failure is expected, continue with the next data set */
if (check1[i].expected_status != PSA_SUCCESS)
continue;
- /* Check if the key length matches with the given length */
- TEST_ASSERT_EQUAL(length, check1[i].expected_key_length, TEST_CHECKPOINT_NUM(10));
+ /* Check the attributes of the exported key */
+ TEST_ASSERT_EQUAL(length, check1[i].expected_key_length, TEST_CHECKPOINT_NUM(5));
- /* Check if original key data matches with the exported data */
if (PSA_KEY_TYPE_IS_UNSTRUCTURED(check1[i].key_type))
{
- TEST_ASSERT_MEMCMP(check1[i].key_data, data, length, TEST_CHECKPOINT_NUM(11));
+ TEST_ASSERT_MEMCMP(data, check1[i].key_data, length, TEST_CHECKPOINT_NUM(6));
}
else if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type) || PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- TEST_ASSERT_MEMCMP(key_data, data, length, TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_MEMCMP(key_data, data, length, TEST_CHECKPOINT_NUM(7));
}
else
{
return VAL_STATUS_INVALID;
}
- }
-
- return VAL_STATUS_SUCCESS;
-}
-
-int32_t psa_export_key_negative_test(security_t caller)
-{
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- uint32_t i, length;
- int32_t status;
- psa_key_policy_t policy;
-
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
-
- for (i = 0; i < num_checks; i++)
- {
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_export_key with unallocated key handle\n",
- g_test_count++);
- /* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check2[i].key_handle, data,
- check2[i].key_length, &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_export_key with empty key handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
-
- /* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check2[i].key_handle, data,
- check2[i].key_length, &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(5));
- val->print(PRINT_TEST, "[Check %d] Test psa_export_key with zero as key handle\n",
- g_test_count++);
- /* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, 0, data,
- check2[i].key_length, &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_export_key with destroyed key handle\n",
- g_test_count++);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
-
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_handle,
- check2[i].key_type, check2[i].key_data, check2[i].key_length);
+ /* Destroy the key handle and check if export key fails */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
- /* Destroy the key handle */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
-
- /* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check2[i].key_handle, data,
- check2[i].key_length, &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(10));
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_handle, data,
+ check1[i].buffer_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(9));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c003/test_c003.h b/api-tests/dev_apis/crypto/test_c003/test_c003.h
index 4d8a4d6c..3bd4e535 100644
--- a/api-tests/dev_apis/crypto/test_c003/test_c003.h
+++ b/api-tests/dev_apis/crypto/test_c003/test_c003.h
@@ -18,14 +18,14 @@
#define _TEST_C003_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c003)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c003)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c003_crypto_list[];
-int32_t psa_export_key_test(security_t caller);
-int32_t psa_export_key_negative_test(security_t caller);
+int32_t psa_export_key_test(caller_security_t caller);
+int32_t psa_export_key_negative_test(caller_security_t caller);
#endif /* _TEST_C003_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c003/test_data.h b/api-tests/dev_apis/crypto/test_c003/test_data.h
index dfe0a0b6..625cc17f 100644
--- a/api-tests/dev_apis/crypto/test_c003/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c003/test_data.h
@@ -23,6 +23,7 @@ typedef struct {
psa_key_type_t key_type;
uint8_t key_data[34];
uint32_t key_length;
+ size_t attr_bits;
psa_key_usage_t usage;
psa_algorithm_t key_alg;
size_t buffer_size;
@@ -166,7 +167,7 @@ static test_data check1[] = {
{"Test psa_export_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9, 0x77},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -175,7 +176,7 @@ static test_data check1[] = {
{"Test psa_export_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9, 0x05},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
+ AES_24B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -185,7 +186,7 @@ static test_data check1[] = {
{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
+ AES_32B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -195,13 +196,13 @@ static test_data check1[] = {
#ifdef ARCH_TEST_RSA_2048
{"Test psa_export_key 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
{0},
- 270, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, BUFFER_SIZE,
+ 270, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, BUFFER_SIZE,
2048, 270, PSA_SUCCESS
},
-{"Test psa_export_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_export_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0},
- 1193, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, BUFFER_SIZE,
+ 1193, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, BUFFER_SIZE,
2048, 1193, PSA_SUCCESS
},
#endif
@@ -211,7 +212,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_DES_1KEY
{"Test psa_export_key with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
+ DES_8B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -220,7 +221,7 @@ static test_data check1[] = {
{"Test psa_export_key with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
+ DES3_2KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -230,7 +231,7 @@ static test_data check1[] = {
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
+ DES3_3KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -241,16 +242,16 @@ static test_data check1[] = {
{"Test psa_export_key with EC Public key\n", 9,
PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
{0},
- 65, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, BUFFER_SIZE,
+ 65, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, BUFFER_SIZE,
256, 65, PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
{"Test psa_export_key with EC keypair\n", 10,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1),
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
{0},
- 28, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, BUFFER_SIZE,
+ 28, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, BUFFER_SIZE,
224, 28, PSA_SUCCESS
},
#endif
@@ -261,29 +262,16 @@ static test_data check1[] = {
{"Test psa_export_key with key policy verify\n", 11, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9, 0x05},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_CTR, BUFFER_SIZE,
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_VERIFY, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_NOT_PERMITTED
},
{"Test psa_export_key with less buffer size\n", 12, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9, 0x05},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, 14,
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, 14,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_BUFFER_TOO_SMALL
},
#endif
#endif
};
-
-static test_data check2[] = {
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_export_key negative case\n", 13, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0x05},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
-},
-#endif
-#endif
-};
diff --git a/api-tests/dev_apis/crypto/test_c003/test_entry.c b/api-tests/dev_apis/crypto/test_c003/test_entry_c003.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c003/test_entry.c
rename to api-tests/dev_apis/crypto/test_c003/test_entry_c003.c
index 8b501599..59efbf1e 100644
--- a/api-tests/dev_apis/crypto/test_c003/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c003/test_entry_c003.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 3)
#define TEST_DESC "Testing crypto key management APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c004/source.mk b/api-tests/dev_apis/crypto/test_c004/source.mk
deleted file mode 100644
index 559bf61c..00000000
--- a/api-tests/dev_apis/crypto/test_c004/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c004.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c019/source.mk b/api-tests/dev_apis/crypto/test_c004/test.cmake
similarity index 82%
rename from api-tests/dev_apis/crypto/test_c019/source.mk
rename to api-tests/dev_apis/crypto/test_c004/test.cmake
index 05572758..3107f11b 100644
--- a/api-tests/dev_apis/crypto/test_c019/source.mk
+++ b/api-tests/dev_apis/crypto/test_c004/test.cmake
@@ -1,3 +1,4 @@
+#/** @file
# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
@@ -14,7 +15,10 @@
# * limitations under the License.
#**/
-CC_SOURCE = test_entry.c test_c019.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
+list(APPEND CC_SOURCE
+ test_entry_c004.c
+ test_c004.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c004/test_c004.c b/api-tests/dev_apis/crypto/test_c004/test_c004.c
index d99c4837..00bdfd34 100644
--- a/api-tests/dev_apis/crypto/test_c004/test_c004.c
+++ b/api-tests/dev_apis/crypto/test_c004/test_c004.c
@@ -23,22 +23,25 @@
client_test_t test_c004_crypto_list[] = {
NULL,
test_psa_export_public_key,
- test_psa_export_public_key_handle,
NULL,
};
static int g_test_count = 1;
static uint8_t data[BUFFER_SIZE];
-int32_t test_psa_export_public_key(security_t caller)
+int32_t test_psa_export_public_key(caller_security_t caller)
{
- uint32_t length, i;
- const uint8_t *key_data;
- psa_key_policy_t policy;
- psa_key_type_t key_type;
- size_t bits;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- int32_t status;
+ int32_t i, status;
+ size_t length;
+ const uint8_t *key_data;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -50,10 +53,7 @@ int32_t test_psa_export_public_key(security_t caller)
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ memset(data, 0, BUFFER_SIZE);
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
@@ -61,7 +61,7 @@ int32_t test_psa_export_public_key(security_t caller)
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
{
if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
key_data = rsa_384_keypair;
@@ -82,7 +82,7 @@ int32_t test_psa_export_public_key(security_t caller)
}
else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
key_data = ec_keypair;
else
key_data = ec_keydata;
@@ -90,168 +90,54 @@ int32_t test_psa_export_public_key(security_t caller)
else
key_data = check1[i].key_data;
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &attributes, check1[i].attr_bits);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_handle,
- &key_type, &bits);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- TEST_ASSERT_EQUAL(key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(7));
-
- TEST_ASSERT_EQUAL(bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(8));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Export a key in binary format */
status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, check1[i].key_handle, data,
check1[i].buffer_size, &length);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+ /* If failure is expected, continue with the next data set */
if (check1[i].expected_status != PSA_SUCCESS)
continue;
- TEST_ASSERT_EQUAL(length, check1[i].expected_key_length, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(length, check1[i].expected_key_length, TEST_CHECKPOINT_NUM(5));
/* Check if original key data matches with the exported data */
if (PSA_KEY_TYPE_IS_UNSTRUCTURED(check1[i].key_type))
{
- TEST_ASSERT_MEMCMP(check1[i].key_data, data, length, TEST_CHECKPOINT_NUM(11));
+ TEST_ASSERT_MEMCMP(check1[i].key_data, data, length, TEST_CHECKPOINT_NUM(6));
}
else if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type) || PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
key_data = expected_rsa_256_pubprv;
- else if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ else if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
key_data = expected_ec_pubprv;
- TEST_ASSERT_MEMCMP(key_data, data, length, TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_MEMCMP(key_data, data, length, TEST_CHECKPOINT_NUM(7));
}
else
{
return VAL_STATUS_INVALID;
}
- }
-
- return VAL_STATUS_SUCCESS;
-
-}
-
-int32_t test_psa_export_public_key_handle(security_t caller)
-{
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- uint32_t i, length;
- int32_t status;
- const uint8_t *key_data;
- psa_key_policy_t policy;
-
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
-
- for (i = 0; i < num_checks; i++)
- {
- val->print(PRINT_TEST, "[Check %d] Test psa_export_key with unallocated key handle\n",
- g_test_count++);
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
-
- /* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, check2[i].key_handle, data,
- check2[i].key_length, &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_export_key with empty key handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
-
- /* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, check2[i].key_handle, data,
- check2[i].key_length, &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(5));
- val->print(PRINT_TEST, "[Check %d] Test psa_export_key with zero as key handle\n",
- g_test_count++);
- status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, 0, data,
- check2[i].key_length, &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_export_key with destroyed key handle\n",
- g_test_count++);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
-
- if (PSA_KEY_TYPE_IS_RSA(check2[i].key_type))
- {
- if (check2[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
- {
- if (check2[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keypair;
- else if (check2[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keypair;
- else
- return VAL_STATUS_INVALID;
- }
- else
- {
- if (check2[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keydata;
- else if (check2[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keydata;
- else
- return VAL_STATUS_INVALID;
- }
- }
- else if (PSA_KEY_TYPE_IS_ECC(check2[i].key_type))
- {
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check2[i].key_type))
- key_data = ec_keypair;
- else
- key_data = ec_keydata;
- }
- else
- key_data = check2[i].key_data;
-
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_handle,
- check2[i].key_type, key_data, check2[i].key_length);
+ /* Destroy the key handle and check if export key fails */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
- /* Destroy the key handle */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
-
- /* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, check2[i].key_handle, data,
- check2[i].key_length, &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(10));
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, check1[i].key_handle, data,
+ check1[i].buffer_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(9));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c004/test_c004.h b/api-tests/dev_apis/crypto/test_c004/test_c004.h
index c24ec82b..b8f27de9 100644
--- a/api-tests/dev_apis/crypto/test_c004/test_c004.h
+++ b/api-tests/dev_apis/crypto/test_c004/test_c004.h
@@ -18,14 +18,13 @@
#define _TEST_C004_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c004)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c004)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c004_crypto_list[];
-int32_t test_psa_export_public_key(security_t caller);
-int32_t test_psa_export_public_key_handle(security_t caller);
+int32_t test_psa_export_public_key(caller_security_t caller);
#endif /* _TEST_C004_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c004/test_data.h b/api-tests/dev_apis/crypto/test_c004/test_data.h
index 66dae2a2..f389a0f4 100644
--- a/api-tests/dev_apis/crypto/test_c004/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c004/test_data.h
@@ -23,6 +23,7 @@ typedef struct {
psa_key_type_t key_type;
uint8_t key_data[34];
uint32_t key_length;
+ size_t attr_bits;
psa_key_usage_t usage;
psa_algorithm_t key_alg;
size_t buffer_size;
@@ -198,7 +199,7 @@ static test_data check1[] = {
{"Test psa_export_public_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
#endif
@@ -207,7 +208,7 @@ static test_data check1[] = {
{"Test psa_export_public_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
+ AES_24B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
#endif
@@ -217,7 +218,7 @@ static test_data check1[] = {
{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
+ AES_32B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
#endif
@@ -227,13 +228,13 @@ static test_data check1[] = {
#ifdef ARCH_TEST_RSA_2048
{"Test psa_export_public_key 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
{0},
- 270, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, BUFFER_SIZE,
+ 270, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, BUFFER_SIZE,
2048, 270, PSA_SUCCESS
},
-{"Test psa_export_public_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_export_public_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0},
- 1193, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, BUFFER_SIZE,
+ 1193, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, BUFFER_SIZE,
2048, 270, PSA_SUCCESS
},
#endif
@@ -243,7 +244,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_DES_1KEY
{"Test psa_export_public_key with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
+ DES_8B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
#endif
@@ -252,7 +253,7 @@ static test_data check1[] = {
{"Test psa_export_public_key with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
+ DES3_2KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
#endif
@@ -262,7 +263,7 @@ static test_data check1[] = {
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
+ DES3_3KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
#endif
@@ -273,16 +274,16 @@ static test_data check1[] = {
{"Test psa_export_public_key with EC Public key\n", 9,
PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
{0},
- 65, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, BUFFER_SIZE,
+ 65, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, BUFFER_SIZE,
256, 65, PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
{"Test psa_export_public_key with EC keypair\n", 10,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1),
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
{0},
- 28, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, BUFFER_SIZE,
+ 28, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, BUFFER_SIZE,
224, 57, PSA_SUCCESS
},
#endif
@@ -292,21 +293,9 @@ static test_data check1[] = {
#ifdef ARCH_TEST_RSA
{"Test psa_export_public_key with less buffer size\n", 12, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
{0},
-270, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, 200,
+270, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, 200,
2048, 270, PSA_ERROR_BUFFER_TOO_SMALL
},
#endif
#endif
};
-
-static test_data check2[] = {
-#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
-#ifdef ARCH_TEST_RSA
-{"Test psa_export_public_key negative case\n", 13, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
- {0},
- 270, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, BUFFER_SIZE,
- 2048, 270, PSA_SUCCESS
-},
-#endif
-#endif
-};
diff --git a/api-tests/dev_apis/crypto/test_c004/test_entry.c b/api-tests/dev_apis/crypto/test_c004/test_entry_c004.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c004/test_entry.c
rename to api-tests/dev_apis/crypto/test_c004/test_entry_c004.c
index 7b8fdc92..e552b553 100644
--- a/api-tests/dev_apis/crypto/test_c004/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c004/test_entry_c004.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 4)
#define TEST_DESC "Testing crypto key management APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c005/source.mk b/api-tests/dev_apis/crypto/test_c005/source.mk
deleted file mode 100644
index 0aa393b8..00000000
--- a/api-tests/dev_apis/crypto/test_c005/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c005.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c005/test.cmake b/api-tests/dev_apis/crypto/test_c005/test.cmake
new file mode 100644
index 00000000..33fc0a67
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c005/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c005.c
+ test_c005.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c005/test_c005.c b/api-tests/dev_apis/crypto/test_c005/test_c005.c
index 1af6b369..0dabc9d9 100644
--- a/api-tests/dev_apis/crypto/test_c005/test_c005.c
+++ b/api-tests/dev_apis/crypto/test_c005/test_c005.c
@@ -23,21 +23,30 @@
client_test_t test_c005_crypto_list[] = {
NULL,
psa_destroy_key_test,
- psa_destroy_invalid_key_test,
NULL,
};
static int g_test_count = 1;
-int32_t psa_destroy_key_test(security_t caller)
+int32_t psa_destroy_key_test(caller_security_t caller)
{
- uint32_t i;
- const uint8_t *key_data;
- psa_key_policy_t policy;
- psa_key_type_t key_type;
- size_t bits;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- int32_t status;
+ int32_t i, status;
+ const uint8_t *key_data;
+ psa_key_type_t get_key_type;
+ psa_key_id_t get_key_id;
+ psa_key_lifetime_t get_key_lifetime;
+ psa_key_usage_t get_key_usage_flags;
+ psa_algorithm_t get_key_algorithm;
+ size_t get_key_bits;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_attributes_t set_attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -49,21 +58,13 @@ int32_t psa_destroy_key_test(security_t caller)
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- key_type = 0;
- bits = 0;
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
{
if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
key_data = rsa_384_keypair;
@@ -84,7 +85,7 @@ int32_t psa_destroy_key_test(security_t caller)
}
else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
key_data = ec_keypair;
else
key_data = ec_keydata;
@@ -92,90 +93,51 @@ int32_t psa_destroy_key_test(security_t caller)
else
key_data = check1[i].key_data;
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &set_attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &set_attributes, check1[i].attr_bits);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &set_attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ID, &set_attributes, check1[i].key_id);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_LIFETIME, &set_attributes, check1[i].key_lifetime);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &set_attributes, check1[i].key_alg);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &set_attributes, key_data,
+ check1[i].key_length, &check1[i].key_handle);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ /* Destroy the key handle */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ /* Getting the attributes of the destroyed key should return error */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, check1[i].key_handle,
+ &attributes);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(5));
- /* Get basic metadata about a key */
- TEST_ASSERT_EQUAL(val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_handle,
- &key_type, &bits),
- PSA_SUCCESS,
- TEST_CHECKPOINT_NUM(6));
+ /* Check if all the attributes are erased */
+ val->crypto_function(VAL_CRYPTO_GET_KEY_TYPE, &attributes, &get_key_type);
+ TEST_ASSERT_EQUAL(get_key_type, 0, TEST_CHECKPOINT_NUM(6));
- /* Check that metadata matches with given data */
- TEST_ASSERT_EQUAL(key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(7));
- TEST_ASSERT_EQUAL(bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(8));
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ID, &attributes, &get_key_id);
+ TEST_ASSERT_EQUAL(get_key_id, 0, TEST_CHECKPOINT_NUM(7));
- /* Destroy a key and restore the slot to its default state */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(9));
+ val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, &attributes, &get_key_lifetime);
+ TEST_ASSERT_EQUAL(get_key_lifetime, 0, TEST_CHECKPOINT_NUM(8));
- /* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_handle,
- &key_type, &bits);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(10));
+ val->crypto_function(VAL_CRYPTO_GET_KEY_USAGE_FLAGS, &attributes, &get_key_usage_flags);
+ TEST_ASSERT_EQUAL(get_key_usage_flags, 0, TEST_CHECKPOINT_NUM(9));
- /* Check that if the key metadata are destroyed */
- TEST_ASSERT_NOT_EQUAL(key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(11));
- TEST_ASSERT_NOT_EQUAL(bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(12));
- }
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ALGORITHM, &attributes, &get_key_algorithm);
+ TEST_ASSERT_EQUAL(get_key_algorithm, 0, TEST_CHECKPOINT_NUM(10));
- return VAL_STATUS_SUCCESS;
-}
+ val->crypto_function(VAL_CRYPTO_GET_KEY_BITS, &attributes, &get_key_bits);
+ TEST_ASSERT_EQUAL(get_key_bits, 0, TEST_CHECKPOINT_NUM(11));
-int32_t psa_destroy_invalid_key_test(security_t caller)
-{
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- int32_t i, status;
-
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
-
- for (i = 0; i < num_checks; i++)
- {
- val->print(PRINT_TEST, "[Check %d] Test psa_destroy_key with unallocated key handle\n",
- g_test_count++);
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+ /* Destroying an empty key handle should return error */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(12));
- /* Destroy a key and restore the slot to its default state */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_destroy_key with zero as key handle\n",
- g_test_count++);
- /* Destroy a key and restore the slot to its default state */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, 0);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_destroy_key with empty key handle\n",
- g_test_count++);
- /* Destroy a key and restore the slot to its default state */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Destroy a key and restore the slot to its default state */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(7));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c005/test_c005.h b/api-tests/dev_apis/crypto/test_c005/test_c005.h
index d191aede..95e228b8 100644
--- a/api-tests/dev_apis/crypto/test_c005/test_c005.h
+++ b/api-tests/dev_apis/crypto/test_c005/test_c005.h
@@ -18,14 +18,13 @@
#define _TEST_C005_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c005)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c005)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c005_crypto_list[];
-int32_t psa_destroy_key_test(security_t caller);
-int32_t psa_destroy_invalid_key_test(security_t caller);
+int32_t psa_destroy_key_test(caller_security_t caller);
#endif /* _TEST_C005_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c005/test_data.h b/api-tests/dev_apis/crypto/test_c005/test_data.h
index bab27f24..3b70b18f 100644
--- a/api-tests/dev_apis/crypto/test_c005/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c005/test_data.h
@@ -23,10 +23,12 @@ typedef struct {
psa_key_type_t key_type;
uint8_t key_data[34];
uint32_t key_length;
+ size_t attr_bits;
psa_key_usage_t usage;
psa_algorithm_t key_alg;
+ psa_key_id_t key_id;
+ psa_key_lifetime_t key_lifetime;
uint32_t expected_bit_length;
- uint32_t expected_key_length;
psa_status_t expected_status;
} test_data;
@@ -166,8 +168,9 @@ static test_data check1[] = {
{"Test psa_destroy_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ 0x12, PSA_KEY_LIFETIME_VOLATILE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), PSA_SUCCESS
},
#endif
@@ -175,8 +178,9 @@ static test_data check1[] = {
{"Test psa_destroy_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+ AES_24B_KEY_SIZE, BYTES_TO_BITS(AES_24B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ 0x34, PSA_KEY_LIFETIME_VOLATILE,
+ BYTES_TO_BITS(AES_24B_KEY_SIZE), PSA_SUCCESS
},
#endif
@@ -185,8 +189,9 @@ static test_data check1[] = {
{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
+ AES_32B_KEY_SIZE, BYTES_TO_BITS(AES_32B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ 0x56, PSA_KEY_LIFETIME_VOLATILE,
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), PSA_SUCCESS
},
#endif
#endif
@@ -195,14 +200,16 @@ static test_data check1[] = {
#ifdef ARCH_TEST_RSA_2048
{"Test psa_destroy_key 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
{0},
- 270, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- 2048, 270, PSA_SUCCESS
+ 270, 2048, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 0x78, PSA_KEY_LIFETIME_VOLATILE,
+ 2048, PSA_SUCCESS
},
-{"Test psa_destroy_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_destroy_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0},
- 1193, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- 2048, 1193, PSA_SUCCESS
+ 1193, 2048, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 0x89, PSA_KEY_LIFETIME_VOLATILE,
+ 2048, PSA_SUCCESS
},
#endif
#endif
@@ -211,8 +218,9 @@ static test_data check1[] = {
#ifdef ARCH_TEST_DES_1KEY
{"Test psa_destroy_key with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
+ DES_8B_KEY_SIZE, BYTES_TO_BITS(DES_8B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ 0xAB, PSA_KEY_LIFETIME_VOLATILE,
+ BYTES_TO_BITS(DES_8B_KEY_SIZE), PSA_SUCCESS
},
#endif
@@ -220,8 +228,9 @@ static test_data check1[] = {
{"Test psa_destroy_key with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
+ DES3_2KEY_SIZE, BYTES_TO_BITS(DES3_2KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ 0xBC, PSA_KEY_LIFETIME_VOLATILE,
+ BYTES_TO_BITS(DES3_2KEY_SIZE), PSA_SUCCESS
},
#endif
@@ -230,8 +239,9 @@ static test_data check1[] = {
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
+ DES3_3KEY_SIZE, BYTES_TO_BITS(DES3_3KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ 0xCD, PSA_KEY_LIFETIME_VOLATILE,
+ BYTES_TO_BITS(DES3_3KEY_SIZE), PSA_SUCCESS
},
#endif
#endif
@@ -241,8 +251,9 @@ static test_data check1[] = {
{"Test psa_destroy_key with EC Public key\n", 9,
PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
{0},
- 65, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY,
- 256, 65, PSA_SUCCESS
+ 65, 256, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY,
+ 0xEF, PSA_KEY_LIFETIME_VOLATILE,
+ 256, PSA_SUCCESS
},
#endif
#endif
@@ -250,24 +261,11 @@ static test_data check1[] = {
#ifdef ARCH_TEST_ASYMMETRIC_ENCRYPTION
#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
{"Test psa_destroy_key with EC keypair\n", 10,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1),
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
{0},
- 28, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
- 224, 28, PSA_SUCCESS
-},
-#endif
-#endif
-};
-
-
-static test_data check2[] = {
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_destroy_key negative case\n", 11, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+ 28, 224, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 0x123, PSA_KEY_LIFETIME_VOLATILE,
+ 224, PSA_SUCCESS
},
#endif
#endif
diff --git a/api-tests/dev_apis/crypto/test_c005/test_entry.c b/api-tests/dev_apis/crypto/test_c005/test_entry_c005.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c005/test_entry.c
rename to api-tests/dev_apis/crypto/test_c005/test_entry_c005.c
index 9559f136..0a8b46db 100644
--- a/api-tests/dev_apis/crypto/test_c005/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c005/test_entry_c005.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 5)
#define TEST_DESC "Testing crypto key management APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c006/source.mk b/api-tests/dev_apis/crypto/test_c006/source.mk
deleted file mode 100644
index e2e1be7a..00000000
--- a/api-tests/dev_apis/crypto/test_c006/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c006.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c006/test.cmake b/api-tests/dev_apis/crypto/test_c006/test.cmake
new file mode 100644
index 00000000..22db5355
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c006/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c006.c
+ test_c006.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c006/test_c006.c b/api-tests/dev_apis/crypto/test_c006/test_c006.c
index a18aaa79..d6b603f6 100644
--- a/api-tests/dev_apis/crypto/test_c006/test_c006.c
+++ b/api-tests/dev_apis/crypto/test_c006/test_c006.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -19,159 +19,62 @@
#include "val_target.h"
#include "test_c006.h"
#include "test_data.h"
+#include "val_crypto.h"
client_test_t test_c006_crypto_list[] = {
NULL,
- psa_get_key_information_test,
- psa_get_key_information_invalid_test,
+ psa_hash_compute_test,
NULL,
};
static int g_test_count = 1;
-int32_t psa_get_key_information_test(security_t caller)
+int32_t psa_hash_compute_test(caller_security_t caller)
{
- int32_t i, status;
- const uint8_t *key_data;
- psa_key_policy_t policy;
- psa_key_type_t key_type;
- size_t bits;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ const char *expected_hash;
+ char hash[HASH_64B];
+ size_t hash_length, hash_size = sizeof(hash);
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
- /* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
- {
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keypair;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keypair;
- else
- return VAL_STATUS_INVALID;
- }
- else
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keydata;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keydata;
- else
- return VAL_STATUS_INVALID;
- }
- }
- else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
- {
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
- key_data = ec_keypair;
- else
- key_data = ec_keydata;
- }
+ if (check1[i].alg == PSA_ALG_SHA_384)
+ expected_hash = sha384_hash;
+ else if (check1[i].alg == PSA_ALG_SHA_512)
+ expected_hash = sha512_hash;
else
- key_data = check1[i].key_data;
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+ expected_hash = check1[i].hash;
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
-
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_handle,
- &key_type, &bits);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ /* Calculate the hash (digest) of a message */
+ status = val->crypto_function(VAL_CRYPTO_HASH_COMPUTE, check1[i].alg, &check1[i].input,
+ check1[i].input_length, hash, hash_size, &hash_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(3));
if (check1[i].expected_status != PSA_SUCCESS)
+ {
continue;
+ }
- /* Check that it matches with given data */
- TEST_ASSERT_EQUAL(key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(7));
- TEST_ASSERT_EQUAL(bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(8));
- }
-
- return VAL_STATUS_SUCCESS;
-}
-
-int32_t psa_get_key_information_invalid_test(security_t caller)
-{
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- int32_t i, status;
-
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
-
- for (i = 0; i < num_checks; i++)
- {
- val->print(PRINT_TEST, "[Check %d] Test psa_get_key_information with unallocated"
- " key handle\n", g_test_count++);
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
-
- /* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check2[i].key_handle,
- &check2[i].key_type, &check2[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_get_key_information with zero as"
- " key handle\n", g_test_count++);
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, 0,
- &check2[i].key_type, &check2[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_get_key_information with empty key handle\n",
- g_test_count++);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check2[i].key_handle,
- &check2[i].key_type, &check2[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(6));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_get_key_information with destroyed"
- " key handle\n", g_test_count++);
- /* Destroy a key and restore the slot to its default state */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
-
- /* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check2[i].key_handle,
- &check2[i].key_type, &check2[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(8));
-
+ TEST_ASSERT_EQUAL(hash_length, PSA_HASH_SIZE(check1[i].alg), TEST_CHECKPOINT_NUM(4));
+ TEST_ASSERT_MEMCMP(hash, expected_hash, hash_length, TEST_CHECKPOINT_NUM(5));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c006/test_c006.h b/api-tests/dev_apis/crypto/test_c006/test_c006.h
index f8d834bf..9a1a6220 100644
--- a/api-tests/dev_apis/crypto/test_c006/test_c006.h
+++ b/api-tests/dev_apis/crypto/test_c006/test_c006.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,14 +18,13 @@
#define _TEST_C006_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c006)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c006)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c006_crypto_list[];
-int32_t psa_get_key_information_test(security_t caller);
-int32_t psa_get_key_information_invalid_test(security_t caller);
+int32_t psa_hash_compute_test(caller_security_t caller);
#endif /* _TEST_C006_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c006/test_data.h b/api-tests/dev_apis/crypto/test_c006/test_data.h
index ccc52e2c..5aeee359 100644
--- a/api-tests/dev_apis/crypto/test_c006/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c006/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,255 +18,108 @@
#include "val_crypto.h"
typedef struct {
- char test_desc[75];
- psa_key_handle_t key_handle;
- psa_key_type_t key_type;
- uint8_t key_data[34];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
- uint32_t expected_bit_length;
- uint32_t expected_key_length;
+ char test_desc[50];
+ psa_algorithm_t alg;
+ char input;
+ size_t input_length;
+ char hash[32];
+ size_t hash_length;
psa_status_t expected_status;
} test_data;
-static const uint8_t rsa_384_keypair[1];
-static const uint8_t rsa_384_keydata[1];
+static const char sha384_hash[] = {
+0x43, 0x72, 0xe3, 0x8a, 0x92, 0xa2, 0x8b, 0x5d, 0x2c, 0x39, 0x1e, 0x62,
+0x45, 0x2a, 0x86, 0xd5, 0x0e, 0x02, 0x67, 0x22, 0x8b, 0xe1, 0x76, 0xc7, 0x7d, 0x24, 0x02, 0xef,
+0xfe, 0x9f, 0xa5, 0x0d, 0xe4, 0x07, 0xbb, 0xb8, 0x51, 0xb3, 0x7d, 0x59, 0x04, 0xab, 0xa2, 0xde,
+0xde, 0x74, 0xda, 0x2a};
-static const uint8_t rsa_256_keypair[] = {
- 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
- 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
- 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
- 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
- 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
- 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
- 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
- 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
- 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
- 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
- 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
- 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
- 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
- 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
- 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
- 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
- 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
- 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
- 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
- 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
- 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
- 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
- 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
- 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
- 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
- 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
- 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
- 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
- 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
- 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
- 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
- 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
- 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
- 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
- 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
- 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
- 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
- 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
- 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
- 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
- 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
- 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
- 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
- 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
- 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
- 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
- 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
- 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
- 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
- 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
- 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
- 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
- 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
- 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
- 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
- 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
- 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
- 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
- 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
- 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
- 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
- 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
- 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
- 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
- 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
- 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
- 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
- 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
- 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
- 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
- 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
- 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
- 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
- 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
- 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
- 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
- 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
- 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
- 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
- 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
- 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
- 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
- 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
- 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
- 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
- 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
- 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
- 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
- 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
- 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
- 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
- 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
-
-static const uint8_t rsa_256_keydata[] = {
- 0x30, 0x82, 0x01, 0x0A,
- 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
- 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
- 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
- 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
- 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
- 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
- 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
- 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
- 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
- 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
- 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
- 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
- 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
- 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
- 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
- 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
- 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
- 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
- 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
-
-static const uint8_t ec_keydata[] = {
- 0x04, 0xde, 0xa5, 0xe4, 0x5d, 0x0e, 0xa3, 0x7f, 0xc5, 0x66, 0x23, 0x2a, 0x50, 0x8f,
- 0x4a, 0xd2, 0x0e, 0xa1, 0x3d, 0x47, 0xe4, 0xbf, 0x5f, 0xa4, 0xd5, 0x4a, 0x57, 0xa0,
- 0xba, 0x01, 0x20, 0x42, 0x08, 0x70, 0x97, 0x49, 0x6e, 0xfc, 0x58, 0x3f, 0xed, 0x8b,
- 0x24, 0xa5, 0xb9, 0xbe, 0x9a, 0x51, 0xde, 0x06, 0x3f, 0x5a, 0x00, 0xa8, 0xb6, 0x98,
- 0xa1, 0x6f, 0xd7, 0xf2, 0x9b, 0x54, 0x85, 0xf3, 0x20};
-
-static const uint8_t ec_keypair[] = {
- 0x68, 0x49, 0xf9, 0x7d, 0x10, 0x66, 0xf6, 0x99, 0x77, 0x59, 0x63, 0x7c, 0x7e, 0x38,
- 0x99, 0x46, 0x4c, 0xee, 0x3e, 0xc7, 0xac, 0x97, 0x06, 0x53, 0xa0, 0xbe, 0x07, 0x42};
+static const char sha512_hash[] = {
+0x29, 0x6e, 0x22, 0x67, 0xd7, 0x4c, 0x27, 0x8d, 0xaa, 0xaa, 0x94, 0x0d,
+0x17, 0xb0, 0xcf, 0xb7, 0x4a, 0x50, 0x83, 0xf8, 0xe0, 0x69, 0x72, 0x6d, 0x8c, 0x84, 0x1c, 0xbe,
+0x59, 0x6e, 0x04, 0x31, 0xcb, 0x77, 0x41, 0xa5, 0xb5, 0x0f, 0x71, 0x66, 0x6c, 0xfd, 0x54, 0xba,
+0xcb, 0x7b, 0x00, 0xae, 0xa8, 0x91, 0x49, 0x9c, 0xf4, 0xef, 0x6a, 0x03, 0xc8, 0xa8, 0x3f, 0xe3,
+0x7c, 0x3f, 0x7b, 0xaf};
static test_data check1[] = {
-
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_get_key_information 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+#ifdef ARCH_TEST_MD2
+{"Test psa_hash_compute with MD2 algorithm\n",
+ PSA_ALG_MD2, 0xbd, 1,
+ {0x8c, 0x9c, 0x17, 0x66, 0x5d, 0x25, 0xb3, 0x5f, 0xc4, 0x13, 0xc4, 0x18, 0x05, 0xc6, 0x79, 0xcf},
+ 16, PSA_SUCCESS,
},
#endif
-#ifdef ARCH_TEST_AES_192
-{"Test psa_get_key_information 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
-{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
- 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+#ifdef ARCH_TEST_MD4
+{"Test psa_hash_compute with MD4 algorithm\n",
+ PSA_ALG_MD4, 0xbd, 1,
+ {0x18, 0xc3, 0x3f, 0x97, 0x29, 0x7e, 0xfe, 0x5f, 0x8a, 0x73, 0x22, 0x58, 0x28, 0x9f, 0xda, 0x25},
+ 16, PSA_SUCCESS,
},
#endif
-#ifdef ARCH_TEST_AES_256
-{"Test psa_get_key_information 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
-{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
- 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
- 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
+#ifdef ARCH_TEST_MD5
+{"Test psa_hash_compute with MD5 algorithm\n",
+ PSA_ALG_MD5, 0xbd, 1,
+ {0xab, 0xae, 0x57, 0xcb, 0x56, 0x2e, 0xcf, 0x29, 0x5b, 0x4a, 0x37, 0xa7, 0x6e, 0xfe, 0x61, 0xfb},
+ 16, PSA_SUCCESS,
},
#endif
-#endif
-#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
-#ifdef ARCH_TEST_RSA_2048
-{"Test psa_get_key_information 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
- {0},
- 270, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- 2048, 270, PSA_SUCCESS
+#ifdef ARCH_TEST_RIPEMD160
+{"Test psa_hash_compute with RIPEMD160 algorithm\n",
+ PSA_ALG_RIPEMD160, 0xbd, 1,
+ {0x50, 0x89, 0x26, 0x5e, 0xe5, 0xd9, 0xaf, 0x75, 0xd1, 0x2d, 0xbf, 0x7e, 0xa2, 0xf2, 0x7d, 0xbd,
+ 0xee, 0x43, 0x5b, 0x37},
+ 20, PSA_SUCCESS,
},
+#endif
-{"Test psa_get_key_information with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
- {0},
- 1193, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- 2048, 1193, PSA_SUCCESS
+#ifdef ARCH_TEST_SHA1
+{"Test psa_hash_compute with SHA1 algorithm\n",
+ PSA_ALG_SHA_1, 0xbd, 1,
+ {0x90, 0x34, 0xaa, 0xf4, 0x51, 0x43, 0x99, 0x6a, 0x2b, 0x14, 0x46, 0x5c, 0x35, 0x2a, 0xb0, 0xc6,
+ 0xfa, 0x26, 0xb2, 0x21},
+ 20, PSA_SUCCESS,
},
#endif
-#endif
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_DES_1KEY
-{"Test psa_get_key_information with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
- {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
+#ifdef ARCH_TEST_SHA224
+{"Test psa_hash_compute with SHA224 algorithm\n",
+ PSA_ALG_SHA_224, 0xbd, 1,
+ {0xb1, 0xe4, 0x6b, 0xb9, 0xef, 0xe4, 0x5a, 0xf5, 0x54, 0x36, 0x34, 0x49, 0xc6, 0x94, 0x5a, 0x0d,
+ 0x61, 0x69, 0xfc, 0x3a, 0x5a, 0x39, 0x6a, 0x56, 0xcb, 0x97, 0xcb, 0x57},
+ 28, PSA_SUCCESS,
},
#endif
-#ifdef ARCH_TEST_DES_2KEY
-{"Test psa_get_key_information with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
-{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
+#ifdef ARCH_TEST_SHA256
+{"Test psa_hash_compute with SHA256 algorithm\n",
+ PSA_ALG_SHA_256, 0xbd, 1,
+ {0x68, 0x32, 0x57, 0x20, 0xaa, 0xbd, 0x7c, 0x82, 0xf3, 0x0f, 0x55, 0x4b, 0x31, 0x3d, 0x05, 0x70,
+ 0xc9, 0x5a, 0xcc, 0xbb, 0x7d, 0xc4, 0xb5, 0xaa, 0xe1, 0x12, 0x04, 0xc0, 0x8f, 0xfe, 0x73, 0x2b},
+ 32, PSA_SUCCESS,
},
#endif
-#ifdef ARCH_TEST_DES_3KEY
-{"Test psa_get_key_information with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
-{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
- 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
- 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
+#ifdef ARCH_TEST_SHA384
+{"Test psa_hash_compute with SHA384 algorithm\n",
+ PSA_ALG_SHA_384, 0xbd, 1, {0}, 48, PSA_SUCCESS,
},
#endif
-#endif
-#ifdef ARCH_TEST_ECDSA
-#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
-{"Test psa_get_key_information with EC Public key\n", 9,
- PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
- {0},
- 65, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY,
- 256, 65, PSA_SUCCESS
+#ifdef ARCH_TEST_SHA512
+{"Test psa_hash_compute with SHA512 algorithm\n",
+ PSA_ALG_SHA_512, 0xbd, 1, {0}, 64, PSA_SUCCESS,
},
-#endif
-#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
-{"Test psa_get_key_information with EC keypair\n", 10,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1),
- {0},
- 28, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY,
- 224, 28, PSA_SUCCESS
+#ifdef ARCH_TEST_SHA512
+{"Test psa_hash_compute with small buffer size\n",
+ PSA_ALG_SHA_512, 0xbd, 1, {0}, 60, PSA_ERROR_BUFFER_TOO_SMALL,
},
#endif
#endif
-};
-static test_data check2[] = {
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_get_key_information negative cases\n", 11, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+{"Test psa_hash_compute with invalid algorithm\n",
+ PSA_HASH_ALG_INVALID, 0xbd, 1, {0}, 64, PSA_ERROR_NOT_SUPPORTED,
},
-#endif
-#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c006/test_entry.c b/api-tests/dev_apis/crypto/test_c006/test_entry_c006.c
similarity index 92%
rename from api-tests/dev_apis/crypto/test_c006/test_entry.c
rename to api-tests/dev_apis/crypto/test_c006/test_entry_c006.c
index 983ee819..d1536d28 100644
--- a/api-tests/dev_apis/crypto/test_c006/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c006/test_entry_c006.c
@@ -19,8 +19,9 @@
#include "val_target.h"
#include "test_c006.h"
-#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 6)
-#define TEST_DESC "Testing crypto key management APIs\n"
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 06)
+#define TEST_DESC "Testing crypto hash functions APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c007/source.mk b/api-tests/dev_apis/crypto/test_c007/source.mk
deleted file mode 100644
index 0144796d..00000000
--- a/api-tests/dev_apis/crypto/test_c007/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c007.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c007/test.cmake b/api-tests/dev_apis/crypto/test_c007/test.cmake
new file mode 100644
index 00000000..53b06251
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c007/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c007.c
+ test_c007.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c007/test_c007.c b/api-tests/dev_apis/crypto/test_c007/test_c007.c
index 9b3371fc..895242a3 100644
--- a/api-tests/dev_apis/crypto/test_c007/test_c007.c
+++ b/api-tests/dev_apis/crypto/test_c007/test_c007.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,165 +23,48 @@
client_test_t test_c007_crypto_list[] = {
NULL,
- psa_set_key_policy_test,
- psa_set_key_policy_negative_test,
+ psa_hash_compare_test,
NULL,
};
static int g_test_count = 1;
-int32_t psa_set_key_policy_test(security_t caller)
+int32_t psa_hash_compare_test(caller_security_t caller)
{
- const uint8_t *key_data;
- psa_key_policy_t policy, expected_policy;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- int32_t i, status;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ const char *hash;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
- /* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
-
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
- {
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keypair;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keypair;
- else
- return VAL_STATUS_INVALID;
- }
- else
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keydata;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keydata;
- else
- return VAL_STATUS_INVALID;
- }
- }
- else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
- {
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
- key_data = ec_keypair;
- else
- key_data = ec_keydata;
- }
+ if (check1[i].alg == PSA_ALG_SHA_384)
+ hash = sha384_hash;
+ else if (check1[i].alg == PSA_ALG_SHA_512)
+ hash = sha512_hash;
else
- key_data = check1[i].key_data;
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
-
- if (check1[i].expected_status != PSA_SUCCESS)
- continue;
-
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Get the usage policy for a key slot */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, check1[i].key_handle,
- &expected_policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Check if the usage is same as programmed */
- TEST_ASSERT_EQUAL(expected_policy.usage, check1[i].usage, TEST_CHECKPOINT_NUM(7));
-
- /* Check if the algorithm is same as programmed */
- TEST_ASSERT_EQUAL(expected_policy.alg, check1[i].key_alg, TEST_CHECKPOINT_NUM(8));
- }
-
- return VAL_STATUS_SUCCESS;
-}
-
-int32_t psa_set_key_policy_negative_test(security_t caller)
-{
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- int32_t i, status;
- psa_key_policy_t policy;
-
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- for (i = 0; i < num_checks; i++)
- {
- val->print(PRINT_TEST, "[Check %d] Test psa_set_key_policy with unallocated key handle\n",
- g_test_count++);
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
-
- /* Set the usage policy on a key slot */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_set_key_policy with zero as key handle\n",
- g_test_count++);
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, 0, &policy);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
-
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- /* Set the usage policy on a key slot */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
- val->print(PRINT_TEST, "[Check %d] Test psa_set_key_policy with already occupied handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_handle,
- check2[i].key_type, check2[i].key_data, check2[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ hash = check1[i].hash;
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_ALREADY_EXISTS, TEST_CHECKPOINT_NUM(8));
+ /* Calculate the hash (digest) of a message and compare it with a reference value */
+ status = val->crypto_function(VAL_CRYPTO_HASH_COMPARE, check1[i].alg, &check1[i].input,
+ check1[i].input_length, hash, check1[i].hash_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(3));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c007/test_c007.h b/api-tests/dev_apis/crypto/test_c007/test_c007.h
index ee5635f0..fb5c3854 100644
--- a/api-tests/dev_apis/crypto/test_c007/test_c007.h
+++ b/api-tests/dev_apis/crypto/test_c007/test_c007.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,15 +18,13 @@
#define _TEST_C007_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c007)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c007)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c007_crypto_list[];
-int32_t psa_set_key_policy_test(security_t caller);
-int32_t psa_set_key_policy_negative_test(security_t caller);
+int32_t psa_hash_compare_test(caller_security_t caller);
#endif /* _TEST_C007_CLIENT_TESTS_H_ */
-
diff --git a/api-tests/dev_apis/crypto/test_c007/test_data.h b/api-tests/dev_apis/crypto/test_c007/test_data.h
index 75726963..5d6dc86a 100644
--- a/api-tests/dev_apis/crypto/test_c007/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c007/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,268 +18,114 @@
#include "val_crypto.h"
typedef struct {
- char test_desc[75];
- psa_key_handle_t key_handle;
- psa_key_type_t key_type;
- uint8_t key_data[34];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
- uint32_t expected_bit_length;
- uint32_t expected_key_length;
+ char test_desc[50];
+ psa_algorithm_t alg;
+ char input;
+ size_t input_length;
+ char hash[32];
+ size_t hash_length;
psa_status_t expected_status;
} test_data;
-static const uint8_t rsa_384_keypair[1];
-static const uint8_t rsa_384_keydata[1];
+static const char sha384_hash[] = {
+0x43, 0x72, 0xe3, 0x8a, 0x92, 0xa2, 0x8b, 0x5d, 0x2c, 0x39, 0x1e, 0x62,
+0x45, 0x2a, 0x86, 0xd5, 0x0e, 0x02, 0x67, 0x22, 0x8b, 0xe1, 0x76, 0xc7, 0x7d, 0x24, 0x02, 0xef,
+0xfe, 0x9f, 0xa5, 0x0d, 0xe4, 0x07, 0xbb, 0xb8, 0x51, 0xb3, 0x7d, 0x59, 0x04, 0xab, 0xa2, 0xde,
+0xde, 0x74, 0xda, 0x2a};
-static const uint8_t rsa_256_keypair[] = {
- 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
- 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
- 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
- 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
- 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
- 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
- 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
- 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
- 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
- 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
- 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
- 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
- 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
- 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
- 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
- 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
- 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
- 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
- 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
- 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
- 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
- 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
- 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
- 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
- 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
- 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
- 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
- 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
- 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
- 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
- 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
- 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
- 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
- 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
- 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
- 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
- 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
- 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
- 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
- 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
- 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
- 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
- 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
- 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
- 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
- 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
- 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
- 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
- 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
- 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
- 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
- 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
- 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
- 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
- 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
- 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
- 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
- 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
- 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
- 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
- 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
- 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
- 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
- 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
- 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
- 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
- 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
- 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
- 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
- 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
- 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
- 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
- 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
- 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
- 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
- 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
- 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
- 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
- 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
- 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
- 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
- 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
- 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
- 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
- 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
- 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
- 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
- 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
- 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
- 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
- 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
- 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
-
-static const uint8_t rsa_256_keydata[] = {
- 0x30, 0x82, 0x01, 0x0A,
- 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
- 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
- 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
- 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
- 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
- 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
- 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
- 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
- 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
- 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
- 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
- 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
- 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
- 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
- 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
- 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
- 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
- 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
- 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
-
-static const uint8_t ec_keydata[] = {
- 0x04, 0xde, 0xa5, 0xe4, 0x5d, 0x0e, 0xa3, 0x7f, 0xc5, 0x66, 0x23, 0x2a, 0x50, 0x8f,
- 0x4a, 0xd2, 0x0e, 0xa1, 0x3d, 0x47, 0xe4, 0xbf, 0x5f, 0xa4, 0xd5, 0x4a, 0x57, 0xa0,
- 0xba, 0x01, 0x20, 0x42, 0x08, 0x70, 0x97, 0x49, 0x6e, 0xfc, 0x58, 0x3f, 0xed, 0x8b,
- 0x24, 0xa5, 0xb9, 0xbe, 0x9a, 0x51, 0xde, 0x06, 0x3f, 0x5a, 0x00, 0xa8, 0xb6, 0x98,
- 0xa1, 0x6f, 0xd7, 0xf2, 0x9b, 0x54, 0x85, 0xf3, 0x20};
-
-static const uint8_t ec_keypair[] = {
- 0x68, 0x49, 0xf9, 0x7d, 0x10, 0x66, 0xf6, 0x99, 0x77, 0x59, 0x63, 0x7c, 0x7e, 0x38,
- 0x99, 0x46, 0x4c, 0xee, 0x3e, 0xc7, 0xac, 0x97, 0x06, 0x53, 0xa0, 0xbe, 0x07, 0x42};
+static const char sha512_hash[] = {
+0x29, 0x6e, 0x22, 0x67, 0xd7, 0x4c, 0x27, 0x8d, 0xaa, 0xaa, 0x94, 0x0d,
+0x17, 0xb0, 0xcf, 0xb7, 0x4a, 0x50, 0x83, 0xf8, 0xe0, 0x69, 0x72, 0x6d, 0x8c, 0x84, 0x1c, 0xbe,
+0x59, 0x6e, 0x04, 0x31, 0xcb, 0x77, 0x41, 0xa5, 0xb5, 0x0f, 0x71, 0x66, 0x6c, 0xfd, 0x54, 0xba,
+0xcb, 0x7b, 0x00, 0xae, 0xa8, 0x91, 0x49, 0x9c, 0xf4, 0xef, 0x6a, 0x03, 0xc8, 0xa8, 0x3f, 0xe3,
+0x7c, 0x3f, 0x7b, 0xaf};
static test_data check1[] = {
-
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_set_key_policy 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+#ifdef ARCH_TEST_MD2
+{"Test psa_hash_compare with MD2 algorithm\n",
+ PSA_ALG_MD2, 0xbd, 1,
+ {0x8c, 0x9c, 0x17, 0x66, 0x5d, 0x25, 0xb3, 0x5f, 0xc4, 0x13, 0xc4, 0x18, 0x05, 0xc6, 0x79, 0xcf},
+ 16, PSA_SUCCESS,
},
#endif
-#ifdef ARCH_TEST_AES_192
-{"Test psa_set_key_policy 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
-{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
- 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+#ifdef ARCH_TEST_MD4
+{"Test psa_hash_compare with MD4 algorithm\n",
+ PSA_ALG_MD4, 0xbd, 1,
+ {0x18, 0xc3, 0x3f, 0x97, 0x29, 0x7e, 0xfe, 0x5f, 0x8a, 0x73, 0x22, 0x58, 0x28, 0x9f, 0xda, 0x25},
+ 16, PSA_SUCCESS,
},
#endif
-#ifdef ARCH_TEST_AES_256
-{"Test psa_set_key_policy 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
-{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
- 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
- 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
+#ifdef ARCH_TEST_MD5
+{"Test psa_hash_compare with MD5 algorithm\n",
+ PSA_ALG_MD5, 0xbd, 1,
+ {0xab, 0xae, 0x57, 0xcb, 0x56, 0x2e, 0xcf, 0x29, 0x5b, 0x4a, 0x37, 0xa7, 0x6e, 0xfe, 0x61, 0xfb},
+ 16, PSA_SUCCESS,
},
#endif
-#endif
-
-#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
-#ifdef ARCH_TEST_RSA_2048
-{"Test psa_set_key_policy 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
- {0},
- 270, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- 2048, 270, PSA_SUCCESS
-},
-{"Test psa_set_key_policy with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
- {0},
- 1193, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- 2048, 1193, PSA_SUCCESS
+#ifdef ARCH_TEST_RIPEMD160
+{"Test psa_hash_compare with RIPEMD160 algorithm\n",
+ PSA_ALG_RIPEMD160, 0xbd, 1,
+ {0x50, 0x89, 0x26, 0x5e, 0xe5, 0xd9, 0xaf, 0x75, 0xd1, 0x2d, 0xbf, 0x7e, 0xa2, 0xf2, 0x7d, 0xbd,
+ 0xee, 0x43, 0x5b, 0x37},
+ 20, PSA_SUCCESS,
},
#endif
-#endif
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_DES_1KEY
-{"Test psa_set_key_policy with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
- {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
+#ifdef ARCH_TEST_SHA1
+{"Test psa_hash_compare with SHA1 algorithm\n",
+ PSA_ALG_SHA_1, 0xbd, 1,
+ {0x90, 0x34, 0xaa, 0xf4, 0x51, 0x43, 0x99, 0x6a, 0x2b, 0x14, 0x46, 0x5c, 0x35, 0x2a, 0xb0, 0xc6,
+ 0xfa, 0x26, 0xb2, 0x21},
+ 20, PSA_SUCCESS,
},
#endif
-#ifdef ARCH_TEST_DES_2KEY
-{"Test psa_set_key_policy with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
-{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
+#ifdef ARCH_TEST_SHA224
+{"Test psa_hash_compare with SHA224 algorithm\n",
+ PSA_ALG_SHA_224, 0xbd, 1,
+ {0xb1, 0xe4, 0x6b, 0xb9, 0xef, 0xe4, 0x5a, 0xf5, 0x54, 0x36, 0x34, 0x49, 0xc6, 0x94, 0x5a, 0x0d,
+ 0x61, 0x69, 0xfc, 0x3a, 0x5a, 0x39, 0x6a, 0x56, 0xcb, 0x97, 0xcb, 0x57},
+ 28, PSA_SUCCESS,
},
#endif
-#ifdef ARCH_TEST_DES_3KEY
-{"Test psa_set_key_policy with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
-{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
- 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
- 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
+#ifdef ARCH_TEST_SHA256
+{"Test psa_hash_compare with SHA256 algorithm\n",
+ PSA_ALG_SHA_256, 0xbd, 1,
+ {0x68, 0x32, 0x57, 0x20, 0xaa, 0xbd, 0x7c, 0x82, 0xf3, 0x0f, 0x55, 0x4b, 0x31, 0x3d, 0x05, 0x70,
+ 0xc9, 0x5a, 0xcc, 0xbb, 0x7d, 0xc4, 0xb5, 0xaa, 0xe1, 0x12, 0x04, 0xc0, 0x8f, 0xfe, 0x73, 0x2b},
+ 32, PSA_SUCCESS,
},
#endif
-#endif
-#ifdef ARCH_TEST_ECDSA
-#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
-{"Test psa_set_key_policy with EC Public key\n", 9,
- PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
- {0},
- 65, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY,
- 256, 65, PSA_SUCCESS
+#ifdef ARCH_TEST_SHA384
+{"Test psa_hash_compare with SHA384 algorithm\n",
+ PSA_ALG_SHA_384, 0xbd, 1, {0}, 48, PSA_SUCCESS,
},
#endif
-#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
-{"Test psa_set_key_policy with EC keypair\n", 10,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1),
- {0},
- 28, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY,
- 224, 28, PSA_SUCCESS
+#ifdef ARCH_TEST_SHA512
+{"Test psa_hash_compare with SHA512 algorithm\n",
+ PSA_ALG_SHA_512, 0xbd, 1, {0}, 64, PSA_SUCCESS,
},
#endif
-#endif
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_set_key_policy with invalid usage\n", 13, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_INVALID, PSA_ALG_CTR,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+#ifdef ARCH_TEST_SHA256
+{"Test psa_hash_compare with incorrect hash\n",
+ PSA_ALG_SHA_256, 0xbd, 1,
+ {0x68, 0x32, 0x57, 0x20, 0xab, 0xbd, 0x7c, 0x82, 0xf3, 0x0f, 0x55, 0x4b, 0x31, 0x3d, 0x05, 0x70,
+ 0xc9, 0x5a, 0xcc, 0xbb, 0x7d, 0xc4, 0xb5, 0xaa, 0xe1, 0x12, 0x04, 0xc0, 0x8f, 0xfe, 0x73, 0x78},
+ 32, PSA_ERROR_INVALID_SIGNATURE,
},
-#endif
-#endif
-};
-
-static test_data check2[] = {
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_set_key_policy negative case\n", 11, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_ALREADY_EXISTS
+{"Test psa_hash_compare with incorrect hash length\n",
+ PSA_ALG_SHA_256, 0xbd, 1,
+ {0x68, 0x32, 0x57, 0x20, 0xaa, 0xbd, 0x7c, 0x82, 0xf3, 0x0f, 0x55, 0x4b, 0x31, 0x3d, 0x05, 0x70,
+ 0xc9, 0x5a, 0xcc, 0xbb, 0x7d, 0xc4, 0xb5, 0xaa, 0xe1, 0x12, 0x04, 0xc0, 0x8f, 0xfe, 0x73, 0x2b},
+ 31, PSA_ERROR_INVALID_SIGNATURE,
},
#endif
-#endif
-
};
diff --git a/api-tests/dev_apis/crypto/test_c007/test_entry.c b/api-tests/dev_apis/crypto/test_c007/test_entry_c007.c
similarity index 92%
rename from api-tests/dev_apis/crypto/test_c007/test_entry.c
rename to api-tests/dev_apis/crypto/test_c007/test_entry_c007.c
index c1fbe538..2825b027 100644
--- a/api-tests/dev_apis/crypto/test_c007/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c007/test_entry_c007.c
@@ -19,8 +19,9 @@
#include "val_target.h"
#include "test_c007.h"
-#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 7)
-#define TEST_DESC "Testing crypto key management APIs\n"
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 07)
+#define TEST_DESC "Testing crypto hash functions APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c008/source.mk b/api-tests/dev_apis/crypto/test_c008/source.mk
deleted file mode 100644
index 3bc136e7..00000000
--- a/api-tests/dev_apis/crypto/test_c008/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c008.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c008/test.cmake b/api-tests/dev_apis/crypto/test_c008/test.cmake
new file mode 100644
index 00000000..625227ae
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c008/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c008.c
+ test_c008.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c008/test_c008.c b/api-tests/dev_apis/crypto/test_c008/test_c008.c
index 363d5c76..5063c136 100644
--- a/api-tests/dev_apis/crypto/test_c008/test_c008.c
+++ b/api-tests/dev_apis/crypto/test_c008/test_c008.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,21 +23,23 @@
client_test_t test_c008_crypto_list[] = {
NULL,
- psa_get_key_policy_test,
- psa_get_key_policy_negative_test,
+ psa_key_derivation_setup_test,
NULL,
};
static int g_test_count = 1;
-int32_t psa_get_key_policy_test(security_t caller)
+int32_t psa_key_derivation_setup_test(caller_security_t caller)
{
- const uint8_t *key_data;
- psa_key_policy_t policy, expected_policy;
- psa_key_usage_t expected_usage;
- psa_algorithm_t expected_alg;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- int32_t i, status;
+ int32_t i, status;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -49,135 +51,19 @@ int32_t psa_get_key_policy_test(security_t caller)
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
- memset(&expected_usage, 0, sizeof(psa_key_usage_t));
- memset(&expected_alg, 0, sizeof(psa_algorithm_t));
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
- {
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keypair;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keypair;
- else
- return VAL_STATUS_INVALID;
- }
- else
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keydata;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keydata;
- else
- return VAL_STATUS_INVALID;
- }
- }
- else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
- {
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
- key_data = ec_keypair;
- else
- key_data = ec_keydata;
- }
- else
- key_data = check1[i].key_data;
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
+ /* Set up a key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_SETUP, &operation, check1[i].alg);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(3));
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ /* Abort the key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Get the usage policy for a key slot */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, check1[i].key_handle,
- &expected_policy);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
-
- if (check1[i].expected_status != PSA_SUCCESS)
- continue;
-
- TEST_ASSERT_EQUAL(expected_policy.usage, check1[i].usage, TEST_CHECKPOINT_NUM(7));
- TEST_ASSERT_EQUAL(expected_policy.alg, check1[i].key_alg, TEST_CHECKPOINT_NUM(8));
-
- /* Retrieve the usage field of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_GET_USAGE, &policy, &expected_usage);
-
- /* Retrieve the algorithm field of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_GET_ALGORITHM, &policy, &expected_alg);
-
- TEST_ASSERT_EQUAL(expected_usage, check1[i].usage, TEST_CHECKPOINT_NUM(9));
- TEST_ASSERT_EQUAL(expected_alg, check1[i].key_alg, TEST_CHECKPOINT_NUM(10));
}
return VAL_STATUS_SUCCESS;
}
-
-int32_t psa_get_key_policy_negative_test(security_t caller)
-{
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- int32_t i, status;
- psa_key_policy_t policy;
-
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- for (i = 0; i < num_checks; i++)
- {
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check2[i].test_desc, 0);
-
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_get_key_policy with unallocated key handle\n",
- g_test_count++);
- /* Get the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, check2[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_get_key_policy with zero as key handle\n",
- g_test_count++);
- /* Get the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, 0, &policy);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_get_key_policy with empty key handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Get the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, check2[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
- }
-
- return VAL_STATUS_SUCCESS;
-}
diff --git a/api-tests/dev_apis/crypto/test_c008/test_c008.h b/api-tests/dev_apis/crypto/test_c008/test_c008.h
index a67628db..c86acf82 100644
--- a/api-tests/dev_apis/crypto/test_c008/test_c008.h
+++ b/api-tests/dev_apis/crypto/test_c008/test_c008.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,14 +18,13 @@
#define _TEST_C008_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c008)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c008)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c008_crypto_list[];
-int32_t psa_get_key_policy_test(security_t caller);
-int32_t psa_get_key_policy_negative_test(security_t caller);
+int32_t psa_key_derivation_setup_test(caller_security_t caller);
#endif /* _TEST_C008_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c008/test_data.h b/api-tests/dev_apis/crypto/test_c008/test_data.h
index 90a9d91b..a350c162 100644
--- a/api-tests/dev_apis/crypto/test_c008/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c008/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -19,254 +19,28 @@
typedef struct {
char test_desc[75];
- psa_key_handle_t key_handle;
- psa_key_type_t key_type;
- uint8_t key_data[34];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
- uint32_t expected_bit_length;
- uint32_t expected_key_length;
+ psa_algorithm_t alg;
psa_status_t expected_status;
} test_data;
-static const uint8_t rsa_384_keypair[1];
-static const uint8_t rsa_384_keydata[1];
-
-static const uint8_t rsa_256_keypair[] = {
- 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
- 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
- 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
- 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
- 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
- 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
- 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
- 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
- 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
- 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
- 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
- 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
- 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
- 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
- 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
- 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
- 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
- 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
- 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
- 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
- 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
- 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
- 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
- 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
- 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
- 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
- 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
- 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
- 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
- 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
- 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
- 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
- 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
- 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
- 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
- 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
- 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
- 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
- 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
- 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
- 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
- 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
- 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
- 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
- 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
- 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
- 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
- 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
- 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
- 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
- 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
- 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
- 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
- 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
- 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
- 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
- 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
- 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
- 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
- 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
- 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
- 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
- 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
- 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
- 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
- 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
- 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
- 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
- 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
- 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
- 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
- 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
- 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
- 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
- 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
- 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
- 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
- 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
- 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
- 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
- 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
- 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
- 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
- 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
- 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
- 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
- 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
- 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
- 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
- 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
- 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
- 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
-
-static const uint8_t rsa_256_keydata[] = {
- 0x30, 0x82, 0x01, 0x0A,
- 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
- 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
- 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
- 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
- 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
- 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
- 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
- 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
- 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
- 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
- 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
- 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
- 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
- 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
- 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
- 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
- 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
- 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
- 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
-
-static const uint8_t ec_keydata[] = {
- 0x04, 0xde, 0xa5, 0xe4, 0x5d, 0x0e, 0xa3, 0x7f, 0xc5, 0x66, 0x23, 0x2a, 0x50, 0x8f,
- 0x4a, 0xd2, 0x0e, 0xa1, 0x3d, 0x47, 0xe4, 0xbf, 0x5f, 0xa4, 0xd5, 0x4a, 0x57, 0xa0,
- 0xba, 0x01, 0x20, 0x42, 0x08, 0x70, 0x97, 0x49, 0x6e, 0xfc, 0x58, 0x3f, 0xed, 0x8b,
- 0x24, 0xa5, 0xb9, 0xbe, 0x9a, 0x51, 0xde, 0x06, 0x3f, 0x5a, 0x00, 0xa8, 0xb6, 0x98,
- 0xa1, 0x6f, 0xd7, 0xf2, 0x9b, 0x54, 0x85, 0xf3, 0x20};
-
-static const uint8_t ec_keypair[] = {
- 0x68, 0x49, 0xf9, 0x7d, 0x10, 0x66, 0xf6, 0x99, 0x77, 0x59, 0x63, 0x7c, 0x7e, 0x38,
- 0x99, 0x46, 0x4c, 0xee, 0x3e, 0xc7, 0xac, 0x97, 0x06, 0x53, 0xa0, 0xbe, 0x07, 0x42};
-
static test_data check1[] = {
-
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_get_key_policy 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+{"Test psa_key_derivation_setup - ECDH + HKDF-SHA-256\n",
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_SUCCESS
},
-#endif
-#ifdef ARCH_TEST_AES_192
-{"Test psa_get_key_policy 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
-{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
- 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+{"Test psa_key_derivation_setup - ECDH, unknown KDF\n",
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)),
+ PSA_ERROR_NOT_SUPPORTED
},
-#endif
-#ifdef ARCH_TEST_AES_256
-{"Test psa_get_key_policy 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
-{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
- 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
- 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
+{"Test psa_key_derivation_setup - bad key derivation algorithm\n",
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_HASH_ALG_INVALID),
+ PSA_ERROR_INVALID_ARGUMENT
},
-#endif
-#endif
-
-#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
-#ifdef ARCH_TEST_RSA_2048
-{"Test psa_get_key_policy 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
- {0},
- 270, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- 2048, 270, PSA_SUCCESS
-},
-
-{"Test psa_get_key_policy with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
- {0},
- 1193, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- 2048, 1193, PSA_SUCCESS
-},
-#endif
-#endif
-
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_DES_1KEY
-{"Test psa_get_key_policy with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
- {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_DES_2KEY
-{"Test psa_get_key_policy with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
-{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_DES_3KEY
-{"Test psa_get_key_policy with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
-{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
- 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
- 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
-},
-#endif
-#endif
-
-#ifdef ARCH_TEST_ECDSA
-#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
-{"Test psa_get_key_policy with EC Public key\n", 9,
- PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
- {0},
- 65, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY,
- 256, 65, PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
-{"Test psa_get_key_policy with EC keypair\n", 10,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1),
- {0},
- 28, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY,
- 224, 28, PSA_SUCCESS
-},
-#endif
-#endif
-};
-static test_data check2[] = {
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_get_key_policy negative cases\n", 11, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+{"Test psa_key_derivation_setup - Invalid Algorithm\n",
+ PSA_ALG_INVALID,
+ PSA_ERROR_INVALID_ARGUMENT,
},
-#endif
-#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c008/test_entry.c b/api-tests/dev_apis/crypto/test_c008/test_entry_c008.c
similarity index 96%
rename from api-tests/dev_apis/crypto/test_c008/test_entry.c
rename to api-tests/dev_apis/crypto/test_c008/test_entry_c008.c
index 59f3a24a..e31f9d8a 100644
--- a/api-tests/dev_apis/crypto/test_c008/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c008/test_entry_c008.c
@@ -20,7 +20,8 @@
#include "test_c008.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 8)
-#define TEST_DESC "Testing crypto key management APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c009/source.mk b/api-tests/dev_apis/crypto/test_c009/source.mk
deleted file mode 100644
index e5f4c6f6..00000000
--- a/api-tests/dev_apis/crypto/test_c009/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c009.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c009/test.cmake b/api-tests/dev_apis/crypto/test_c009/test.cmake
new file mode 100644
index 00000000..93b0c943
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c009/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c009.c
+ test_c009.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c009/test_c009.c b/api-tests/dev_apis/crypto/test_c009/test_c009.c
index 9b252b88..1288bf6f 100644
--- a/api-tests/dev_apis/crypto/test_c009/test_c009.c
+++ b/api-tests/dev_apis/crypto/test_c009/test_c009.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,21 +21,25 @@
#include "test_data.h"
#include "val_crypto.h"
-#define MAX_KEYS 100
-
client_test_t test_c009_crypto_list[] = {
NULL,
- psa_allocate_key_test,
- psa_allocate_key_negative_test,
+ psa_key_derivation_input_bytes_test,
NULL,
};
static int g_test_count = 1;
-int32_t psa_allocate_key_test(security_t caller)
+int32_t psa_key_derivation_input_bytes_test(caller_security_t caller)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- int32_t i, status;
+ int32_t i, status;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -51,45 +55,27 @@ int32_t psa_allocate_key_test(security_t caller)
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(3));
-
- /* Destroy a key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
- }
-
- return VAL_STATUS_SUCCESS;
-}
+ /* Set up a key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_SETUP, &operation, check1[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-int32_t psa_allocate_key_negative_test(security_t caller)
-{
- int32_t i, j, status;
- psa_key_handle_t key_handle[MAX_KEYS];
+ /* Provide an input for key derivation or key agreement */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES, &operation,
+ check1[i].step, check1[i].data, check1[i].data_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+ /* Abort the key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
- val->print(PRINT_TEST, "[Check %d] Testing the insufficient memory\n", g_test_count++);
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
- for (i = 0; i < MAX_KEYS; i++)
- {
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &key_handle[i]);
- if (status != PSA_SUCCESS)
- {
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INSUFFICIENT_MEMORY, TEST_CHECKPOINT_NUM(2));
- break;
- }
- }
+ /* Key derivation on an aborted operation should fail */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES, &operation,
+ check1[i].step, check1[i].data, check1[i].data_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(6));
- for (j = 0; j < i; j++)
- {
- /* Destroy a key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle[j]);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c009/test_c009.h b/api-tests/dev_apis/crypto/test_c009/test_c009.h
index f5e758ba..356ad727 100644
--- a/api-tests/dev_apis/crypto/test_c009/test_c009.h
+++ b/api-tests/dev_apis/crypto/test_c009/test_c009.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,14 +18,13 @@
#define _TEST_C009_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c009)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c009)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c009_crypto_list[];
-int32_t psa_allocate_key_test(security_t caller);
-int32_t psa_allocate_key_negative_test(security_t caller);
+int32_t psa_key_derivation_input_bytes_test(caller_security_t caller);
#endif /* _TEST_C009_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c009/test_data.h b/api-tests/dev_apis/crypto/test_c009/test_data.h
index fd4be3c2..d4850671 100644
--- a/api-tests/dev_apis/crypto/test_c009/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c009/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,55 +18,54 @@
#include "val_crypto.h"
typedef struct {
- char test_desc[75];
- psa_key_handle_t key_handle;
- psa_status_t expected_status;
+ char test_desc[75];
+ psa_algorithm_t alg;
+ uint8_t data[32];
+ size_t data_length;
+ psa_key_derivation_step_t step;
+ psa_status_t expected_status;
} test_data;
static test_data check1[] = {
-#ifdef ARCH_TEST_AES_128
-{"Test psa_allocate_key 16 Byte AES\n", 1, PSA_SUCCESS
+{"Test psa_key_derivation_input_bytes - Step as Info\n",
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ "abcdefghijklmnop", 16,
+ PSA_KEY_DERIVATION_INPUT_INFO,
+ PSA_SUCCESS,
},
-#endif
-#ifdef ARCH_TEST_AES_192
-{"Test psa_allocate_key 24 Byte AES\n", 2, PSA_SUCCESS
+{"Test psa_key_derivation_input_bytes - Step as secret\n",
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ "abcdefghijklmnop", 16,
+ PSA_KEY_DERIVATION_INPUT_SECRET,
+ PSA_ERROR_INVALID_ARGUMENT,
},
-#endif
-#ifdef ARCH_TEST_AES_256
-{"Test psa_allocate_key 32 Byte AES\n", 3, PSA_SUCCESS
+{"Test psa_key_derivation_input_bytes - Step as salt\n",
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ "abcdefghijklmnop", 16,
+ PSA_KEY_DERIVATION_INPUT_SALT,
+ PSA_SUCCESS,
},
-#endif
-#ifdef ARCH_TEST_RSA_2048
-{"Test psa_allocate_key 2048 RSA public key\n", 4, PSA_SUCCESS
+{"Test psa_key_derivation_input_bytes - Step as label\n",
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ "abcdefghijklmnop", 16,
+ PSA_KEY_DERIVATION_INPUT_LABEL,
+ PSA_ERROR_INVALID_ARGUMENT,
},
-{"Test psa_allocate_key with RSA 2048 keypair\n", 5, PSA_SUCCESS,
+{"Test psa_key_derivation_input_bytes - Step as seed\n",
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ "abcdefghijklmnop", 16,
+ PSA_KEY_DERIVATION_INPUT_SEED,
+ PSA_ERROR_INVALID_ARGUMENT,
},
-#endif
-#ifdef ARCH_TEST_DES_1KEY
-{"Test psa_allocate_key with DES 64 bit key\n", 6, PSA_SUCCESS,
+{"Test psa_key_derivation_input_bytes - Invalid step\n",
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ "abcdefghijklmnop", 16,
+ PSA_KEY_DERIVATION_STEP_INVALID,
+ PSA_ERROR_INVALID_ARGUMENT,
},
-#endif
-
-#ifdef ARCH_TEST_DES_2KEY
-{"Test psa_allocate_key with Triple DES 2-Key\n", 7, PSA_SUCCESS,
-},
-#endif
-
-#ifdef ARCH_TEST_DES_3KEY
-{"Test psa_allocate_key with Triple DES 3-Key\n", 8, PSA_SUCCESS,
-},
-#endif
-
-#ifdef ARCH_TEST_ECC_CURVE_SECP192R1
-{"Test psa_allocate_key with EC Public key\n", 9, PSA_SUCCESS,
-},
-
-{"Test psa_allocate_key with EC keypair\n", 10, PSA_SUCCESS
-},
-#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c009/test_entry.c b/api-tests/dev_apis/crypto/test_c009/test_entry_c009.c
similarity index 96%
rename from api-tests/dev_apis/crypto/test_c009/test_entry.c
rename to api-tests/dev_apis/crypto/test_c009/test_entry_c009.c
index 93a0abe1..5dce9945 100644
--- a/api-tests/dev_apis/crypto/test_c009/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c009/test_entry_c009.c
@@ -20,7 +20,8 @@
#include "test_c009.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 9)
-#define TEST_DESC "Testing crypto key management APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c010/source.mk b/api-tests/dev_apis/crypto/test_c010/source.mk
deleted file mode 100644
index da0bb911..00000000
--- a/api-tests/dev_apis/crypto/test_c010/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c010.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c010/test.cmake b/api-tests/dev_apis/crypto/test_c010/test.cmake
new file mode 100644
index 00000000..c3ca1054
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c010/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c010.c
+ test_c010.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c010/test_c010.c b/api-tests/dev_apis/crypto/test_c010/test_c010.c
index 24e335ec..5455c0a2 100644
--- a/api-tests/dev_apis/crypto/test_c010/test_c010.c
+++ b/api-tests/dev_apis/crypto/test_c010/test_c010.c
@@ -23,20 +23,29 @@
client_test_t test_c010_crypto_list[] = {
NULL,
- psa_get_key_lifetime_test,
- psa_get_key_lifetime_negative_test,
+ psa_key_attributes_set_get_test,
NULL,
};
static int g_test_count = 1;
-int32_t psa_get_key_lifetime_test(security_t caller)
+int32_t psa_key_attributes_set_get_test(caller_security_t caller)
{
- const uint8_t *key_data;
- psa_key_policy_t policy;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- int32_t i, status;
- psa_key_lifetime_t lifetime;
+ int32_t i, status;
+ psa_key_type_t get_key_type;
+ psa_key_id_t get_key_id;
+ psa_key_lifetime_t get_key_lifetime;
+ psa_key_usage_t get_key_usage_flags;
+ psa_algorithm_t get_key_algorithm;
+ size_t get_key_bits;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -48,121 +57,78 @@ int32_t psa_get_key_lifetime_test(security_t caller)
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
- {
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keypair;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keypair;
- else
- return VAL_STATUS_INVALID;
- }
- else
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keydata;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keydata;
- else
- return VAL_STATUS_INVALID;
- }
- }
- else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
- {
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
- key_data = ec_keypair;
- else
- key_data = ec_keydata;
- }
- else
- key_data = check1[i].key_data;
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
-
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Get the lifetime of a key slot */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, check1[i].key_handle, &lifetime);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- TEST_ASSERT_EQUAL(lifetime, check1[i].lifetime, TEST_CHECKPOINT_NUM(7));
- }
+ /* Check if all the attributes are initialized to zero */
+ val->crypto_function(VAL_CRYPTO_GET_KEY_TYPE, &attributes, &get_key_type);
+ TEST_ASSERT_EQUAL(get_key_type, 0, TEST_CHECKPOINT_NUM(3));
- return VAL_STATUS_SUCCESS;
-}
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ID, &attributes, &get_key_id);
+ TEST_ASSERT_EQUAL(get_key_id, 0, TEST_CHECKPOINT_NUM(4));
-int32_t psa_get_key_lifetime_negative_test(security_t caller)
-{
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- int32_t i, status;
- psa_key_lifetime_t lifetime;
- psa_key_policy_t policy;
+ val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, &attributes, &get_key_lifetime);
+ TEST_ASSERT_EQUAL(get_key_lifetime, 0, TEST_CHECKPOINT_NUM(5));
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+ val->crypto_function(VAL_CRYPTO_GET_KEY_USAGE_FLAGS, &attributes, &get_key_usage_flags);
+ TEST_ASSERT_EQUAL(get_key_usage_flags, 0, TEST_CHECKPOINT_NUM(6));
- for (i = 0; i < num_checks; i++)
- {
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ALGORITHM, &attributes, &get_key_algorithm);
+ TEST_ASSERT_EQUAL(get_key_algorithm, 0, TEST_CHECKPOINT_NUM(7));
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+ val->crypto_function(VAL_CRYPTO_GET_KEY_BITS, &attributes, &get_key_bits);
+ TEST_ASSERT_EQUAL(get_key_bits, 0, TEST_CHECKPOINT_NUM(8));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &attributes, check1[i].attr_bits);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ID, &attributes, check1[i].key_id);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_LIFETIME, &attributes, check1[i].key_lifetime);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
- val->print(PRINT_TEST, "[Check %d] Test psa_get_key_lifetime with invalid key handle\n",
- g_test_count++);
- /* Get the lifetime of a key slot */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, check2[i].key_handle, &lifetime);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_get_key_lifetime with zero as key handle\n",
- g_test_count++);
- /* Get the lifetime of a key slot */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, 0, &lifetime);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_get_key_lifetime with empty key handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Get the lifetime of a key slot */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, check2[i].key_handle, &lifetime);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
- }
-
- return VAL_STATUS_SUCCESS;
+ /* Check if all the attributes are as per the input */
+ val->crypto_function(VAL_CRYPTO_GET_KEY_TYPE, &attributes, &get_key_type);
+ TEST_ASSERT_EQUAL(get_key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(9));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ID, &attributes, &get_key_id);
+ TEST_ASSERT_EQUAL(get_key_id, check1[i].key_id, TEST_CHECKPOINT_NUM(10));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, &attributes, &get_key_lifetime);
+ TEST_ASSERT_EQUAL(get_key_lifetime, check1[i].key_lifetime, TEST_CHECKPOINT_NUM(11));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_USAGE_FLAGS, &attributes, &get_key_usage_flags);
+ TEST_ASSERT_EQUAL(get_key_usage_flags, check1[i].usage, TEST_CHECKPOINT_NUM(12));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ALGORITHM, &attributes, &get_key_algorithm);
+ TEST_ASSERT_EQUAL(get_key_algorithm, check1[i].key_alg, TEST_CHECKPOINT_NUM(13));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_BITS, &attributes, &get_key_bits);
+ TEST_ASSERT_EQUAL(get_key_bits, check1[i].attr_bits, TEST_CHECKPOINT_NUM(14));
+
+ /* Reset the attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ /* Check if all the attributes are erased */
+ val->crypto_function(VAL_CRYPTO_GET_KEY_TYPE, &attributes, &get_key_type);
+ TEST_ASSERT_EQUAL(get_key_type, 0, TEST_CHECKPOINT_NUM(15));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ID, &attributes, &get_key_id);
+ TEST_ASSERT_EQUAL(get_key_id, 0, TEST_CHECKPOINT_NUM(16));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, &attributes, &get_key_lifetime);
+ TEST_ASSERT_EQUAL(get_key_lifetime, 0, TEST_CHECKPOINT_NUM(17));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_USAGE_FLAGS, &attributes, &get_key_usage_flags);
+ TEST_ASSERT_EQUAL(get_key_usage_flags, 0, TEST_CHECKPOINT_NUM(18));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ALGORITHM, &attributes, &get_key_algorithm);
+ TEST_ASSERT_EQUAL(get_key_algorithm, 0, TEST_CHECKPOINT_NUM(19));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_BITS, &attributes, &get_key_bits);
+ TEST_ASSERT_EQUAL(get_key_bits, 0, TEST_CHECKPOINT_NUM(20));
+ }
+
+ return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c010/test_c010.h b/api-tests/dev_apis/crypto/test_c010/test_c010.h
index 03308e8a..7159b5ab 100644
--- a/api-tests/dev_apis/crypto/test_c010/test_c010.h
+++ b/api-tests/dev_apis/crypto/test_c010/test_c010.h
@@ -18,14 +18,13 @@
#define _TEST_C010_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c010)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c010)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c010_crypto_list[];
-int32_t psa_get_key_lifetime_test(security_t caller);
-int32_t psa_get_key_lifetime_negative_test(security_t caller);
+int32_t psa_key_attributes_set_get_test(caller_security_t caller);
#endif /* _TEST_C010_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c010/test_data.h b/api-tests/dev_apis/crypto/test_c010/test_data.h
index e8c7b2da..d6dc65d8 100644
--- a/api-tests/dev_apis/crypto/test_c010/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c010/test_data.h
@@ -19,257 +19,18 @@
typedef struct {
char test_desc[75];
- psa_key_handle_t key_handle;
psa_key_type_t key_type;
- uint8_t key_data[34];
- uint32_t key_length;
+ size_t attr_bits;
psa_key_usage_t usage;
psa_algorithm_t key_alg;
+ psa_key_id_t key_id;
+ psa_key_lifetime_t key_lifetime;
psa_key_lifetime_t lifetime;
- uint32_t expected_bit_length;
- uint32_t expected_key_length;
- psa_status_t expected_status;
} test_data;
-static const uint8_t rsa_384_keypair[1];
-static const uint8_t rsa_384_keydata[1];
-
-static const uint8_t rsa_256_keypair[] = {
- 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
- 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
- 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
- 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
- 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
- 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
- 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
- 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
- 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
- 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
- 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
- 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
- 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
- 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
- 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
- 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
- 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
- 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
- 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
- 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
- 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
- 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
- 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
- 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
- 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
- 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
- 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
- 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
- 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
- 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
- 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
- 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
- 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
- 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
- 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
- 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
- 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
- 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
- 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
- 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
- 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
- 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
- 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
- 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
- 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
- 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
- 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
- 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
- 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
- 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
- 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
- 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
- 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
- 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
- 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
- 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
- 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
- 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
- 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
- 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
- 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
- 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
- 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
- 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
- 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
- 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
- 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
- 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
- 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
- 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
- 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
- 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
- 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
- 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
- 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
- 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
- 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
- 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
- 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
- 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
- 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
- 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
- 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
- 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
- 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
- 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
- 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
- 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
- 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
- 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
- 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
- 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
-
-static const uint8_t rsa_256_keydata[] = {
- 0x30, 0x82, 0x01, 0x0A,
- 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
- 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
- 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
- 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
- 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
- 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
- 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
- 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
- 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
- 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
- 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
- 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
- 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
- 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
- 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
- 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
- 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
- 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
- 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
-
-static const uint8_t ec_keydata[] = {
- 0x04, 0xde, 0xa5, 0xe4, 0x5d, 0x0e, 0xa3, 0x7f, 0xc5, 0x66, 0x23, 0x2a, 0x50, 0x8f,
- 0x4a, 0xd2, 0x0e, 0xa1, 0x3d, 0x47, 0xe4, 0xbf, 0x5f, 0xa4, 0xd5, 0x4a, 0x57, 0xa0,
- 0xba, 0x01, 0x20, 0x42, 0x08, 0x70, 0x97, 0x49, 0x6e, 0xfc, 0x58, 0x3f, 0xed, 0x8b,
- 0x24, 0xa5, 0xb9, 0xbe, 0x9a, 0x51, 0xde, 0x06, 0x3f, 0x5a, 0x00, 0xa8, 0xb6, 0x98,
- 0xa1, 0x6f, 0xd7, 0xf2, 0x9b, 0x54, 0x85, 0xf3, 0x20};
-
-static const uint8_t ec_keypair[] = {
- 0x68, 0x49, 0xf9, 0x7d, 0x10, 0x66, 0xf6, 0x99, 0x77, 0x59, 0x63, 0x7c, 0x7e, 0x38,
- 0x99, 0x46, 0x4c, 0xee, 0x3e, 0xc7, 0xac, 0x97, 0x06, 0x53, 0xa0, 0xbe, 0x07, 0x42};
-
static test_data check1[] = {
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_get_key_lifetime 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- PSA_KEY_LIFETIME_VOLATILE, BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
-},
-#endif
-#endif
-
-#ifdef NO_SUPPORT
-/* PSA crypto doesn't support these test scenarios */
-{"Test psa_get_key_lifetime 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
-{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
- 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
- PSA_KEY_LIFETIME_PERSISTENT, BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
-},
-
-{"Test psa_get_key_lifetime 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
-{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
- 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
- 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR,
- PSA_KEY_LIFETIME_WRITE_ONCE, BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
-#ifdef ARCH_TEST_RSA_2048
-{"Test psa_get_key_lifetime 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
- {0},
- 270, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- PSA_KEY_LIFETIME_VOLATILE, 2048, 270, PSA_SUCCESS
-},
-#endif
-#endif
-
-#ifdef NO_SUPPORT
-/* PSA crypto doesn't support these test scenarios */
-{"Test psa_get_key_lifetime with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
- {0},
- 1193, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- PSA_KEY_LIFETIME_PERSISTENT, 2048, 1193, PSA_SUCCESS
-},
-
-{"Test psa_get_key_lifetime with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
- {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- PSA_KEY_LIFETIME_WRITE_ONCE, BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_DES_2KEY
-{"Test psa_get_key_lifetime with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
-{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- PSA_KEY_LIFETIME_VOLATILE, BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
-},
-#endif
-#endif
-
-#ifdef NO_SUPPORT
-/* PSA crypto doesn't support these test scenarios */
-{"Test psa_get_key_lifetime with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
-{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
- 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
- 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- PSA_KEY_LIFETIME_PERSISTENT, BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_ASYMMETRIC_ENCRYPTION
-#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
-{"Test psa_get_key_lifetime with EC Public key\n", 9,
- PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
- {0},
- 65, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
- PSA_KEY_LIFETIME_VOLATILE, 256, 65, PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
-{"Test psa_get_key_lifetime with EC keypair\n", 10,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1),
- {0},
- 28, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
- PSA_KEY_LIFETIME_VOLATILE, 224, 28, PSA_SUCCESS
-},
-#endif
-#endif
-
-};
-
-
-static test_data check2[] = {
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_get_key_lifetime with negative cases\n", 11, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, PSA_KEY_LIFETIME_VOLATILE,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+{"Test set/get key attributes\n", PSA_KEY_TYPE_AES, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM, 0x1234,
+ PSA_KEY_LIFETIME_PERSISTENT
},
-#endif
-#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c010/test_entry.c b/api-tests/dev_apis/crypto/test_c010/test_entry_c010.c
similarity index 96%
rename from api-tests/dev_apis/crypto/test_c010/test_entry.c
rename to api-tests/dev_apis/crypto/test_c010/test_entry_c010.c
index 23012e9f..c8e32c7e 100644
--- a/api-tests/dev_apis/crypto/test_c010/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c010/test_entry_c010.c
@@ -20,7 +20,8 @@
#include "test_c010.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 10)
-#define TEST_DESC "Testing crypto key management APIs\n"
+#define TEST_DESC "Testing crypto key attributes APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c011/source.mk b/api-tests/dev_apis/crypto/test_c011/source.mk
deleted file mode 100644
index 10a5d4ba..00000000
--- a/api-tests/dev_apis/crypto/test_c011/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c011.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c011/test.cmake b/api-tests/dev_apis/crypto/test_c011/test.cmake
new file mode 100644
index 00000000..7c2b04ed
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c011/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c011.c
+ test_c011.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c011/test_c011.c b/api-tests/dev_apis/crypto/test_c011/test_c011.c
index 13176a2e..4abab812 100644
--- a/api-tests/dev_apis/crypto/test_c011/test_c011.c
+++ b/api-tests/dev_apis/crypto/test_c011/test_c011.c
@@ -29,12 +29,18 @@ client_test_t test_c011_crypto_list[] = {
static int g_test_count = 1;
-int32_t psa_hash_setup_test(security_t caller)
+int32_t psa_hash_setup_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
psa_hash_operation_t operation;
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
diff --git a/api-tests/dev_apis/crypto/test_c011/test_c011.h b/api-tests/dev_apis/crypto/test_c011/test_c011.h
index 3b334449..b16284b7 100644
--- a/api-tests/dev_apis/crypto/test_c011/test_c011.h
+++ b/api-tests/dev_apis/crypto/test_c011/test_c011.h
@@ -18,14 +18,14 @@
#define _TEST_C011_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c011)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c011)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c011_crypto_list[];
-int32_t psa_hash_setup_test(security_t caller);
-int32_t psa_get_key_lifetime_negative_test(security_t caller);
+int32_t psa_hash_setup_test(caller_security_t caller);
+int32_t psa_get_key_lifetime_negative_test(caller_security_t caller);
#endif /* _TEST_C011_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c011/test_entry.c b/api-tests/dev_apis/crypto/test_c011/test_entry_c011.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c011/test_entry.c
rename to api-tests/dev_apis/crypto/test_c011/test_entry_c011.c
index 33d5730d..0913ede4 100644
--- a/api-tests/dev_apis/crypto/test_c011/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c011/test_entry_c011.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 11)
#define TEST_DESC "Testing crypto hash functions APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c012/source.mk b/api-tests/dev_apis/crypto/test_c012/source.mk
deleted file mode 100644
index 5379fd9f..00000000
--- a/api-tests/dev_apis/crypto/test_c012/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c012.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c012/test.cmake b/api-tests/dev_apis/crypto/test_c012/test.cmake
new file mode 100644
index 00000000..9ea7f0d4
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c012/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c012.c
+ test_c012.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c012/test_c012.c b/api-tests/dev_apis/crypto/test_c012/test_c012.c
index a02f8ada..3e3cc21b 100644
--- a/api-tests/dev_apis/crypto/test_c012/test_c012.c
+++ b/api-tests/dev_apis/crypto/test_c012/test_c012.c
@@ -31,12 +31,18 @@ client_test_t test_c012_crypto_list[] = {
static int g_test_count = 1;
-int32_t psa_hash_update_test(security_t caller)
+int32_t psa_hash_update_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
psa_hash_operation_t operation;
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
@@ -70,7 +76,7 @@ int32_t psa_hash_update_test(security_t caller)
return VAL_STATUS_SUCCESS;
}
-int32_t psa_hash_update_invalid_handle(security_t caller)
+int32_t psa_hash_update_invalid_handle(caller_security_t caller)
{
psa_hash_operation_t operation;
uint8_t input[] = "Hello World";
@@ -102,7 +108,7 @@ int32_t psa_hash_update_invalid_handle(security_t caller)
return VAL_STATUS_SUCCESS;
}
-int32_t psa_hash_update_with_completed_handle(security_t caller)
+int32_t psa_hash_update_with_completed_handle(caller_security_t caller)
{
psa_hash_operation_t operation;
uint8_t input[] = {0xbd};
diff --git a/api-tests/dev_apis/crypto/test_c012/test_c012.h b/api-tests/dev_apis/crypto/test_c012/test_c012.h
index ca362203..acbf7770 100644
--- a/api-tests/dev_apis/crypto/test_c012/test_c012.h
+++ b/api-tests/dev_apis/crypto/test_c012/test_c012.h
@@ -18,15 +18,15 @@
#define _TEST_C012_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c012)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c012)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c012_crypto_list[];
-int32_t psa_hash_update_test(security_t caller);
-int32_t psa_hash_update_invalid_handle(security_t caller);
-int32_t psa_hash_update_with_completed_handle(security_t caller);
+int32_t psa_hash_update_test(caller_security_t caller);
+int32_t psa_hash_update_invalid_handle(caller_security_t caller);
+int32_t psa_hash_update_with_completed_handle(caller_security_t caller);
#endif /* _TEST_C012_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c012/test_entry.c b/api-tests/dev_apis/crypto/test_c012/test_entry_c012.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c012/test_entry.c
rename to api-tests/dev_apis/crypto/test_c012/test_entry_c012.c
index cae09041..d7490549 100644
--- a/api-tests/dev_apis/crypto/test_c012/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c012/test_entry_c012.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 12)
#define TEST_DESC "Testing crypto hash functions APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c013/source.mk b/api-tests/dev_apis/crypto/test_c013/source.mk
deleted file mode 100644
index 3039e72f..00000000
--- a/api-tests/dev_apis/crypto/test_c013/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c013.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c013/test.cmake b/api-tests/dev_apis/crypto/test_c013/test.cmake
new file mode 100644
index 00000000..3939d2c1
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c013/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c013.c
+ test_c013.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c013/test_c013.c b/api-tests/dev_apis/crypto/test_c013/test_c013.c
index ccec9ca2..772ea61c 100644
--- a/api-tests/dev_apis/crypto/test_c013/test_c013.c
+++ b/api-tests/dev_apis/crypto/test_c013/test_c013.c
@@ -30,13 +30,19 @@ client_test_t test_c013_crypto_list[] = {
static int g_test_count = 1;
-int32_t psa_hash_verify_test(security_t caller)
+int32_t psa_hash_verify_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
psa_hash_operation_t operation;
const char *hash;
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
@@ -80,7 +86,7 @@ int32_t psa_hash_verify_test(security_t caller)
return VAL_STATUS_SUCCESS;
}
-int32_t psa_hash_verify_inactive_operation_handle(security_t caller)
+int32_t psa_hash_verify_inactive_operation_handle(caller_security_t caller)
{
psa_hash_operation_t operation, invalid_operation;
char input = 0xbd;
diff --git a/api-tests/dev_apis/crypto/test_c013/test_c013.h b/api-tests/dev_apis/crypto/test_c013/test_c013.h
index 5135dda7..2e721278 100644
--- a/api-tests/dev_apis/crypto/test_c013/test_c013.h
+++ b/api-tests/dev_apis/crypto/test_c013/test_c013.h
@@ -18,14 +18,14 @@
#define _TEST_C013_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c013)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c013)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c013_crypto_list[];
-int32_t psa_hash_verify_test(security_t caller);
-int32_t psa_hash_verify_inactive_operation_handle(security_t caller);
+int32_t psa_hash_verify_test(caller_security_t caller);
+int32_t psa_hash_verify_inactive_operation_handle(caller_security_t caller);
#endif /* _TEST_C013_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c013/test_entry.c b/api-tests/dev_apis/crypto/test_c013/test_entry_c013.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c013/test_entry.c
rename to api-tests/dev_apis/crypto/test_c013/test_entry_c013.c
index 99ca4d2f..b343e652 100644
--- a/api-tests/dev_apis/crypto/test_c013/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c013/test_entry_c013.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 13)
#define TEST_DESC "Testing crypto hash functions APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c014/source.mk b/api-tests/dev_apis/crypto/test_c014/source.mk
deleted file mode 100644
index 4e75c890..00000000
--- a/api-tests/dev_apis/crypto/test_c014/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c014.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c014/test.cmake b/api-tests/dev_apis/crypto/test_c014/test.cmake
new file mode 100644
index 00000000..6bf060fa
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c014/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c014.c
+ test_c014.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c014/test_c014.c b/api-tests/dev_apis/crypto/test_c014/test_c014.c
index 272e0e0f..c1eda35b 100644
--- a/api-tests/dev_apis/crypto/test_c014/test_c014.c
+++ b/api-tests/dev_apis/crypto/test_c014/test_c014.c
@@ -31,7 +31,7 @@ client_test_t test_c014_crypto_list[] = {
static int g_test_count = 1;
-int32_t psa_hash_finish_test(security_t caller)
+int32_t psa_hash_finish_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
@@ -40,6 +40,12 @@ int32_t psa_hash_finish_test(security_t caller)
char hash[HASH_64B];
size_t hash_length, hash_size = sizeof(hash);
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
@@ -80,18 +86,18 @@ int32_t psa_hash_finish_test(security_t caller)
continue;
}
- TEST_ASSERT_EQUAL(hash_length, PSA_HASH_SIZE(check1[i].alg), TEST_CHECKPOINT_NUM(7));
- TEST_ASSERT_MEMCMP(hash, expected_hash, hash_length, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(hash_length, PSA_HASH_SIZE(check1[i].alg), TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_MEMCMP(hash, expected_hash, hash_length, TEST_CHECKPOINT_NUM(7));
/*Abort the hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_hash_finish_inactive_operation_handle(security_t caller)
+int32_t psa_hash_finish_inactive_operation_handle(caller_security_t caller)
{
psa_hash_operation_t operation;
char input = 0xbd;
@@ -139,7 +145,7 @@ int32_t psa_hash_finish_inactive_operation_handle(security_t caller)
return VAL_STATUS_SUCCESS;
}
-int32_t psa_hash_finish_invalid_hash_buffer_size(security_t caller)
+int32_t psa_hash_finish_invalid_hash_buffer_size(caller_security_t caller)
{
psa_hash_operation_t operation;
char input = 0xbd;
diff --git a/api-tests/dev_apis/crypto/test_c014/test_c014.h b/api-tests/dev_apis/crypto/test_c014/test_c014.h
index 348e07c4..81b92eee 100644
--- a/api-tests/dev_apis/crypto/test_c014/test_c014.h
+++ b/api-tests/dev_apis/crypto/test_c014/test_c014.h
@@ -18,15 +18,15 @@
#define _TEST_C014_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c014)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c014)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c014_crypto_list[];
-int32_t psa_hash_finish_test(security_t caller);
-int32_t psa_hash_finish_inactive_operation_handle(security_t caller);
-int32_t psa_hash_finish_invalid_hash_buffer_size(security_t caller);
+int32_t psa_hash_finish_test(caller_security_t caller);
+int32_t psa_hash_finish_inactive_operation_handle(caller_security_t caller);
+int32_t psa_hash_finish_invalid_hash_buffer_size(caller_security_t caller);
#endif /* _TEST_C014_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c014/test_entry.c b/api-tests/dev_apis/crypto/test_c014/test_entry_c014.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c014/test_entry.c
rename to api-tests/dev_apis/crypto/test_c014/test_entry_c014.c
index 3934edc8..0a95c7a5 100644
--- a/api-tests/dev_apis/crypto/test_c014/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c014/test_entry_c014.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 14)
#define TEST_DESC "Testing crypto hash functions APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c015/source.mk b/api-tests/dev_apis/crypto/test_c015/source.mk
deleted file mode 100644
index 66ef2a23..00000000
--- a/api-tests/dev_apis/crypto/test_c015/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c015.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c015/test.cmake b/api-tests/dev_apis/crypto/test_c015/test.cmake
new file mode 100644
index 00000000..69bf742b
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c015/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c015.c
+ test_c015.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c015/test_c015.c b/api-tests/dev_apis/crypto/test_c015/test_c015.c
index 8f725f3e..cd5c96d3 100644
--- a/api-tests/dev_apis/crypto/test_c015/test_c015.c
+++ b/api-tests/dev_apis/crypto/test_c015/test_c015.c
@@ -30,12 +30,18 @@ client_test_t test_c015_crypto_list[] = {
static int g_test_count = 1;
-int32_t psa_hash_abort_test(security_t caller)
+int32_t psa_hash_abort_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
psa_hash_operation_t operation;
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
@@ -67,7 +73,7 @@ int32_t psa_hash_abort_test(security_t caller)
return VAL_STATUS_SUCCESS;
}
-int32_t psa_hash_abort_before_operation_finish(security_t caller)
+int32_t psa_hash_abort_before_operation_finish(caller_security_t caller)
{
psa_hash_operation_t operation;
char input = 0xbd;
diff --git a/api-tests/dev_apis/crypto/test_c015/test_c015.h b/api-tests/dev_apis/crypto/test_c015/test_c015.h
index bf435c2c..b3edc26d 100644
--- a/api-tests/dev_apis/crypto/test_c015/test_c015.h
+++ b/api-tests/dev_apis/crypto/test_c015/test_c015.h
@@ -18,14 +18,14 @@
#define _TEST_C015_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c015)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c015)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c015_crypto_list[];
-int32_t psa_hash_abort_test(security_t caller);
-int32_t psa_hash_abort_before_operation_finish(security_t caller);
+int32_t psa_hash_abort_test(caller_security_t caller);
+int32_t psa_hash_abort_before_operation_finish(caller_security_t caller);
#endif /* _TEST_C015_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c015/test_entry.c b/api-tests/dev_apis/crypto/test_c015/test_entry_c015.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c015/test_entry.c
rename to api-tests/dev_apis/crypto/test_c015/test_entry_c015.c
index b403a955..5afd52ca 100644
--- a/api-tests/dev_apis/crypto/test_c015/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c015/test_entry_c015.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 15)
#define TEST_DESC "Testing crypto hash functions APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c016/test.cmake b/api-tests/dev_apis/crypto/test_c016/test.cmake
new file mode 100644
index 00000000..a4aa7135
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c016/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c016.c
+ test_c016.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c016/test_c016.c b/api-tests/dev_apis/crypto/test_c016/test_c016.c
index 9781827a..58f847f7 100644
--- a/api-tests/dev_apis/crypto/test_c016/test_c016.c
+++ b/api-tests/dev_apis/crypto/test_c016/test_c016.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -24,26 +24,35 @@
client_test_t test_c016_crypto_list[] = {
NULL,
psa_generate_key_test,
- psa_generate_key_negative_test,
NULL,
};
static int g_test_count = 1;
static uint8_t data[BUFFER_SIZE];
-int32_t psa_generate_key_test(security_t caller)
+int32_t psa_generate_key_test(caller_security_t caller)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- uint32_t i, length;
- psa_key_policy_t policy;
- psa_key_type_t key_type;
- size_t bits;
- int32_t status;
+ int32_t i, status;
+ size_t length;
+ psa_key_type_t get_key_type;
+ psa_key_usage_t get_key_usage;
+ psa_algorithm_t get_key_alg;
+ size_t get_key_bits;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_attributes_t get_attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+ /* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
@@ -53,132 +62,52 @@ int32_t psa_generate_key_test(security_t caller)
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &attributes, check1[i].attr_bits);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
+ /* Generate the key */
+ status = val->crypto_function(VAL_CRYPTO_GENERATE_KEY, &attributes, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(3));
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ /* Get the attributes of the imported key and check if it matches the given value */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, check1[i].key_handle,
+ &get_attributes);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
- /* Generate a key or key pair */
- status = val->crypto_function(VAL_CRYPTO_GENERATE_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].bits, check1[i].extra, check1[i].extra_size);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
-
- if (check1[i].expected_status != PSA_SUCCESS)
- {
- /* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- continue;
- }
+ val->crypto_function(VAL_CRYPTO_GET_KEY_TYPE, &get_attributes, &get_key_type);
+ TEST_ASSERT_EQUAL(get_key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(5));
- /* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_handle,
- &key_type, &bits);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ val->crypto_function(VAL_CRYPTO_GET_KEY_BITS, &get_attributes, &get_key_bits);
+ TEST_ASSERT_EQUAL(get_key_bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(6));
- TEST_ASSERT_EQUAL(key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(8));
+ val->crypto_function(VAL_CRYPTO_GET_KEY_USAGE_FLAGS, &get_attributes, &get_key_usage);
+ TEST_ASSERT_EQUAL(get_key_usage, check1[i].usage, TEST_CHECKPOINT_NUM(7));
- TEST_ASSERT_EQUAL(bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(9));
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ALGORITHM, &get_attributes, &get_key_alg);
+ TEST_ASSERT_EQUAL(get_key_alg, check1[i].key_alg, TEST_CHECKPOINT_NUM(8));
/* Export a key in binary format */
status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_handle, data,
BUFFER_SIZE, &length);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+
+ /* Check the attributes of the exported key */
+ TEST_ASSERT_RANGE(length, check1[i].expected_range[0], check1[i].expected_range[1], TEST_CHECKPOINT_NUM(10));
- TEST_ASSERT_EQUAL(length, check1[i].expected_key_length, TEST_CHECKPOINT_NUM(11));
+ /* Reset the attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &get_attributes);
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
- }
-
- return VAL_STATUS_SUCCESS;
-}
-
-int32_t psa_generate_key_negative_test(security_t caller)
-{
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- uint32_t i;
- psa_key_policy_t policy;
- int32_t status;
-
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
-
- for (i = 0; i < num_checks; i++)
- {
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_generate_key with unallocated key handle\n",
- g_test_count++);
- /* Generate a key or key pair */
- status = val->crypto_function(VAL_CRYPTO_GENERATE_KEY, check2[i].key_handle,
- check2[i].key_type, check2[i].bits, check2[i].extra, check2[i].extra_size);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_generate_key with zero as key handle\n",
- g_test_count++);
- /* Generate a key or key pair */
- status = val->crypto_function(VAL_CRYPTO_GENERATE_KEY, 0, check2[i].key_type,
- check2[i].bits, check2[i].extra, check2[i].extra_size);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_generate_key with pre-occupied key handle\n",
- g_test_count++);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Generate a key or key pair */
- status = val->crypto_function(VAL_CRYPTO_GENERATE_KEY, check2[i].key_handle,
- check2[i].key_type, check2[i].bits, check2[i].extra, check2[i].extra_size);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
-
- /* Generate a key or key pair */
- status = val->crypto_function(VAL_CRYPTO_GENERATE_KEY, check2[i].key_handle,
- check2[i].key_type, check2[i].bits, check2[i].extra, check2[i].extra_size);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_ALREADY_EXISTS, TEST_CHECKPOINT_NUM(8));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_generate_key with destroyed key handle\n",
- g_test_count++);
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
-
- /* Generate a key or key pair */
- status = val->crypto_function(VAL_CRYPTO_GENERATE_KEY, check2[i].key_handle,
- check2[i].key_type, check2[i].bits, check2[i].extra, check2[i].extra_size);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
}
return VAL_STATUS_SUCCESS;
}
-
diff --git a/api-tests/dev_apis/crypto/test_c016/test_c016.h b/api-tests/dev_apis/crypto/test_c016/test_c016.h
index 7697b911..86ed9858 100644
--- a/api-tests/dev_apis/crypto/test_c016/test_c016.h
+++ b/api-tests/dev_apis/crypto/test_c016/test_c016.h
@@ -18,14 +18,13 @@
#define _TEST_C016_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c016)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c016)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c016_crypto_list[];
-int32_t psa_generate_key_test(security_t caller);
-int32_t psa_generate_key_negative_test(security_t caller);
+int32_t psa_generate_key_test(caller_security_t caller);
#endif /* _TEST_C016_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c016/test_data.h b/api-tests/dev_apis/crypto/test_c016/test_data.h
index 8bcd0877..2043fff6 100644
--- a/api-tests/dev_apis/crypto/test_c016/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c016/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,123 +23,89 @@ typedef struct {
psa_key_type_t key_type;
psa_key_usage_t usage;
psa_algorithm_t key_alg;
- size_t bits;
- void *extra;
- size_t extra_size;
+ size_t attr_bits;
uint32_t expected_bit_length;
- uint32_t expected_key_length;
+ uint32_t expected_range[2];
psa_status_t expected_status;
} test_data;
-#ifdef FUTURE_SUPPORT
-static uint32_t rsa_extra = 3;
-#endif
-
static test_data check1[] = {
#ifdef ARCH_TEST_CIPER_MODE_CTR
#ifdef ARCH_TEST_AES_128
{"Test psa_generate_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
- PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), NULL, 0,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), {AES_16B_KEY_SIZE, AES_16B_KEY_SIZE}, PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_AES_192
{"Test psa_generate_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
- PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_24B_KEY_SIZE), NULL, 0,
- BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BYTES_TO_BITS(AES_24B_KEY_SIZE),
+ BYTES_TO_BITS(AES_24B_KEY_SIZE), {AES_24B_KEY_SIZE, AES_24B_KEY_SIZE}, PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_AES_256
{"Test psa_generate_key 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
- PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_32B_KEY_SIZE), NULL, 0,
- BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BYTES_TO_BITS(AES_32B_KEY_SIZE),
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), {AES_32B_KEY_SIZE, AES_32B_KEY_SIZE}, PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_DES_1KEY
{"Test psa_generate_key with DES 64 bit key\n", 4, PSA_KEY_TYPE_DES,
- PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(DES_8B_KEY_SIZE), NULL, 0,
- BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BYTES_TO_BITS(DES_8B_KEY_SIZE),
+ BYTES_TO_BITS(DES_8B_KEY_SIZE), {DES_8B_KEY_SIZE, DES_8B_KEY_SIZE}, PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_DES_2KEY
{"Test psa_generate_key with Triple DES 2-Key\n", 5, PSA_KEY_TYPE_DES,
- PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(DES3_2KEY_SIZE), NULL, 0,
- BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BYTES_TO_BITS(DES3_2KEY_SIZE),
+ BYTES_TO_BITS(DES3_2KEY_SIZE), {DES3_2KEY_SIZE, DES3_2KEY_SIZE}, PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_DES_3KEY
{"Test psa_generate_key with Triple DES 3-Key\n", 6, PSA_KEY_TYPE_DES,
- PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(DES3_3KEY_SIZE), NULL, 0,
- BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BYTES_TO_BITS(DES3_3KEY_SIZE),
+ BYTES_TO_BITS(DES3_3KEY_SIZE), {DES3_3KEY_SIZE, DES3_3KEY_SIZE}, PSA_SUCCESS
},
#endif
-#ifdef ARCH_TEST_AES_256
-{"Test psa_generate_key with Null extra and Non-Zero extra size\n", 7, PSA_KEY_TYPE_AES,
- PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_32B_KEY_SIZE), NULL, sizeof(uint32_t),
- 0, 0, PSA_ERROR_INVALID_ARGUMENT
-},
-#endif
#endif
-#ifdef FUTURE_SUPPORT
-{"Test psa_generate_key with RSA 2048 Keypair\n", 8, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_generate_key with RSA 2048 Keypair\n", 7, PSA_KEY_TYPE_RSA_KEY_PAIR,
PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- 2048, NULL, 0,
- 2048, 1193, PSA_SUCCESS
+ 2048, 2048, {1190, 1194}, PSA_SUCCESS
},
-#endif
#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
#ifdef ARCH_TEST_ASYMMETRIC_ENCRYPTION
-{"Test psa_generate_key with ECC KeyPair\n", 9,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1),
- PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
- 224, NULL, 0,
- 224, 28, PSA_SUCCESS
+{"Test psa_generate_key with ECC KeyPair\n", 8,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, 224,
+ 224, {28, 28}, PSA_SUCCESS
},
#endif
#endif
-#ifdef FUTURE_SUPPORT
-{"Test psa_generate_key with Non-Null extra for 32 Byte AES key\n", 10, PSA_KEY_TYPE_AES,
- PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_32B_KEY_SIZE), &rsa_extra, sizeof(uint32_t),
- 0, 0, PSA_ERROR_INVALID_ARGUMENT
-},
-#endif
-
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
#ifdef ARCH_TEST_RSA_2048
-{"Test psa_generate_key with RSA 2048 Public key\n", 11, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{"Test psa_generate_key with RSA 2048 Public key\n", 9, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- 2048, NULL, 0,
- 2048, 1193, PSA_ERROR_NOT_SUPPORTED
+ 2048, 2048, {1190, 1194}, PSA_ERROR_NOT_SUPPORTED
},
#endif
#endif
-};
-static test_data check2[] = {
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_generate_key negative cases\n", 12, PSA_KEY_TYPE_AES,
- PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), NULL, 0,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+{"Test psa_generate_key with invalid key type\n", 10, 0,
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), {AES_16B_KEY_SIZE, AES_16B_KEY_SIZE}, PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_generate_key with invalid usage flags\n", 11, PSA_KEY_TYPE_AES,
+ PSA_KEY_USAGE_INVALID, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), {AES_16B_KEY_SIZE, AES_16B_KEY_SIZE}, PSA_ERROR_INVALID_ARGUMENT
},
-#endif
-#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c016/test_entry.c b/api-tests/dev_apis/crypto/test_c016/test_entry_c016.c
similarity index 95%
rename from api-tests/dev_apis/crypto/test_c016/test_entry.c
rename to api-tests/dev_apis/crypto/test_c016/test_entry_c016.c
index 3957dd6d..c88aa164 100644
--- a/api-tests/dev_apis/crypto/test_c016/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c016/test_entry_c016.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 16)
#define TEST_DESC "Testing crypto generator functions APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c017/test.cmake b/api-tests/dev_apis/crypto/test_c017/test.cmake
new file mode 100644
index 00000000..4314199a
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c017/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c017.c
+ test_c017.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c017/test_c017.c b/api-tests/dev_apis/crypto/test_c017/test_c017.c
index 8aeab9c9..9088ddfe 100644
--- a/api-tests/dev_apis/crypto/test_c017/test_c017.c
+++ b/api-tests/dev_apis/crypto/test_c017/test_c017.c
@@ -27,16 +27,22 @@ client_test_t test_c017_crypto_list[] = {
NULL,
};
-static int g_test_count = 1;
+static int g_test_count = 1;
static uint8_t data[BUFFER_SIZE], changed[BUFFER_SIZE];
-int32_t psa_generate_random_test(security_t caller)
+int32_t psa_generate_random_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
uint32_t i, j, run;
uint8_t trail[] = "don't overwrite me";
int32_t status;
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
diff --git a/api-tests/dev_apis/crypto/test_c017/test_c017.h b/api-tests/dev_apis/crypto/test_c017/test_c017.h
index ee8c4efb..aaf24a03 100644
--- a/api-tests/dev_apis/crypto/test_c017/test_c017.h
+++ b/api-tests/dev_apis/crypto/test_c017/test_c017.h
@@ -18,13 +18,13 @@
#define _TEST_C017_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c017)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c017)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c017_crypto_list[];
-int32_t psa_generate_random_test(security_t caller);
+int32_t psa_generate_random_test(caller_security_t caller);
#endif /* _TEST_C017_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c017/test_entry.c b/api-tests/dev_apis/crypto/test_c017/test_entry_c017.c
similarity index 92%
rename from api-tests/dev_apis/crypto/test_c017/test_entry.c
rename to api-tests/dev_apis/crypto/test_c017/test_entry_c017.c
index 500d2ec6..d39eb093 100644
--- a/api-tests/dev_apis/crypto/test_c017/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c017/test_entry_c017.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,8 @@
#include "test_c017.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 17)
-#define TEST_DESC "Testing crypto generator functions APIs\n"
+#define TEST_DESC "Testing crypto generation APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c018/test.cmake b/api-tests/dev_apis/crypto/test_c018/test.cmake
new file mode 100644
index 00000000..32d01a54
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c018/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c018.c
+ test_c018.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c018/test_c018.c b/api-tests/dev_apis/crypto/test_c018/test_c018.c
index 0bdf91a7..154d4d6f 100644
--- a/api-tests/dev_apis/crypto/test_c018/test_c018.c
+++ b/api-tests/dev_apis/crypto/test_c018/test_c018.c
@@ -23,157 +23,174 @@
client_test_t test_c018_crypto_list[] = {
NULL,
- psa_generator_read_test,
- psa_generator_read_negative_test,
+ psa_key_derivation_input_key_test,
+ psa_key_derivation_input_key_negative_test,
NULL,
};
-static int g_test_count = 1;
-static uint8_t data[BUFFER_SIZE_HIGH];
+static int g_test_count = 1;
-int32_t psa_generator_read_test(security_t caller)
+int32_t psa_key_derivation_input_key_test(caller_security_t caller)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- uint32_t i, j, data_sum, remaining_size;
- psa_key_policy_t policy;
- psa_crypto_generator_t generator, invalid_generator;
- int32_t status;
+ int32_t i, status;
+ const uint8_t *key_data;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+ /* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- memset(&generator, 0, sizeof(generator));
- memset(&invalid_generator, 0xDEADEAD, sizeof(invalid_generator));
- memset(data, 0, sizeof(data));
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &attributes, check1[i].attr_bits);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, key_data,
+ check1[i].key_length, &check1[i].key_handle);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ if (check1[i].expected_status == PSA_SUCCESS)
+ {
+ /* Provide an input for key derivation or key agreement without setup should be
+ * failure.
+ */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_KEY, &operation,
+ check1[i].step, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(4));
+ }
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ /* Set up a key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_SETUP, &operation,
+ check1[i].alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
- /* Set up a key derivation operation. Using this function to initialize the generate as
- * XOR or PRNG generator initialization is not implemented.
- */
- status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator, check1[i].key_handle,
- check1[i].key_alg, &check1[i].salt, check1[i].salt_length, &check1[i].label,
- check1[i].label_length, check1[i].capacity);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Read some data from a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_READ, &generator, data,
- check1[i].size);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(7));
+ /* Provide an input for key derivation or key agreement */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_KEY, &operation,
+ check1[i].step, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
if (check1[i].expected_status != PSA_SUCCESS)
{
- /* Abort a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
-
- /* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ /* Abort the key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
continue;
}
- data_sum = 0;
- /* Check that if generated data are zero */
- for (j = 0; j < check1[i].size; j++)
- {
- data_sum += data[j];
- }
-
- memset(data, 0, sizeof(data));
- TEST_ASSERT_NOT_EQUAL(data_sum, 0, TEST_CHECKPOINT_NUM(10));
-
- remaining_size = check1[i].capacity - check1[i].size;
- if (remaining_size > 0)
- {
- /* Read some data from a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_READ, &generator,
- data, remaining_size);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
-
- data_sum = 0;
- /* Check that if generated data are zero */
- for (j = 0; j < remaining_size; j++)
- {
- data_sum += data[j];
- }
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
- memset(data, 0, sizeof(data));
- TEST_ASSERT_NOT_EQUAL(data_sum, 0, TEST_CHECKPOINT_NUM(12));
+ /* Provide an input for key derivation or key agreement */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_KEY, &operation,
+ check1[i].step, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(9));
- /* Read some data from a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_READ, &generator,
- data, check1[i].size);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INSUFFICIENT_DATA, TEST_CHECKPOINT_NUM(13));
- }
+ /* Abort the key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
- /* Abort a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
-
- /* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(15));
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_generator_read_negative_test(security_t caller)
+int32_t psa_key_derivation_input_key_negative_test(caller_security_t caller)
{
- uint32_t i;
- psa_crypto_generator_t generator[] = {psa_crypto_generator_init(),
- PSA_CRYPTO_GENERATOR_INIT, {0} };
- uint32_t generator_count = sizeof(generator)/sizeof(generator[0]);
- int32_t status;
-
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, "Test psa_generator_read without setup\n", 0);
+ int32_t i, status;
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
- memset(data, 0, sizeof(data));
-
- for (i = 0; i < generator_count; i++)
+ /* Set the key data buffer to the input base on algorithm */
+ for (i = 0; i < num_checks; i++)
{
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_READ, &generator[i], data, 1);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(2));
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check2[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator[i]);
+ /* Set up a key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_SETUP, &operation,
+ check2[i].alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Provide an input for key derivation or key agreement */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_KEY, &operation,
+ check2[i].step, check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ /* Abort the key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set up a key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_SETUP, &operation,
+ check2[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Provide an input for key derivation or key agreement */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_KEY, &operation,
+ check2[i].step, 0);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(7));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c018/test_c018.h b/api-tests/dev_apis/crypto/test_c018/test_c018.h
index bd196511..02555bad 100644
--- a/api-tests/dev_apis/crypto/test_c018/test_c018.h
+++ b/api-tests/dev_apis/crypto/test_c018/test_c018.h
@@ -18,14 +18,14 @@
#define _TEST_C018_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c018)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c018)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c018_crypto_list[];
-int32_t psa_generator_read_test(security_t caller);
-int32_t psa_generator_read_negative_test(security_t caller);
+int32_t psa_key_derivation_input_key_test(caller_security_t caller);
+int32_t psa_key_derivation_input_key_negative_test(caller_security_t caller);
#endif /* _TEST_C018_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c018/test_data.h b/api-tests/dev_apis/crypto/test_c018/test_data.h
index f2c136e1..56d26fc1 100644
--- a/api-tests/dev_apis/crypto/test_c018/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c018/test_data.h
@@ -18,80 +18,254 @@
#include "val_crypto.h"
typedef struct {
- char test_desc[75];
- psa_key_handle_t key_handle;
- psa_key_type_t key_type;
- uint8_t key_data[32];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
- uint8_t salt[16];
- size_t salt_length;
- uint8_t label[16];
- size_t label_length;
- size_t capacity;
- size_t size;
- psa_status_t expected_status;
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[34];
+ uint32_t key_length;
+ size_t attr_bits;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_key_derivation_step_t step;
+ psa_algorithm_t alg;
+ uint32_t expected_bit_length;
+ uint32_t expected_key_length;
+ psa_status_t expected_status;
} test_data;
+static const uint8_t rsa_384_keypair[1];
+static const uint8_t rsa_384_keydata[1];
+
+static const uint8_t rsa_256_keypair[] = {
+ 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
+ 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
+ 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
+ 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
+ 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
+ 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
+ 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
+ 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
+ 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
+ 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
+ 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
+ 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
+ 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
+ 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
+ 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
+ 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
+ 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
+ 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
+ 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
+ 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
+ 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
+ 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
+ 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
+ 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
+ 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
+ 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
+ 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
+ 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
+ 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
+ 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
+ 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
+ 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
+ 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
+ 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
+ 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
+ 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
+ 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
+ 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
+ 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
+ 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
+ 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
+ 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
+ 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
+ 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
+ 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
+ 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
+ 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
+ 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
+ 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
+ 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
+ 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
+ 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
+ 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
+ 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
+ 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
+ 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
+ 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
+ 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
+ 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
+ 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
+ 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
+ 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
+ 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
+ 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
+ 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
+ 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
+ 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
+ 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
+ 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
+ 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
+ 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
+ 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
+ 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
+ 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
+ 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
+ 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
+ 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
+ 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
+ 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
+ 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
+ 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
+ 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
+ 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
+ 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
+ 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
+ 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
+ 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
+ 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
+ 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
+ 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
+ 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
+
+static const uint8_t rsa_256_keydata[] = {
+ 0x30, 0x82, 0x01, 0x0A,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
+ 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
+ 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
+ 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
+ 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
+ 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
+ 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
+ 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
+ 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
+ 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
+ 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
+ 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
+ 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
+ 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
+ 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
+ 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
+ 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
+ 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
+ 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+static const uint8_t ec_keydata[] = {
+ 0x04, 0xde, 0xa5, 0xe4, 0x5d, 0x0e, 0xa3, 0x7f, 0xc5, 0x66, 0x23, 0x2a, 0x50, 0x8f,
+ 0x4a, 0xd2, 0x0e, 0xa1, 0x3d, 0x47, 0xe4, 0xbf, 0x5f, 0xa4, 0xd5, 0x4a, 0x57, 0xa0,
+ 0xba, 0x01, 0x20, 0x42, 0x08, 0x70, 0x97, 0x49, 0x6e, 0xfc, 0x58, 0x3f, 0xed, 0x8b,
+ 0x24, 0xa5, 0xb9, 0xbe, 0x9a, 0x51, 0xde, 0x06, 0x3f, 0x5a, 0x00, 0xa8, 0xb6, 0x98,
+ 0xa1, 0x6f, 0xd7, 0xf2, 0x9b, 0x54, 0x85, 0xf3, 0x20};
+
+static const uint8_t ec_keypair[] = {
+ 0x68, 0x49, 0xf9, 0x7d, 0x10, 0x66, 0xf6, 0x99, 0x77, 0x59, 0x63, 0x7c, 0x7e, 0x38,
+ 0x99, 0x46, 0x4c, 0xee, 0x3e, 0xc7, 0xac, 0x97, 0x06, 0x53, 0xa0, 0xbe, 0x07, 0x42};
+
static test_data check1[] = {
-/* Covers the following cases
- * - 16 Byte key
- * - SHA 256
- * - Output size less than generator capacity
- */
-#ifdef ARCH_TEST_HKDF
-#ifdef ARCH_TEST_SHA256
-{"Test psa_generator_read to get 16 Byte data with SHA-256\n", 1, PSA_KEY_TYPE_DERIVE,
+
+{"Test psa_key_derivation_input_key 16 Byte Key\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ PSA_KEY_DERIVATION_INPUT_SECRET, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_key_derivation_input_key with invalid usage\n", 2, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ PSA_KEY_DERIVATION_INPUT_SECRET, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_NOT_PERMITTED
+},
+
+{"Test psa_key_derivation_input_key with step as label\n", 3, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ PSA_KEY_DERIVATION_INPUT_LABEL, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_key_derivation_input_key with step as info\n", 4, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ PSA_KEY_DERIVATION_INPUT_INFO, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_key_derivation_input_key with step as seed\n", 5, PSA_KEY_TYPE_DERIVE,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
- {0}, 0, {0}, 0, 32,
- 16, PSA_SUCCESS
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ PSA_KEY_DERIVATION_INPUT_SEED, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_key_derivation_input_key with step as salt\n", 6, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ PSA_KEY_DERIVATION_INPUT_SALT, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+#ifdef ARCH_TEST_AES_192
+{"Test psa_key_derivation_input_key with key type as AES(not derive)\n", 7, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9, 0x05},
+ AES_24B_KEY_SIZE, 0, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ PSA_KEY_DERIVATION_INPUT_SECRET, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT,
},
#endif
-/* Covers the following cases
- * - 32 Byte key
- * - SHA 512
- * - Output size equal to generator capacity
- */
-#ifdef ARCH_TEST_SHA512
-{"Test psa_generator_read to get 32 Byte data with SHA-512\n", 2, PSA_KEY_TYPE_DERIVE,
+
+{"Test psa_key_derivation_input_key incorrect key algorithm\n", 8, PSA_KEY_TYPE_DERIVE,
{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_512),
- {0}, 0, {0}, 0, 64,
- 64, PSA_SUCCESS
-},
-#endif
-
-/* Covers the following cases
- * - 8 Byte Key
- * - SHA 1
- * - Output size greater than the generator capacity
- */
-#ifdef ARCH_TEST_SHA1
-{"Test psa_generator_read to get 8 Byte data with SHA-1\n", 3, PSA_KEY_TYPE_DERIVE,
-{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_1),
- {0}, 0, {0}, 0, 64,
- 70, PSA_ERROR_INSUFFICIENT_DATA
+ AES_32B_KEY_SIZE, 0, PSA_KEY_USAGE_DERIVE, PSA_ALG_CTR, PSA_KEY_DERIVATION_INPUT_SECRET,
+ PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_ERROR_NOT_PERMITTED
},
-{"Test psa_generator_read to request maximum capacity\n", 4, PSA_KEY_TYPE_DERIVE,
-{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_1),
- {0}, 0, {0}, 0, (255 * 20),
- (255 * 20), PSA_SUCCESS
+#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
+#ifdef ARCH_TEST_RSA_2048
+{"Test psa_key_derivation_input_key 2048 RSA public key\n", 9, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ {0},
+ 270, 0, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256), PSA_KEY_DERIVATION_INPUT_SECRET,
+ PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ 2048, 270, PSA_ERROR_INVALID_ARGUMENT,
},
-{"Test psa_generator_read to request maximum capacity +1\n", 5, PSA_KEY_TYPE_DERIVE,
-{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_1),
- {0}, 0, {0}, 0, (255 * 20),
- ((255 * 20) + 1), PSA_ERROR_INSUFFICIENT_DATA
+{"Test psa_key_derivation_input_key with RSA 2048 keypair\n", 10, PSA_KEY_TYPE_RSA_KEY_PAIR,
+ {0},
+ 1193, 0, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256), PSA_KEY_DERIVATION_INPUT_SECRET,
+ PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ 2048, 1193, PSA_ERROR_INVALID_ARGUMENT,
},
#endif
#endif
+
+{"Test psa_key_derivation_input_key with zero as step\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ 0, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+};
+
+static test_data check2[] = {
+
+{"Test psa_key_derivation_input_key invalid handle\n", 11, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ PSA_KEY_DERIVATION_INPUT_SECRET, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_HANDLE
+},
};
diff --git a/api-tests/dev_apis/crypto/test_c018/test_entry.c b/api-tests/dev_apis/crypto/test_c018/test_entry_c018.c
similarity index 89%
rename from api-tests/dev_apis/crypto/test_c018/test_entry.c
rename to api-tests/dev_apis/crypto/test_c018/test_entry_c018.c
index 4ae7f2d9..13ee5969 100644
--- a/api-tests/dev_apis/crypto/test_c018/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c018/test_entry_c018.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,14 +20,15 @@
#include "test_c018.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 18)
-#define TEST_DESC "Testing crypto generator functions APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
void test_entry(val_api_t *val_api, psa_api_t *psa_api)
{
- int32_t status = VAL_STATUS_SUCCESS;
+ int32_t status = VAL_STATUS_SUCCESS;
val = val_api;
psa = psa_api;
diff --git a/api-tests/dev_apis/crypto/test_c019/test.cmake b/api-tests/dev_apis/crypto/test_c019/test.cmake
new file mode 100644
index 00000000..c2405580
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c019/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c019.c
+ test_c019.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c019/test_c019.c b/api-tests/dev_apis/crypto/test_c019/test_c019.c
index 3f0a670c..7593f8c9 100644
--- a/api-tests/dev_apis/crypto/test_c019/test_c019.c
+++ b/api-tests/dev_apis/crypto/test_c019/test_c019.c
@@ -19,26 +19,28 @@
#include "val_target.h"
#include "test_c019.h"
#include "test_data.h"
-#include "val_crypto.h"
client_test_t test_c019_crypto_list[] = {
NULL,
- psa_get_generator_capacity_test,
- psa_get_generator_capacity_negative_test,
+ psa_key_derivation_key_agreement_test,
+ psa_key_derivation_key_agreement_negative_test,
NULL,
};
-static int g_test_count = 1;
-static uint8_t data[BUFFER_SIZE];
+static int g_test_count = 1;
-int32_t psa_get_generator_capacity_test(security_t caller)
+int32_t psa_key_derivation_key_agreement_test(caller_security_t caller)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- uint32_t i, remaining_size;
- size_t capacity;
- psa_key_policy_t policy;
- psa_crypto_generator_t generator;
- int32_t status;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -49,112 +51,85 @@ int32_t psa_get_generator_capacity_test(security_t caller)
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- memset(&generator, 0, sizeof(generator));
- memset(data, 0, sizeof(data));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ /* Set up a key agreement operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_SETUP, &operation,
+ check1[i].key_alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Set up a key derivation operation. Using this function to initialize the generate as
- * XOR or PRNG generator initialization is not implemented.
- */
- status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator, check1[i].key_handle,
- check1[i].key_alg, check1[i].salt, check1[i].salt_length, check1[i].label,
- check1[i].label_length, check1[i].capacity);
+ /* Perform a key agreement */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT, &operation,
+ check1[i].step, check1[i].key_handle, check1[i].peer_key,
+ check1[i].peer_key_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
+
+ /* Abort the key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
- /* Retrieve the current capacity of a generator */
- status = val->crypto_function(VAL_CRYPTO_GET_GENERATOR_CAPACITY, &generator, &capacity);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(7));
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
if (check1[i].expected_status != PSA_SUCCESS)
- {
- /* Abort a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
-
- /* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
-
continue;
- }
-
- TEST_ASSERT_EQUAL(capacity, check1[i].capacity, TEST_CHECKPOINT_NUM(10));
-
- /* Generate random bytes */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_READ, &generator, data,
- check1[i].size);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
-
- remaining_size = check1[i].capacity - check1[i].size;
- /* Retrieve the current capacity of a generator */
- status = val->crypto_function(VAL_CRYPTO_GET_GENERATOR_CAPACITY, &generator, &capacity);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
-
- TEST_ASSERT_EQUAL(capacity, remaining_size, TEST_CHECKPOINT_NUM(13));
-
- /* Abort a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
-
- /* Destroy the key */
+ /* Destroy a key and restore the slot to its default state */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(15));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_get_generator_capacity_negative_test(security_t caller)
+int32_t psa_key_derivation_key_agreement_negative_test(caller_security_t caller)
{
- uint32_t i;
- size_t capacity;
- psa_crypto_generator_t generator[] = {psa_crypto_generator_init(),
- PSA_CRYPTO_GENERATOR_INIT, {0} };
- uint32_t generator_count = sizeof(generator)/sizeof(generator[0]);
- int32_t status;
+ int32_t i, status;
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, "Test psa_get_generator_capacity without setup\n", 0);
-
- for (i = 0; i < generator_count; i++)
+ for (i = 0; i < num_checks; i++)
{
- /* Retrieve the current capacity of a generator */
- status = val->crypto_function(VAL_CRYPTO_GET_GENERATOR_CAPACITY, &generator[i], &capacity);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(2));
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Abort a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator[i]);
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_SETUP, &operation,
+ check2[i].key_alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_key_derivation_key_agreement "
+ "- Invalid handle\n", g_test_count++);
+
+ /* Set up a key agreement operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT, &operation,
+ check2[i].step, check2[i].key_handle, check2[i].peer_key,
+ check2[i].peer_key_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_key_derivation_key_agreement"
+ " - Zero as handle\n", g_test_count++);
+
+ /* Set up a key agreement operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT, &operation,
+ check2[i].step, 0, check2[i].peer_key, check2[i].peer_key_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(5));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c019/test_c019.h b/api-tests/dev_apis/crypto/test_c019/test_c019.h
index d8924d3a..40f2a365 100644
--- a/api-tests/dev_apis/crypto/test_c019/test_c019.h
+++ b/api-tests/dev_apis/crypto/test_c019/test_c019.h
@@ -18,14 +18,14 @@
#define _TEST_C019_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c019)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c019)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c019_crypto_list[];
-int32_t psa_get_generator_capacity_test(security_t caller);
-int32_t psa_get_generator_capacity_negative_test(security_t caller);
+int32_t psa_key_derivation_key_agreement_test(caller_security_t caller);
+int32_t psa_key_derivation_key_agreement_negative_test(caller_security_t caller);
#endif /* _TEST_C019_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c019/test_data.h b/api-tests/dev_apis/crypto/test_c019/test_data.h
index 592d03e4..4ce7bd79 100644
--- a/api-tests/dev_apis/crypto/test_c019/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c019/test_data.h
@@ -18,52 +18,174 @@
#include "val_crypto.h"
typedef struct {
- char test_desc[75];
- psa_key_handle_t key_handle;
- psa_key_type_t key_type;
- uint8_t key_data[32];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
- uint8_t salt[16];
- size_t salt_length;
- uint8_t label[16];
- size_t label_length;
- size_t capacity;
- size_t size;
- psa_status_t expected_status;
+ char test_desc[85];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[91];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_key_derivation_step_t step;
+ uint8_t peer_key[120];
+ size_t peer_key_length;
+ psa_status_t expected_status;
} test_data;
+
static test_data check1[] = {
-/* Covers the following cases
- * - 16 Byte key
- * - SHA 256
- * - Output size less than generator capacity
- */
-#ifdef ARCH_TEST_HKDF
+#ifdef ARCH_TEST_ECDH
+#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
+{"Test psa_key_derivation_key_agreement - ECDH SECP256R1\n", 1,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
+ 0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET,
+{0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
+ 0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
+ 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
+ 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
+ 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
+ 65, PSA_SUCCESS
+},
+
+{"Test psa_key_derivation_key_agreement - Invalid step\n", 2,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
+ 0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_LABEL,
+{0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
+ 0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
+ 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
+ 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
+ 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
+ 65, PSA_ERROR_INVALID_ARGUMENT
+},
+
+#endif
+
+#ifdef ARCH_TEST_ECC_CURVE_SECP384R1
+{"Test psa_key_derivation_key_agreement - ECDH SECP384R1\n", 3,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1),
+{0x09, 0x9f, 0x3c, 0x70, 0x34, 0xd4, 0xa2, 0xc6, 0x99, 0x88, 0x4d, 0x73, 0xa3,
+ 0x75, 0xa6, 0x7f, 0x76, 0x24, 0xef, 0x7c, 0x6b, 0x3c, 0x0f, 0x16, 0x06, 0x47,
+ 0xb6, 0x74, 0x14, 0xdc, 0xe6, 0x55, 0xe3, 0x5b, 0x53, 0x80, 0x41, 0xe6, 0x49,
+ 0xee, 0x3f, 0xae, 0xf8, 0x96, 0x78, 0x3a, 0xb1, 0x94}, 48, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET,
+{0x04, 0xe5, 0x58,
+ 0xdb, 0xef, 0x53, 0xee, 0xcd, 0xe3, 0xd3, 0xfc, 0xcf, 0xc1, 0xae, 0xa0, 0x8a,
+ 0x89, 0xa9, 0x87, 0x47, 0x5d, 0x12, 0xfd, 0x95, 0x0d, 0x83, 0xcf, 0xa4, 0x17,
+ 0x32, 0xbc, 0x50, 0x9d, 0x0d, 0x1a, 0xc4, 0x3a, 0x03, 0x36, 0xde, 0xf9, 0x6f,
+ 0xda, 0x41, 0xd0, 0x77, 0x4a, 0x35, 0x71, 0xdc, 0xfb, 0xec, 0x7a, 0xac, 0xf3,
+ 0x19, 0x64, 0x72, 0x16, 0x9e, 0x83, 0x84, 0x30, 0x36, 0x7f, 0x66, 0xee, 0xbe,
+ 0x3c, 0x6e, 0x70, 0xc4, 0x16, 0xdd, 0x5f, 0x0c, 0x68, 0x75, 0x9d, 0xd1, 0xff,
+ 0xf8, 0x3f, 0xa4, 0x01, 0x42, 0x20, 0x9d, 0xff, 0x5e, 0xaa, 0xd9, 0x6d, 0xb9,
+ 0xe6, 0x38, 0x6c}, 97,
+ PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
+{"Test psa_key_derivation_key_agreement - Invalid usage\n", 4,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
+ 0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_ENCRYPT,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET,
+{0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
+ 0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
+ 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
+ 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
+ 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
+ 65,
+ PSA_ERROR_NOT_PERMITTED
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
#ifdef ARCH_TEST_SHA256
-{"Test psa_generator_get_capacity to get 16 Byte data with SHA-256\n", 1, PSA_KEY_TYPE_DERIVE,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
- {0}, 0, {0}, 0, 32,
- 16, PSA_SUCCESS
+#ifdef ARCH_TEST_HKDF
+{"Test psa_key_derivation_key_agreement - KDF instead of a key agreement algorithm\n", 5,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
+ 0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ PSA_KEY_DERIVATION_INPUT_SECRET,
+{0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
+ 0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
+ 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
+ 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
+ 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
+ 65,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_ECDH
+{"Test psa_key_derivation_key_agreement - Public key on different curve\n", 6,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
+ 0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET,
+{0x04, 0xe5, 0x58,
+ 0xdb, 0xef, 0x53, 0xee, 0xcd, 0xe3, 0xd3, 0xfc, 0xcf, 0xc1, 0xae, 0xa0, 0x8a,
+ 0x89, 0xa9, 0x87, 0x47, 0x5d, 0x12, 0xfd, 0x95, 0x0d, 0x83, 0xcf, 0xa4, 0x17,
+ 0x32, 0xbc, 0x50, 0x9d, 0x0d, 0x1a, 0xc4, 0x3a, 0x03, 0x36, 0xde, 0xf9, 0x6f,
+ 0xda, 0x41, 0xd0, 0x77, 0x4a, 0x35, 0x71, 0xdc, 0xfb, 0xec, 0x7a, 0xac, 0xf3,
+ 0x19, 0x64, 0x72, 0x16, 0x9e, 0x83, 0x84, 0x30, 0x36, 0x7f, 0x66, 0xee, 0xbe,
+ 0x3c, 0x6e, 0x70, 0xc4, 0x16, 0xdd, 0x5f, 0x0c, 0x68, 0x75, 0x9d, 0xd1, 0xff,
+ 0xf8, 0x3f, 0xa4, 0x01, 0x42, 0x20, 0x9d, 0xff, 0x5e, 0xaa, 0xd9, 0x6d, 0xb9,
+ 0xe6, 0x38, 0x6c}, 97,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_key_derivation_key_agreement - Public key instead of private key\n", 7,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+{0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
+ 0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
+ 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
+ 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
+ 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
+ 65, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET,
+{0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
+ 0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
+ 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
+ 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
+ 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
+ 65, PSA_ERROR_INVALID_ARGUMENT
},
#endif
+#endif
+};
-/* Covers the following cases
- * - 32 Byte key
- * - SHA 512
- * - Output size equal to generator capacity
- */
-#ifdef ARCH_TEST_SHA512
-{"Test psa_generator_get_capacity to get 32 Byte data with SHA-512\n", 2, PSA_KEY_TYPE_DERIVE,
-{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
- 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
- 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_512),
- {0}, 0, {0}, 0, 64,
- 64, PSA_SUCCESS
+static test_data check2[] = {
+#ifdef ARCH_TEST_ECDH
+#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
+{"Test psa_key_derivation_key_agreement - Negative case\n", 8,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
+ 0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET,
+{0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
+ 0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
+ 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
+ 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
+ 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
+ 65,
+ PSA_ERROR_INVALID_HANDLE
},
#endif
#endif
diff --git a/api-tests/dev_apis/crypto/test_c019/test_entry.c b/api-tests/dev_apis/crypto/test_c019/test_entry_c019.c
similarity index 93%
rename from api-tests/dev_apis/crypto/test_c019/test_entry.c
rename to api-tests/dev_apis/crypto/test_c019/test_entry_c019.c
index b1c5b150..8d58d19f 100644
--- a/api-tests/dev_apis/crypto/test_c019/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c019/test_entry_c019.c
@@ -20,14 +20,15 @@
#include "test_c019.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 19)
-#define TEST_DESC "Testing crypto generator functions APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
void test_entry(val_api_t *val_api, psa_api_t *psa_api)
{
- int32_t status = VAL_STATUS_SUCCESS;
+ int32_t status = VAL_STATUS_SUCCESS;
val = val_api;
psa = psa_api;
diff --git a/api-tests/dev_apis/crypto/test_c020/source.mk b/api-tests/dev_apis/crypto/test_c020/source.mk
deleted file mode 100644
index 96665a21..00000000
--- a/api-tests/dev_apis/crypto/test_c020/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c020.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c020/test.cmake b/api-tests/dev_apis/crypto/test_c020/test.cmake
new file mode 100644
index 00000000..8ceb228b
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c020/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c020.c
+ test_c020.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c020/test_c020.c b/api-tests/dev_apis/crypto/test_c020/test_c020.c
index 0363d03f..b4f40370 100644
--- a/api-tests/dev_apis/crypto/test_c020/test_c020.c
+++ b/api-tests/dev_apis/crypto/test_c020/test_c020.c
@@ -21,30 +21,27 @@
#include "test_data.h"
#include "val_crypto.h"
-#define SLOT_1 0
-#define SLOT_2 1
-#define SLOT_3 2
-#define SLOT_4 3
-
client_test_t test_c020_crypto_list[] = {
NULL,
- psa_generator_import_key_test,
- psa_generator_import_key_negative_test,
+ psa_key_derivation_output_bytes_test,
NULL,
};
-static int g_test_count = 1;
-static uint8_t data[BUFFER_SIZE];
-static psa_crypto_generator_t generator;
+static int g_test_count = 1;
+static uint8_t output[BUFFER_SIZE];
-int32_t psa_generator_import_key_test(security_t caller)
+int32_t psa_key_derivation_output_bytes_test(caller_security_t caller)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- uint32_t i, j, data_sum, remaining_size, length = 0;
- uint32_t salt = 0, label = 0;
- size_t salt_length = 0, label_length = 0;
- psa_key_policy_t policy;
- int32_t status;
+ uint32_t i, status;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -55,274 +52,84 @@ int32_t psa_generator_import_key_test(security_t caller)
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- memset(&generator, 0, sizeof(generator));
- memset(data, 0, sizeof(data));
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage[SLOT_1],
- check1[i].key_alg[SLOT_1]);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle[SLOT_1]);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+ /* Import the key if the derivation input is key */
+ if (check1[i].step == PSA_KEY_DERIVATION_INPUT_SECRET)
+ {
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+ }
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle[SLOT_1],
- &policy);
+ /* Start the key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_SETUP, &operation,
+ check1[i].key_alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle[SLOT_1],
- check1[i].key_type[SLOT_1], check1[i].key_data, check1[i].key_length);
+ /* Set the capacity for the generator */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY, &operation,
+ check1[i].capacity);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
- /* Set up a key derivation operation. Using this function to initialize the generate as
- * XOR or PRNG generator initialization is not implemented.
- */
- status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator,
- check1[i].key_handle[SLOT_1], check1[i].key_alg[SLOT_1], &salt, salt_length,
- &label, label_length, check1[i].capacity);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage[SLOT_2],
- check1[i].key_alg[SLOT_2]);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle[SLOT_2]);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle[SLOT_2],
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
-
- /* Create a symmetric key from data read from a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_IMPORT_KEY, check1[i].key_handle[SLOT_2],
- check1[i].key_type[SLOT_2], BYTES_TO_BITS(check1[i].size), &generator);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(9));
-
- if (check1[i].expected_status != PSA_SUCCESS)
+ /* Provide input as key or data depending on the step */
+ if (check1[i].step == PSA_KEY_DERIVATION_INPUT_SECRET)
{
- /* Abort a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
-
- /* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle[SLOT_1]);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
-
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle[SLOT_2]);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
-
- continue;
+ /* Provide an input for key derivation or key agreement */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_KEY, &operation,
+ check1[i].step, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
}
-
- /* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_handle[SLOT_2], data,
- BUFFER_SIZE, &length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(13));
-
- TEST_ASSERT_EQUAL(length, check1[i].size, TEST_CHECKPOINT_NUM(14));
-
- data_sum = 0;
- /* Check that if generated data are zero */
- for (j = 0; j < check1[i].size; j++)
+ else
{
- data_sum += data[j];
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES, &operation,
+ check1[i].step, check1[i].data, check1[i].data_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
}
- memset(data, 0, sizeof(data));
- TEST_ASSERT_NOT_EQUAL(data_sum, 0, TEST_CHECKPOINT_NUM(15));
+ /* Read some data from a key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES, &operation, output,
+ check1[i].output_size);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(8));
- remaining_size = check1[i].capacity - check1[i].size;
- if (remaining_size > 0)
+ if (check1[i].step == PSA_KEY_DERIVATION_INPUT_SECRET)
{
- length = 0;
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage[SLOT_2],
- check1[i].key_alg[SLOT_2]);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle[SLOT_3]);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(16));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle[SLOT_3],
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(17));
-
- /* Create a symmetric key from data read from a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_IMPORT_KEY,
- check1[i].key_handle[SLOT_3], check1[i].key_type[SLOT_2],
- BYTES_TO_BITS(check1[i].size), &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(18));
-
- /* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_handle[SLOT_3], data,
- BUFFER_SIZE, &length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(19));
-
- TEST_ASSERT_EQUAL(length, remaining_size, TEST_CHECKPOINT_NUM(20));
-
- data_sum = 0;
- /* Check that if generated data are zero */
- for (j = 0; j < remaining_size; j++)
- {
- data_sum += data[j];
- }
-
- memset(data, 0, sizeof(data));
- TEST_ASSERT_NOT_EQUAL(data_sum, 0, TEST_CHECKPOINT_NUM(21));
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage[SLOT_2],
- check1[i].key_alg[SLOT_2]);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle[SLOT_4]);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(22));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle[SLOT_4],
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(23));
-
- /* Create a symmetric key from data read from a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_IMPORT_KEY,
- check1[i].key_handle[SLOT_4], check1[i].key_type[SLOT_2],
- BYTES_TO_BITS(check1[i].size), &generator);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INSUFFICIENT_DATA, TEST_CHECKPOINT_NUM(24));
-
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle[SLOT_3]);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(25));
-
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle[SLOT_4]);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(26));
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
}
- /* Abort a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(27));
-
- /* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle[SLOT_1]);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(28));
-
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle[SLOT_2]);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(29));
- }
-
- return VAL_STATUS_SUCCESS;
-}
-
-int32_t psa_generator_import_key_negative_test(security_t caller)
-{
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- int32_t i, status;
- uint32_t salt = 0, label = 0;
- size_t salt_length = 0, label_length = 0;
- uint8_t data[BUFFER_SIZE];
- psa_key_policy_t policy;
-
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
-
- for (i = 0; i < num_checks; i++)
- {
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
-
- memset(&generator, 0, sizeof(generator));
- memset(data, 0, sizeof(data));
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage[SLOT_1],
- check2[i].key_alg[SLOT_1]);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle[SLOT_1]);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle[SLOT_1],
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
-
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_handle[SLOT_1],
- check2[i].key_type[SLOT_1], check2[i].key_data, check2[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Set up a key derivation operation. Using this function to initialize the generate as
- * XOR or PRNG generator initialization is not implemented.
- */
- status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator,
- check2[i].key_handle[SLOT_1], check2[i].key_alg[SLOT_1], &salt, salt_length,
- &label, label_length, check2[i].capacity);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_generator_import_key with invalid handle\n",
- g_test_count++);
- /* Create a symmetric key from data read from a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_IMPORT_KEY, check2[i].key_handle[SLOT_2],
- check2[i].key_type[SLOT_2], check2[i].size, &generator);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(7));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_generator_import_key with zero handle\n",
- g_test_count++);
- /* Create a symmetric key from data read from a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_IMPORT_KEY, ZERO_KEY_SLOT,
- check2[i].key_type[SLOT_2], check2[i].size, &generator);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(7));
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
- val->print(PRINT_TEST, "[Check %d] Test psa_generator_import_key with"
- " pre-occupied key slot\n", g_test_count++);
- /* Create a symmetric key from data read from a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_IMPORT_KEY, check2[i].key_handle[SLOT_1],
- check2[i].key_type[SLOT_2], check2[i].size, &generator);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_ALREADY_EXISTS, TEST_CHECKPOINT_NUM(9));
+ continue;
+ }
- /* Abort a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ /* Read some data from a key derivation operation with no data in the operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES, &operation, output,
+ check1[i].output_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INSUFFICIENT_DATA, TEST_CHECKPOINT_NUM(11));
- /* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle[SLOT_1]);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ /* Abort the derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+ /* Expect bad state when derivation is called on an aborted operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES, &operation,
+ output, 0);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(13));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c020/test_c020.h b/api-tests/dev_apis/crypto/test_c020/test_c020.h
index 9584befd..3e3cdb3c 100644
--- a/api-tests/dev_apis/crypto/test_c020/test_c020.h
+++ b/api-tests/dev_apis/crypto/test_c020/test_c020.h
@@ -18,14 +18,13 @@
#define _TEST_C020_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c020)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c020)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c020_crypto_list[];
-int32_t psa_generator_import_key_test(security_t caller);
-int32_t psa_generator_import_key_negative_test(security_t caller);
+int32_t psa_key_derivation_output_bytes_test(caller_security_t caller);
#endif /* _TEST_C020_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c020/test_data.h b/api-tests/dev_apis/crypto/test_c020/test_data.h
index 512625dc..e1c6bbfb 100644
--- a/api-tests/dev_apis/crypto/test_c020/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c020/test_data.h
@@ -18,105 +18,61 @@
#include "val_crypto.h"
typedef struct {
- char test_desc[75];
- psa_key_handle_t key_handle[4];
- psa_key_type_t key_type[2];
- uint8_t key_data[32];
- uint32_t key_length;
- psa_key_usage_t usage[2];
- psa_algorithm_t key_alg[2];
- size_t capacity;
- size_t size;
- psa_status_t expected_status;
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[34];
+ uint32_t key_length;
+ size_t output_size;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_key_derivation_step_t step;
+ size_t capacity;
+ uint8_t data[16];
+ size_t data_length;
+ psa_status_t expected_status;
} test_data;
static test_data check1[] = {
-#ifdef ARCH_TEST_HKDF
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-#ifdef ARCH_TEST_SHA256
-{"Test psa_generator_import_key for 16 Byte AES Key\n", {1, 2, 3, 4},
-{PSA_KEY_TYPE_DERIVE, PSA_KEY_TYPE_AES},
+{"Test psa_key_derivation_output_bytes - Key\n", 1, PSA_KEY_TYPE_DERIVE,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, {PSA_KEY_USAGE_DERIVE, PSA_KEY_USAGE_EXPORT},
- {PSA_ALG_HKDF(PSA_ALG_SHA_256), PSA_ALG_CTR},
- 32, 16, PSA_SUCCESS
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, 42, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET, 42, {0}, 0,
+ PSA_SUCCESS
},
-#endif
-#endif
-#ifdef ARCH_TEST_SHA512
-#ifdef ARCH_TEST_DES_3KEY
-{"Test psa_generator_import_key for Triple DES 3-Key\n", {5, 6, 7, 8},
-{PSA_KEY_TYPE_DERIVE, PSA_KEY_TYPE_DES},
-{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
- 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
- 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, {PSA_KEY_USAGE_DERIVE, PSA_KEY_USAGE_EXPORT},
-{PSA_ALG_HKDF(PSA_ALG_SHA_512), PSA_ALG_CTR},
- DES3_3KEY_SIZE, DES3_3KEY_SIZE, PSA_SUCCESS
+{"Test psa_key_derivation_output_bytes - Info\n", 2, PSA_KEY_TYPE_DERIVE,
+{0}, 0, 42, 0, PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_INFO, 42, "This is the info", 16,
+ PSA_SUCCESS
},
-#endif
-#endif
-#ifdef ARCH_TEST_SHA1
-#ifdef ARCH_TEST_AES
-{"Test psa_generator_import_key output greater than capacity\n", {9, 10, 11, 12},
-{PSA_KEY_TYPE_DERIVE, PSA_KEY_TYPE_AES},
-{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, {PSA_KEY_USAGE_DERIVE, PSA_KEY_USAGE_EXPORT},
-{PSA_ALG_HKDF(PSA_ALG_SHA_1), PSA_ALG_CTR},
- 64, 80, PSA_ERROR_INSUFFICIENT_DATA
+{"Test psa_key_derivation_output_bytes - Salt\n", 3, PSA_KEY_TYPE_DERIVE,
+{0}, 0, 42, 0, PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SALT, 42, "This is the info", 16,
+ PSA_ERROR_BAD_STATE
},
-#endif
-#endif
-#ifdef ARCH_TEST_SHA256
-#ifdef ARCH_TEST_RSA
-{"Test psa_generator_import_key for RSA Public Key - Invalid type\n", {13, 14, 15, 16},
-{PSA_KEY_TYPE_DERIVE, PSA_KEY_TYPE_RSA_PUBLIC_KEY},
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, {PSA_KEY_USAGE_DERIVE, PSA_KEY_USAGE_EXPORT},
-{PSA_ALG_HKDF(PSA_ALG_SHA_256), PSA_ALG_CTR},
- 32, 16, PSA_ERROR_INVALID_ARGUMENT
+{"Test psa_key_derivation_output_bytes - Label\n", 4, PSA_KEY_TYPE_DERIVE,
+{0}, 0, 42, 0, PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_LABEL, 42, "This is the info", 16,
+ PSA_ERROR_BAD_STATE
},
-#endif
-#endif
-#ifdef ARCH_TEST_SHA256
-#ifdef ARCH_TEST_AES_128
-{"Test psa_generator_import_key for invalid byte for generation\n", {20, 21, 22, 23},
-{PSA_KEY_TYPE_DERIVE, PSA_KEY_TYPE_AES},
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, {PSA_KEY_USAGE_DERIVE, PSA_KEY_USAGE_EXPORT},
-{PSA_ALG_HKDF(PSA_ALG_SHA_256), PSA_ALG_CTR},
- 32, 10, PSA_ERROR_INVALID_ARGUMENT
+{"Test psa_key_derivation_output_bytes - Seed\n", 5, PSA_KEY_TYPE_DERIVE,
+{0}, 0, 42, 0, PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SEED, 42, "This is the info", 16,
+ PSA_ERROR_BAD_STATE
},
-#endif
-#endif
-#endif
-#endif
-};
-static test_data check2[] = {
-#ifdef ARCH_TEST_HKDF
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-#ifdef ARCH_TEST_SHA256
-{"Test psa_generator_import_key negative cases\n",
-{17, 18, 18, 18},
-{PSA_KEY_TYPE_DERIVE, PSA_KEY_TYPE_AES},
+{"Test psa_key_derivation_output_bytes - Greater Capacity than available\n", 6, PSA_KEY_TYPE_DERIVE,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, {PSA_KEY_USAGE_DERIVE, PSA_KEY_USAGE_EXPORT},
-{PSA_ALG_HKDF(PSA_ALG_SHA_256), PSA_ALG_CTR},
- 32, BYTES_TO_BITS(8), PSA_ERROR_INVALID_HANDLE
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, BUFFER_SIZE, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET, 42, {0}, 0,
+ PSA_ERROR_INSUFFICIENT_DATA,
},
-#endif
-#endif
-#endif
-#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c020/test_entry.c b/api-tests/dev_apis/crypto/test_c020/test_entry_c020.c
similarity index 96%
rename from api-tests/dev_apis/crypto/test_c020/test_entry.c
rename to api-tests/dev_apis/crypto/test_c020/test_entry_c020.c
index c109392c..283df1c1 100644
--- a/api-tests/dev_apis/crypto/test_c020/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c020/test_entry_c020.c
@@ -20,7 +20,8 @@
#include "test_c020.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 20)
-#define TEST_DESC "Testing crypto generator functions APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c021/source.mk b/api-tests/dev_apis/crypto/test_c021/source.mk
deleted file mode 100644
index 39736c8d..00000000
--- a/api-tests/dev_apis/crypto/test_c021/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c021.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c021/test.cmake b/api-tests/dev_apis/crypto/test_c021/test.cmake
new file mode 100644
index 00000000..e1a7891b
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c021/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c021.c
+ test_c021.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c021/test_c021.c b/api-tests/dev_apis/crypto/test_c021/test_c021.c
index 7a3c39ca..78a3571b 100644
--- a/api-tests/dev_apis/crypto/test_c021/test_c021.c
+++ b/api-tests/dev_apis/crypto/test_c021/test_c021.c
@@ -21,21 +21,31 @@
#include "test_data.h"
#include "val_crypto.h"
+#define SLOT_1 1
+#define SLOT_2 2
+
client_test_t test_c021_crypto_list[] = {
NULL,
- psa_generator_abort_test,
+ psa_key_derivation_output_key_test,
NULL,
};
-static int g_test_count = 1;
-static uint8_t data[BUFFER_SIZE];
+static int g_test_count = 1;
-int32_t psa_generator_abort_test(security_t caller)
+int32_t psa_key_derivation_output_key_test(caller_security_t caller)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- int32_t i, status;
- psa_key_policy_t policy;
- psa_crypto_generator_t generator;
+ uint32_t i, status;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_handle_t key_handle[2];
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_attributes_t derv_attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -43,72 +53,93 @@ int32_t psa_generator_abort_test(security_t caller)
for (i = 0; i < num_checks; i++)
{
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- memset(&generator, 0, sizeof(generator));
- memset(data, 0, sizeof(data));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_generator_abort on empty generator\n",
- g_test_count++);
- /* Abort an empty generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check1[i].test_desc, 0);
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+
+ /* Import the key if the derivation input is key */
+ if (check1[i].step == PSA_KEY_DERIVATION_INPUT_SECRET)
+ {
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+ }
+
+ /* Start the key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_SETUP, &operation,
+ check1[i].key_alg);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ /* Set the capacity for the generator */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY, &operation,
+ check1[i].capacity);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
- /* Set up a key derivation operation. Using this function to initialize the generate as
- * XOR or PRNG generator initialization is not implemented.
- */
- status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator, check1[i].key_handle,
- check1[i].key_alg, check1[i].salt, check1[i].salt_length, check1[i].label,
- check1[i].label_length, check1[i].capacity);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Abort the generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
-
- /* Generate random bytes */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_READ, &generator, data, check1[i].size);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(8));
-
- val->print(PRINT_TEST, "[Check %d] Multiple psa_generator_abort test\n", g_test_count++);
- /* Abort the generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
-
- /* Abort the generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
-
- /* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+ /* Provide input as key or data depending on the step */
+ if (check1[i].step == PSA_KEY_DERIVATION_INPUT_SECRET)
+ {
+ /* Provide an input for key derivation or key agreement */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_KEY, &operation,
+ check1[i].step, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ }
+ else
+ {
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES, &operation,
+ check1[i].step, check1[i].data, check1[i].data_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ }
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &derv_attributes, check1[i].derive_key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &derv_attributes, check1[i].derive_key_bits);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &derv_attributes,
+ check1[i].derive_key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &derv_attributes,
+ check1[i].derive_usage);
+
+ /* Derive a key from an ongoing key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY, &derv_attributes,
+ &operation, &key_handle[SLOT_1]);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(8));
+
+ if (check1[i].step == PSA_KEY_DERIVATION_INPUT_SECRET)
+ {
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+
+ }
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+
+ continue;
+ }
+
+ /* Read some key from a key derivation operation with no data in the operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY, &derv_attributes,
+ &operation, &key_handle[SLOT_2]);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INSUFFICIENT_DATA, TEST_CHECKPOINT_NUM(11));
+
+ /* Abort the derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+
+ /* Expect bad state when derivation is called on an aborted operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY, &derv_attributes,
+ &operation, &key_handle[SLOT_2]);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(13));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c021/test_c021.h b/api-tests/dev_apis/crypto/test_c021/test_c021.h
index 77b0783d..787fa99f 100644
--- a/api-tests/dev_apis/crypto/test_c021/test_c021.h
+++ b/api-tests/dev_apis/crypto/test_c021/test_c021.h
@@ -18,13 +18,13 @@
#define _TEST_C021_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c021)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c021)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c021_crypto_list[];
-int32_t psa_generator_abort_test(security_t caller);
+int32_t psa_key_derivation_output_key_test(caller_security_t caller);
#endif /* _TEST_C021_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c021/test_data.h b/api-tests/dev_apis/crypto/test_c021/test_data.h
index 6f42e9e4..6a31c78c 100644
--- a/api-tests/dev_apis/crypto/test_c021/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c021/test_data.h
@@ -18,34 +18,153 @@
#include "val_crypto.h"
typedef struct {
- char test_desc[75];
- psa_key_handle_t key_handle;
- psa_key_type_t key_type;
- uint8_t key_data[32];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
- uint8_t salt[16];
- size_t salt_length;
- uint8_t label[16];
- size_t label_length;
- size_t capacity;
- size_t size;
- psa_status_t expected_status;
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[34];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_key_derivation_step_t step;
+ size_t capacity;
+ uint8_t data[16];
+ size_t data_length;
+ psa_key_type_t derive_key_type;
+ size_t derive_key_bits;
+ psa_key_usage_t derive_usage;
+ psa_algorithm_t derive_key_alg;
+ psa_status_t expected_status;
} test_data;
static test_data check1[] = {
-#ifdef ARCH_TEST_HKDF
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_SHA256
-{"Test psa_generator_abort\n", 1, PSA_KEY_TYPE_DERIVE,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
- {0}, 0, {0}, 0, 32,
- 16, PSA_SUCCESS
-},
-#endif
-#endif
-#endif
+{"Test psa_key_derivation_output_key - Key\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET, 32, {0}, 0,
+ PSA_KEY_TYPE_AES, BYTES_TO_BITS(AES_32B_KEY_SIZE), PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CTR,
+ PSA_SUCCESS
+},
+
+{"Test psa_key_derivation_output_key - Info\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_INFO, 32, "This is the info", 16,
+ PSA_KEY_TYPE_AES, BYTES_TO_BITS(AES_32B_KEY_SIZE), PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CTR,
+ PSA_SUCCESS
+},
+
+{"Test psa_key_derivation_output_key - Label\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_LABEL, 32, "This is the info", 16,
+ PSA_KEY_TYPE_AES, BYTES_TO_BITS(AES_32B_KEY_SIZE), PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CTR,
+ PSA_SUCCESS
+},
+
+{"Test psa_key_derivation_output_key - Seed\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SEED, 32, "This is the info", 16,
+ PSA_KEY_TYPE_AES, BYTES_TO_BITS(AES_32B_KEY_SIZE), PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CTR,
+ PSA_SUCCESS
+},
+
+{"Test psa_key_derivation_output_key - Salt\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SALT, 32, "This is the info", 16,
+ PSA_KEY_TYPE_AES, BYTES_TO_BITS(AES_32B_KEY_SIZE), PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CTR,
+ PSA_SUCCESS
+},
+
+{"Test psa_key_derivation_output_key - DES key export\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET, 32, {0}, 0,
+ PSA_KEY_TYPE_DES, BYTES_TO_BITS(DES3_3KEY_SIZE), PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CTR,
+ PSA_SUCCESS
+},
+
+{"Test psa_key_derivation_output_key - Greater Capacity than available\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET, 16, {0}, 0,
+ PSA_KEY_TYPE_AES, BYTES_TO_BITS(AES_32B_KEY_SIZE), PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CTR,
+ PSA_ERROR_INSUFFICIENT_DATA
+},
+
+{"Test psa_key_derivation_output_key - ECC Public key\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET, 256, {0}, 0,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1), 256, PSA_KEY_USAGE_EXPORT,
+ PSA_ERROR_NOT_SUPPORTED,
+},
+
+{"Test psa_key_derivation_output_key - ECC keypair\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET, 224, {0}, 0,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1), 224, PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ PSA_SUCCESS
+},
+
+{"Test psa_key_derivation_output_key - RSA Public Key", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET, 256, {0}, 0,
+ PSA_KEY_TYPE_RSA_PUBLIC_KEY, 2048, PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ PSA_ERROR_NOT_SUPPORTED,
+},
+
+{"Test psa_key_derivation_output_key - RSA keypair\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET, 256, {0}, 0,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1), 2046, PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ PSA_SUCCESS
+},
+
+{"Test psa_key_derivation_output_key - Invalid key size\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)),
+ PSA_KEY_DERIVATION_INPUT_SECRET, 32, {0}, 0,
+ PSA_KEY_TYPE_AES, BYTES_TO_BITS(AES_18B_KEY_SIZE), PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CTR,
+ PSA_ERROR_NOT_SUPPORTED
+},
};
diff --git a/api-tests/dev_apis/crypto/test_c021/test_entry.c b/api-tests/dev_apis/crypto/test_c021/test_entry_c021.c
similarity index 96%
rename from api-tests/dev_apis/crypto/test_c021/test_entry.c
rename to api-tests/dev_apis/crypto/test_c021/test_entry_c021.c
index 621cd978..18883dc8 100644
--- a/api-tests/dev_apis/crypto/test_c021/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c021/test_entry_c021.c
@@ -20,7 +20,8 @@
#include "test_c021.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 21)
-#define TEST_DESC "Testing crypto generator functions APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c022/source.mk b/api-tests/dev_apis/crypto/test_c022/source.mk
deleted file mode 100644
index cd406017..00000000
--- a/api-tests/dev_apis/crypto/test_c022/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c022.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c022/test.cmake b/api-tests/dev_apis/crypto/test_c022/test.cmake
new file mode 100644
index 00000000..c095e550
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c022/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c022.c
+ test_c022.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c022/test_c022.c b/api-tests/dev_apis/crypto/test_c022/test_c022.c
index 049e8d1d..1949c73d 100644
--- a/api-tests/dev_apis/crypto/test_c022/test_c022.c
+++ b/api-tests/dev_apis/crypto/test_c022/test_c022.c
@@ -24,174 +24,46 @@
client_test_t test_c022_crypto_list[] = {
NULL,
- psa_key_derivation_test,
- psa_key_derivation_negative_test,
+ psa_key_derivation_abort_test,
NULL,
};
static int g_test_count = 1;
-static uint8_t data[BUFFER_SIZE];
+static uint8_t output[BUFFER_SIZE];
-int32_t psa_key_derivation_test(security_t caller)
+int32_t psa_key_derivation_abort_test(caller_security_t caller)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- int32_t i, status;
- size_t capacity;
- psa_key_policy_t policy;
- psa_crypto_generator_t generator;
+ int32_t status;
+ psa_key_derivation_operation_t func = psa_key_derivation_operation_init();
+ psa_key_derivation_operation_t init = PSA_KEY_DERIVATION_OPERATION_INIT;
+ psa_key_derivation_operation_t zero;
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
-
- for (i = 0; i < num_checks; i++)
- {
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check1[i].test_desc, 0);
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
-
- memset(&generator, 0, sizeof(generator));
- memset(data, 0, sizeof(data));
- capacity = 0;
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
-
- /* Set up a key derivation operation. Using this function to initialize the generate as
- * XOR or PRNG generator initialization is not implemented.
- */
- status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator,
- check1[i].key_handle, check1[i].key_alg, check1[i].salt,
- check1[i].salt_length, check1[i].label, check1[i].label_length,
- check1[i].capacity);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
-
- if (check1[i].expected_status != PSA_SUCCESS)
- {
- /* Abort the generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
-
- continue;
- }
-
- /* Retrieve the current capacity of a generator */
- status = val->crypto_function(VAL_CRYPTO_GET_GENERATOR_CAPACITY, &generator, &capacity);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
-
- TEST_ASSERT_EQUAL(capacity, check1[i].capacity, TEST_CHECKPOINT_NUM(9));
-
- /* Abort the generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
-
- /* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
- }
-
- return VAL_STATUS_SUCCESS;
-}
-
-int32_t psa_key_derivation_negative_test(security_t caller)
-{
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- int32_t i, status;
- psa_key_policy_t policy;
- psa_key_handle_t empty_key_handle;
- psa_crypto_generator_t generator;
+ memset(&zero, 0, sizeof(zero));
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
- for (i = 0; i < num_checks; i++)
- {
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
-
- memset(&generator, 0, sizeof(generator));
- memset(data, 0, sizeof(data));
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- val->print(PRINT_TEST, "[Check %d] Test psa_key_derivation with Invalid key handle\n",
- g_test_count++);
- /* Set up a key derivation operation. Using this function to initialize the generate as
- * XOR or PRNG generator initialization is not implemented.
- */
- status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator,
- check2[i].key_handle, check2[i].key_alg, check2[i].salt,
- check2[i].salt_length, check2[i].label, check2[i].label_length,
- check2[i].capacity);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "Test psa_key_derivation_abort\n", 0);
- val->print(PRINT_TEST, "[Check %d] Test psa_key_derivation with Zero as key handle\n",
- g_test_count++);
- /* Set up a key derivation operation. Using this function to initialize the generate as
- * XOR or PRNG generator initialization is not implemented.
- */
- status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator,
- 0, check2[i].key_alg, check2[i].salt,
- check2[i].salt_length, check2[i].label, check2[i].label_length,
- check2[i].capacity);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(7));
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &func);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
- val->print(PRINT_TEST, "[Check %d] Test psa_key_derivation with Empty key handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &empty_key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &init);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, empty_key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &zero);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
- /* Set up a key derivation operation. Using this function to initialize the generate as
- * XOR or PRNG generator initialization is not implemented.
- */
- status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator,
- empty_key_handle, check2[i].key_alg, check2[i].salt,
- check2[i].salt_length, check2[i].label, check2[i].label_length,
- check2[i].capacity);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(10));
- }
+ /* Read some data from a key derivation operation with no data in the operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES, &func, output,
+ BUFFER_SIZE);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(6));
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c022/test_c022.h b/api-tests/dev_apis/crypto/test_c022/test_c022.h
index 1339ec79..78233706 100644
--- a/api-tests/dev_apis/crypto/test_c022/test_c022.h
+++ b/api-tests/dev_apis/crypto/test_c022/test_c022.h
@@ -18,14 +18,13 @@
#define _TEST_C022_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c022)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c022)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c022_crypto_list[];
-int32_t psa_key_derivation_test(security_t caller);
-int32_t psa_key_derivation_negative_test(security_t caller);
+int32_t psa_key_derivation_abort_test(caller_security_t caller);
#endif /* _TEST_C022_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c022/test_data.h b/api-tests/dev_apis/crypto/test_c022/test_data.h
index 7dcc94f0..dc0c03e9 100644
--- a/api-tests/dev_apis/crypto/test_c022/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c022/test_data.h
@@ -17,126 +17,4 @@
#include "val_crypto.h"
-typedef struct {
- char test_desc[75];
- psa_key_handle_t key_handle;
- psa_key_type_t key_type;
- uint8_t key_data[32];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
- const uint8_t salt[16];
- size_t salt_length;
- const uint8_t label[16];
- size_t label_length;
- size_t capacity;
- psa_status_t expected_status;
-} test_data;
-
-static test_data check1[] = {
-#ifdef ARCH_TEST_HKDF
-#ifdef ARCH_TEST_SHA256
-{"Test psa_key_derivation to get 16 Byte data with SHA-256\n", 1, PSA_KEY_TYPE_DERIVE,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
- {0}, 0, {0}, 0, 32,
- PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_SHA512
-{"Test psa_key_derivation to get 32 Byte data with SHA-512\n", 2, PSA_KEY_TYPE_DERIVE,
-{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
- 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
- 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_512),
- {0}, 0, {0}, 0, 64,
- PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_MD5
-{"Test psa_key_derivation to get 32 Byte data with MD-5\n", 3, PSA_KEY_TYPE_DERIVE,
-{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
- 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
- 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_MD5),
- {0}, 0, {0}, 0, 64,
- PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_SHA256
-{"Test psa_key_derivation to get 16 Byte data with salt and label\n", 4, PSA_KEY_TYPE_DERIVE,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
- "abcdefghijklmnop", 16, "This is a label", 15, 32,
- PSA_SUCCESS
-},
-#endif
-
-#ifdef ARCH_TEST_SHA1
-{"Test psa_key_derivation with too large capacity for alg and key\n", 6, PSA_KEY_TYPE_DERIVE,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_1),
- {0}, 0, {0}, 0, 5200,
- PSA_ERROR_INVALID_ARGUMENT
-},
-#endif
-
-#ifdef ARCH_TEST_SHA256
-{"Test psa_key_derivation with unsupported key type\n", 11, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
- {0}, 0, {0}, 0, 32,
- PSA_ERROR_INVALID_ARGUMENT
-},
-
-{"Test psa_key_derivation with incorrect usage\n", 12, PSA_KEY_TYPE_DERIVE,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_HKDF(PSA_ALG_SHA_256),
- {0}, 0, {0}, 0, 32,
- PSA_ERROR_NOT_PERMITTED
-},
-#endif
-
-{"Test psa_key_derivation with unsupported key derivation algorithm\n", 14, PSA_KEY_TYPE_DERIVE,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH),
- {0}, 0, {0}, 0, 32,
- PSA_ERROR_NOT_SUPPORTED
-},
-#endif
-
-#ifdef ARCH_TEST_RSA_PKCS1V15_CRYPT
-{"Test psa_key_derivation with invalid algorithm\n", 5, PSA_KEY_TYPE_DERIVE,
-{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
- 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
- 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_RSA_PKCS1V15_CRYPT,
- {0}, 0, {0}, 0, 64,
- PSA_ERROR_INVALID_ARGUMENT
-},
-#endif
-};
-
-static test_data check2[] = {
-#ifdef ARCH_TEST_HKDF
-#ifdef ARCH_TEST_SHA512
-{"Test psa_key_derivation to get 32 Byte data with SHA-512\n", 13, PSA_KEY_TYPE_DERIVE,
-{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
- 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
- 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_512),
- {0}, 0, {0}, 0, 64,
- PSA_SUCCESS
-},
-#endif
-#endif
-};
+/* Keeping this file empty incase if future support is needed */
diff --git a/api-tests/dev_apis/crypto/test_c022/test_entry.c b/api-tests/dev_apis/crypto/test_c022/test_entry_c022.c
similarity index 96%
rename from api-tests/dev_apis/crypto/test_c022/test_entry.c
rename to api-tests/dev_apis/crypto/test_c022/test_entry_c022.c
index 2d7e7981..04b4afc3 100644
--- a/api-tests/dev_apis/crypto/test_c022/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c022/test_entry_c022.c
@@ -20,7 +20,8 @@
#include "test_c022.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 22)
-#define TEST_DESC "Testing crypto generator functions APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c023/source.mk b/api-tests/dev_apis/crypto/test_c023/source.mk
deleted file mode 100644
index 8c971704..00000000
--- a/api-tests/dev_apis/crypto/test_c023/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c023.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c023/test.cmake b/api-tests/dev_apis/crypto/test_c023/test.cmake
new file mode 100644
index 00000000..ceca9afb
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c023/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c023.c
+ test_c023.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c023/test_c023.c b/api-tests/dev_apis/crypto/test_c023/test_c023.c
index 9c786dcf..5f019a41 100644
--- a/api-tests/dev_apis/crypto/test_c023/test_c023.c
+++ b/api-tests/dev_apis/crypto/test_c023/test_c023.c
@@ -23,18 +23,24 @@
client_test_t test_c023_crypto_list[] = {
NULL,
- psa_key_policy_get_usage_test,
+ psa_key_derivation_set_get_capacity_test,
NULL,
};
static int g_test_count = 1;
-int32_t psa_key_policy_get_usage_test(security_t caller)
+int32_t psa_key_derivation_set_get_capacity_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
- psa_key_policy_t policy;
- psa_key_usage_t usage;
+ size_t capacity = 0;
+ psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -45,23 +51,49 @@ int32_t psa_key_policy_get_usage_test(security_t caller)
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
+ /* Start the key derivation operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_SETUP, &operation,
+ check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the capacity for the generator */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY, &operation,
+ check1[i].capacity);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ continue;
+ }
+
+ /* Get the capacity for the generator */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY, &operation,
+ &capacity);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Check if the capacity as per the expected value */
+ TEST_ASSERT_EQUAL(capacity, check1[i].capacity, TEST_CHECKPOINT_NUM(7));
+
+ /* Abort the operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Setting the capacity on an aborted operation should be an error */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY, &operation,
+ check1[i].capacity);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(9));
- /* Retrieve the usage field of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_GET_USAGE, &policy, &usage);
+ /* Getting the capacity on an aborted operation should be an error */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY, &operation,
+ &capacity);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(10));
- TEST_ASSERT_EQUAL(usage, check1[i].usage, TEST_CHECKPOINT_NUM(3));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c023/test_c023.h b/api-tests/dev_apis/crypto/test_c023/test_c023.h
index 43c40e4d..1fc9fbf9 100644
--- a/api-tests/dev_apis/crypto/test_c023/test_c023.h
+++ b/api-tests/dev_apis/crypto/test_c023/test_c023.h
@@ -18,13 +18,13 @@
#define _TEST_C023_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c023)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c023)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c023_crypto_list[];
-int32_t psa_key_policy_get_usage_test(security_t caller);
+int32_t psa_key_derivation_set_get_capacity_test(caller_security_t caller);
#endif /* _TEST_C023_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c023/test_data.h b/api-tests/dev_apis/crypto/test_c023/test_data.h
index 2ef937cc..1bc6455b 100644
--- a/api-tests/dev_apis/crypto/test_c023/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c023/test_data.h
@@ -19,37 +19,21 @@
typedef struct {
char test_desc[75];
- psa_key_usage_t usage;
psa_algorithm_t key_alg;
+ size_t capacity;
+ psa_status_t expected_status;
} test_data;
static test_data check1[] = {
-#ifdef ARCH_TEST_HKDF
-#ifdef ARCH_TEST_SHA256
-{"Test psa_key_policy_get_usage with usage as encrypt\n",
- PSA_KEY_USAGE_ENCRYPT, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+{"Test psa_key_derivation_set_get_capacity - Less than operation's capacity\n",
+ PSA_ALG_HKDF(PSA_ALG_SHA_256), 42, PSA_SUCCESS
},
-{"Test psa_key_policy_get_usage with usage as decrypt\n",
- PSA_KEY_USAGE_DECRYPT, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+{"Test psa_key_derivation_set_get_capacity - Equal to operation's capacity\n",
+ PSA_ALG_HKDF(PSA_ALG_SHA_256), 8160, PSA_SUCCESS
},
-{"Test psa_key_policy_get_usage with usage as derive\n",
- PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+{"Test psa_key_derivation_set_get_capacity - More than operation's capacity\n",
+ PSA_ALG_HKDF(PSA_ALG_SHA_256), 10000, PSA_ERROR_INVALID_ARGUMENT
},
-
-{"Test psa_key_policy_get_usage with usage as export\n",
- PSA_KEY_USAGE_EXPORT, PSA_ALG_HKDF(PSA_ALG_SHA_256),
-},
-
-{"Test psa_key_policy_get_usage with usage as sign\n",
- PSA_KEY_USAGE_SIGN, PSA_ALG_HKDF(PSA_ALG_SHA_256),
-},
-
-{"Test psa_key_policy_get_usage with usage as verify\n",
- PSA_KEY_USAGE_VERIFY, PSA_ALG_HKDF(PSA_ALG_SHA_256),
-},
-#endif
-#endif
-
};
diff --git a/api-tests/dev_apis/crypto/test_c023/test_entry.c b/api-tests/dev_apis/crypto/test_c023/test_entry_c023.c
similarity index 96%
rename from api-tests/dev_apis/crypto/test_c023/test_entry.c
rename to api-tests/dev_apis/crypto/test_c023/test_entry_c023.c
index d177a9db..db4d0bb5 100644
--- a/api-tests/dev_apis/crypto/test_c023/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c023/test_entry_c023.c
@@ -20,7 +20,8 @@
#include "test_c023.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 23)
-#define TEST_DESC "Testing crypto key management APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c024/source.mk b/api-tests/dev_apis/crypto/test_c024/source.mk
deleted file mode 100644
index 301c6d23..00000000
--- a/api-tests/dev_apis/crypto/test_c024/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c024.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c024/test.cmake b/api-tests/dev_apis/crypto/test_c024/test.cmake
new file mode 100644
index 00000000..5904afc7
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c024/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c024.c
+ test_c024.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c024/test_c024.c b/api-tests/dev_apis/crypto/test_c024/test_c024.c
index 16b52e66..ae709d6a 100644
--- a/api-tests/dev_apis/crypto/test_c024/test_c024.c
+++ b/api-tests/dev_apis/crypto/test_c024/test_c024.c
@@ -23,7 +23,6 @@
client_test_t test_c024_crypto_list[] = {
NULL,
psa_aead_encrypt_test,
- psa_aead_encrypt_negative_test,
NULL,
};
@@ -42,14 +41,20 @@ static bool_t is_buffer_empty(uint8_t *buffer, size_t size)
return TRUE;
}
-int32_t psa_aead_encrypt_test(security_t caller)
+int32_t psa_aead_encrypt_test(caller_security_t caller)
{
- int32_t i, status;
- uint8_t ciphertext[BUFFER_SIZE];
- psa_key_policy_t policy;
- size_t ciphertext_length;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- uint8_t *nonce, *additional_data;
+ int32_t i, status;
+ uint8_t ciphertext[BUFFER_SIZE];
+ size_t ciphertext_length;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint8_t *nonce, *additional_data;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -60,34 +65,19 @@ int32_t psa_aead_encrypt_test(security_t caller)
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- memset(ciphertext, 0, sizeof(ciphertext));
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
if (is_buffer_empty(check1[i].nonce, check1[i].nonce_length) == TRUE)
{
@@ -111,115 +101,40 @@ int32_t psa_aead_encrypt_test(security_t caller)
check1[i].additional_data_length, check1[i].plaintext,
check1[i].plaintext_length, ciphertext, check1[i].ciphertext_size,
&ciphertext_length);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
- }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
continue;
+ }
/* Check if the length matches */
TEST_ASSERT_EQUAL(ciphertext_length,
check1[i].expected_ciphertext_length,
- TEST_CHECKPOINT_NUM(8));
+ TEST_CHECKPOINT_NUM(6));
/* Check if the data matches */
TEST_ASSERT_MEMCMP(ciphertext, check1[i].expected_ciphertext, ciphertext_length,
- TEST_CHECKPOINT_NUM(9));
+ TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
- }
-
- return VAL_STATUS_SUCCESS;
-}
-
-int32_t psa_aead_encrypt_negative_test(security_t caller)
-{
- int32_t i, status;
- uint8_t ciphertext[BUFFER_SIZE];
- psa_key_policy_t policy;
- size_t ciphertext_length;
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- uint8_t *nonce, *additional_data;
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
- for (i = 0; i < num_checks; i++)
- {
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
-
- if (is_buffer_empty(check2[i].nonce, check2[i].nonce_length) == TRUE)
- {
- nonce = NULL;
- check2[i].nonce_length = 0;
- }
- else
- nonce = check2[i].nonce;
-
- if (is_buffer_empty(check2[i].additional_data, check2[i].additional_data_length) == TRUE)
- {
- additional_data = NULL;
- check2[i].additional_data_length = 0;
- }
- else
- additional_data = check2[i].additional_data;
-
- val->print(PRINT_TEST, "[Check %d] Test psa_aead_encrypt - Invalid key handle\n",
- g_test_count++);
- /* Process an authenticated encryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT, check2[i].key_handle,
- check2[i].key_alg, nonce, check2[i].nonce_length, additional_data,
- check2[i].additional_data_length, check2[i].plaintext,
- check2[i].plaintext_length, ciphertext, check2[i].ciphertext_size,
- &ciphertext_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_aead_encrypt - Zero as key handle\n",
- g_test_count++);
- /* Process an authenticated encryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT, 0,
- check2[i].key_alg, nonce, check2[i].nonce_length, additional_data,
- check2[i].additional_data_length, check2[i].plaintext,
- check2[i].plaintext_length, ciphertext, check2[i].ciphertext_size,
- &ciphertext_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_aead_encrypt - Empty key handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Process an authenticated encryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT, check2[i].key_handle,
- check2[i].key_alg, nonce, check2[i].nonce_length, additional_data,
- check2[i].additional_data_length, check2[i].plaintext,
- check2[i].plaintext_length, ciphertext, check2[i].ciphertext_size,
+ /* Process an authenticated encryption operation on a destroyed key*/
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT, check1[i].key_handle,
+ check1[i].key_alg, nonce, check1[i].nonce_length, additional_data,
+ check1[i].additional_data_length, check1[i].plaintext,
+ check1[i].plaintext_length, ciphertext, check1[i].ciphertext_size,
&ciphertext_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(9));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c024/test_c024.h b/api-tests/dev_apis/crypto/test_c024/test_c024.h
index 5060e3e9..3b613902 100644
--- a/api-tests/dev_apis/crypto/test_c024/test_c024.h
+++ b/api-tests/dev_apis/crypto/test_c024/test_c024.h
@@ -18,15 +18,14 @@
#define _TEST_C024_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c024)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c024)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c024_crypto_list[];
-int32_t psa_aead_encrypt_test(security_t caller);
-int32_t psa_aead_encrypt_negative_test(security_t caller);
+int32_t psa_aead_encrypt_test(caller_security_t caller);
#endif /* _TEST_C024_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c024/test_data.h b/api-tests/dev_apis/crypto/test_c024/test_data.h
index f2800024..dfe2f1f8 100644
--- a/api-tests/dev_apis/crypto/test_c024/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c024/test_data.h
@@ -17,8 +17,6 @@
#include "val_crypto.h"
-#define EMPTY_KEY_SLOT 31
-
typedef struct {
char test_desc[75];
psa_key_handle_t key_handle;
@@ -162,19 +160,3 @@ static test_data check1[] = {
#endif
#endif
};
-
-static test_data check2[] = {
-#ifdef ARCH_TEST_GCM
-#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_encrypt - Negative case\n", 9, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM,
-{0}, 13, {0}, 0, "hello world", 11,
-{0x5D, 0xC1, 0x72, 0x23, 0x66, 0x96, 0xFD, 0xFC, 0x93, 0x06, 0x27, 0x52, 0xC7,
- 0x0A, 0xCB, 0x36, 0x55, 0x30, 0xC9, 0x48, 0x8F, 0x5E, 0xA5, 0xB9, 0x51, 0xFB,
- 0x4E},
- BUFFER_SIZE, 27, PSA_ERROR_DOES_NOT_EXIST
-},
-#endif
-#endif
-};
diff --git a/api-tests/dev_apis/crypto/test_c024/test_entry.c b/api-tests/dev_apis/crypto/test_c024/test_entry_c024.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c024/test_entry.c
rename to api-tests/dev_apis/crypto/test_c024/test_entry_c024.c
index caf74156..91af9594 100644
--- a/api-tests/dev_apis/crypto/test_c024/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c024/test_entry_c024.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 24)
#define TEST_DESC "Testing crypto AEAD APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c025/source.mk b/api-tests/dev_apis/crypto/test_c025/source.mk
deleted file mode 100644
index cd669a93..00000000
--- a/api-tests/dev_apis/crypto/test_c025/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c025.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c025/test.cmake b/api-tests/dev_apis/crypto/test_c025/test.cmake
new file mode 100644
index 00000000..af89d017
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c025/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c025.c
+ test_c025.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c025/test_c025.c b/api-tests/dev_apis/crypto/test_c025/test_c025.c
index f9dc3fd5..51e6f727 100644
--- a/api-tests/dev_apis/crypto/test_c025/test_c025.c
+++ b/api-tests/dev_apis/crypto/test_c025/test_c025.c
@@ -23,7 +23,6 @@
client_test_t test_c025_crypto_list[] = {
NULL,
psa_aead_decrypt_test,
- psa_aead_decrypt_negative_test,
NULL,
};
@@ -42,14 +41,20 @@ static bool_t is_buffer_empty(uint8_t *buffer, size_t size)
return TRUE;
}
-int32_t psa_aead_decrypt_test(security_t caller)
+int32_t psa_aead_decrypt_test(caller_security_t caller)
{
int32_t i, status;
uint8_t plaintext[BUFFER_SIZE];
- psa_key_policy_t policy;
size_t plaintext_length;
int num_checks = sizeof(check1)/sizeof(check1[0]);
uint8_t *nonce, *additional_data;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -60,33 +65,19 @@ int32_t psa_aead_decrypt_test(security_t caller)
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- memset(plaintext, 0, sizeof(plaintext));
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
if (is_buffer_empty(check1[i].nonce, check1[i].nonce_length) == TRUE)
{
@@ -109,113 +100,39 @@ int32_t psa_aead_decrypt_test(security_t caller)
check1[i].key_alg, nonce, check1[i].nonce_length, additional_data,
check1[i].additional_data_length, check1[i].ciphertext, check1[i].ciphertext_size,
plaintext, check1[i].plaintext_size, &plaintext_length);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
continue;
}
/* Check if the length matches */
TEST_ASSERT_EQUAL(plaintext_length, check1[i].expected_plaintext_length,
- TEST_CHECKPOINT_NUM(8));
+ TEST_CHECKPOINT_NUM(6));
/* Check if the data matches */
TEST_ASSERT_MEMCMP(plaintext, check1[i].expected_plaintext, plaintext_length,
- TEST_CHECKPOINT_NUM(9));
+ TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
- }
-
- return VAL_STATUS_SUCCESS;
-}
-
-int32_t psa_aead_decrypt_negative_test(security_t caller)
-{
- int32_t i, status;
- uint8_t plaintext[BUFFER_SIZE];
- psa_key_policy_t policy;
- size_t plaintext_length;
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- uint8_t *nonce, *additional_data;
-
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
-
- for (i = 0; i < num_checks; i++)
- {
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
- if (is_buffer_empty(check2[i].nonce, check2[i].nonce_length) == TRUE)
- {
- nonce = NULL;
- check2[i].nonce_length = 0;
- }
- else
- nonce = check2[i].nonce;
-
- if (is_buffer_empty(check2[i].additional_data, check2[i].additional_data_length) == TRUE)
- {
- additional_data = NULL;
- check2[i].additional_data_length = 0;
- }
- else
- additional_data = check2[i].additional_data;
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
- val->print(PRINT_TEST, "[Check %d] Test psa_aead_decrypt - Invalid key handle\n",
- g_test_count++);
- /* Process an authenticated decryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT, check2[i].key_handle,
- check2[i].key_alg, nonce, check2[i].nonce_length, additional_data,
- check2[i].additional_data_length, check2[i].ciphertext, check2[i].ciphertext_size,
- plaintext, check2[i].plaintext_size, &plaintext_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_aead_decrypt - Zero as key handle\n",
- g_test_count++);
- /* Process an authenticated decryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT, 0,
- check2[i].key_alg, nonce, check2[i].nonce_length, additional_data,
- check2[i].additional_data_length, check2[i].ciphertext, check2[i].ciphertext_size,
- plaintext, check2[i].plaintext_size, &plaintext_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_aead_decrypt - Empty key handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ /* Process an authenticated decryption operation on a destroyed key handle */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT, check1[i].key_handle,
+ check1[i].key_alg, nonce, check1[i].nonce_length, additional_data,
+ check1[i].additional_data_length, check1[i].ciphertext, check1[i].ciphertext_size,
+ plaintext, check1[i].plaintext_size, &plaintext_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(9));
+ }
- /* Process an authenticated decryption operation */
- status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT, check2[i].key_handle,
- check2[i].key_alg, nonce, check2[i].nonce_length, additional_data,
- check2[i].additional_data_length, check2[i].ciphertext, check2[i].ciphertext_size,
- plaintext, check2[i].plaintext_size, &plaintext_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(7));
- }
-
- return VAL_STATUS_SUCCESS;
+ return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c025/test_c025.h b/api-tests/dev_apis/crypto/test_c025/test_c025.h
index 5b0667b8..1955eddf 100644
--- a/api-tests/dev_apis/crypto/test_c025/test_c025.h
+++ b/api-tests/dev_apis/crypto/test_c025/test_c025.h
@@ -18,15 +18,15 @@
#define _TEST_C025_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c025)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c025)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c025_crypto_list[];
-int32_t psa_aead_decrypt_test(security_t caller);
-int32_t psa_aead_decrypt_negative_test(security_t caller);
+int32_t psa_aead_decrypt_test(caller_security_t caller);
+int32_t psa_aead_decrypt_negative_test(caller_security_t caller);
#endif /* _TEST_C025_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c025/test_data.h b/api-tests/dev_apis/crypto/test_c025/test_data.h
index 44ce513f..82977ede 100644
--- a/api-tests/dev_apis/crypto/test_c025/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c025/test_data.h
@@ -17,8 +17,6 @@
#include "val_crypto.h"
-#define EMPTY_KEY_SLOT 31
-
typedef struct {
char test_desc[75];
psa_key_handle_t key_handle;
@@ -57,7 +55,7 @@ static test_data check1[] = {
39, 23, PSA_SUCCESS
},
-{"Test psa_aead_encrypt - AES-CCM\n", 2, PSA_KEY_TYPE_AES,
+{"Test psa_aead_decrypt - AES-CCM\n", 2, PSA_KEY_TYPE_AES,
{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM,
{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
@@ -73,7 +71,7 @@ static test_data check1[] = {
0xe9}, 40, 24, PSA_SUCCESS
},
-{"Test psa_aead_encrypt - AES-CCM 24 bytes Tag length = 4\n", 3, PSA_KEY_TYPE_AES,
+{"Test psa_aead_decrypt - AES-CCM 24 bytes Tag length = 4\n", 3, PSA_KEY_TYPE_AES,
{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT,
PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
@@ -208,19 +206,3 @@ static test_data check1[] = {
#endif
#endif
};
-
-static test_data check2[] = {
-#ifdef ARCH_TEST_GCM
-#ifdef ARCH_TEST_AES_128
-{"Test psa_aead_decrypt - Negative cases\n", 11, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_GCM,
-{0}, 13, {0}, 0, "hello world", BUFFER_SIZE,
-{0x5D, 0xC1, 0x72, 0x23, 0x66, 0x96, 0xFD, 0xFC, 0x93, 0x06, 0x27, 0x52, 0xC7,
- 0x0A, 0xCB, 0x36, 0x55, 0x30, 0xC9, 0x48, 0x8F, 0x5E, 0xA5, 0xB9, 0x51, 0xFB,
- 0x4E},
- 11, 27, PSA_ERROR_INVALID_ARGUMENT
-},
-#endif
-#endif
-};
diff --git a/api-tests/dev_apis/crypto/test_c025/test_entry.c b/api-tests/dev_apis/crypto/test_c025/test_entry_c025.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c025/test_entry.c
rename to api-tests/dev_apis/crypto/test_c025/test_entry_c025.c
index f71ac410..45822f3f 100644
--- a/api-tests/dev_apis/crypto/test_c025/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c025/test_entry_c025.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 25)
#define TEST_DESC "Testing crypto AEAD APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c026/source.mk b/api-tests/dev_apis/crypto/test_c026/source.mk
deleted file mode 100644
index fa602b6a..00000000
--- a/api-tests/dev_apis/crypto/test_c026/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c026.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c026/test.cmake b/api-tests/dev_apis/crypto/test_c026/test.cmake
new file mode 100644
index 00000000..29ddd0ab
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c026/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c026.c
+ test_c026.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c026/test_c026.c b/api-tests/dev_apis/crypto/test_c026/test_c026.c
index 03d9def5..1de9cae8 100644
--- a/api-tests/dev_apis/crypto/test_c026/test_c026.c
+++ b/api-tests/dev_apis/crypto/test_c026/test_c026.c
@@ -31,11 +31,17 @@ client_test_t test_c026_crypto_list[] = {
static int g_test_count = 1;
static psa_mac_operation_t operation;
-int32_t psa_mac_sign_setup_test(security_t caller)
+int32_t psa_mac_sign_setup_test(caller_security_t caller)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- psa_key_policy_t policy;
- int32_t i, status;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -47,43 +53,30 @@ int32_t psa_mac_sign_setup_test(security_t caller)
val->print(PRINT_TEST, check1[i].test_desc, 0);
memset(&operation, 0, sizeof(operation));
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Start a multipart MAC calculation operation */
status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Whether setup succeeded or failed, abort must succeed.
Abort a MAC operation
*/
status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* If setup failed, reproduce the failure, so that the caller can
* test the resulting state of the operation object.
@@ -92,21 +85,23 @@ int32_t psa_mac_sign_setup_test(security_t caller)
{
status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
}
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_mac_sign_setup_negative_test(security_t caller)
+int32_t psa_mac_sign_setup_negative_test(caller_security_t caller)
{
int num_checks = sizeof(check2)/sizeof(check2[0]);
- psa_key_policy_t policy;
int32_t i, status;
/* Initialize the PSA crypto library*/
@@ -115,51 +110,24 @@ int32_t psa_mac_sign_setup_negative_test(security_t caller)
for (i = 0; i < num_checks; i++)
{
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
- memset(&operation, 0, sizeof(operation));
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
-
- val->print(PRINT_TEST, "[Check %d] Test psa_mac_sign_setup with invalid key handle\n",
+ val->print(PRINT_TEST, "[Check %d] Test psa_mac_sign_setup invalid key handle\n",
g_test_count++);
- /* Start a multipart MAC calculation operation */
+ /* Start a multipart MAC verification operation */
status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
check2[i].key_handle, check2[i].key_alg);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
- val->print(PRINT_TEST, "[Check %d] Test psa_mac_sign_setup with zero key handle\n",
+ val->print(PRINT_TEST, "[Check %d] Test psa_mac_sign_setup zero as key handle\n",
g_test_count++);
- /* Start a multipart MAC calculation operation */
+ /* Start a multipart MAC verification operation */
status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
0, check2[i].key_alg);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_mac_sign_setup with empty key handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Start a multipart MAC calculation operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
- check2[i].key_handle, check2[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(7));
}
return VAL_STATUS_SUCCESS;
}
-
diff --git a/api-tests/dev_apis/crypto/test_c026/test_c026.h b/api-tests/dev_apis/crypto/test_c026/test_c026.h
index 8d3e052e..fab5a56d 100644
--- a/api-tests/dev_apis/crypto/test_c026/test_c026.h
+++ b/api-tests/dev_apis/crypto/test_c026/test_c026.h
@@ -18,14 +18,14 @@
#define _TEST_C026_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c026)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c026)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c026_crypto_list[];
-int32_t psa_mac_sign_setup_test(security_t caller);
-int32_t psa_mac_sign_setup_negative_test(security_t caller);
+int32_t psa_mac_sign_setup_test(caller_security_t caller);
+int32_t psa_mac_sign_setup_negative_test(caller_security_t caller);
#endif /* _TEST_C026_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c026/test_data.h b/api-tests/dev_apis/crypto/test_c026/test_data.h
index df4d3a51..02fc1489 100644
--- a/api-tests/dev_apis/crypto/test_c026/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c026/test_data.h
@@ -17,8 +17,6 @@
#include "val_crypto.h"
-#define EMPTY_KEY_SLOT 31
-
typedef struct {
char test_desc[75];
psa_key_handle_t key_handle;
@@ -142,14 +140,18 @@ static test_data check1[] = {
};
static test_data check2[] = {
-#ifdef ARCH_TEST_AES_128
-#ifdef ARCH_TEST_CMAC
-{"Test psa_mac_sign_setup - Negative case\n", 12, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0x00},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
- PSA_ERROR_INVALID_ARGUMENT
+#ifdef ARCH_TEST_HMAC
+#ifdef ARCH_TEST_SHA256
+{"Test psa_mac_sign_setup 64 negative case\n", 11, PSA_KEY_TYPE_HMAC,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
+ 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+ 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
+ 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
+ 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
+ 64, PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_SUCCESS
},
#endif
#endif
};
+;
diff --git a/api-tests/dev_apis/crypto/test_c026/test_entry.c b/api-tests/dev_apis/crypto/test_c026/test_entry_c026.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c026/test_entry.c
rename to api-tests/dev_apis/crypto/test_c026/test_entry_c026.c
index 89b31266..57aa1b30 100644
--- a/api-tests/dev_apis/crypto/test_c026/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c026/test_entry_c026.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 26)
#define TEST_DESC "Testing crypto MAC APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c027/source.mk b/api-tests/dev_apis/crypto/test_c027/source.mk
deleted file mode 100644
index 98826de1..00000000
--- a/api-tests/dev_apis/crypto/test_c027/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c027.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c027/test.cmake b/api-tests/dev_apis/crypto/test_c027/test.cmake
new file mode 100644
index 00000000..15623b72
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c027/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c027.c
+ test_c027.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c027/test_c027.c b/api-tests/dev_apis/crypto/test_c027/test_c027.c
index b6e32889..89bcbf2d 100644
--- a/api-tests/dev_apis/crypto/test_c027/test_c027.c
+++ b/api-tests/dev_apis/crypto/test_c027/test_c027.c
@@ -31,13 +31,19 @@ client_test_t test_c027_crypto_list[] = {
static int g_test_count = 1;
static uint8_t data[BUFFER_SIZE];
-int32_t psa_mac_update_test(security_t caller)
+int32_t psa_mac_update_test(caller_security_t caller)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- int32_t i, status;
- size_t length;
- psa_key_policy_t policy;
- psa_mac_operation_t operation;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ size_t length;
+ psa_mac_operation_t operation;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -50,50 +56,39 @@ int32_t psa_mac_update_test(security_t caller)
memset(&operation, 0, sizeof(operation));
memset(data, 0, sizeof(data));
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Start a multipart MAC calculation operation */
status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Add a message fragment to a multipart MAC operation */
status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation, check1[i].data,
check1[i].data_size);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Abort a MAC operation */
status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
continue;
}
@@ -101,26 +96,26 @@ int32_t psa_mac_update_test(security_t caller)
/* Finish the calculation of the MAC of a message */
status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_FINISH, &operation, data,
sizeof(data), &length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
/* Add a message fragment to the same multipart MAC operation*/
status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation, check1[i].data,
check1[i].data_size);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(11));
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(9));
/* Abort a MAC operation */
status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(13));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_mac_update_invalid_operator_test(security_t caller)
+int32_t psa_mac_update_invalid_operator_test(caller_security_t caller)
{
int32_t i, status;
psa_mac_operation_t operation[] = {psa_mac_operation_init(), PSA_MAC_OPERATION_INIT, {0} };
diff --git a/api-tests/dev_apis/crypto/test_c027/test_c027.h b/api-tests/dev_apis/crypto/test_c027/test_c027.h
index ea4c22fc..69f72f15 100644
--- a/api-tests/dev_apis/crypto/test_c027/test_c027.h
+++ b/api-tests/dev_apis/crypto/test_c027/test_c027.h
@@ -18,14 +18,14 @@
#define _TEST_C027_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c027)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c027)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c027_crypto_list[];
-int32_t psa_mac_update_test(security_t caller);
-int32_t psa_mac_update_invalid_operator_test(security_t caller);
+int32_t psa_mac_update_test(caller_security_t caller);
+int32_t psa_mac_update_invalid_operator_test(caller_security_t caller);
#endif /* _TEST_C027_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c027/test_entry.c b/api-tests/dev_apis/crypto/test_c027/test_entry_c027.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c027/test_entry.c
rename to api-tests/dev_apis/crypto/test_c027/test_entry_c027.c
index fedebfce..8e40ce17 100644
--- a/api-tests/dev_apis/crypto/test_c027/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c027/test_entry_c027.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 27)
#define TEST_DESC "Testing crypto MAC APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c028/source.mk b/api-tests/dev_apis/crypto/test_c028/source.mk
deleted file mode 100644
index 1d6b81ce..00000000
--- a/api-tests/dev_apis/crypto/test_c028/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c028.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c028/test.cmake b/api-tests/dev_apis/crypto/test_c028/test.cmake
new file mode 100644
index 00000000..eae954e5
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c028/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c028.c
+ test_c028.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c028/test_c028.c b/api-tests/dev_apis/crypto/test_c028/test_c028.c
index 475feb77..540af723 100644
--- a/api-tests/dev_apis/crypto/test_c028/test_c028.c
+++ b/api-tests/dev_apis/crypto/test_c028/test_c028.c
@@ -30,14 +30,19 @@ client_test_t test_c028_crypto_list[] = {
static int g_test_count = 1;
static uint8_t data[BUFFER_SIZE];
-int32_t psa_mac_sign_finish_test(security_t caller)
+int32_t psa_mac_sign_finish_test(caller_security_t caller)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- int32_t i, status;
- size_t length;
- psa_key_policy_t policy;
- psa_mac_operation_t operation;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ size_t length;
+ psa_mac_operation_t operation;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -50,65 +55,53 @@ int32_t psa_mac_sign_finish_test(security_t caller)
memset(&operation, 0, sizeof(operation));
memset(data, 0, sizeof(data));
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Start a multipart MAC calculation operation */
status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Add a message fragment to a multipart MAC operation */
status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation, check1[i].data,
check1[i].data_size);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Finish the calculation of the MAC of a message */
status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_FINISH, &operation, data,
check1[i].mac_size, &length);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Abort a MAC operation */
status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
continue;
}
/* Check if the MAC length matches with the expected length */
- TEST_ASSERT_EQUAL(length, check1[i].expected_length, TEST_CHECKPOINT_NUM(11));
+ TEST_ASSERT_EQUAL(length, check1[i].expected_length, TEST_CHECKPOINT_NUM(9));
/* Check if the MAC data matches with the expected data */
- TEST_ASSERT_MEMCMP(check1[i].expected_data, data, length, TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_MEMCMP(check1[i].expected_data, data, length, TEST_CHECKPOINT_NUM(10));
memset(data, 0, sizeof(data));
@@ -118,15 +111,15 @@ int32_t psa_mac_sign_finish_test(security_t caller)
*/
status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_FINISH, &operation, data,
check1[i].mac_size, &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(13));
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(11));
/* Abort a MAC operation */
status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(15));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c028/test_c028.h b/api-tests/dev_apis/crypto/test_c028/test_c028.h
index a8b1b0f0..792a1a9b 100644
--- a/api-tests/dev_apis/crypto/test_c028/test_c028.h
+++ b/api-tests/dev_apis/crypto/test_c028/test_c028.h
@@ -18,13 +18,13 @@
#define _TEST_C028_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c028)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c028)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c028_crypto_list[];
-int32_t psa_mac_sign_finish_test(security_t caller);
+int32_t psa_mac_sign_finish_test(caller_security_t caller);
#endif /* _TEST_C028_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c028/test_entry.c b/api-tests/dev_apis/crypto/test_c028/test_entry_c028.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c028/test_entry.c
rename to api-tests/dev_apis/crypto/test_c028/test_entry_c028.c
index 86dda651..7646fd50 100644
--- a/api-tests/dev_apis/crypto/test_c028/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c028/test_entry_c028.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 28)
#define TEST_DESC "Testing crypto MAC APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c029/source.mk b/api-tests/dev_apis/crypto/test_c029/source.mk
deleted file mode 100644
index 55897848..00000000
--- a/api-tests/dev_apis/crypto/test_c029/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c029.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c029/test.cmake b/api-tests/dev_apis/crypto/test_c029/test.cmake
new file mode 100644
index 00000000..112f7ab4
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c029/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c029.c
+ test_c029.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c029/test_c029.c b/api-tests/dev_apis/crypto/test_c029/test_c029.c
index 53be0dbf..ee9b7f57 100644
--- a/api-tests/dev_apis/crypto/test_c029/test_c029.c
+++ b/api-tests/dev_apis/crypto/test_c029/test_c029.c
@@ -31,11 +31,17 @@ client_test_t test_c029_crypto_list[] = {
static int g_test_count = 1;
static psa_mac_operation_t operation;
-int32_t psa_mac_verify_setup_test(security_t caller)
+int32_t psa_mac_verify_setup_test(caller_security_t caller)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- psa_key_policy_t policy;
- int32_t i, status;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -47,43 +53,30 @@ int32_t psa_mac_verify_setup_test(security_t caller)
val->print(PRINT_TEST, check1[i].test_desc, 0);
memset(&operation, 0, sizeof(operation));
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Start a multipart MAC verification operation */
status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Whether setup succeeded or failed, abort must succeed.
* Abort a MAC operation
*/
status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* If setup failed, reproduce the failure, so that the caller can
* test the resulting state of the operation object.
@@ -92,21 +85,20 @@ int32_t psa_mac_verify_setup_test(security_t caller)
{
status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
}
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_mac_verify_setup_negative_test(security_t caller)
+int32_t psa_mac_verify_setup_negative_test(caller_security_t caller)
{
int num_checks = sizeof(check2)/sizeof(check2[0]);
- psa_key_policy_t policy;
int32_t i, status;
/* Initialize the PSA crypto library*/
@@ -115,20 +107,10 @@ int32_t psa_mac_verify_setup_negative_test(security_t caller)
for (i = 0; i < num_checks; i++)
{
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
- memset(&operation, 0, sizeof(operation));
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
-
val->print(PRINT_TEST, "[Check %d] Test psa_mac_verify_setup invalid key handle\n",
g_test_count++);
/* Start a multipart MAC verification operation */
@@ -142,17 +124,6 @@ int32_t psa_mac_verify_setup_negative_test(security_t caller)
status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP, &operation,
0, check2[i].key_alg);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_mac_verify_setup empty key handle\n",
- g_test_count++);
- /* Start a multipart MAC verification operation */
- status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP, &operation,
- check2[i].key_handle, check2[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(6));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c029/test_c029.h b/api-tests/dev_apis/crypto/test_c029/test_c029.h
index b549fed6..81234faa 100644
--- a/api-tests/dev_apis/crypto/test_c029/test_c029.h
+++ b/api-tests/dev_apis/crypto/test_c029/test_c029.h
@@ -18,15 +18,15 @@
#define _TEST_C029_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c029)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c029)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c029_crypto_list[];
-int32_t psa_mac_verify_setup_test(security_t caller);
-int32_t psa_mac_verify_setup_negative_test(security_t caller);
+int32_t psa_mac_verify_setup_test(caller_security_t caller);
+int32_t psa_mac_verify_setup_negative_test(caller_security_t caller);
#endif /* _TEST_C029_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c029/test_data.h b/api-tests/dev_apis/crypto/test_c029/test_data.h
index 4adad3a3..1a55b00e 100644
--- a/api-tests/dev_apis/crypto/test_c029/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c029/test_data.h
@@ -17,8 +17,6 @@
#include "val_crypto.h"
-#define EMPTY_KEY_SLOT 31
-
typedef struct {
char test_desc[75];
psa_key_handle_t key_handle;
diff --git a/api-tests/dev_apis/crypto/test_c029/test_entry.c b/api-tests/dev_apis/crypto/test_c029/test_entry_c029.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c029/test_entry.c
rename to api-tests/dev_apis/crypto/test_c029/test_entry_c029.c
index 78c323f3..0ca3e509 100644
--- a/api-tests/dev_apis/crypto/test_c029/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c029/test_entry_c029.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 29)
#define TEST_DESC "Testing crypto MAC APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c030/source.mk b/api-tests/dev_apis/crypto/test_c030/source.mk
deleted file mode 100644
index ba8ca2ef..00000000
--- a/api-tests/dev_apis/crypto/test_c030/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c030.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c030/test.cmake b/api-tests/dev_apis/crypto/test_c030/test.cmake
new file mode 100644
index 00000000..ba46882a
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c030/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c030.c
+ test_c030.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c030/test_c030.c b/api-tests/dev_apis/crypto/test_c030/test_c030.c
index 177b0f0e..6643c342 100644
--- a/api-tests/dev_apis/crypto/test_c030/test_c030.c
+++ b/api-tests/dev_apis/crypto/test_c030/test_c030.c
@@ -29,12 +29,18 @@ client_test_t test_c030_crypto_list[] = {
static int g_test_count = 1;
-int32_t psa_mac_verify_finish_test(security_t caller)
+int32_t psa_mac_verify_finish_test(caller_security_t caller)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- int32_t i, status;
- psa_key_policy_t policy;
- psa_mac_operation_t operation;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ psa_mac_operation_t operation;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -46,58 +52,46 @@ int32_t psa_mac_verify_finish_test(security_t caller)
val->print(PRINT_TEST, check1[i].test_desc, 0);
memset(&operation, 0, sizeof(operation));
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Start a multipart MAC calculation operation */
status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Add a message fragment to a multipart MAC operation */
status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation, check1[i].data,
check1[i].data_size);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Finish the calculation of the MAC of a message and compare it with
* an expected value
*/
status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_FINISH, &operation,
check1[i].expected_mac, check1[i].mac_size);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Abort a MAC operation */
status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
continue;
}
@@ -107,15 +101,15 @@ int32_t psa_mac_verify_finish_test(security_t caller)
*/
status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_FINISH, &operation,
check1[i].expected_mac, check1[i].mac_size);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(11));
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(9));
/* Abort a MAC operation */
status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(13));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c030/test_c030.h b/api-tests/dev_apis/crypto/test_c030/test_c030.h
index 46c27207..defd6031 100644
--- a/api-tests/dev_apis/crypto/test_c030/test_c030.h
+++ b/api-tests/dev_apis/crypto/test_c030/test_c030.h
@@ -18,13 +18,13 @@
#define _TEST_C030_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c030)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c030)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c030_crypto_list[];
-int32_t psa_mac_verify_finish_test(security_t caller);
+int32_t psa_mac_verify_finish_test(caller_security_t caller);
#endif /* _TEST_C030_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c030/test_entry.c b/api-tests/dev_apis/crypto/test_c030/test_entry_c030.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c030/test_entry.c
rename to api-tests/dev_apis/crypto/test_c030/test_entry_c030.c
index 0188a082..6fd48961 100644
--- a/api-tests/dev_apis/crypto/test_c030/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c030/test_entry_c030.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 30)
#define TEST_DESC "Testing crypto MAC APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c031/source.mk b/api-tests/dev_apis/crypto/test_c031/source.mk
deleted file mode 100644
index cc8d3ced..00000000
--- a/api-tests/dev_apis/crypto/test_c031/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c031.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c031/test.cmake b/api-tests/dev_apis/crypto/test_c031/test.cmake
new file mode 100644
index 00000000..5ff1ecf0
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c031/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c031.c
+ test_c031.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c031/test_c031.c b/api-tests/dev_apis/crypto/test_c031/test_c031.c
index 040e8a86..3e8c94eb 100644
--- a/api-tests/dev_apis/crypto/test_c031/test_c031.c
+++ b/api-tests/dev_apis/crypto/test_c031/test_c031.c
@@ -31,12 +31,18 @@ client_test_t test_c031_crypto_list[] = {
static int g_test_count = 1;
static uint8_t data[BUFFER_SIZE];
-int32_t psa_mac_abort_test(security_t caller)
+int32_t psa_mac_abort_test(caller_security_t caller)
{
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- int32_t i, status;
- psa_key_policy_t policy;
- psa_mac_operation_t operation;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ psa_mac_operation_t operation;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -48,68 +54,56 @@ int32_t psa_mac_abort_test(security_t caller)
val->print(PRINT_TEST, check1[i].test_desc, 0);
memset(&operation, 0, sizeof(operation));
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Start a multipart MAC calculation operation */
status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Abort a MAC operation */
status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Multiple Abort a MAC operation should succeed */
status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_mac_abort_before_finish_test(security_t caller)
+int32_t psa_mac_abort_before_finish_test(caller_security_t caller)
{
- size_t length;
- psa_key_policy_t policy;
- psa_algorithm_t key_alg = PSA_ALG_CMAC;
- psa_key_usage_t usage = PSA_KEY_USAGE_SIGN;
- psa_key_handle_t key_handle = 10;
- psa_key_type_t key_type = PSA_KEY_TYPE_AES;
- psa_mac_operation_t operation;
- uint8_t key_data[] = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7,
+ size_t length;
+ psa_algorithm_t key_alg = PSA_ALG_CMAC;
+ psa_key_usage_t usage = PSA_KEY_USAGE_SIGN;
+ psa_key_handle_t key_handle = 10;
+ psa_key_type_t key_type = PSA_KEY_TYPE_AES;
+ psa_mac_operation_t operation;
+ uint8_t key_data[] = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7,
0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c};
- uint8_t input_data[] = {0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65};
- size_t key_length = sizeof(key_data);
- size_t inputdata_size = sizeof(input_data);
- int32_t status;
+ uint8_t input_data[] = {0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65};
+ size_t key_length = sizeof(key_data);
+ size_t inputdata_size = sizeof(input_data);
+ int32_t status;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
memset(data, 0, sizeof(data));
memset(&operation, 0, sizeof(operation));
@@ -125,47 +119,36 @@ int32_t psa_mac_abort_before_finish_test(security_t caller)
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, usage, key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, key_alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, key_handle, key_type, key_data,
- key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, key_data,
+ key_length, &key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Start a multipart MAC calculation operation */
status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation, key_handle, key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Add a message fragment to a multipart MAC operation */
status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation, input_data, inputdata_size);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Abort a MAC operation */
status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
/* Finish the calculation of the MAC of a message */
status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_FINISH, &operation, data,
BUFFER_SIZE, &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c031/test_c031.h b/api-tests/dev_apis/crypto/test_c031/test_c031.h
index 0aee6287..ba716fac 100644
--- a/api-tests/dev_apis/crypto/test_c031/test_c031.h
+++ b/api-tests/dev_apis/crypto/test_c031/test_c031.h
@@ -18,14 +18,14 @@
#define _TEST_C031_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c031)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c031)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c031_crypto_list[];
-int32_t psa_mac_abort_test(security_t caller);
-int32_t psa_mac_abort_before_finish_test(security_t caller);
+int32_t psa_mac_abort_test(caller_security_t caller);
+int32_t psa_mac_abort_before_finish_test(caller_security_t caller);
#endif /* _TEST_C031_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c031/test_entry.c b/api-tests/dev_apis/crypto/test_c031/test_entry_c031.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c031/test_entry.c
rename to api-tests/dev_apis/crypto/test_c031/test_entry_c031.c
index bd97a0d7..f7b9d7af 100644
--- a/api-tests/dev_apis/crypto/test_c031/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c031/test_entry_c031.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 31)
#define TEST_DESC "Testing crypto MAC APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c032/source.mk b/api-tests/dev_apis/crypto/test_c032/source.mk
deleted file mode 100644
index e098947a..00000000
--- a/api-tests/dev_apis/crypto/test_c032/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c032.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c032/test.cmake b/api-tests/dev_apis/crypto/test_c032/test.cmake
new file mode 100644
index 00000000..769b43ee
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c032/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c032.c
+ test_c032.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c032/test_c032.c b/api-tests/dev_apis/crypto/test_c032/test_c032.c
index 44e4682b..aa35e303 100644
--- a/api-tests/dev_apis/crypto/test_c032/test_c032.c
+++ b/api-tests/dev_apis/crypto/test_c032/test_c032.c
@@ -31,39 +31,36 @@ client_test_t test_c032_crypto_list[] = {
static int g_test_count = 1;
static psa_cipher_operation_t operation;
-int32_t psa_cipher_encrypt_setup_test(security_t caller)
+int32_t psa_cipher_encrypt_setup_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
- const uint8_t *key_data;
- psa_key_policy_t policy;
+ const uint8_t *key_data;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+ /* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- memset(&operation, 0, sizeof(operation));
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
{
if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
key_data = rsa_384_keypair;
@@ -84,7 +81,7 @@ int32_t psa_cipher_encrypt_setup_test(security_t caller)
}
else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
key_data = ec_keypair;
else
key_data = ec_keydata;
@@ -92,51 +89,53 @@ int32_t psa_cipher_encrypt_setup_test(security_t caller)
else
key_data = check1[i].key_data;
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &attributes, check1[i].attr_bits);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the key for a multipart symmetric encryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Whether setup succeeded or failed, abort must succeed.
* Abort a cipher operation
*/
status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
if (check1[i].expected_status != PSA_SUCCESS)
{
status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
}
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_cipher_encrypt_setup_negative_test(security_t caller)
+int32_t psa_cipher_encrypt_setup_negative_test(caller_security_t caller)
{
int num_checks = sizeof(check2)/sizeof(check2[0]);
int32_t i, status;
- psa_key_policy_t policy;
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -144,20 +143,10 @@ int32_t psa_cipher_encrypt_setup_negative_test(security_t caller)
for (i = 0; i < num_checks; i++)
{
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
- memset(&operation, 0, sizeof(operation));
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
-
val->print(PRINT_TEST, "[Check %d] Test psa_cipher_encrypt_setup - Invalid key handle\n",
g_test_count++);
/* Set the key for a multipart symmetric encryption operation */
@@ -172,21 +161,8 @@ int32_t psa_cipher_encrypt_setup_negative_test(security_t caller)
0, check2[i].key_alg);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
- val->print(PRINT_TEST, "[Check %d] Test psa_cipher_encrypt_setup - Empty key handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Set the key for a multipart symmetric encryption operation */
- status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
- check2[i].key_handle, check2[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(7));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c032/test_c032.h b/api-tests/dev_apis/crypto/test_c032/test_c032.h
index 02a902c1..f9887a2f 100644
--- a/api-tests/dev_apis/crypto/test_c032/test_c032.h
+++ b/api-tests/dev_apis/crypto/test_c032/test_c032.h
@@ -18,14 +18,14 @@
#define _TEST_C032_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c032)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c032)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c032_crypto_list[];
-int32_t psa_cipher_encrypt_setup_test(security_t caller);
-int32_t psa_cipher_encrypt_setup_negative_test(security_t caller);
+int32_t psa_cipher_encrypt_setup_test(caller_security_t caller);
+int32_t psa_cipher_encrypt_setup_negative_test(caller_security_t caller);
#endif /* _TEST_C032_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c032/test_data.h b/api-tests/dev_apis/crypto/test_c032/test_data.h
index f7be6795..763afdef 100644
--- a/api-tests/dev_apis/crypto/test_c032/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c032/test_data.h
@@ -23,6 +23,7 @@ typedef struct {
psa_key_type_t key_type;
uint8_t key_data[64];
uint32_t key_length;
+ size_t attr_bits;
psa_key_usage_t usage;
psa_algorithm_t key_alg;
size_t expected_bit_length;
@@ -164,7 +165,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_AES_128
{"Test psa_cipher_encrypt_setup 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE, BYTES_TO_BITS(AES_16B_KEY_SIZE),
PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
PSA_SUCCESS
},
@@ -173,7 +174,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_AES_192
{"Test psa_cipher_encrypt_setup 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
- 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9}, AES_24B_KEY_SIZE,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9}, AES_24B_KEY_SIZE, 0,
PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_24B_KEY_SIZE),
PSA_SUCCESS
},
@@ -183,7 +184,7 @@ static test_data check1[] = {
{"Test psa_cipher_encrypt_setup 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
- 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE}, AES_32B_KEY_SIZE,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE}, AES_32B_KEY_SIZE, 0,
PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_32B_KEY_SIZE),
PSA_SUCCESS
},
@@ -194,7 +195,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_DES_1KEY
{"Test psa_cipher_encrypt_setup DES 64 bit key\n", 4, PSA_KEY_TYPE_DES,
{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING, BYTES_TO_BITS(DES_8B_KEY_SIZE),
+ DES_8B_KEY_SIZE, 0, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING, BYTES_TO_BITS(DES_8B_KEY_SIZE),
PSA_SUCCESS
},
#endif
@@ -203,7 +204,7 @@ static test_data check1[] = {
{"Test psa_cipher_encrypt_setup Triple DES 2-Key\n", 5, PSA_KEY_TYPE_DES,
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING, BYTES_TO_BITS(DES3_2KEY_SIZE),
+ DES3_2KEY_SIZE, 0, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING, BYTES_TO_BITS(DES3_2KEY_SIZE),
PSA_SUCCESS
},
#endif
@@ -213,7 +214,7 @@ static test_data check1[] = {
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING, BYTES_TO_BITS(DES3_3KEY_SIZE),
+ DES3_3KEY_SIZE, 0, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING, BYTES_TO_BITS(DES3_3KEY_SIZE),
PSA_SUCCESS
},
#endif
@@ -222,7 +223,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_CIPER_MODE_CTR
{"Test psa_cipher_encrypt_setup 16 Byte raw data\n", 7, PSA_KEY_TYPE_RAW_DATA,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE, 0,
PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
PSA_ERROR_NOT_SUPPORTED
},
@@ -232,7 +233,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_CMAC
{"Test psa_cipher_encrypt_setup - not a cipher algorithm\n", 8, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE, 0,
PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CMAC, BYTES_TO_BITS(AES_16B_KEY_SIZE),
PSA_ERROR_INVALID_ARGUMENT
},
@@ -241,7 +242,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_CIPER
{"Test psa_cipher_encrypt_setup - unknown cipher algorithm\n", 9, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE, 0,
PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CATEGORY_CIPHER, BYTES_TO_BITS(AES_16B_KEY_SIZE),
PSA_ERROR_NOT_SUPPORTED
},
@@ -251,7 +252,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_ARC4
{"Test psa_cipher_encrypt_setup - incompatible key ARC4\n", 10, PSA_KEY_TYPE_ARC4,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE, 0,
PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
PSA_ERROR_NOT_SUPPORTED
},
@@ -259,7 +260,7 @@ static test_data check1[] = {
{"Test psa_cipher_encrypt_setup - incorrect usage\n", 11, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE, 0,
PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
PSA_ERROR_NOT_PERMITTED
},
@@ -269,13 +270,13 @@ static test_data check1[] = {
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
#ifdef ARCH_TEST_RSA_2048
{"Test psa_cipher_encrypt_setup - RSA public key\n", 12, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
-{0}, 270,
+{0}, 270, 0,
PSA_KEY_USAGE_ENCRYPT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, 2048,
PSA_ERROR_INVALID_ARGUMENT
},
-{"Test psa_cipher_encrypt_setup - RSA keypair\n", 13, PSA_KEY_TYPE_RSA_KEYPAIR,
-{0}, 1193,
+{"Test psa_cipher_encrypt_setup - RSA keypair\n", 13, PSA_KEY_TYPE_RSA_KEY_PAIR,
+{0}, 1193, 0,
PSA_KEY_USAGE_ENCRYPT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, 2048,
PSA_ERROR_INVALID_ARGUMENT
},
@@ -285,7 +286,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_ASYMMETRIC_ENCRYPTION
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{"Test psa_cipher_encrypt_setup - EC Public key\n", 14,
- PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1), {0}, 65,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1), {0}, 65, 0,
PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, 256,
PSA_ERROR_INVALID_ARGUMENT
},
@@ -293,7 +294,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
{"Test psa_cipher_encrypt_setup - EC keypair\n", 15,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1), {0}, 28,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1), {0}, 28, 0,
PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, 224,
PSA_ERROR_INVALID_ARGUMENT
},
@@ -306,7 +307,7 @@ static test_data check2[] = {
#ifdef ARCH_TEST_AES_128
{"Test psa_cipher_encrypt_setup negative cases\n", 16, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE, 0,
PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
PSA_SUCCESS
},
diff --git a/api-tests/dev_apis/crypto/test_c032/test_entry.c b/api-tests/dev_apis/crypto/test_c032/test_entry_c032.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c032/test_entry.c
rename to api-tests/dev_apis/crypto/test_c032/test_entry_c032.c
index 1ff8b8e4..e05c81d6 100644
--- a/api-tests/dev_apis/crypto/test_c032/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c032/test_entry_c032.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 32)
#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c033/source.mk b/api-tests/dev_apis/crypto/test_c033/source.mk
deleted file mode 100644
index 22c93a65..00000000
--- a/api-tests/dev_apis/crypto/test_c033/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c033.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c033/test.cmake b/api-tests/dev_apis/crypto/test_c033/test.cmake
new file mode 100644
index 00000000..505bd9e9
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c033/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c033.c
+ test_c033.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c033/test_c033.c b/api-tests/dev_apis/crypto/test_c033/test_c033.c
index c3b60096..4899f10d 100644
--- a/api-tests/dev_apis/crypto/test_c033/test_c033.c
+++ b/api-tests/dev_apis/crypto/test_c033/test_c033.c
@@ -31,39 +31,36 @@ client_test_t test_c033_crypto_list[] = {
static int g_test_count = 1;
static psa_cipher_operation_t operation;
-int32_t psa_cipher_decrypt_setup_test(security_t caller)
+int32_t psa_cipher_decrypt_setup_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
- const uint8_t *key_data;
- psa_key_policy_t policy;
+ const uint8_t *key_data;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+ /* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- memset(&operation, 0, sizeof(operation));
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
{
if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
key_data = rsa_384_keypair;
@@ -84,7 +81,7 @@ int32_t psa_cipher_decrypt_setup_test(security_t caller)
}
else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
key_data = ec_keypair;
else
key_data = ec_keydata;
@@ -92,52 +89,53 @@ int32_t psa_cipher_decrypt_setup_test(security_t caller)
else
key_data = check1[i].key_data;
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the key for a multipart symmetric decryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Whether setup succeeded or failed, abort must succeed.
* Abort a cipher operation
*/
status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
if (check1[i].expected_status != PSA_SUCCESS)
{
status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+
+ /* Abort a cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
}
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_cipher_decrypt_setup_negative_test(security_t caller)
+int32_t psa_cipher_decrypt_setup_negative_test(caller_security_t caller)
{
int num_checks = sizeof(check2)/sizeof(check2[0]);
int32_t i, status;
- psa_key_policy_t policy;
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -145,20 +143,10 @@ int32_t psa_cipher_decrypt_setup_negative_test(security_t caller)
for (i = 0; i < num_checks; i++)
{
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
- memset(&operation, 0, sizeof(operation));
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
-
val->print(PRINT_TEST, "[Check %d] Test psa_cipher_decrypt_setup - Invalid key handle\n",
g_test_count++);
/* Set the key for a multipart symmetric decryption operation */
@@ -173,21 +161,8 @@ int32_t psa_cipher_decrypt_setup_negative_test(security_t caller)
0, check2[i].key_alg);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
- val->print(PRINT_TEST, "[Check %d] Test psa_cipher_decrypt_setup - Empty key handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Set the key for a multipart symmetric decryption operation */
- status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation,
- check2[i].key_handle, check2[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(7));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c033/test_c033.h b/api-tests/dev_apis/crypto/test_c033/test_c033.h
index 7a0befb9..ea045b45 100644
--- a/api-tests/dev_apis/crypto/test_c033/test_c033.h
+++ b/api-tests/dev_apis/crypto/test_c033/test_c033.h
@@ -18,14 +18,14 @@
#define _TEST_C033_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c033)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c033)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c033_crypto_list[];
-int32_t psa_cipher_decrypt_setup_test(security_t caller);
-int32_t psa_cipher_decrypt_setup_negative_test(security_t caller);
+int32_t psa_cipher_decrypt_setup_test(caller_security_t caller);
+int32_t psa_cipher_decrypt_setup_negative_test(caller_security_t caller);
#endif /* _TEST_C033_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c033/test_data.h b/api-tests/dev_apis/crypto/test_c033/test_data.h
index 82cc1097..c44e8ed5 100644
--- a/api-tests/dev_apis/crypto/test_c033/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c033/test_data.h
@@ -17,8 +17,6 @@
#include "val_crypto.h"
-#define EMPTY_KEY_SLOT 31
-
typedef struct {
char test_desc[75];
psa_key_handle_t key_handle;
@@ -276,7 +274,7 @@ static test_data check1[] = {
PSA_ERROR_INVALID_ARGUMENT
},
-{"Test psa_cipher_decrypt_setup - RSA keypair\n", 13, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_cipher_decrypt_setup - RSA keypair\n", 13, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 1193,
PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, 2048,
PSA_ERROR_INVALID_ARGUMENT
@@ -295,7 +293,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
{"Test psa_cipher_decrypt_setup - EC keypair\n", 15,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1), {0}, 28,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1), {0}, 28,
PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT, 224,
PSA_ERROR_INVALID_ARGUMENT
},
diff --git a/api-tests/dev_apis/crypto/test_c033/test_entry.c b/api-tests/dev_apis/crypto/test_c033/test_entry_c033.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c033/test_entry.c
rename to api-tests/dev_apis/crypto/test_c033/test_entry_c033.c
index a979d304..7a97fb30 100644
--- a/api-tests/dev_apis/crypto/test_c033/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c033/test_entry_c033.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 33)
#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c034/source.mk b/api-tests/dev_apis/crypto/test_c034/source.mk
deleted file mode 100644
index cfb15f57..00000000
--- a/api-tests/dev_apis/crypto/test_c034/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c034.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c034/test.cmake b/api-tests/dev_apis/crypto/test_c034/test.cmake
new file mode 100644
index 00000000..dac62464
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c034/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c034.c
+ test_c034.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c034/test_c034.c b/api-tests/dev_apis/crypto/test_c034/test_c034.c
index 97c5bee7..0017ce07 100644
--- a/api-tests/dev_apis/crypto/test_c034/test_c034.c
+++ b/api-tests/dev_apis/crypto/test_c034/test_c034.c
@@ -30,15 +30,21 @@ client_test_t test_c034_crypto_list[] = {
static int g_test_count = 1;
-int32_t psa_cipher_generate_iv_test(security_t caller)
+int32_t psa_cipher_generate_iv_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
uint32_t i, j, iv_sum;
uint8_t iv[32];
size_t iv_length;
- psa_key_policy_t policy;
psa_cipher_operation_t operation;
int32_t status;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -50,58 +56,45 @@ int32_t psa_cipher_generate_iv_test(security_t caller)
val->print(PRINT_TEST, check1[i].test_desc, 0);
memset(&operation, 0, sizeof(operation));
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the key for a multipart symmetric encryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Generate an IV for a symmetric encryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_GENERATE_IV, &operation, iv,
check1[i].iv_size, &iv_length);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Abort a cipher operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
continue;
}
/* Check that if generated iv length match the expected length */
- TEST_ASSERT_EQUAL(iv_length, check1[i].expected_iv_length, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(iv_length, check1[i].expected_iv_length, TEST_CHECKPOINT_NUM(8));
iv_sum = 0;
for (j = 0; j < iv_length; j++)
@@ -109,23 +102,26 @@ int32_t psa_cipher_generate_iv_test(security_t caller)
iv_sum += iv[j];
}
- /* Check that if generated iv are zero */
- TEST_ASSERT_NOT_EQUAL(iv_sum, 0, TEST_CHECKPOINT_NUM(11));
+ /* Check that if generated iv are not zero */
+ TEST_ASSERT_NOT_EQUAL(iv_sum, 0, TEST_CHECKPOINT_NUM(9));
/* Generating an IV for a symmetric encryption operation using the same operator
* should fail
*/
status = val->crypto_function(VAL_CRYPTO_CIPHER_GENERATE_IV, &operation, iv,
check1[i].iv_size, &iv_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(10));
/* Abort a cipher operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(13));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c034/test_c034.h b/api-tests/dev_apis/crypto/test_c034/test_c034.h
index 3d1211a6..67273ab8 100644
--- a/api-tests/dev_apis/crypto/test_c034/test_c034.h
+++ b/api-tests/dev_apis/crypto/test_c034/test_c034.h
@@ -18,13 +18,13 @@
#define _TEST_C034_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c034)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c034)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c034_crypto_list[];
-int32_t psa_cipher_generate_iv_test(security_t caller);
+int32_t psa_cipher_generate_iv_test(caller_security_t caller);
#endif /* _TEST_C034_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c034/test_entry.c b/api-tests/dev_apis/crypto/test_c034/test_entry_c034.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c034/test_entry.c
rename to api-tests/dev_apis/crypto/test_c034/test_entry_c034.c
index c86a67df..b568dafb 100644
--- a/api-tests/dev_apis/crypto/test_c034/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c034/test_entry_c034.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 34)
#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c035/source.mk b/api-tests/dev_apis/crypto/test_c035/source.mk
deleted file mode 100644
index 6e4b9742..00000000
--- a/api-tests/dev_apis/crypto/test_c035/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c035.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c035/test.cmake b/api-tests/dev_apis/crypto/test_c035/test.cmake
new file mode 100644
index 00000000..049eb982
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c035/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c035.c
+ test_c035.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c035/test_c035.c b/api-tests/dev_apis/crypto/test_c035/test_c035.c
index 010b2756..8d19a105 100644
--- a/api-tests/dev_apis/crypto/test_c035/test_c035.c
+++ b/api-tests/dev_apis/crypto/test_c035/test_c035.c
@@ -30,12 +30,18 @@ client_test_t test_c035_crypto_list[] = {
static int g_test_count = 1;
-int32_t psa_cipher_set_iv_test(security_t caller)
+int32_t psa_cipher_set_iv_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
- psa_key_policy_t policy;
psa_cipher_operation_t operation;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -47,57 +53,47 @@ int32_t psa_cipher_set_iv_test(security_t caller)
val->print(PRINT_TEST, check1[i].test_desc, 0);
memset(&operation, 0, sizeof(operation));
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the key for a multipart symmetric encryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Set an IV for a symmetric encryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_SET_IV, &operation, check1[i].iv,
check1[i].iv_size);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
/* Setting an IV for a symmetric encryption operation using the same operator
* should fail for both previous success and failure cases
*/
status = val->crypto_function(VAL_CRYPTO_CIPHER_SET_IV, &operation, check1[i].iv,
check1[i].iv_size);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(6));
/* Abort a cipher operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c035/test_c035.h b/api-tests/dev_apis/crypto/test_c035/test_c035.h
index d4cf6f8f..b5a6a49d 100644
--- a/api-tests/dev_apis/crypto/test_c035/test_c035.h
+++ b/api-tests/dev_apis/crypto/test_c035/test_c035.h
@@ -18,13 +18,13 @@
#define _TEST_C035_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c035)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c035)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c035_crypto_list[];
-int32_t psa_cipher_set_iv_test(security_t caller);
+int32_t psa_cipher_set_iv_test(caller_security_t caller);
#endif /* _TEST_C035_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c035/test_entry.c b/api-tests/dev_apis/crypto/test_c035/test_entry_c035.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c035/test_entry.c
rename to api-tests/dev_apis/crypto/test_c035/test_entry_c035.c
index a37200fc..1c628ebf 100644
--- a/api-tests/dev_apis/crypto/test_c035/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c035/test_entry_c035.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 35)
#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c036/source.mk b/api-tests/dev_apis/crypto/test_c036/source.mk
deleted file mode 100644
index 03fe831b..00000000
--- a/api-tests/dev_apis/crypto/test_c036/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c036.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c036/test.cmake b/api-tests/dev_apis/crypto/test_c036/test.cmake
new file mode 100644
index 00000000..e8b9666c
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c036/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c036.c
+ test_c036.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c036/test_c036.c b/api-tests/dev_apis/crypto/test_c036/test_c036.c
index bf5969a9..64fea253 100644
--- a/api-tests/dev_apis/crypto/test_c036/test_c036.c
+++ b/api-tests/dev_apis/crypto/test_c036/test_c036.c
@@ -32,15 +32,20 @@ client_test_t test_c036_crypto_list[] = {
static int g_test_count = 1;
static uint8_t input[SIZE_32B];
static uint8_t output[SIZE_32B];
-static psa_cipher_operation_t operation;
-int32_t psa_cipher_update_test(security_t caller)
+int32_t psa_cipher_update_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
size_t length;
- psa_key_policy_t policy;
- psa_cipher_operation_t invalid_operation;
+ psa_cipher_operation_t operation;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -50,97 +55,80 @@ int32_t psa_cipher_update_test(security_t caller)
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
memset(&operation, 0, sizeof(operation));
- memset(&invalid_operation, 0, sizeof(invalid_operation));
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
if (check1[i].usage == PSA_KEY_USAGE_ENCRYPT)
{
/* Set the key for a multipart symmetric encryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
}
else if (check1[i].usage == PSA_KEY_USAGE_DECRYPT)
{
status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
}
/* Set an IV for a symmetric encryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_SET_IV, &operation, check1[i].iv,
check1[i].iv_size);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
/* Encrypt or decrypt a message fragment in an active cipher operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_UPDATE, &operation, check1[i].input,
check1[i].input_length, output, check1[i].output_size, &length);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(7));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Abort a cipher operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
continue;
}
/* Check if the output length matches the expected length */
- TEST_ASSERT_EQUAL(length, check1[i].expected_output_length, TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_EQUAL(length, check1[i].expected_output_length, TEST_CHECKPOINT_NUM(10));
/* Check if the output data matches the expected data */
- TEST_ASSERT_MEMCMP(output, check1[i].expected_output, length, TEST_CHECKPOINT_NUM(13));
-
- /* Encrypt or decrypt a message fragment in an invalid cipher operation should fail */
- status = val->crypto_function(VAL_CRYPTO_CIPHER_UPDATE, &invalid_operation,
- check1[i].input, check1[i].input_length, output, check1[i].output_size,
- &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(14));
+ TEST_ASSERT_MEMCMP(output, check1[i].expected_output, length, TEST_CHECKPOINT_NUM(11));
/* Abort a cipher operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(15));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(16));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(13));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_cipher_update_negative_test(security_t caller)
+int32_t psa_cipher_update_negative_test(caller_security_t caller)
{
int32_t i, status;
psa_cipher_operation_t operations[] = {psa_cipher_operation_init(),
diff --git a/api-tests/dev_apis/crypto/test_c036/test_c036.h b/api-tests/dev_apis/crypto/test_c036/test_c036.h
index 61fe7e53..20567626 100644
--- a/api-tests/dev_apis/crypto/test_c036/test_c036.h
+++ b/api-tests/dev_apis/crypto/test_c036/test_c036.h
@@ -18,14 +18,14 @@
#define _TEST_C036_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c036)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c036)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c036_crypto_list[];
-int32_t psa_cipher_update_test(security_t caller);
-int32_t psa_cipher_update_negative_test(security_t caller);
+int32_t psa_cipher_update_test(caller_security_t caller);
+int32_t psa_cipher_update_negative_test(caller_security_t caller);
#endif /* _TEST_C036_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c036/test_entry.c b/api-tests/dev_apis/crypto/test_c036/test_entry_c036.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c036/test_entry.c
rename to api-tests/dev_apis/crypto/test_c036/test_entry_c036.c
index f46a6b3c..d7b09df2 100644
--- a/api-tests/dev_apis/crypto/test_c036/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c036/test_entry_c036.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 36)
#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c037/source.mk b/api-tests/dev_apis/crypto/test_c037/source.mk
deleted file mode 100644
index 9aa0674d..00000000
--- a/api-tests/dev_apis/crypto/test_c037/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c037.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c037/test.cmake b/api-tests/dev_apis/crypto/test_c037/test.cmake
new file mode 100644
index 00000000..0a6a24b6
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c037/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c037.c
+ test_c037.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c037/test_c037.c b/api-tests/dev_apis/crypto/test_c037/test_c037.c
index 8a7fdc88..86c2931d 100644
--- a/api-tests/dev_apis/crypto/test_c037/test_c037.c
+++ b/api-tests/dev_apis/crypto/test_c037/test_c037.c
@@ -33,13 +33,19 @@ client_test_t test_c037_crypto_list[] = {
static int g_test_count = 1;
static uint8_t output[SIZE_32B];
-int32_t psa_cipher_finish_test(security_t caller)
+int32_t psa_cipher_finish_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
size_t update_length, finish_length;
- psa_key_policy_t policy;
psa_cipher_operation_t operation, invalid_operation;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -49,11 +55,6 @@ int32_t psa_cipher_finish_test(security_t caller)
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
memset(&operation, 0, sizeof(operation));
memset(&invalid_operation, 0, sizeof(invalid_operation));
@@ -61,90 +62,85 @@ int32_t psa_cipher_finish_test(security_t caller)
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
if (check1[i].usage == PSA_KEY_USAGE_ENCRYPT)
{
/* Set the key for a multipart symmetric encryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
}
else if (check1[i].usage == PSA_KEY_USAGE_DECRYPT)
{
/* Set the key for a multipart symmetric decryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
}
/* Set an IV for a symmetric encryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_SET_IV, &operation, check1[i].iv,
check1[i].iv_size);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
/* Encrypt or decrypt a message fragment in an active cipher operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_UPDATE, &operation, check1[i].input,
check1[i].input_length, output, check1[i].output_size[SLOT_1], &update_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
/* Finish encrypting or decrypting a message in a cipher operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_FINISH, &operation,
output + update_length, check1[i].output_size[SLOT_2], &finish_length);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(8));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Abort a cipher operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
continue;
}
/* Check if the output length matches the expected length */
- TEST_ASSERT_EQUAL(finish_length, check1[i].expected_output_length, TEST_CHECKPOINT_NUM(13));
+ TEST_ASSERT_EQUAL(finish_length, check1[i].expected_output_length, TEST_CHECKPOINT_NUM(11));
/* Check if the output data matches the expected data */
TEST_ASSERT_MEMCMP(output, check1[i].expected_output,
(update_length + finish_length),
- TEST_CHECKPOINT_NUM(14));
+ TEST_CHECKPOINT_NUM(12));
/* Finish encrypting or decrypting a message using an invalid operation should fail */
status = val->crypto_function(VAL_CRYPTO_CIPHER_FINISH, &invalid_operation, output,
check1[i].output_size[SLOT_2], &finish_length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(15));
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(13));
/* Abort a cipher operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(16));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
/* Abort a cipher operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &invalid_operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(17));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(15));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(18));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(16));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c037/test_c037.h b/api-tests/dev_apis/crypto/test_c037/test_c037.h
index e7e1bdaa..cf57c407 100644
--- a/api-tests/dev_apis/crypto/test_c037/test_c037.h
+++ b/api-tests/dev_apis/crypto/test_c037/test_c037.h
@@ -18,13 +18,13 @@
#define _TEST_C037_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c037)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c037)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c037_crypto_list[];
-int32_t psa_cipher_finish_test(security_t caller);
+int32_t psa_cipher_finish_test(caller_security_t caller);
#endif /* _TEST_C037_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c037/test_entry.c b/api-tests/dev_apis/crypto/test_c037/test_entry_c037.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c037/test_entry.c
rename to api-tests/dev_apis/crypto/test_c037/test_entry_c037.c
index 7732adb4..7cbcab20 100644
--- a/api-tests/dev_apis/crypto/test_c037/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c037/test_entry_c037.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 37)
#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c038/source.mk b/api-tests/dev_apis/crypto/test_c038/source.mk
deleted file mode 100644
index b0442d2a..00000000
--- a/api-tests/dev_apis/crypto/test_c038/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c038.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c038/test.cmake b/api-tests/dev_apis/crypto/test_c038/test.cmake
new file mode 100644
index 00000000..59a6c5e8
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c038/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c038.c
+ test_c038.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c038/test_c038.c b/api-tests/dev_apis/crypto/test_c038/test_c038.c
index 54b4b7d5..8cf69cd0 100644
--- a/api-tests/dev_apis/crypto/test_c038/test_c038.c
+++ b/api-tests/dev_apis/crypto/test_c038/test_c038.c
@@ -31,12 +31,18 @@ client_test_t test_c038_crypto_list[] = {
static int g_test_count = 1;
static uint8_t output[SIZE_32B];
-int32_t psa_cipher_abort_test(security_t caller)
+int32_t psa_cipher_abort_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
- psa_key_policy_t policy;
psa_cipher_operation_t operation;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -48,68 +54,57 @@ int32_t psa_cipher_abort_test(security_t caller)
val->print(PRINT_TEST, check1[i].test_desc, 0);
memset(&operation, 0, sizeof(operation));
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
if (check1[i].usage == PSA_KEY_USAGE_ENCRYPT)
{
/* Set the key for a multipart symmetric encryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
}
else if (check1[i].usage == PSA_KEY_USAGE_DECRYPT)
{
/* Set the key for a multipart symmetric decryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation,
check1[i].key_handle, check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
}
/* Abort a cipher operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
/* Multiple abort cipher operation should return success*/
status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_cipher_abort_before_update_test(security_t caller)
+int32_t psa_cipher_abort_before_update_test(caller_security_t caller)
{
size_t length;
- psa_key_policy_t policy;
psa_algorithm_t key_alg = PSA_ALG_CBC_NO_PADDING;
psa_key_usage_t usage = PSA_KEY_USAGE_ENCRYPT;
psa_key_handle_t key_handle = 13;
@@ -125,6 +120,7 @@ int32_t psa_cipher_abort_before_update_test(security_t caller)
size_t input_length = sizeof(input);
size_t iv_size = sizeof(iv);
int32_t status;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -134,52 +130,44 @@ int32_t psa_cipher_abort_before_update_test(security_t caller)
val->print(PRINT_TEST, "Test psa_cipher_update after psa_cipher_abort should fail\n", 0);
memset(&operation, 0, sizeof(operation));
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, usage, key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, key_handle,
- key_type, key_data, key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, key_data,
+ key_length, &key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the key for a multipart symmetric encryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
key_handle, key_alg);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Set an IV for a symmetric encryption operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_SET_IV, &operation, iv, iv_size);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Abort a cipher operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
/* Encrypt or decrypt a message fragment in an active cipher operation */
status = val->crypto_function(VAL_CRYPTO_CIPHER_UPDATE, &operation, input,
input_length, output, SIZE_32B, &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c038/test_c038.h b/api-tests/dev_apis/crypto/test_c038/test_c038.h
index 6d6e5f01..3568e655 100644
--- a/api-tests/dev_apis/crypto/test_c038/test_c038.h
+++ b/api-tests/dev_apis/crypto/test_c038/test_c038.h
@@ -18,14 +18,14 @@
#define _TEST_C038_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c038)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c038)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c038_crypto_list[];
-int32_t psa_cipher_abort_test(security_t caller);
-int32_t psa_cipher_abort_before_update_test(security_t caller);
+int32_t psa_cipher_abort_test(caller_security_t caller);
+int32_t psa_cipher_abort_before_update_test(caller_security_t caller);
#endif /* _TEST_C038_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c038/test_entry.c b/api-tests/dev_apis/crypto/test_c038/test_entry_c038.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c038/test_entry.c
rename to api-tests/dev_apis/crypto/test_c038/test_entry_c038.c
index d027adae..fdbbce11 100644
--- a/api-tests/dev_apis/crypto/test_c038/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c038/test_entry_c038.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 38)
#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c039/source.mk b/api-tests/dev_apis/crypto/test_c039/source.mk
deleted file mode 100644
index 61f86c62..00000000
--- a/api-tests/dev_apis/crypto/test_c039/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c039.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c039/test.cmake b/api-tests/dev_apis/crypto/test_c039/test.cmake
new file mode 100644
index 00000000..3ed4781e
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c039/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c039.c
+ test_c039.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c039/test_c039.c b/api-tests/dev_apis/crypto/test_c039/test_c039.c
index 30a833e1..72648bc1 100644
--- a/api-tests/dev_apis/crypto/test_c039/test_c039.c
+++ b/api-tests/dev_apis/crypto/test_c039/test_c039.c
@@ -44,14 +44,20 @@ static bool_t is_buffer_empty(uint8_t *buffer, size_t size)
static int g_test_count = 1;
static uint8_t output[SIZE_128B];
-int32_t psa_asymmetric_encrypt_test(security_t caller)
+int32_t psa_asymmetric_encrypt_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
- const uint8_t *key_data;
- uint8_t *salt;
+ const uint8_t *key_data;
+ uint8_t *salt;
size_t length;
- psa_key_policy_t policy;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -62,25 +68,16 @@ int32_t psa_asymmetric_encrypt_test(security_t caller)
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
memset(output, 0, sizeof(output));
/* Set the key data based on key type */
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
{
if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
key_data = rsa_384_keypair;
@@ -105,7 +102,7 @@ int32_t psa_asymmetric_encrypt_test(security_t caller)
}
else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
key_data = ec_keypair;
else
key_data = ec_keydata;
@@ -113,19 +110,15 @@ int32_t psa_asymmetric_encrypt_test(security_t caller)
else
key_data = check1[i].key_data;
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
if (is_buffer_empty(check1[i].salt, check1[i].salt_length) == TRUE)
{
@@ -139,19 +132,19 @@ int32_t psa_asymmetric_encrypt_test(security_t caller)
status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_ENCRYPT, check1[i].key_handle,
check1[i].key_alg, check1[i].input, check1[i].input_length, salt,
check1[i].salt_length, output, check1[i].output_size, &length);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
continue;
}
/* Check if the output length matches with the expected output length */
- TEST_ASSERT_EQUAL(length, check1[i].expected_output_length, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(length, check1[i].expected_output_length, TEST_CHECKPOINT_NUM(6));
/* We test encryption by checking that encrypt-then-decrypt gives back
* the original plaintext because of the non-optional random
@@ -161,30 +154,32 @@ int32_t psa_asymmetric_encrypt_test(security_t caller)
status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_DECRYPT,
check1[i].key_handle, check1[i].key_alg, output, length, salt,
check1[i].salt_length, output, check1[i].output_size, &length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
/* Check if the output length matches with the input length */
- TEST_ASSERT_EQUAL(length, check1[i].input_length, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(length, check1[i].input_length, TEST_CHECKPOINT_NUM(8));
/* Check if the output matches with the given input data */
- TEST_ASSERT_MEMCMP(output, check1[i].input, length, TEST_CHECKPOINT_NUM(11));
+ TEST_ASSERT_MEMCMP(output, check1[i].input, length, TEST_CHECKPOINT_NUM(9));
}
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_asymmetric_encrypt_negative_test(security_t caller)
+int32_t psa_asymmetric_encrypt_negative_test(caller_security_t caller)
{
int num_checks = sizeof(check2)/sizeof(check2[0]);
int32_t i, status;
- uint8_t *salt;
+ uint8_t *salt = NULL;
size_t length;
- psa_key_policy_t policy;
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -192,18 +187,17 @@ int32_t psa_asymmetric_encrypt_negative_test(security_t caller)
for (i = 0; i < num_checks; i++)
{
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
+ if (is_buffer_empty(check2[i].salt, check2[i].salt_length) == TRUE)
+ {
+ salt = NULL;
+ check2[i].salt_length = 0;
+ }
+ else
+ salt = check2[i].salt;
val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_encrypt - Invalid key handle\n",
g_test_count++);
@@ -220,31 +214,6 @@ int32_t psa_asymmetric_encrypt_negative_test(security_t caller)
check2[i].key_alg, check2[i].input, check2[i].input_length, salt,
check2[i].salt_length, output, check2[i].output_size, &length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_encrypt - Empty key handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- if (is_buffer_empty(check1[i].salt, check1[i].salt_length) == TRUE)
- {
- salt = NULL;
- check1[i].salt_length = 0;
- }
- else
- salt = check1[i].salt;
-
- /* Encrypt a short message with a public key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_ENCRYPT, check2[i].key_handle,
- check2[i].key_alg, check2[i].input, check2[i].input_length, salt,
- check2[i].salt_length, output, check2[i].output_size, &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(7));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c039/test_c039.h b/api-tests/dev_apis/crypto/test_c039/test_c039.h
index 27d74972..dd431d33 100644
--- a/api-tests/dev_apis/crypto/test_c039/test_c039.h
+++ b/api-tests/dev_apis/crypto/test_c039/test_c039.h
@@ -18,14 +18,14 @@
#define _TEST_C039_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c039)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c039)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c039_crypto_list[];
-int32_t psa_asymmetric_encrypt_test(security_t caller);
-int32_t psa_asymmetric_encrypt_negative_test(security_t caller);
+int32_t psa_asymmetric_encrypt_test(caller_security_t caller);
+int32_t psa_asymmetric_encrypt_negative_test(caller_security_t caller);
#endif /* _TEST_C039_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c039/test_data.h b/api-tests/dev_apis/crypto/test_c039/test_data.h
index 5bb5109c..e947fd06 100644
--- a/api-tests/dev_apis/crypto/test_c039/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c039/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -41,12 +41,11 @@ static const uint8_t rsa_256_keypair[1];
static const uint8_t rsa_256_keydata[1];
static const uint8_t ec_keydata[] = {
- 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
- 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
- 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
- 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A,
- 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
- 0x24, 0x74, 0x90, 0x9A, 0xE0};
+ 0x04, 0xde, 0xa5, 0xe4, 0x5d, 0x0e, 0xa3, 0x7f, 0xc5, 0x66, 0x23, 0x2a, 0x50, 0x8f,
+ 0x4a, 0xd2, 0x0e, 0xa1, 0x3d, 0x47, 0xe4, 0xbf, 0x5f, 0xa4, 0xd5, 0x4a, 0x57, 0xa0,
+ 0xba, 0x01, 0x20, 0x42, 0x08, 0x70, 0x97, 0x49, 0x6e, 0xfc, 0x58, 0x3f, 0xed, 0x8b,
+ 0x24, 0xa5, 0xb9, 0xbe, 0x9a, 0x51, 0xde, 0x06, 0x3f, 0x5a, 0x00, 0xa8, 0xb6, 0x98,
+ 0xa1, 0x6f, 0xd7, 0xf2, 0x9b, 0x54, 0x85, 0xf3, 0x20};
static const uint8_t ec_keypair[] = {
0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
@@ -158,7 +157,7 @@ static test_data check1[] = {
#endif
#ifdef ARCH_TEST_RSA_PKCS1V15_CRYPT
-{"Test psa_asymmetric_encrypt - RSA KEYPAIR PKCS1V15\n", 4, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_encrypt - RSA KEY_PAIR PKCS1V15\n", 4, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
{0}, 0,
{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
@@ -167,7 +166,7 @@ static test_data check1[] = {
128, 1024, PSA_SUCCESS
},
-{"Test psa_asymmetric_encrypt - Small output buffer\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_encrypt - Small output buffer\n", 5, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
{0}, 0,
{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
@@ -215,27 +214,31 @@ static test_data check1[] = {
#endif
#endif
-#ifdef FUTURE_SUPPORT
+#ifdef ARCH_TEST_ECDSA
+#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
+#ifdef ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
{"Test psa_asymmetric_encrypt - ECC public key\n", 9,
- PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1,
-{0}, 75, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_ECDSA_ANY,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+{0}, 65, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
{0}, 0,
{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 22, 128,
- 0, 192, PSA_SUCCESS
-}
+ 128, 256, PSA_SUCCESS
+},
{"Test psa_asymmetric_encrypt - ECC keypair\n", 10,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1),
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
{0}, 97, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
{0}, 0,
{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 22, 128,
- 0, 192, PSA_SUCCESS
+ 128, 256, PSA_SUCCESS
}
#endif
+#endif
+#endif
};
static test_data check2[] = {
diff --git a/api-tests/dev_apis/crypto/test_c039/test_entry.c b/api-tests/dev_apis/crypto/test_c039/test_entry_c039.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c039/test_entry.c
rename to api-tests/dev_apis/crypto/test_c039/test_entry_c039.c
index 323f1738..6f638dec 100644
--- a/api-tests/dev_apis/crypto/test_c039/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c039/test_entry_c039.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 39)
#define TEST_DESC "Testing crypto asymmetric APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c040/source.mk b/api-tests/dev_apis/crypto/test_c040/source.mk
deleted file mode 100644
index e4eaffe5..00000000
--- a/api-tests/dev_apis/crypto/test_c040/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c040.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c040/test.cmake b/api-tests/dev_apis/crypto/test_c040/test.cmake
new file mode 100644
index 00000000..3d339452
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c040/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c040.c
+ test_c040.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c040/test_c040.c b/api-tests/dev_apis/crypto/test_c040/test_c040.c
index 760ab197..e769c1a8 100644
--- a/api-tests/dev_apis/crypto/test_c040/test_c040.c
+++ b/api-tests/dev_apis/crypto/test_c040/test_c040.c
@@ -44,14 +44,20 @@ static bool_t is_buffer_empty(uint8_t *buffer, size_t size)
static int g_test_count = 1;
static uint8_t output[SIZE_128B];
-int32_t psa_asymmetric_decrypt_test(security_t caller)
+int32_t psa_asymmetric_decrypt_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
const uint8_t *key_data;
uint8_t *salt;
size_t length;
- psa_key_policy_t policy;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -62,25 +68,16 @@ int32_t psa_asymmetric_decrypt_test(security_t caller)
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
- /* Setting up the watchdog timer for each check */
+ /* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
memset(output, 0, sizeof(output));
/* Set the key data based on key type */
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
{
if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
key_data = rsa_384_keypair;
@@ -105,7 +102,7 @@ int32_t psa_asymmetric_decrypt_test(security_t caller)
}
else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
key_data = ec_keypair;
else
key_data = ec_keydata;
@@ -113,19 +110,15 @@ int32_t psa_asymmetric_decrypt_test(security_t caller)
else
key_data = check1[i].key_data;
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
if (is_buffer_empty(check1[i].salt, check1[i].salt_length) == TRUE)
{
@@ -139,38 +132,40 @@ int32_t psa_asymmetric_decrypt_test(security_t caller)
status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_DECRYPT, check1[i].key_handle,
check1[i].key_alg, check1[i].input, check1[i].input_length, salt,
check1[i].salt_length, output, check1[i].output_size, &length);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
continue;
}
/* Check if the output length matches with the expected length */
- TEST_ASSERT_EQUAL(length, check1[i].expected_output_length, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(length, check1[i].expected_output_length, TEST_CHECKPOINT_NUM(6));
/* Check if the output matches with the expected data */
- TEST_ASSERT_MEMCMP(output, check1[i].expected_output, length, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_MEMCMP(output, check1[i].expected_output, length, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_asymmetric_decrypt_negative_test(security_t caller)
+int32_t psa_asymmetric_decrypt_negative_test(caller_security_t caller)
{
int num_checks = sizeof(check2)/sizeof(check2[0]);
int32_t i, status;
uint8_t *salt;
size_t length;
- psa_key_policy_t policy;
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -178,18 +173,18 @@ int32_t psa_asymmetric_decrypt_negative_test(security_t caller)
for (i = 0; i < num_checks; i++)
{
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
+ if (is_buffer_empty(check2[i].salt, check2[i].salt_length) == TRUE)
+ {
+ salt = NULL;
+ check2[i].salt_length = 0;
+ }
+ else
+ salt = check1[i].salt;
val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_decrypt - Invalid key handle\n",
g_test_count++);
@@ -206,31 +201,6 @@ int32_t psa_asymmetric_decrypt_negative_test(security_t caller)
check2[i].key_alg, check2[i].input, check2[i].input_length, salt,
check2[i].salt_length, output, check2[i].output_size, &length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_decrypt - Empty key handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- if (is_buffer_empty(check1[i].salt, check1[i].salt_length) == TRUE)
- {
- salt = NULL;
- check1[i].salt_length = 0;
- }
- else
- salt = check1[i].salt;
-
- /* Encrypt a short message with a public key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_DECRYPT, check2[i].key_handle,
- check2[i].key_alg, check2[i].input, check2[i].input_length, salt,
- check2[i].salt_length, output, check2[i].output_size, &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(7));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c040/test_c040.h b/api-tests/dev_apis/crypto/test_c040/test_c040.h
index ebb8f5b0..80e95f9d 100644
--- a/api-tests/dev_apis/crypto/test_c040/test_c040.h
+++ b/api-tests/dev_apis/crypto/test_c040/test_c040.h
@@ -18,14 +18,14 @@
#define _TEST_C040_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c040)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c040)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c040_crypto_list[];
-int32_t psa_asymmetric_decrypt_test(security_t caller);
-int32_t psa_asymmetric_decrypt_negative_test(security_t caller);
+int32_t psa_asymmetric_decrypt_test(caller_security_t caller);
+int32_t psa_asymmetric_decrypt_negative_test(caller_security_t caller);
#endif /* _TEST_C040_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c040/test_data.h b/api-tests/dev_apis/crypto/test_c040/test_data.h
index c6bc2487..371d2300 100644
--- a/api-tests/dev_apis/crypto/test_c040/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c040/test_data.h
@@ -125,7 +125,7 @@ static const uint8_t rsa_128_keypair[] = {
static test_data check1[] = {
#ifdef ARCH_TEST_RSA_1024
#ifdef ARCH_TEST_RSA_PKCS1V15_CRYPT
-{"Test psa_asymmetric_decrypt - RSA KEYPAIR PKCS1V15\n", 1, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_decrypt - RSA KEY_PAIR PKCS1V15\n", 1, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
{0}, 0,
{0x99, 0xff, 0xde, 0x2f, 0xcc, 0x00, 0xc9, 0xcc, 0x01, 0x97, 0x2e, 0xbf, 0xa7,
@@ -148,7 +148,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_SHA256
#ifdef ARCH_TEST_RSA_OAEP
-{"Test psa_asymmetric_decrypt - RSA KEYPAIR OAEP SHA256\n", 2, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_decrypt - RSA KEY_PAIR OAEP SHA256\n", 2, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256),
{0}, 0,
{0x3d, 0x31, 0x46, 0xb1, 0xc9, 0x82, 0x00, 0x42, 0x73, 0xa9, 0xeb, 0xb9, 0xb0,
@@ -166,8 +166,8 @@ static test_data check1[] = {
0, 1024, PSA_SUCCESS
},
-{"Test psa_asymmetric_decrypt - RSA KEYPAIR OAEP SHA256 with label\n", 3,
- PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_decrypt - RSA KEY_PAIR OAEP SHA256 with label\n", 3,
+ PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256),
{0x74, 0x68, 0x69, 0x73, 0x00, 0x69, 0x73, 0x00, 0x61, 0x00, 0x6c, 0x61, 0x62,
0x65, 0x6c, 0x00}, 16,
@@ -210,7 +210,7 @@ PSA_KEY_TYPE_RSA_PUBLIC_KEY,
0, 1024, PSA_ERROR_INVALID_ARGUMENT
},
-{"Test psa_asymmetric_decrypt - Small output buffer\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_decrypt - Small output buffer\n", 5, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
{0}, 0,
{0x99, 0xff, 0xde, 0x2f, 0xcc, 0x00, 0xc9, 0xcc, 0x01, 0x97, 0x2e, 0xbf, 0xa7,
@@ -232,7 +232,7 @@ PSA_KEY_TYPE_RSA_PUBLIC_KEY,
#endif
#ifdef ARCH_TEST_SHA256
-{"Test psa_asymmetric_decrypt - Invalid algorithm\n", 6, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_decrypt - Invalid algorithm\n", 6, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_DECRYPT, PSA_ALG_SHA_256,
{0}, 0,
{0x99, 0xff, 0xde, 0x2f, 0xcc, 0x00, 0xc9, 0xcc, 0x01, 0x97, 0x2e, 0xbf, 0xa7,
@@ -279,7 +279,7 @@ PSA_KEY_TYPE_RSA_PUBLIC_KEY,
#endif
#ifdef ARCH_TEST_RSA_1024
-{"Test psa_asymmetric_decrypt - Invalid usage\n", 8, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_decrypt - Invalid usage\n", 8, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
{0}, 0,
{0x99, 0xff, 0xde, 0x2f, 0xcc, 0x00, 0xc9, 0xcc, 0x01, 0x97, 0x2e, 0xbf, 0xa7,
@@ -305,7 +305,7 @@ PSA_KEY_TYPE_RSA_PUBLIC_KEY,
static test_data check2[] = {
#ifdef ARCH_TEST_RSA_PKCS1V15_CRYPT
#ifdef ARCH_TEST_RSA_1024
-{"Test psa_asymmetric_decrypt - Negative case\n", 1, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_decrypt - Negative case\n", 1, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
{0}, 0,
{0x99, 0xff, 0xde, 0x2f, 0xcc, 0x00, 0xc9, 0xcc, 0x01, 0x97, 0x2e, 0xbf, 0xa7,
diff --git a/api-tests/dev_apis/crypto/test_c040/test_entry.c b/api-tests/dev_apis/crypto/test_c040/test_entry_c040.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c040/test_entry.c
rename to api-tests/dev_apis/crypto/test_c040/test_entry_c040.c
index 7b36aedc..8744acad 100644
--- a/api-tests/dev_apis/crypto/test_c040/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c040/test_entry_c040.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 40)
#define TEST_DESC "Testing crypto asymmetric APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c041/source.mk b/api-tests/dev_apis/crypto/test_c041/source.mk
deleted file mode 100644
index cad0302d..00000000
--- a/api-tests/dev_apis/crypto/test_c041/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c041.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c041/test.cmake b/api-tests/dev_apis/crypto/test_c041/test.cmake
new file mode 100644
index 00000000..0e96d93e
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c041/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c041.c
+ test_c041.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c041/test_c041.c b/api-tests/dev_apis/crypto/test_c041/test_c041.c
index 101e16a0..82217287 100644
--- a/api-tests/dev_apis/crypto/test_c041/test_c041.c
+++ b/api-tests/dev_apis/crypto/test_c041/test_c041.c
@@ -31,13 +31,19 @@ client_test_t test_c041_crypto_list[] = {
static int g_test_count = 1;
static uint8_t signature[SIZE_128B];
-int32_t psa_asymmetric_sign_test(security_t caller)
+int32_t psa_asymmetric_sign_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
const uint8_t *key_data;
size_t length;
- psa_key_policy_t policy;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -48,25 +54,15 @@ int32_t psa_asymmetric_sign_test(security_t caller)
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
memset(signature, 0, sizeof(signature));
/* Set the key data based on key type */
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
{
if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
key_data = rsa_384_keypair;
@@ -91,7 +87,7 @@ int32_t psa_asymmetric_sign_test(security_t caller)
}
else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
key_data = ec_keypair;
else
key_data = ec_keydata;
@@ -99,55 +95,50 @@ int32_t psa_asymmetric_sign_test(security_t caller)
else
key_data = check1[i].key_data;
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Sign a hash or short message with a private key */
status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_SIGN, check1[i].key_handle,
check1[i].key_alg, check1[i].input, check1[i].input_length,
signature, check1[i].signature_size, &length);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
if (check1[i].expected_status != PSA_SUCCESS)
{
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
continue;
}
/* Check if the output length matches with the expected length */
- TEST_ASSERT_EQUAL(length, check1[i].expected_signature_length, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(length, check1[i].expected_signature_length, TEST_CHECKPOINT_NUM(6));
/* Check if the output matches with the expected data */
- TEST_ASSERT_MEMCMP(signature, check1[i].expected_signature, length, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_MEMCMP(signature, check1[i].expected_signature, length, TEST_CHECKPOINT_NUM(7));
/* Destroy the key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_asymmetric_sign_negative_test(security_t caller)
+int32_t psa_asymmetric_sign_negative_test(caller_security_t caller)
{
int num_checks = sizeof(check2)/sizeof(check2[0]);
int32_t i, status;
size_t length;
- psa_key_policy_t policy;
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -155,19 +146,10 @@ int32_t psa_asymmetric_sign_negative_test(security_t caller)
for (i = 0; i < num_checks; i++)
{
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
-
val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_sign - Invalid key handle\n",
g_test_count++);
/* Sign a hash or short message with a private key */
@@ -183,23 +165,6 @@ int32_t psa_asymmetric_sign_negative_test(security_t caller)
check2[i].key_alg, check2[i].input, check2[i].input_length,
signature, check2[i].signature_size, &length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_sign - Empty key handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Sign a hash or short message with a private key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_SIGN, check2[i].key_handle,
- check2[i].key_alg, check2[i].input, check2[i].input_length,
- signature, check2[i].signature_size, &length);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(7));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c041/test_c041.h b/api-tests/dev_apis/crypto/test_c041/test_c041.h
index 11f8074a..f761ec6e 100644
--- a/api-tests/dev_apis/crypto/test_c041/test_c041.h
+++ b/api-tests/dev_apis/crypto/test_c041/test_c041.h
@@ -18,14 +18,14 @@
#define _TEST_C041_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c041)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c041)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c041_crypto_list[];
-int32_t psa_asymmetric_sign_test(security_t caller);
-int32_t psa_asymmetric_sign_negative_test(security_t caller);
+int32_t psa_asymmetric_sign_test(caller_security_t caller);
+int32_t psa_asymmetric_sign_negative_test(caller_security_t caller);
#endif /* _TEST_C041_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c041/test_data.h b/api-tests/dev_apis/crypto/test_c041/test_data.h
index cecccb6c..8c596e1a 100644
--- a/api-tests/dev_apis/crypto/test_c041/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c041/test_data.h
@@ -112,7 +112,7 @@ static const uint8_t rsa_128_keypair[] = {
static test_data check1[] = {
#ifdef ARCH_TEST_RSA_1024
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
-{"Test psa_asymmetric_sign - RSA KEYPAIR PKCS1V15 RAW\n", 1, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_sign - RSA KEY_PAIR PKCS1V15 RAW\n", 1, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
{0x61, 0x62, 0x63}, 3, 128,
{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
@@ -131,7 +131,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
#ifdef ARCH_TEST_SHA256
-{"Test psa_asymmetric_sign - RSA KEYPAIR PKCS1V15 SHA-256\n", 2, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_sign - RSA KEY_PAIR PKCS1V15 SHA-256\n", 2, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
@@ -156,7 +156,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_DETERMINISTIC_ECDSA
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
{"Test psa_asymmetric_sign - ECDSA SECP256R1 SHA-256\n", 3,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1), {0}, 32,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1), {0}, 32,
PSA_KEY_USAGE_SIGN, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
{0x9a, 0xc4, 0x33, 0x5b, 0x46, 0x9b, 0xbd, 0x79, 0x14, 0x39, 0x24, 0x85, 0x04,
0xdd, 0x0d, 0x49, 0xc7, 0x13, 0x49, 0xa2, 0x95, 0xfe, 0xe5, 0xa1, 0xc6, 0x85,
@@ -192,7 +192,7 @@ PSA_KEY_TYPE_RSA_PUBLIC_KEY,
128, 1024, PSA_ERROR_INVALID_ARGUMENT
},
-{"Test psa_asymmetric_sign - Small output buffer\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_sign - Small output buffer\n", 5, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
@@ -211,7 +211,7 @@ PSA_KEY_TYPE_RSA_PUBLIC_KEY,
},
#endif
-{"Test psa_asymmetric_sign - Invalid algorithm\n", 6, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_sign - Invalid algorithm\n", 6, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_SIGN, PSA_ALG_SHA_256,
{0x61, 0x62, 0x63}, 3, 128,
{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
@@ -253,7 +253,7 @@ PSA_KEY_TYPE_RSA_PUBLIC_KEY,
#ifdef ARCH_TEST_RSA_1024
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
-{"Test psa_asymmetric_sign - Invalid usage\n", 8, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_sign - Invalid usage\n", 8, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
{0x61, 0x62, 0x63}, 3, 128,
{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
@@ -272,7 +272,7 @@ PSA_KEY_TYPE_RSA_PUBLIC_KEY,
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
#ifdef ARCH_TEST_SHA256
-{"Test psa_asymmetric_sign - Wrong hash size\n", 9, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_sign - Wrong hash size\n", 9, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
@@ -297,7 +297,7 @@ PSA_KEY_TYPE_RSA_PUBLIC_KEY,
static test_data check2[] = {
#ifdef ARCH_TEST_RSA_1024
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
-{"Test psa_asymmetric_sign - Negative case\n", 10, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_sign - Negative case\n", 10, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
{0x61, 0x62, 0x63}, 3, 128,
{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
diff --git a/api-tests/dev_apis/crypto/test_c041/test_entry.c b/api-tests/dev_apis/crypto/test_c041/test_entry_c041.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c041/test_entry.c
rename to api-tests/dev_apis/crypto/test_c041/test_entry_c041.c
index dd70f13e..9edd9f62 100644
--- a/api-tests/dev_apis/crypto/test_c041/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c041/test_entry_c041.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 41)
#define TEST_DESC "Testing crypto asymmetric APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c042/source.mk b/api-tests/dev_apis/crypto/test_c042/source.mk
deleted file mode 100644
index b8a3cf89..00000000
--- a/api-tests/dev_apis/crypto/test_c042/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c042.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c042/test.cmake b/api-tests/dev_apis/crypto/test_c042/test.cmake
new file mode 100644
index 00000000..f67e12f7
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c042/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c042.c
+ test_c042.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c042/test_c042.c b/api-tests/dev_apis/crypto/test_c042/test_c042.c
index 43ed5ecd..996577de 100644
--- a/api-tests/dev_apis/crypto/test_c042/test_c042.c
+++ b/api-tests/dev_apis/crypto/test_c042/test_c042.c
@@ -30,12 +30,18 @@ client_test_t test_c042_crypto_list[] = {
static int g_test_count = 1;
-int32_t psa_asymmetric_verify_test(security_t caller)
+int32_t psa_asymmetric_verify_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
const uint8_t *key_data;
- psa_key_policy_t policy;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -46,23 +52,14 @@ int32_t psa_asymmetric_verify_test(security_t caller)
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
/* Set the key data based on key type */
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
{
if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
key_data = rsa_384_keypair;
@@ -87,7 +84,7 @@ int32_t psa_asymmetric_verify_test(security_t caller)
}
else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
key_data = ec_keypair;
else
key_data = ec_keydata;
@@ -95,39 +92,34 @@ int32_t psa_asymmetric_verify_test(security_t caller)
else
key_data = check1[i].key_data;
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Verify the signature a hash or short message using a public key */
status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_VERIFY, check1[i].key_handle,
check1[i].key_alg, check1[i].input, check1[i].input_length,
check1[i].signature, check1[i].signature_size);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Destroy a key and restore the slot to its default state */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_asymmetric_verify_negative_test(security_t caller)
+int32_t psa_asymmetric_verify_negative_test(caller_security_t caller)
{
int num_checks = sizeof(check2)/sizeof(check2[0]);
int32_t i, status;
- psa_key_policy_t policy;
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -138,21 +130,10 @@ int32_t psa_asymmetric_verify_negative_test(security_t caller)
val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_verify - Invalid key handle\n",
g_test_count++);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
-
- val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_verify - Invalid key handle\n",
- g_test_count++);
/* Verify the signature a hash or short message using a public key */
status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_VERIFY, check2[i].key_handle,
check2[i].key_alg, check2[i].input, check2[i].input_length,
@@ -167,22 +148,6 @@ int32_t psa_asymmetric_verify_negative_test(security_t caller)
check2[i].signature, check2[i].signature_size);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
- val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_verify - Empty key handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Verify the signature a hash or short message using a public key */
- status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_VERIFY, check2[i].key_handle,
- check2[i].key_alg, check2[i].input, check2[i].input_length,
- check2[i].signature, check2[i].signature_size);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(7));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c042/test_c042.h b/api-tests/dev_apis/crypto/test_c042/test_c042.h
index b6c2f615..ffa2eaf3 100644
--- a/api-tests/dev_apis/crypto/test_c042/test_c042.h
+++ b/api-tests/dev_apis/crypto/test_c042/test_c042.h
@@ -18,14 +18,14 @@
#define _TEST_C042_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c042)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c042)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c042_crypto_list[];
-int32_t psa_asymmetric_verify_test(security_t caller);
-int32_t psa_asymmetric_verify_negative_test(security_t caller);
+int32_t psa_asymmetric_verify_test(caller_security_t caller);
+int32_t psa_asymmetric_verify_negative_test(caller_security_t caller);
#endif /* _TEST_C042_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c042/test_data.h b/api-tests/dev_apis/crypto/test_c042/test_data.h
index 53a4ea60..95a1c72c 100644
--- a/api-tests/dev_apis/crypto/test_c042/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c042/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -117,7 +117,7 @@ static const uint8_t rsa_128_keypair[] = {
static test_data check1[] = {
#ifdef ARCH_TEST_RSA_1024
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
-{"Test psa_asymmetric_verify - RSA KEYPAIR PKCS1V15 RAW\n", 1, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_verify - RSA KEY_PAIR PKCS1V15 RAW\n", 1, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
{0x61, 0x62, 0x63}, 3,
{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
@@ -136,7 +136,7 @@ static test_data check1[] = {
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
#ifdef ARCH_TEST_SHA256
-{"Test psa_asymmetric_verify - RSA KEYPAIR PKCS1V15 SHA-256\n", 2, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_verify - RSA KEY_PAIR PKCS1V15 SHA-256\n", 2, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
@@ -160,8 +160,8 @@ static test_data check1[] = {
#ifdef ARCH_TEST_SHA256
#ifdef ARCH_TEST_DETERMINISTIC_ECDSA
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
-{"Test psa_asymmetric_verify - ECDSA KEYPAIR SECP256R1 SHA-256\n", 3,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1), {0}, 32,
+{"Test psa_asymmetric_verify - ECDSA KEY_PAIR SECP256R1 SHA-256\n", 3,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1), {0}, 32,
PSA_KEY_USAGE_VERIFY, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
{0x9a, 0xc4, 0x33, 0x5b, 0x46, 0x9b, 0xbd, 0x79, 0x14, 0x39, 0x24, 0x85, 0x04,
0xdd, 0x0d, 0x49, 0xc7, 0x13, 0x49, 0xa2, 0x95, 0xfe, 0xe5, 0xa1, 0xc6, 0x85,
@@ -197,7 +197,7 @@ PSA_KEY_TYPE_RSA_PUBLIC_KEY,
128, 1024, PSA_SUCCESS
},
-{"Test psa_asymmetric_verify - Small output buffer\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_verify - Small output buffer\n", 5, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
@@ -212,11 +212,11 @@ PSA_KEY_TYPE_RSA_PUBLIC_KEY,
0x28, 0x1d, 0xb1, 0xe0, 0x02, 0x5c, 0x3b, 0xfb, 0x55, 0x12, 0x96, 0x3e, 0xc3,
0xb9, 0x8d, 0xda, 0xa6, 0x9e, 0x38, 0xbc, 0x3c, 0x84, 0xb1, 0xb6, 0x1a, 0x04,
0xe5, 0x64, 0x86, 0x40, 0x85, 0x6a, 0xac, 0xc6, 0xfc, 0x73, 0x11},
- 120, 1024, PSA_ERROR_BUFFER_TOO_SMALL
+ 120, 1024, PSA_ERROR_INVALID_SIGNATURE
},
#endif
-{"Test psa_asymmetric_verify - Invalid algorithm\n", 6, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_verify - Invalid algorithm\n", 6, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_VERIFY, PSA_ALG_SHA_256,
{0x61, 0x62, 0x63}, 3,
{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
@@ -258,7 +258,7 @@ PSA_KEY_TYPE_RSA_PUBLIC_KEY,
#ifdef ARCH_TEST_RSA_1024
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
-{"Test psa_asymmetric_verify - Invalid usage\n", 8, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_verify - Invalid usage\n", 8, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
{0x61, 0x62, 0x63}, 3,
{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
@@ -277,7 +277,7 @@ PSA_KEY_TYPE_RSA_PUBLIC_KEY,
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN
#ifdef ARCH_TEST_SHA256
-{"Test psa_asymmetric_verify - Wrong hash size\n", 9, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_verify - Wrong hash size\n", 9, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
@@ -353,7 +353,7 @@ PSA_KEY_TYPE_RSA_PUBLIC_KEY,
static test_data check2[] = {
#ifdef ARCH_TEST_RSA_1024
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
-{"Test psa_asymmetric_verify - Negative case\n", 13, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_asymmetric_verify - Negative case\n", 13, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0}, 610, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
{0x61, 0x62, 0x63}, 3,
{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
diff --git a/api-tests/dev_apis/crypto/test_c042/test_entry.c b/api-tests/dev_apis/crypto/test_c042/test_entry_c042.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c042/test_entry.c
rename to api-tests/dev_apis/crypto/test_c042/test_entry_c042.c
index 7687142f..176c9373 100644
--- a/api-tests/dev_apis/crypto/test_c042/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c042/test_entry_c042.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 42)
#define TEST_DESC "Testing crypto asymmetric APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c043/source.mk b/api-tests/dev_apis/crypto/test_c043/source.mk
deleted file mode 100644
index e6c34686..00000000
--- a/api-tests/dev_apis/crypto/test_c043/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c043.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c043/test.cmake b/api-tests/dev_apis/crypto/test_c043/test.cmake
new file mode 100644
index 00000000..42e185d8
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c043/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c043.c
+ test_c043.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c043/test_c043.c b/api-tests/dev_apis/crypto/test_c043/test_c043.c
index c61aad40..5817fa2d 100644
--- a/api-tests/dev_apis/crypto/test_c043/test_c043.c
+++ b/api-tests/dev_apis/crypto/test_c043/test_c043.c
@@ -1,4 +1,3 @@
-
/** @file
* Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
@@ -23,21 +22,26 @@
client_test_t test_c043_crypto_list[] = {
NULL,
- psa_key_agreement_test,
- psa_key_agreement_negative_test,
+ psa_raw_key_agreement_test,
+ psa_raw_key_agreement_negative_test,
NULL,
};
static int g_test_count = 1;
static uint8_t output[SIZE_50B];
-int32_t psa_key_agreement_test(security_t caller)
+int32_t psa_raw_key_agreement_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
int32_t i, status;
- size_t capacity;
- psa_key_policy_t policy;
- psa_crypto_generator_t generator = {0};
+ size_t output_length;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -48,85 +52,51 @@ int32_t psa_key_agreement_test(security_t caller)
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, check1[i].key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set up a key agreement operation */
- status = val->crypto_function(VAL_CRYPTO_KEY_AGREEMENT, &generator,
+ status = val->crypto_function(VAL_CRYPTO_RAW_KEY_AGREEMENT, check1[i].key_alg,
check1[i].key_handle, check1[i].peer_key, check1[i].peer_key_length,
- check1[i].key_alg);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ output, check1[i].output_size, &output_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
if (check1[i].expected_status != PSA_SUCCESS)
{
- /* Abort a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
-
/* Destroy a key and restore the slot to its default state */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
continue;
}
- /* Retrieve the current capacity of a generator */
- status = val->crypto_function(VAL_CRYPTO_GET_GENERATOR_CAPACITY, &generator, &capacity);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
-
- /* Check if the generator capacity matches with the expected capacity */
- TEST_ASSERT_EQUAL(capacity, check1[i].expected_capacity, TEST_CHECKPOINT_NUM(10));
-
- /* Read some data from a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_READ, &generator, output,
- check1[i].expected_output_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
-
- /* Check if the output matches with the expected data */
- TEST_ASSERT_MEMCMP(output, check1[i].expected_output, check1[i].expected_output_length,
- TEST_CHECKPOINT_NUM(12));
-
- /* Abort a generator */
- status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(13));
+ TEST_ASSERT_EQUAL(output_length, check1[i].expected_output_length, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_MEMCMP(output, check1[i].expected_output, output_length,
+ TEST_CHECKPOINT_NUM(7));
/* Destroy a key and restore the slot to its default state */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_key_agreement_negative_test(security_t caller)
+int32_t psa_raw_key_agreement_negative_test(caller_security_t caller)
{
int num_checks = sizeof(check2)/sizeof(check2[0]);
int32_t i, status;
- psa_key_policy_t policy;
- psa_crypto_generator_t generator = {0};
+ size_t output_length;
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -134,53 +104,27 @@ int32_t psa_key_agreement_negative_test(security_t caller)
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] Test psa_key_agreement - Invalid key handle\n",
- g_test_count++);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
-
/* Setting up the watchdog timer for each check */
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
- val->print(PRINT_TEST, "[Check %d] Test psa_key_agreement - Invalid key handle\n",
+ val->print(PRINT_TEST, "[Check %d] Test psa_raw_key_agreement - Invalid key handle\n",
g_test_count++);
/* Set up a key agreement operation */
- status = val->crypto_function(VAL_CRYPTO_KEY_AGREEMENT, &generator,
+ status = val->crypto_function(VAL_CRYPTO_RAW_KEY_AGREEMENT, check2[i].key_alg,
check2[i].key_handle, check2[i].peer_key, check2[i].peer_key_length,
- check2[i].key_alg);
+ output, check2[i].output_size, &output_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
- val->print(PRINT_TEST, "[Check %d] Test psa_key_agreement - Zero as key handle\n",
+ val->print(PRINT_TEST, "[Check %d] Test psa_raw_key_agreement - Zero as key handle\n",
g_test_count++);
+
/* Set up a key agreement operation */
- status = val->crypto_function(VAL_CRYPTO_KEY_AGREEMENT, &generator,
+ status = val->crypto_function(VAL_CRYPTO_RAW_KEY_AGREEMENT, check2[i].key_alg,
0, check2[i].peer_key, check2[i].peer_key_length,
- check2[i].key_alg);
+ output, check2[i].output_size, &output_length);
TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_key_agreement - Empty key handle\n",
- g_test_count++);
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
- &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Set up a key agreement operation */
- status = val->crypto_function(VAL_CRYPTO_KEY_AGREEMENT, &generator,
- check2[i].key_handle, check2[i].peer_key, check2[i].peer_key_length,
- check2[i].key_alg);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(7));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c043/test_c043.h b/api-tests/dev_apis/crypto/test_c043/test_c043.h
index 0192b6e6..136a47b3 100644
--- a/api-tests/dev_apis/crypto/test_c043/test_c043.h
+++ b/api-tests/dev_apis/crypto/test_c043/test_c043.h
@@ -18,14 +18,14 @@
#define _TEST_C043_CLIENT_TESTS_H_
#include "val_crypto.h"
-#define test_entry CONCAT(test_entry_,c043)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, c043)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c043_crypto_list[];
-int32_t psa_key_agreement_test(security_t caller);
-int32_t psa_key_agreement_negative_test(security_t caller);
+int32_t psa_raw_key_agreement_test(caller_security_t caller);
+int32_t psa_raw_key_agreement_negative_test(caller_security_t caller);
#endif /* _TEST_C043_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c043/test_data.h b/api-tests/dev_apis/crypto/test_c043/test_data.h
index e2d100fc..15cf38f0 100644
--- a/api-tests/dev_apis/crypto/test_c043/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c043/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -29,7 +29,7 @@ typedef struct {
size_t peer_key_length;
uint8_t expected_output[48];
size_t expected_output_length;
- size_t expected_capacity;
+ size_t output_size;
psa_status_t expected_status;
} test_data;
@@ -37,11 +37,11 @@ typedef struct {
static test_data check1[] = {
#ifdef ARCH_TEST_ECDH
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
-{"Test psa_key_agreement - ECDH SECP256R1\n", 1,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1),
+{"Test psa_raw_key_agreement - ECDH SECP256R1\n", 1,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
- 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH(PSA_ALG_SELECT_RAW),
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH,
{0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
@@ -52,16 +52,33 @@ static test_data check1[] = {
0x25, 0x65, 0x20, 0x2f, 0xef, 0x8e, 0x9e, 0xce, 0x7d, 0xce, 0x03, 0x81, 0x24,
0x64, 0xd0, 0x4b, 0x94, 0x42, 0xde}, 32, 32, PSA_SUCCESS
},
+
+{"Test psa_raw_key_agreement - Small buffer size\n", 1,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
+ 0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH,
+{0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
+ 0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
+ 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
+ 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
+ 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
+ 65,
+{0xd6, 0x84, 0x0f, 0x6b, 0x42, 0xf6, 0xed, 0xaf, 0xd1, 0x31, 0x16, 0xe0, 0xe1,
+ 0x25, 0x65, 0x20, 0x2f, 0xef, 0x8e, 0x9e, 0xce, 0x7d, 0xce, 0x03, 0x81, 0x24,
+ 0x64, 0xd0, 0x4b, 0x94, 0x42, 0xde}, 32, 10, PSA_ERROR_INVALID_ARGUMENT
+},
+
#endif
#ifdef ARCH_TEST_ECC_CURVE_SECP384R1
-{"Test psa_key_agreement - ECDH SECP384R1\n", 2,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1),
+{"Test psa_raw_key_agreement - ECDH SECP384R1\n", 2,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP384R1),
{0x09, 0x9f, 0x3c, 0x70, 0x34, 0xd4, 0xa2, 0xc6, 0x99, 0x88, 0x4d, 0x73, 0xa3,
0x75, 0xa6, 0x7f, 0x76, 0x24, 0xef, 0x7c, 0x6b, 0x3c, 0x0f, 0x16, 0x06, 0x47,
0xb6, 0x74, 0x14, 0xdc, 0xe6, 0x55, 0xe3, 0x5b, 0x53, 0x80, 0x41, 0xe6, 0x49,
0xee, 0x3f, 0xae, 0xf8, 0x96, 0x78, 0x3a, 0xb1, 0x94}, 48, PSA_KEY_USAGE_DERIVE,
- PSA_ALG_ECDH(PSA_ALG_SELECT_RAW),
+ PSA_ALG_ECDH,
{0x04, 0xe5, 0x58,
0xdb, 0xef, 0x53, 0xee, 0xcd, 0xe3, 0xd3, 0xfc, 0xcf, 0xc1, 0xae, 0xa0, 0x8a,
0x89, 0xa9, 0x87, 0x47, 0x5d, 0x12, 0xfd, 0x95, 0x0d, 0x83, 0xcf, 0xa4, 0x17,
@@ -79,11 +96,11 @@ static test_data check1[] = {
#endif
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
-{"Test psa_key_agreement - Invalid usage\n", 3,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1),
+{"Test psa_raw_key_agreement - Invalid usage\n", 3,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
- 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_ECDH(PSA_ALG_SELECT_RAW),
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_ECDH,
{0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
@@ -95,11 +112,12 @@ static test_data check1[] = {
0x64, 0xd0, 0x4b, 0x94, 0x42, 0xde}, 32, 32, PSA_ERROR_NOT_PERMITTED
},
-{"Test psa_key_agreement - Unknown KDF\n", 4,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1),
+{"Test psa_raw_key_agreement - Unknown KDF\n", 4,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
- 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH(0),
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_HASH_ALG_INVALID),
{0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
@@ -108,7 +126,7 @@ static test_data check1[] = {
65,
{0xd6, 0x84, 0x0f, 0x6b, 0x42, 0xf6, 0xed, 0xaf, 0xd1, 0x31, 0x16, 0xe0, 0xe1,
0x25, 0x65, 0x20, 0x2f, 0xef, 0x8e, 0x9e, 0xce, 0x7d, 0xce, 0x03, 0x81, 0x24,
- 0x64, 0xd0, 0x4b, 0x94, 0x42, 0xde}, 32, 32, PSA_ERROR_NOT_SUPPORTED
+ 0x64, 0xd0, 0x4b, 0x94, 0x42, 0xde}, 32, 32, PSA_ERROR_INVALID_ARGUMENT
},
#endif
#endif
@@ -116,8 +134,8 @@ static test_data check1[] = {
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
#ifdef ARCH_TEST_SHA256
#ifdef ARCH_TEST_HKDF
-{"Test psa_key_agreement - Not a key agreement alg\n", 5,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1),
+{"Test psa_raw_key_agreement - Not a key agreement alg\n", 5,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
@@ -135,11 +153,11 @@ static test_data check1[] = {
#endif
#ifdef ARCH_TEST_ECDH
-{"Test psa_key_agreement - Public key on different curve\n", 6,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1),
+{"Test psa_raw_key_agreement - Public key on different curve\n", 6,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
- 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH(PSA_ALG_SELECT_RAW),
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH,
{0x04, 0xe5, 0x58,
0xdb, 0xef, 0x53, 0xee, 0xcd, 0xe3, 0xd3, 0xfc, 0xcf, 0xc1, 0xae, 0xa0, 0x8a,
0x89, 0xa9, 0x87, 0x47, 0x5d, 0x12, 0xfd, 0x95, 0x0d, 0x83, 0xcf, 0xa4, 0x17,
@@ -149,23 +167,23 @@ static test_data check1[] = {
0x3c, 0x6e, 0x70, 0xc4, 0x16, 0xdd, 0x5f, 0x0c, 0x68, 0x75, 0x9d, 0xd1, 0xff,
0xf8, 0x3f, 0xa4, 0x01, 0x42, 0x20, 0x9d, 0xff, 0x5e, 0xaa, 0xd9, 0x6d, 0xb9,
0xe6, 0x38, 0x6c}, 97,
-{0}, 0, 0, PSA_ERROR_INVALID_ARGUMENT
+{0}, 0, SIZE_50B, PSA_ERROR_INVALID_ARGUMENT
},
-{"Test psa_key_agreement - Public key instead of private key\n", 7,
+{"Test psa_raw_key_agreement - Public key instead of private key\n", 7,
PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
{0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
- 65, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH(PSA_ALG_SELECT_RAW),
+ 65, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH,
{0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
- 65, {0}, 0, 0, PSA_ERROR_INVALID_ARGUMENT
+ 65, {0}, 0, SIZE_50B, PSA_ERROR_INVALID_ARGUMENT
},
#endif
#endif
@@ -174,11 +192,11 @@ static test_data check1[] = {
static test_data check2[] = {
#ifdef ARCH_TEST_ECDH
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
-{"Test psa_key_agreement - Negative case\n", 8,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1),
+{"Test psa_raw_key_agreement - Negative case\n", 8,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
- 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH(PSA_ALG_SELECT_RAW),
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH,
{0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
diff --git a/api-tests/dev_apis/crypto/test_c043/test_entry.c b/api-tests/dev_apis/crypto/test_c043/test_entry_c043.c
similarity index 96%
rename from api-tests/dev_apis/crypto/test_c043/test_entry.c
rename to api-tests/dev_apis/crypto/test_c043/test_entry_c043.c
index b1ba5e3d..05e493b1 100644
--- a/api-tests/dev_apis/crypto/test_c043/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c043/test_entry_c043.c
@@ -20,7 +20,8 @@
#include "test_c043.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 43)
-#define TEST_DESC "Testing crypto generator APIs\n"
+#define TEST_DESC "Testing crypto key derivation APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c044/source.mk b/api-tests/dev_apis/crypto/test_c044/source.mk
deleted file mode 100644
index 3e694cc3..00000000
--- a/api-tests/dev_apis/crypto/test_c044/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_c044.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c044/test.cmake b/api-tests/dev_apis/crypto/test_c044/test.cmake
new file mode 100644
index 00000000..0ceea826
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c044/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c044.c
+ test_c044.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c044/test_c044.c b/api-tests/dev_apis/crypto/test_c044/test_c044.c
index aa597895..60cf422c 100644
--- a/api-tests/dev_apis/crypto/test_c044/test_c044.c
+++ b/api-tests/dev_apis/crypto/test_c044/test_c044.c
@@ -24,25 +24,31 @@
client_test_t test_c044_crypto_list[] = {
NULL,
psa_copy_key_test,
- psa_copy_key_negative_test,
NULL,
};
static int g_test_count = 1;
static uint8_t data[BUFFER_SIZE];
-int32_t psa_copy_key_test(security_t caller)
+int32_t psa_copy_key_test(caller_security_t caller)
{
- uint32_t length, i;
- const uint8_t *key_data;
- psa_key_policy_t policy, target_policy, constraint;
- psa_key_handle_t target_handle = 0;
- psa_key_type_t key_type, target_type;
- psa_algorithm_t expected_key_alg;
- psa_key_usage_t expected_usage;
- size_t bits, target_bits;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- int32_t status, export_status;
+ uint32_t length, i;
+ const uint8_t *key_data;
+ psa_key_handle_t target_handle = 0;
+ psa_key_usage_t get_key_usage_flags;
+ psa_algorithm_t get_key_algorithm;
+ size_t get_key_bits;
+ psa_key_type_t get_key_type;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t status, export_status;
+ psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
/* Initialize the PSA crypto library*/
status = val->crypto_function(VAL_CRYPTO_INIT);
@@ -58,14 +64,10 @@ int32_t psa_copy_key_test(security_t caller)
status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
{
if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
key_data = rsa_384_keypair;
@@ -86,7 +88,7 @@ int32_t psa_copy_key_test(security_t caller)
}
else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
key_data = ec_keypair;
else
key_data = ec_keydata;
@@ -94,208 +96,101 @@ int32_t psa_copy_key_test(security_t caller)
else
key_data = check1[i].key_data;
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &source_attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &source_attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &source_attributes, check1[i].usage);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
- check1[i].key_type, key_data, check1[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
-
- /* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_handle,
- &key_type, &bits);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &target_policy);
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &target_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &target_policy,
- check1[i].target_usage, check1[i].target_key_alg);
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, target_handle, &target_policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &source_attributes, key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &target_policy);
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &constraint);
+ /* Setup the attributes for the target key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &target_attributes,
+ check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &target_attributes,
+ check1[i].target_key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &target_attributes,
+ check1[i].target_usage);
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &constraint,
- check1[i].constraint_usage, check1[i].constraint_key_alg);
/* Make a copy of a key */
- status = val->crypto_function(VAL_CRYPTO_COPY_KEY, check1[i].key_handle, target_handle,
- &constraint);
- TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(9));
-
- if (check1[i].expected_status != PSA_SUCCESS)
- continue;
+ status = val->crypto_function(VAL_CRYPTO_COPY_KEY, check1[i].key_handle,
+ &target_attributes, &target_handle);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
- /* Destroy the source to ensure that this doesn't affect the target */
+ /* Destroy the source key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
-
- /* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, target_handle,
- &target_type, &target_bits);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
- TEST_ASSERT_EQUAL(target_type, key_type, TEST_CHECKPOINT_NUM(12));
- TEST_ASSERT_EQUAL(target_bits, bits, TEST_CHECKPOINT_NUM(13));
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &source_attributes);
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &target_attributes);
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, target_handle, &target_policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
+ continue;
+ }
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_GET_USAGE, &target_policy, &expected_usage);
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_GET_ALGORITHM, &target_policy,
- &expected_key_alg);
+ /* Check if the target key attributes is as expected */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, target_handle,
+ &target_attributes);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
- TEST_ASSERT_EQUAL(expected_usage, check1[i].expected_usage, TEST_CHECKPOINT_NUM(15));
- TEST_ASSERT_EQUAL(expected_key_alg, check1[i].expected_key_alg, TEST_CHECKPOINT_NUM(16));
+ val->crypto_function(VAL_CRYPTO_GET_KEY_TYPE, &target_attributes, &get_key_type);
+ TEST_ASSERT_EQUAL(get_key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(7));
- if (expected_usage & PSA_KEY_USAGE_EXPORT)
- export_status = PSA_SUCCESS;
- else
- export_status = PSA_ERROR_NOT_PERMITTED;
+ val->crypto_function(VAL_CRYPTO_GET_KEY_USAGE_FLAGS, &target_attributes,
+ &get_key_usage_flags);
+ TEST_ASSERT_EQUAL(get_key_usage_flags, check1[i].expected_usage, TEST_CHECKPOINT_NUM(8));
- /* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, target_handle, data,
- BUFFER_SIZE, &length);
- TEST_ASSERT_EQUAL(status, export_status, TEST_CHECKPOINT_NUM(17));
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ALGORITHM, &target_attributes, &get_key_algorithm);
+ TEST_ASSERT_EQUAL(get_key_algorithm, check1[i].expected_key_alg, TEST_CHECKPOINT_NUM(9));
- if (export_status != PSA_SUCCESS)
- continue;
+ val->crypto_function(VAL_CRYPTO_GET_KEY_BITS, &target_attributes, &get_key_bits);
+ TEST_ASSERT_EQUAL(get_key_bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(10));
- TEST_ASSERT_EQUAL(length, check1[i].expected_key_length, TEST_CHECKPOINT_NUM(18));
+ /* Export a key in binary format */
+ export_status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, target_handle, data,
+ BUFFER_SIZE, &length);
- if (PSA_KEY_TYPE_IS_UNSTRUCTURED(check1[i].key_type))
+ if (!(check1[i].expected_usage & PSA_KEY_USAGE_EXPORT))
{
- TEST_ASSERT_MEMCMP(data, check1[i].key_data, length, TEST_CHECKPOINT_NUM(19));
- }
- else if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type) || PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
- {
- TEST_ASSERT_MEMCMP(data, key_data, length, TEST_CHECKPOINT_NUM(20));
+ export_status = PSA_ERROR_NOT_PERMITTED;
}
else
{
- return VAL_STATUS_INVALID;
- }
-
- /* Destroy the key */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, target_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(21));
- }
-
- return VAL_STATUS_SUCCESS;
-}
-
-int32_t psa_copy_key_negative_test(security_t caller)
-{
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- int32_t i, status;
- psa_key_policy_t policy, target_policy, constraint;
- psa_key_handle_t target_handle;
-
- /* Initialize the PSA crypto library*/
- status = val->crypto_function(VAL_CRYPTO_INIT);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
-
- for (i = 0; i < num_checks; i++)
- {
- val->print(PRINT_TEST, "[Check %d] Test psa_copy_key with unallocated target key slot\n",
- g_test_count++);
-
- /* Setting up the watchdog timer for each check */
- status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
- TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
-
- /* Allocate a key slot for a transient key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
- memset(&target_handle, 0xDEADDEAD, sizeof(target_handle));
-
- /* Set the usage policy on a key slot */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
- check2[i].key_alg);
-
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_handle,
- check2[i].key_type, check2[i].key_data, check2[i].key_length);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
-
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &constraint);
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &constraint,
- check2[i].constraint_usage, check2[i].constraint_key_alg);
-
- /* Make a copy of a key with unallocated target handle*/
- status = val->crypto_function(VAL_CRYPTO_COPY_KEY, check2[i].key_handle, target_handle,
- &constraint);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(5));
-
- val->print(PRINT_TEST, "[Check %d] Test psa_copy_key with target containing key material\n",
- g_test_count++);
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &target_policy);
-
- /* Allocate a key slot for a target key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &target_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &target_policy,
- check2[i].target_usage, check2[i].target_key_alg);
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, target_handle, &target_policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
-
- /* Make a copy of a key */
- status = val->crypto_function(VAL_CRYPTO_COPY_KEY, check2[i].key_handle, target_handle,
- &constraint);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ /* Check if the target key data is same as source data */
+ export_status = PSA_SUCCESS;
+ TEST_ASSERT_EQUAL(status, export_status, TEST_CHECKPOINT_NUM(11));
- /* Make a copy of a key in the existing target slot*/
- status = val->crypto_function(VAL_CRYPTO_COPY_KEY, check2[i].key_handle, target_handle,
- &constraint);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_ALREADY_EXISTS, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(length, check1[i].expected_key_length, TEST_CHECKPOINT_NUM(12));
- val->print(PRINT_TEST, "[Check %d] Test psa_copy_key with no source handle\n",
- g_test_count++);
- /* Destroy the contents of source and target slots */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+ if (PSA_KEY_TYPE_IS_UNSTRUCTURED(check1[i].key_type))
+ {
+ TEST_ASSERT_MEMCMP(data, check1[i].key_data, length, TEST_CHECKPOINT_NUM(13));
+ }
+ else if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type)
+ || PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ TEST_ASSERT_MEMCMP(data, key_data, length, TEST_CHECKPOINT_NUM(14));
+ }
+ else
+ {
+ return VAL_STATUS_INVALID;
+ }
+ }
+ /* Destroy the target key */
status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, target_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
-
- /* Allocate a key slot for a target key */
- status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, &target_handle);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(15));
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, target_handle, &target_policy);
- TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(13));
+ /* Copy on a destroyed source should be an error */
+ status = val->crypto_function(VAL_CRYPTO_COPY_KEY, check1[i].key_handle,
+ &target_attributes, &target_handle);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(16));
- /* Make a copy of a key with no source material*/
- status = val->crypto_function(VAL_CRYPTO_COPY_KEY, check2[i].key_handle, target_handle,
- &constraint);
- TEST_ASSERT_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST, TEST_CHECKPOINT_NUM(14));
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &source_attributes);
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &target_attributes);
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c044/test_c044.h b/api-tests/dev_apis/crypto/test_c044/test_c044.h
index f187d3b0..caea58b1 100644
--- a/api-tests/dev_apis/crypto/test_c044/test_c044.h
+++ b/api-tests/dev_apis/crypto/test_c044/test_c044.h
@@ -26,6 +26,5 @@ extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_c044_crypto_list[];
-int32_t psa_copy_key_test(security_t caller);
-int32_t psa_copy_key_negative_test(security_t caller);
+int32_t psa_copy_key_test(caller_security_t caller);
#endif /* _TEST_C044_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c044/test_data.h b/api-tests/dev_apis/crypto/test_c044/test_data.h
index 47786db8..e5dd430c 100644
--- a/api-tests/dev_apis/crypto/test_c044/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c044/test_data.h
@@ -25,11 +25,9 @@ typedef struct {
uint32_t key_length;
psa_key_usage_t usage;
psa_key_usage_t target_usage;
- psa_key_usage_t constraint_usage;
psa_key_usage_t expected_usage;
psa_algorithm_t key_alg;
psa_algorithm_t target_key_alg;
- psa_algorithm_t constraint_key_alg;
psa_algorithm_t expected_key_alg;
uint32_t expected_bit_length;
uint32_t expected_key_length;
@@ -173,33 +171,46 @@ static test_data check1[] = {
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9, 0x77},
AES_16B_KEY_SIZE,
- PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT,
- PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
},
+
+{"Test psa_copy_key without copy usage\n", 2, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT,
+ PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_NOT_PERMITTED
+},
#endif
#ifdef ARCH_TEST_AES_192
-{"Test psa_copy_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+{"Test psa_copy_key 24 Byte AES\n", 3, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9, 0x05},
AES_24B_KEY_SIZE,
- PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT, PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT,
- PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT, PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT,
- PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT,
+ PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR,
BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_AES_256
-{"Test psa_copy_key 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+{"Test psa_copy_key 32 Byte AES\n", 4, PSA_KEY_TYPE_AES,
{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
AES_32B_KEY_SIZE,
- PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DECRYPT, PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT,
- PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT,
- PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DECRYPT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR,
BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -207,52 +218,56 @@ static test_data check1[] = {
#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
#ifdef ARCH_TEST_RSA_2048
-{"Test psa_copy_key 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{"Test psa_copy_key 2048 RSA public key\n", 5, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
{0},
270,
- PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN, PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN,
- PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT, PSA_KEY_USAGE_EXPORT,
- PSA_ALG_RSA_PKCS1V15_SIGN_RAW, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
PSA_ALG_RSA_PKCS1V15_SIGN_RAW, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
2048, 270, PSA_SUCCESS
},
-{"Test psa_copy_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_copy_key with RSA 2048 keypair\n", 6, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0},
1193,
- PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT,
- PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY, PSA_KEY_USAGE_EXPORT,
- PSA_ALG_RSA_PKCS1V15_SIGN_RAW, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
PSA_ALG_RSA_PKCS1V15_SIGN_RAW, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
2048, 1193, PSA_SUCCESS
},
{"Test psa_copy_key with Incompatible target policy(source and target)\n",
- 12, PSA_KEY_TYPE_RSA_KEYPAIR,
+ 7, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0},
1193,
- PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH), PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH),
- -1, -1,
+ -1,
2048, 1193, PSA_ERROR_INVALID_ARGUMENT
},
-{"Test psa_copy_key with Incompatible constraint\n", 6, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_copy_key with Incompatible constraint\n", 8, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0},
1193,
- PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT,
- PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH), PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH),
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH),
PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH), -1,
2048, 1193, PSA_ERROR_INVALID_ARGUMENT
},
-{"Test psa_copy_key with unexport source key usage\n", 7, PSA_KEY_TYPE_RSA_KEYPAIR,
+{"Test psa_copy_key with unexport source key usage\n", 9, PSA_KEY_TYPE_RSA_KEY_PAIR,
{0},
1193,
- PSA_KEY_USAGE_SIGN, PSA_KEY_USAGE_EXPORT,
- PSA_KEY_USAGE_EXPORT, 0,
- PSA_ALG_RSA_PKCS1V15_SIGN_RAW, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN, PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_KEY_USAGE_COPY,
PSA_ALG_RSA_PKCS1V15_SIGN_RAW, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
2048, 1193, PSA_SUCCESS
},
@@ -261,34 +276,37 @@ static test_data check1[] = {
#ifdef ARCH_TEST_CIPER_MODE_CTR
#ifdef ARCH_TEST_DES_1KEY
-{"Test psa_copy_key with DES 64 bit key\n", 8, PSA_KEY_TYPE_DES,
+{"Test psa_copy_key with DES 64 bit key\n", 10, PSA_KEY_TYPE_DES,
{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
DES_8B_KEY_SIZE,
- PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT,
- PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR,
BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_DES_2KEY
-{"Test psa_copy_key with Triple DES 2-Key\n", 9, PSA_KEY_TYPE_DES,
+{"Test psa_copy_key with Triple DES 2-Key\n", 11, PSA_KEY_TYPE_DES,
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
DES3_2KEY_SIZE,
- PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT,
- PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR,
BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_DES_3KEY
-{"Test psa_copy_key with Triple DES 3-Key\n", 10, PSA_KEY_TYPE_DES,
+{"Test psa_copy_key with Triple DES 3-Key\n", 12, PSA_KEY_TYPE_DES,
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
DES3_3KEY_SIZE,
- PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT,
- PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR,
BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -296,23 +314,25 @@ static test_data check1[] = {
#ifdef ARCH_TEST_ECDSA
#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
-{"Test psa_copy_key with EC Public key\n", 11,
+{"Test psa_copy_key with EC Public key\n", 13,
PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
{0},
65,
- PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT,
- PSA_ALG_ECDSA_ANY, PSA_ALG_ECDSA_ANY, PSA_ALG_ECDSA_ANY, PSA_ALG_ECDSA_ANY,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_ECDSA_ANY, PSA_ALG_ECDSA_ANY, PSA_ALG_ECDSA_ANY,
256, 65, PSA_SUCCESS
},
#endif
#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
-{"Test psa_copy_key with EC keypair\n", 12,
- PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1),
+{"Test psa_copy_key with EC keypair\n", 14,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
{0},
28,
- PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT,
- PSA_ALG_ECDSA_ANY, PSA_ALG_ECDSA_ANY, PSA_ALG_ECDSA_ANY, PSA_ALG_ECDSA_ANY,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_ECDSA_ANY, PSA_ALG_ECDSA_ANY, PSA_ALG_ECDSA_ANY,
224, 28, PSA_SUCCESS
},
#endif
@@ -320,29 +340,15 @@ static test_data check1[] = {
#ifdef ARCH_TEST_CIPER_MODE_CTR
#ifdef ARCH_TEST_AES
-{"Test psa_copy_key with Incompatible target policy\n", 13, PSA_KEY_TYPE_AES,
+{"Test psa_copy_key with Incompatible target policy\n", 15, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9, 0x77},
AES_16B_KEY_SIZE,
- PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT,
- PSA_ALG_CTR, PSA_ALG_CBC_NO_PADDING, PSA_ALG_CBC_NO_PADDING, PSA_ALG_CBC_NO_PADDING,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT,
+ PSA_ALG_CTR, PSA_ALG_CBC_NO_PADDING, PSA_ALG_CBC_NO_PADDING,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
#endif
#endif
};
-
-static test_data check2[] = {
-#ifdef ARCH_TEST_CIPER_MODE_CTR
-#ifdef ARCH_TEST_AES_128
-{"Test psa_copy_key negative cases\n", 14, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9, 0x77},
- AES_16B_KEY_SIZE,
- PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT, PSA_KEY_USAGE_EXPORT,
- PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR, PSA_ALG_CTR,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
-},
-#endif
-#endif
-};
diff --git a/api-tests/dev_apis/crypto/test_c044/test_entry.c b/api-tests/dev_apis/crypto/test_c044/test_entry_c044.c
similarity index 99%
rename from api-tests/dev_apis/crypto/test_c044/test_entry.c
rename to api-tests/dev_apis/crypto/test_c044/test_entry_c044.c
index 7eebc5c4..64499fe5 100644
--- a/api-tests/dev_apis/crypto/test_c044/test_entry.c
+++ b/api-tests/dev_apis/crypto/test_c044/test_entry_c044.c
@@ -21,6 +21,7 @@
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 44)
#define TEST_DESC "Testing crypto key management APIs\n"
+
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/dev_apis/crypto/test_c045/test.cmake b/api-tests/dev_apis/crypto/test_c045/test.cmake
new file mode 100644
index 00000000..d84ebb68
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c045/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c045.c
+ test_c045.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c045/test_c045.c b/api-tests/dev_apis/crypto/test_c045/test_c045.c
new file mode 100644
index 00000000..03e06f83
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c045/test_c045.c
@@ -0,0 +1,112 @@
+/** @file
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c045.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c045_crypto_list[] = {
+ NULL,
+ psa_hash_clone_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_hash_clone_test(caller_security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ const char *expected_hash;
+ char hash[HASH_64B];
+ size_t hash_length, hash_size = sizeof(hash);
+ psa_hash_operation_t source_operation = PSA_HASH_OPERATION_INIT;
+ psa_hash_operation_t target_operation = PSA_HASH_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ if (check1[i].alg == PSA_ALG_SHA_384)
+ expected_hash = sha384_hash;
+ else if (check1[i].alg == PSA_ALG_SHA_512)
+ expected_hash = sha512_hash;
+ else
+ expected_hash = check1[i].hash;
+
+ /* Start a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &source_operation, check1[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Clone a hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_CLONE, &source_operation, &target_operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Add a message fragment to a multipart hash source_operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &target_operation,
+ &check1[i].input, check1[i].input_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Cloning to an active hash operation should be an error*/
+ status = val->crypto_function(VAL_CRYPTO_HASH_CLONE, &source_operation, &target_operation);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(6));
+
+ /* Finish the calculation of the hash of a message */
+ status = val->crypto_function(VAL_CRYPTO_HASH_FINISH, &target_operation, hash, hash_size,
+ &hash_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(7));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ continue;
+ }
+
+ TEST_ASSERT_EQUAL(hash_length, PSA_HASH_SIZE(check1[i].alg), TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_MEMCMP(hash, expected_hash, hash_length, TEST_CHECKPOINT_NUM(9));
+
+ /*Abort the hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &source_operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &target_operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+
+ /* Cloning on an aborted operator should be an error */
+ status = val->crypto_function(VAL_CRYPTO_HASH_CLONE, &source_operation, &target_operation);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(12));
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c045/test_c045.h b/api-tests/dev_apis/crypto/test_c045/test_c045.h
new file mode 100644
index 00000000..df92d964
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c045/test_c045.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C045_CLIENT_TESTS_H_
+#define _TEST_C045_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c045)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c045_crypto_list[];
+
+int32_t psa_hash_clone_test(caller_security_t caller);
+#endif /* _TEST_C045_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c045/test_data.h b/api-tests/dev_apis/crypto/test_c045/test_data.h
new file mode 100644
index 00000000..55eff9f8
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c045/test_data.h
@@ -0,0 +1,115 @@
+/** @file
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[50];
+ psa_algorithm_t alg;
+ char input;
+ size_t input_length;
+ char hash[32];
+ size_t hash_length;
+ psa_status_t expected_status;
+} test_data;
+
+static const char sha384_hash[] = {
+0x43, 0x72, 0xe3, 0x8a, 0x92, 0xa2, 0x8b, 0x5d, 0x2c, 0x39, 0x1e, 0x62,
+0x45, 0x2a, 0x86, 0xd5, 0x0e, 0x02, 0x67, 0x22, 0x8b, 0xe1, 0x76, 0xc7, 0x7d, 0x24, 0x02, 0xef,
+0xfe, 0x9f, 0xa5, 0x0d, 0xe4, 0x07, 0xbb, 0xb8, 0x51, 0xb3, 0x7d, 0x59, 0x04, 0xab, 0xa2, 0xde,
+0xde, 0x74, 0xda, 0x2a};
+
+static const char sha512_hash[] = {
+0x29, 0x6e, 0x22, 0x67, 0xd7, 0x4c, 0x27, 0x8d, 0xaa, 0xaa, 0x94, 0x0d,
+0x17, 0xb0, 0xcf, 0xb7, 0x4a, 0x50, 0x83, 0xf8, 0xe0, 0x69, 0x72, 0x6d, 0x8c, 0x84, 0x1c, 0xbe,
+0x59, 0x6e, 0x04, 0x31, 0xcb, 0x77, 0x41, 0xa5, 0xb5, 0x0f, 0x71, 0x66, 0x6c, 0xfd, 0x54, 0xba,
+0xcb, 0x7b, 0x00, 0xae, 0xa8, 0x91, 0x49, 0x9c, 0xf4, 0xef, 0x6a, 0x03, 0xc8, 0xa8, 0x3f, 0xe3,
+0x7c, 0x3f, 0x7b, 0xaf};
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_MD2
+{"Test psa_hash_clone with MD2 algorithm\n",
+ PSA_ALG_MD2, 0xbd, 1,
+ {0x8c, 0x9c, 0x17, 0x66, 0x5d, 0x25, 0xb3, 0x5f, 0xc4, 0x13, 0xc4, 0x18, 0x05, 0xc6, 0x79, 0xcf},
+ 16, PSA_SUCCESS,
+},
+#endif
+
+#ifdef ARCH_TEST_MD4
+{"Test psa_hash_clone with MD4 algorithm\n",
+ PSA_ALG_MD4, 0xbd, 1,
+ {0x18, 0xc3, 0x3f, 0x97, 0x29, 0x7e, 0xfe, 0x5f, 0x8a, 0x73, 0x22, 0x58, 0x28, 0x9f, 0xda, 0x25},
+ 16, PSA_SUCCESS,
+},
+#endif
+
+#ifdef ARCH_TEST_MD5
+{"Test psa_hash_clone with MD5 algorithm\n",
+ PSA_ALG_MD5, 0xbd, 1,
+ {0xab, 0xae, 0x57, 0xcb, 0x56, 0x2e, 0xcf, 0x29, 0x5b, 0x4a, 0x37, 0xa7, 0x6e, 0xfe, 0x61, 0xfb},
+ 16, PSA_SUCCESS,
+},
+#endif
+
+#ifdef ARCH_TEST_RIPEMD160
+{"Test psa_hash_clone with RIPEMD160 algorithm\n",
+ PSA_ALG_RIPEMD160, 0xbd, 1,
+ {0x50, 0x89, 0x26, 0x5e, 0xe5, 0xd9, 0xaf, 0x75, 0xd1, 0x2d, 0xbf, 0x7e, 0xa2, 0xf2, 0x7d, 0xbd,
+ 0xee, 0x43, 0x5b, 0x37},
+ 20, PSA_SUCCESS,
+},
+#endif
+
+#ifdef ARCH_TEST_SHA1
+{"Test psa_hash_clone with SHA1 algorithm\n",
+ PSA_ALG_SHA_1, 0xbd, 1,
+ {0x90, 0x34, 0xaa, 0xf4, 0x51, 0x43, 0x99, 0x6a, 0x2b, 0x14, 0x46, 0x5c, 0x35, 0x2a, 0xb0, 0xc6,
+ 0xfa, 0x26, 0xb2, 0x21},
+ 20, PSA_SUCCESS,
+},
+#endif
+
+#ifdef ARCH_TEST_SHA224
+{"Test psa_hash_clone with SHA224 algorithm\n",
+ PSA_ALG_SHA_224, 0xbd, 1,
+ {0xb1, 0xe4, 0x6b, 0xb9, 0xef, 0xe4, 0x5a, 0xf5, 0x54, 0x36, 0x34, 0x49, 0xc6, 0x94, 0x5a, 0x0d,
+ 0x61, 0x69, 0xfc, 0x3a, 0x5a, 0x39, 0x6a, 0x56, 0xcb, 0x97, 0xcb, 0x57},
+ 28, PSA_SUCCESS,
+},
+#endif
+
+#ifdef ARCH_TEST_SHA256
+{"Test psa_hash_clone with SHA256 algorithm\n",
+ PSA_ALG_SHA_256, 0xbd, 1,
+ {0x68, 0x32, 0x57, 0x20, 0xaa, 0xbd, 0x7c, 0x82, 0xf3, 0x0f, 0x55, 0x4b, 0x31, 0x3d, 0x05, 0x70,
+ 0xc9, 0x5a, 0xcc, 0xbb, 0x7d, 0xc4, 0xb5, 0xaa, 0xe1, 0x12, 0x04, 0xc0, 0x8f, 0xfe, 0x73, 0x2b},
+ 32, PSA_SUCCESS,
+},
+#endif
+
+#ifdef ARCH_TEST_SHA384
+{"Test psa_hash_clone with SHA384 algorithm\n",
+ PSA_ALG_SHA_384, 0xbd, 1, {0}, 48, PSA_SUCCESS,
+},
+#endif
+
+#ifdef ARCH_TEST_SHA512
+{"Test psa_hash_clone with SHA512 algorithm\n",
+ PSA_ALG_SHA_512, 0xbd, 1, {0}, 64, PSA_SUCCESS,
+},
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c045/test_entry_c045.c b/api-tests/dev_apis/crypto/test_c045/test_entry_c045.c
new file mode 100644
index 00000000..091008dd
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c045/test_entry_c045.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c045.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 45)
+#define TEST_DESC "Testing crypto hash functions APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c045_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c046/test.cmake b/api-tests/dev_apis/crypto/test_c046/test.cmake
new file mode 100644
index 00000000..26737106
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c046/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c046.c
+ test_c046.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c046/test_c046.c b/api-tests/dev_apis/crypto/test_c046/test_c046.c
new file mode 100644
index 00000000..0ed33fa3
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c046/test_c046.c
@@ -0,0 +1,108 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c046.h"
+#include "test_data.h"
+
+client_test_t test_c046_crypto_list[] = {
+ NULL,
+ psa_mac_compute_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t data[BUFFER_SIZE];
+
+int32_t psa_mac_compute_test(caller_security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ size_t length;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+ memset(data, 0, sizeof(data));
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Calculate the MAC (message authentication code) of a message */
+ status = val->crypto_function(VAL_CRYPTO_MAC_COMPUTE, check1[i].key_handle,
+ check1[i].key_alg, check1[i].data, check1[i].data_size, data,
+ check1[i].mac_size, &length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ continue;
+ }
+
+ /* Check if the MAC length matches with the expected length */
+ TEST_ASSERT_EQUAL(length, check1[i].expected_length, TEST_CHECKPOINT_NUM(6));
+
+ /* Check if the MAC data matches with the expected data */
+ TEST_ASSERT_MEMCMP(check1[i].expected_data, data, length, TEST_CHECKPOINT_NUM(7));
+
+ memset(data, 0, sizeof(data));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ status = val->crypto_function(VAL_CRYPTO_MAC_COMPUTE, check1[i].key_handle,
+ check1[i].key_alg, check1[i].data, check1[i].data_size, data,
+ check1[i].mac_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(9));
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c046/test_c046.h b/api-tests/dev_apis/crypto/test_c046/test_c046.h
new file mode 100644
index 00000000..b0d994ec
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c046/test_c046.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C046_CLIENT_TESTS_H_
+#define _TEST_C046_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c046)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c046_crypto_list[];
+
+int32_t psa_mac_compute_test(caller_security_t caller);
+#endif /* _TEST_C046_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c046/test_data.h b/api-tests/dev_apis/crypto/test_c046/test_data.h
new file mode 100644
index 00000000..5ab7070b
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c046/test_data.h
@@ -0,0 +1,179 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[64];
+ uint32_t key_length;
+ uint8_t data[16];
+ size_t data_size;
+ uint8_t expected_data[64];
+ size_t mac_size;
+ size_t expected_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_HMAC
+#ifdef ARCH_TEST_SHA224
+{"Test psa_mac_compute HMAC SHA 224\n", 1, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
+ 0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
+ 0x4b, 0x22}, 64, 28,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_compute - Incompactible HMAC for CMAC\n", 2, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
+ 0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
+ 0x4b, 0x22}, 64, 28,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_mac_compute - Invalid usage\n", 3, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
+ 0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
+ 0x4b, 0x22}, 64, 28,
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_mac_compute - truncated MAC too small\n", 4, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
+ 0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
+ 0x4b, 0x22}, 64, 28,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1),
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_mac_compute - truncated MAC too large\n", 5, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
+ 0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
+ 0x4b, 0x22}, 64, 28,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33),
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_mac_compute - bad algorithm (unknown MAC algorithm)\n", 6, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
+ 0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
+ 0x4b, 0x22}, 64, 28,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(0),
+ PSA_ERROR_NOT_SUPPORTED
+},
+#endif
+
+#ifdef ARCH_TEST_SHA256
+{"Test psa_mac_compute HMAC SHA 256\n", 7, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
+ 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
+ 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 64, 32,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_SHA512
+{"Test psa_mac_compute HMAC SHA 512\n", 8, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d, 0x4f, 0xf0, 0xb4, 0x24, 0x1a,
+ 0x1d, 0x6c, 0xb0, 0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78, 0x7a, 0xd0,
+ 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde, 0xda, 0xa8, 0x33, 0xb7, 0xd6, 0xb8, 0xa7,
+ 0x02, 0x03, 0x8b, 0x27, 0x4e, 0xae, 0xa3, 0xf4, 0xe4, 0xbe, 0x9d, 0x91, 0x4e,
+ 0xeb, 0x61, 0xf1, 0x70, 0x2e, 0x69, 0x6c, 0x20, 0x3a, 0x12, 0x68, 0x54}, 64, 64,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_512),
+ PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_SHA224
+{"Test psa_mac_compute HMAC SHA 224 (truncated to 8 Byte)\n", 9, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68}, 64, 8,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 8),
+ PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_CMAC
+#ifdef ARCH_TEST_AES_128
+{"Test psa_mac_compute CMAC AES 128\n", 10, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, 16,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x9A, 0x8F, 0xFF, 0x8D, 0xA3, 0x5B, 0x97, 0xCB, 0x4C, 0x95, 0xF0, 0xFA, 0x6A,
+ 0xE7, 0xE0, 0x77}, 64, 16,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_compute small size buffer\n", 11, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, 16,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x9A, 0x8F, 0xFF, 0x8D, 0xA3, 0x5B, 0x97, 0xCB, 0x4C, 0x95, 0xF0, 0xFA, 0x6A,
+ 0xE7, 0xE0, 0x77}, 8, 16,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
+ PSA_ERROR_BUFFER_TOO_SMALL
+},
+#endif
+
+{"Test psa_mac_compute - Invalid key type\n", 12, PSA_KEY_TYPE_RAW_DATA,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, 16,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x9A, 0x8F, 0xFF, 0x8D, 0xA3, 0x5B, 0x97, 0xCB, 0x4C, 0x95, 0xF0, 0xFA, 0x6A,
+ 0xE7, 0xE0, 0x77}, 64, 16,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c046/test_entry_c046.c b/api-tests/dev_apis/crypto/test_c046/test_entry_c046.c
new file mode 100644
index 00000000..3116fd02
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c046/test_entry_c046.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c046.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 46)
+#define TEST_DESC "Testing crypto MAC APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c046_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c047/test.cmake b/api-tests/dev_apis/crypto/test_c047/test.cmake
new file mode 100644
index 00000000..aea8705e
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c047/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c047.c
+ test_c047.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c047/test_c047.c b/api-tests/dev_apis/crypto/test_c047/test_c047.c
new file mode 100644
index 00000000..da4d2673
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c047/test_c047.c
@@ -0,0 +1,90 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c047.h"
+#include "test_data.h"
+
+client_test_t test_c047_crypto_list[] = {
+ NULL,
+ psa_mac_verify_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_mac_verify_test(caller_security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Calculate the MAC of a message and compare it with a reference value */
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY, check1[i].key_handle,
+ check1[i].key_alg, check1[i].data, check1[i].data_size,
+ check1[i].expected_mac, check1[i].mac_size);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ /* Calculate the MAC of a message on a destroyed key handle should be an error */
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY, check1[i].key_handle,
+ check1[i].key_alg, check1[i].data, check1[i].data_size,
+ check1[i].expected_mac, check1[i].mac_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
+
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c047/test_c047.h b/api-tests/dev_apis/crypto/test_c047/test_c047.h
new file mode 100644
index 00000000..7e36fd36
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c047/test_c047.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C047_CLIENT_TESTS_H_
+#define _TEST_C047_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c047)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c047_crypto_list[];
+
+int32_t psa_mac_verify_test(caller_security_t caller);
+#endif /* _TEST_C047_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c047/test_data.h b/api-tests/dev_apis/crypto/test_c047/test_data.h
new file mode 100644
index 00000000..e94b27f3
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c047/test_data.h
@@ -0,0 +1,197 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[64];
+ uint32_t key_length;
+ uint8_t data[16];
+ size_t data_size;
+ uint8_t expected_mac[64];
+ size_t mac_size;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_HMAC
+#ifdef ARCH_TEST_SHA224
+{"Test psa_mac_verify HMAC SHA 224\n", 1, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
+ 0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
+ 0x4b, 0x22}, 28,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_SHA256
+{"Test psa_mac_verify HMAC SHA 256\n", 2, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
+ 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
+ 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 32,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_verify - Incompactible HMAC for CMAC\n", 3, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
+ 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
+ 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 32,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_CMAC,
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_mac_verify - Invalid usage\n", 4, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
+ 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
+ 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 32,
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_mac_verify - Truncated MAC too large\n", 5, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
+ 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
+ 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 32,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33),
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_mac_verify - Truncated MAC too small\n", 6, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
+ 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
+ 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 32,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1),
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_mac_verify - bad algorithm (unknown MAC algorithm)\n", 7, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
+ 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
+ 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 32,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(0),
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+#endif
+
+#ifdef ARCH_TEST_SHA512
+{"Test psa_mac_verify HMAC SHA 512\n", 8, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d, 0x4f, 0xf0, 0xb4, 0x24, 0x1a,
+ 0x1d, 0x6c, 0xb0, 0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78, 0x7a, 0xd0,
+ 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde, 0xda, 0xa8, 0x33, 0xb7, 0xd6, 0xb8, 0xa7,
+ 0x02, 0x03, 0x8b, 0x27, 0x4e, 0xae, 0xa3, 0xf4, 0xe4, 0xbe, 0x9d, 0x91, 0x4e,
+ 0xeb, 0x61, 0xf1, 0x70, 0x2e, 0x69, 0x6c, 0x20, 0x3a, 0x12, 0x68, 0x54}, 64,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_512),
+ PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_SHA224
+{"Test psa_mac_verify HMAC SHA 224 (truncated to 8 Byte)\n", 9, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68}, 8,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 8),
+ PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_AES_128
+#ifdef ARCH_TEST_CMAC
+{"Test psa_mac_verify CMAC AES 128\n", 10, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, 16,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x9A, 0x8F, 0xFF, 0x8D, 0xA3, 0x5B, 0x97, 0xCB, 0x4C, 0x95, 0xF0, 0xFA, 0x6A,
+ 0xE7, 0xE0, 0x77}, 16,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_CMAC,
+ PSA_SUCCESS
+},
+#endif
+#endif
+
+{"Test psa_mac_verify - Invalid key type\n", 11, PSA_KEY_TYPE_RAW_DATA,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, 16,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x9A, 0x8F, 0xFF, 0x8D, 0xA3, 0x5B, 0x97, 0xCB, 0x4C, 0x95, 0xF0, 0xFA, 0x6A,
+ 0xE7, 0xE0, 0x77}, 16,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_CMAC,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+#ifdef ARCH_TEST_HMAC
+#ifdef ARCH_TEST_SHA256
+{"Test psa_mac_verify small size buffer\n", 12, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
+ 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
+ 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 30,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_ERROR_INVALID_SIGNATURE
+},
+#endif
+
+#ifdef ARCH_TEST_SHA224
+{"Test psa_mac_verify incorrect expected MAC\n", 13, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
+ 0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
+ 0x4b, 0x20}, 28,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ PSA_ERROR_INVALID_SIGNATURE
+},
+#endif
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c047/test_entry_c047.c b/api-tests/dev_apis/crypto/test_c047/test_entry_c047.c
new file mode 100644
index 00000000..5ce7733b
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c047/test_entry_c047.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c047.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 47)
+#define TEST_DESC "Testing crypto MAC APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c047_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c048/test.cmake b/api-tests/dev_apis/crypto/test_c048/test.cmake
new file mode 100644
index 00000000..81879237
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c048/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c048.c
+ test_c048.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c048/test_c048.c b/api-tests/dev_apis/crypto/test_c048/test_c048.c
new file mode 100644
index 00000000..8ad6cd0f
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c048/test_c048.c
@@ -0,0 +1,100 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c048.h"
+#include "test_data.h"
+
+client_test_t test_c048_crypto_list[] = {
+ NULL,
+ psa_cipher_encrypt_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t output[SIZE_32B];
+
+int32_t psa_cipher_encrypt_test(caller_security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ size_t output_length;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Encrypt a message using a symmetric cipher */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT, check1[i].key_handle,
+ check1[i].key_alg, check1[i].input, check1[i].input_length, output,
+ check1[i].output_size, &output_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
+
+ /* Check if the output length matches the expected length */
+ TEST_ASSERT_EQUAL(output_length, check1[i].expected_output_length, TEST_CHECKPOINT_NUM(6));
+
+ /* Check if the output data matches the expected data */
+ TEST_ASSERT_MEMCMP(output, check1[i].expected_output, output_length,
+ TEST_CHECKPOINT_NUM(7));
+
+ /* Encrypt a message using a symmetric cipher on an aborted key handle should be an error */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT, check1[i].key_handle,
+ check1[i].key_alg, check1[i].input, check1[i].input_length, output,
+ check1[i].output_size, &output_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(8));
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c048/test_c048.h b/api-tests/dev_apis/crypto/test_c048/test_c048.h
new file mode 100644
index 00000000..d0ede7b3
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c048/test_c048.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C048_CLIENT_TESTS_H_
+#define _TEST_C048_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c048)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c048_crypto_list[];
+
+int32_t psa_cipher_encrypt_test(caller_security_t caller);
+#endif /* _TEST_C048_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c048/test_data.h b/api-tests/dev_apis/crypto/test_c048/test_data.h
new file mode 100644
index 00000000..0f9abe35
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c048/test_data.h
@@ -0,0 +1,162 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint8_t input[32];
+ size_t input_length;
+ size_t output_size;
+ uint8_t expected_output[32];
+ size_t expected_output_length;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_AES_128
+#ifdef ARCH_TEST_CBC_NO_PADDING
+{"Test psa_cipher_encrypt - Encrypt - AES CBC_NO_PADDING\n", 1, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, SIZE_32B,
+{0xA0, 0x76, 0xEC, 0x9D, 0xFB, 0xE4, 0x7D, 0x52, 0xAF, 0xC3, 0x57, 0x33, 0x6F,
+ 0x20, 0x74, 0x3B}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_encrypt - Encrypt - AES CBC_NO_PADDING (Short input)\n", 2, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x23}, 5, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x23}, 0, PSA_ERROR_INVALID_ARGUMENT
+},
+#endif
+
+#ifdef ARCH_TEST_CBC_PKCS7
+{"Test psa_cipher_encrypt - Encrypt - AES CBC_PKCS7\n", 3, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_PKCS7,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, SIZE_32B,
+{0xa0, 0x76, 0xec, 0x9d, 0xfb, 0xe4, 0x7d, 0x52, 0xaf, 0xc3, 0x57, 0x33, 0x6f,
+ 0x20, 0x74, 0x3b, 0xca, 0x7e, 0x8a, 0x15, 0xdc, 0x3c, 0x77, 0x64, 0x36, 0x31,
+ 0x42, 0x93, 0x03, 0x1c, 0xd4, 0xf3}, 16, PSA_SUCCESS
+},
+
+{"Test psa_cipher_encrypt - Encrypt - AES CBC_PKCS7 (Short input)\n", 4, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_PKCS7,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17}, 15, SIZE_32B,
+{0x62, 0x79, 0xb4, 0x9d, 0x7f, 0x7a, 0x8d, 0xd8, 0x7b, 0x68, 0x51, 0x75, 0xd4,
+ 0x27, 0x6e, 0x24}, 16, PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_CIPER_MODE_CTR
+{"Test psa_cipher_encrypt - Encrypt - AES CTR\n", 5, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, SIZE_32B,
+{0x8f, 0x94, 0x08, 0xfe, 0x80, 0xa8, 0x1d, 0x3e, 0x81, 0x3d, 0xa3, 0xc7, 0xb0,
+ 0xb2, 0xbd, 0x32}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_encrypt - Encrypt - AES CTR (short input)\n", 6, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17}, 15, SIZE_32B,
+{0x8f, 0x94, 0x08, 0xfe, 0x80, 0xa8, 0x1d, 0x3e, 0x81, 0x3d, 0xa3, 0xc7, 0xb0,
+ 0xb2, 0xbd}, 0, PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_CBC_NO_PADDING
+#ifdef ARCH_TEST_DES_1KEY
+{"Test psa_cipher_encrypt - Encrypt - DES CBC (nopad)\n", 7, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e}, DES_8B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 8, SIZE_32B,
+{0x64, 0xf9, 0x17, 0xb0, 0x15, 0x2f, 0x8f, 0x05}, 0, PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_DES_2KEY
+{"Test psa_cipher_encrypt - Encrypt - 2-key 3DE -CBC (nopad)\n", 8, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce}, DES3_2KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 8, SIZE_32B,
+{0x5d, 0x06, 0x52, 0x42, 0x9c, 0x5b, 0x0a, 0xc7}, 0, PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_DES_3KEY
+{"Test psa_cipher_encrypt - Encrypt - 3-key 3DE -CBC (nopad)\n", 9, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce, 0x31, 0x32, 0x34, 0x37, 0x38, 0x3b, 0x3d, 0x3e}, DES3_3KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 8, SIZE_32B,
+{0x81, 0x7c, 0xa7, 0xd6, 0x9b, 0x80, 0xd8, 0x6a}, 0, PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_AES_128
+#ifdef ARCH_TEST_CBC_PKCS7
+{"Test psa_cipher_encrypt - small output buffer size\n", 10, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_PKCS7,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, 15,
+{0xa0, 0x76, 0xec, 0x9d, 0xfb, 0xe4, 0x7d, 0x52, 0xaf, 0xc3, 0x57, 0x33, 0x6f,
+ 0x20, 0x74, 0x3b, 0xca, 0x7e, 0x8a, 0x15, 0xdc, 0x3c, 0x77, 0x64, 0x36, 0x31,
+ 0x42, 0x93, 0x03, 0x1c, 0xd4, 0xf3}, 16, PSA_ERROR_BUFFER_TOO_SMALL
+},
+#endif
+
+#ifdef ARCH_TEST_CBC_NO_PADDING
+{"Test psa_cipher_encrypt - Decrypt - AES CBC_NO_PADDING\n", 11, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+{0xA0, 0x76, 0xEC, 0x9D, 0xFB, 0xE4, 0x7D, 0x52, 0xAF, 0xC3, 0x57, 0x33, 0x6F,
+ 0x20, 0x74, 0x3B},
+ 16, SIZE_32B,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 0, PSA_ERROR_NOT_PERMITTED
+},
+#endif
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c048/test_entry_c048.c b/api-tests/dev_apis/crypto/test_c048/test_entry_c048.c
new file mode 100644
index 00000000..2c041946
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c048/test_entry_c048.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c048.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 48)
+#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c048_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c049/test.cmake b/api-tests/dev_apis/crypto/test_c049/test.cmake
new file mode 100644
index 00000000..56f787a8
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c049/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c049.c
+ test_c049.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c049/test_c049.c b/api-tests/dev_apis/crypto/test_c049/test_c049.c
new file mode 100644
index 00000000..e9235828
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c049/test_c049.c
@@ -0,0 +1,99 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c049.h"
+#include "test_data.h"
+
+client_test_t test_c049_crypto_list[] = {
+ NULL,
+ psa_cipher_decrypt_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t output[SIZE_32B];
+
+int32_t psa_cipher_decrypt_test(caller_security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ size_t output_length;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Decrypt a message using a symmetric cipher */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT, check1[i].key_handle,
+ check1[i].key_alg, check1[i].input, check1[i].input_length, output,
+ check1[i].output_size, &output_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
+
+ /* Check if the output length matches the expected length */
+ TEST_ASSERT_EQUAL(output_length, check1[i].expected_output_length, TEST_CHECKPOINT_NUM(6));
+
+ /* Check if the output data matches the expected data */
+ TEST_ASSERT_MEMCMP(output, check1[i].expected_output, output_length,
+ TEST_CHECKPOINT_NUM(7));
+
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT, check1[i].key_handle,
+ check1[i].key_alg, check1[i].input, check1[i].input_length, output,
+ check1[i].output_size, &output_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(8));
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c049/test_c049.h b/api-tests/dev_apis/crypto/test_c049/test_c049.h
new file mode 100644
index 00000000..412a8ae3
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c049/test_c049.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C049_CLIENT_TESTS_H_
+#define _TEST_C049_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c049)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c049_crypto_list[];
+
+int32_t psa_cipher_decrypt_test(caller_security_t caller);
+#endif /* _TEST_C049_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c049/test_data.h b/api-tests/dev_apis/crypto/test_c049/test_data.h
new file mode 100644
index 00000000..25983955
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c049/test_data.h
@@ -0,0 +1,160 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint8_t input[32];
+ size_t input_length;
+ size_t output_size;
+ uint8_t expected_output[32];
+ size_t expected_output_length;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_AES_128
+#ifdef ARCH_TEST_CBC_NO_PADDING
+{"Test psa_cipher_decrypt - Encrypt - AES CBC_NO_PADDING\n", 1, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, SIZE_32B,
+{0xA0, 0x76, 0xEC, 0x9D, 0xFB, 0xE4, 0x7D, 0x52, 0xAF, 0xC3, 0x57, 0x33, 0x6F,
+ 0x20, 0x74, 0x3B}, 0, PSA_ERROR_NOT_PERMITTED
+},
+#endif
+
+#ifdef ARCH_TEST_CBC_NO_PADDING
+{"Test psa_cipher_decrypt - Decrypt - AES CBC_NO_PADDING\n", 11, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+{0xA0, 0x76, 0xEC, 0x9D, 0xFB, 0xE4, 0x7D, 0x52, 0xAF, 0xC3, 0x57, 0x33, 0x6F,
+ 0x20, 0x74, 0x3B},
+ 16, SIZE_32B,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_decrypt - Decrypt - AES CBC_NO_PADDING (Short input)\n", 12, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x23}, 5, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x23}, 0, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_cipher_decrypt - Decrypt - AES CBC_NO_PADDING\n", 2, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+{0xA0, 0x76, 0xEC, 0x9D, 0xFB, 0xE4, 0x7D, 0x52, 0xAF, 0xC3, 0x57, 0x33, 0x6F,
+ 0x20, 0x74, 0x3B},
+ 16, 10,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 0, PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+#endif
+
+#ifdef ARCH_TEST_CBC_PKCS7
+{"Test psa_cipher_decrypt - Decrypt - AES CBC_PKCS7\n", 13, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_PKCS7,
+{0xa0, 0x76, 0xec, 0x9d, 0xfb, 0xe4, 0x7d, 0x52, 0xaf, 0xc3, 0x57, 0x33, 0x6f,
+ 0x20, 0x74, 0x3b, 0xca, 0x7e, 0x8a, 0x15, 0xdc, 0x3c, 0x77, 0x64, 0x36, 0x31,
+ 0x42, 0x93, 0x03, 0x1c, 0xd4, 0xf3}, 32, SIZE_32B,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_decrypt - Decrypt - AES CBC_PKCS7 (Short input)\n", 14, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_PKCS7,
+{0x62, 0x79, 0xb4, 0x9d, 0x7f, 0x7a, 0x8d, 0xd8, 0x7b, 0x68, 0x51, 0x75, 0xd4,
+ 0x27, 0x6e, 0x24}, 16, SIZE_32B,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17}, 15, PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_CIPER_MODE_CTR
+{"Test psa_cipher_decrypt - Decrypt - AES CTR\n", 15, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR,
+{0x8f, 0x94, 0x08, 0xfe, 0x80, 0xa8, 0x1d, 0x3e, 0x81, 0x3d, 0xa3, 0xc7, 0xb0,
+ 0xb2, 0xbd, 0x32}, 16, SIZE_32B,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a},
+ 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_decrypt - Decrypt - AES CTR (short input)\n", 16, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR,
+{0x8f, 0x94, 0x08, 0xfe, 0x80, 0xa8, 0x1d, 0x3e, 0x81, 0x3d, 0xa3, 0xc7, 0xb0,
+ 0xb2, 0xbd}, 15, SIZE_32B,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17}, 0, PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_CBC_NO_PADDING
+#ifdef ARCH_TEST_DES_1KEY
+{"Test psa_cipher_decrypt - Decrypt - DES CBC (nopad)\n", 17, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e}, DES_8B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x64, 0xf9, 0x17, 0xb0, 0x15, 0x2f, 0x8f, 0x05}, 8, SIZE_32B,
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 0, PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_DES_2KEY
+{"Test psa_cipher_decrypt - Decrypt - 2-key 3DE -CBC (nopad)\n", 18, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce}, DES3_2KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x5d, 0x06, 0x52, 0x42, 0x9c, 0x5b, 0x0a, 0xc7}, 8, SIZE_32B,
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 0, PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_DES_3KEY
+{"Test psa_cipher_decrypt - 3-key 3DE -CBC (nopad)\n", 19, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce, 0x31, 0x32, 0x34, 0x37, 0x38, 0x3b, 0x3d, 0x3e}, DES3_3KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x81, 0x7c, 0xa7, 0xd6, 0x9b, 0x80, 0xd8, 0x6a}, 8, SIZE_32B,
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 0, PSA_SUCCESS
+},
+#endif
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c049/test_entry_c049.c b/api-tests/dev_apis/crypto/test_c049/test_entry_c049.c
new file mode 100644
index 00000000..1b6073d6
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c049/test_entry_c049.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c049.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 49)
+#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c049_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c050/test.cmake b/api-tests/dev_apis/crypto/test_c050/test.cmake
new file mode 100644
index 00000000..a606ed20
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c050/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c050.c
+ test_c050.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c050/test_c050.c b/api-tests/dev_apis/crypto/test_c050/test_c050.c
new file mode 100644
index 00000000..8499fc19
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c050/test_c050.c
@@ -0,0 +1,237 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c050.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c050_crypto_list[] = {
+ NULL,
+ psa_open_key_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t data[BUFFER_SIZE];
+
+int32_t psa_open_key_test(caller_security_t caller)
+{
+ int32_t status, i = 0;
+ size_t length, get_key_bits;
+ const uint8_t *key_data;
+ psa_key_type_t get_key_type;
+ psa_key_usage_t get_key_usage_flags;
+ psa_algorithm_t get_key_algorithm;
+ psa_key_id_t key_id;
+ psa_key_handle_t key_handle;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_attributes_t get_attributes = PSA_KEY_ATTRIBUTES_INIT;
+ boot_t boot;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ /* Get the current boot state */
+ status = val->get_boot_flag(&boot.state);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* If the boot is due to controlled reset get the Check ID */
+ if (boot.state == BOOT_EXPECTED_CONT_TEST_EXEC)
+ {
+ status = val->nvmem_read(VAL_NVMEM_OFFSET(NV_TEST_DATA1), &i, sizeof(int32_t));
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(3));
+ }
+
+ while (i < num_checks)
+ {
+ g_test_count = i + 1;
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Set the key data buffer to the input base on algorithm */
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Get the cuurent boot state */
+ status = val->get_boot_flag(&boot.state);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ if (boot.state == BOOT_NOT_EXPECTED)
+ {
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &attributes, check1[i].attr_bits);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+
+ if (check1[i].key_lifetime == PSA_KEY_LIFETIME_PERSISTENT)
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ID, &attributes, check1[i].key_id);
+
+ val->crypto_function(VAL_CRYPTO_SET_KEY_LIFETIME, &attributes, check1[i].key_lifetime);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Save the details of current check, key id and key handle value in NV memory */
+ status = val->nvmem_write(VAL_NVMEM_OFFSET(NV_TEST_DATA1), &i, sizeof(int32_t));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ status = val->nvmem_write(VAL_NVMEM_OFFSET(NV_TEST_DATA2), &check1[i].key_id,
+ sizeof(psa_key_id_t));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ status = val->nvmem_write(VAL_NVMEM_OFFSET(NV_TEST_DATA3), &check1[i].key_handle,
+ sizeof(psa_key_handle_t));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+
+ /* Set the boot flag indicating controlled reset */
+ status = val->set_boot_flag(BOOT_EXPECTED_CONT_TEST_EXEC);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(10));
+
+ /* Wait for system to reset */
+ val->crypto_function(VAL_CRYPTO_RESET);
+ while (1);
+ }
+ else if (boot.state == BOOT_EXPECTED_CONT_TEST_EXEC)
+ {
+ /* Get the values of check, key id and key handle value before the system was reset */
+ status = val->nvmem_read(VAL_NVMEM_OFFSET(NV_TEST_DATA2), &key_id,
+ sizeof(psa_key_id_t));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+
+ status = val->nvmem_read(VAL_NVMEM_OFFSET(NV_TEST_DATA3), &key_handle,
+ sizeof(psa_key_handle_t));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+
+ /* Open a handle to an existing persistent key */
+ status = val->crypto_function(VAL_CRYPTO_OPEN_KEY, key_id, &key_handle);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(13));
+
+ /* If failure is expected, save and continue with the next data set */
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ ++i;
+ status = val->nvmem_write(VAL_NVMEM_OFFSET(NV_TEST_DATA1), &i, sizeof(int32_t));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
+
+ status = val->set_boot_flag(BOOT_NOT_EXPECTED);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(15));
+
+ continue;
+ }
+
+ /* Get the attributes of the imported key and check if it matches the given value */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, key_handle,
+ &get_attributes);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(16));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_TYPE, &get_attributes, &get_key_type);
+ TEST_ASSERT_EQUAL(get_key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(17));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_BITS, &get_attributes, &get_key_bits);
+ TEST_ASSERT_EQUAL(get_key_bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(18));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_USAGE_FLAGS, &attributes, &get_key_usage_flags);
+ TEST_ASSERT_EQUAL(get_key_usage_flags, check1[i].usage, TEST_CHECKPOINT_NUM(19));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ALGORITHM, &attributes, &get_key_algorithm);
+ TEST_ASSERT_EQUAL(get_key_algorithm, check1[i].key_alg, TEST_CHECKPOINT_NUM(20));
+
+ /* Export a key in binary format */
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, key_handle, data,
+ BUFFER_SIZE, &length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(21));
+
+ /* Check the value of the exported key */
+ TEST_ASSERT_EQUAL(length, check1[i].expected_key_length, TEST_CHECKPOINT_NUM(22));
+
+ if (PSA_KEY_TYPE_IS_UNSTRUCTURED(check1[i].key_type))
+ {
+ TEST_ASSERT_MEMCMP(data, check1[i].key_data, length, TEST_CHECKPOINT_NUM(23));
+ }
+ else if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type)
+ || PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ TEST_ASSERT_MEMCMP(key_data, data, length, TEST_CHECKPOINT_NUM(24));
+ }
+ else
+ {
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ /* Save the check ID and set boot flags */
+ ++i;
+ status = val->nvmem_write(VAL_NVMEM_OFFSET(NV_TEST_DATA1), &i, sizeof(int32_t));
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(25));
+
+ status = val->set_boot_flag(BOOT_NOT_EXPECTED);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(26));
+
+ }
+ else
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c050/test_c050.h b/api-tests/dev_apis/crypto/test_c050/test_c050.h
new file mode 100644
index 00000000..76fc8c53
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c050/test_c050.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C050_CLIENT_TESTS_H_
+#define _TEST_C050_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c050)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c050_crypto_list[];
+
+int32_t psa_open_key_test(caller_security_t caller);
+#endif /* _TEST_C050_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c050/test_data.h b/api-tests/dev_apis/crypto/test_c050/test_data.h
new file mode 100644
index 00000000..c0fdb563
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c050/test_data.h
@@ -0,0 +1,276 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ psa_key_id_t key_id;
+ uint8_t key_data[34];
+ uint32_t key_length;
+ size_t attr_bits;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_key_lifetime_t key_lifetime;
+ uint32_t expected_bit_length;
+ uint32_t expected_key_length;
+ psa_status_t expected_status;
+} test_data;
+
+static const uint8_t rsa_384_keypair[1];
+static const uint8_t rsa_384_keydata[1];
+
+static const uint8_t rsa_256_keypair[] = {
+ 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
+ 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
+ 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
+ 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
+ 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
+ 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
+ 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
+ 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
+ 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
+ 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
+ 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
+ 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
+ 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
+ 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
+ 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
+ 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
+ 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
+ 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
+ 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
+ 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
+ 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
+ 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
+ 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
+ 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
+ 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
+ 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
+ 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
+ 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
+ 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
+ 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
+ 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
+ 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
+ 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
+ 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
+ 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
+ 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
+ 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
+ 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
+ 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
+ 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
+ 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
+ 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
+ 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
+ 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
+ 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
+ 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
+ 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
+ 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
+ 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
+ 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
+ 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
+ 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
+ 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
+ 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
+ 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
+ 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
+ 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
+ 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
+ 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
+ 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
+ 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
+ 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
+ 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
+ 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
+ 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
+ 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
+ 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
+ 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
+ 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
+ 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
+ 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
+ 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
+ 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
+ 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
+ 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
+ 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
+ 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
+ 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
+ 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
+ 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
+ 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
+ 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
+ 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
+ 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
+ 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
+ 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
+ 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
+ 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
+ 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
+ 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
+ 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
+
+static const uint8_t rsa_256_keydata[] = {
+ 0x30, 0x82, 0x01, 0x0A,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
+ 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
+ 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
+ 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
+ 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
+ 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
+ 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
+ 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
+ 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
+ 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
+ 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
+ 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
+ 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
+ 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
+ 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
+ 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
+ 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
+ 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
+ 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+static const uint8_t ec_keydata[] = {
+ 0x04, 0xde, 0xa5, 0xe4, 0x5d, 0x0e, 0xa3, 0x7f, 0xc5, 0x66, 0x23, 0x2a, 0x50, 0x8f,
+ 0x4a, 0xd2, 0x0e, 0xa1, 0x3d, 0x47, 0xe4, 0xbf, 0x5f, 0xa4, 0xd5, 0x4a, 0x57, 0xa0,
+ 0xba, 0x01, 0x20, 0x42, 0x08, 0x70, 0x97, 0x49, 0x6e, 0xfc, 0x58, 0x3f, 0xed, 0x8b,
+ 0x24, 0xa5, 0xb9, 0xbe, 0x9a, 0x51, 0xde, 0x06, 0x3f, 0x5a, 0x00, 0xa8, 0xb6, 0x98,
+ 0xa1, 0x6f, 0xd7, 0xf2, 0x9b, 0x54, 0x85, 0xf3, 0x20};
+
+static const uint8_t ec_keypair[] = {
+ 0x68, 0x49, 0xf9, 0x7d, 0x10, 0x66, 0xf6, 0x99, 0x77, 0x59, 0x63, 0x7c, 0x7e, 0x38,
+ 0x99, 0x46, 0x4c, 0xee, 0x3e, 0xc7, 0xac, 0x97, 0x06, 0x53, 0xa0, 0xbe, 0x07, 0x42};
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_CIPER_MODE_CTR
+#ifdef ARCH_TEST_AES_128
+{"Test psa_open_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES, 0x12,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x77},
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, PSA_KEY_LIFETIME_PERSISTENT,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_AES_192
+{"Test psa_open_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES, 0x34,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9, 0x05},
+ AES_24B_KEY_SIZE, BYTES_TO_BITS(AES_24B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ PSA_KEY_LIFETIME_PERSISTENT,
+ BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_AES_256
+{"Test psa_open_key 32 Byte AES\n", 3, PSA_KEY_TYPE_AES, 0x56,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, PSA_KEY_LIFETIME_PERSISTENT,
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
+#ifdef ARCH_TEST_RSA_2048
+{"Test psa_open_key 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY, 0x78,
+ {0},
+ 270, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, PSA_KEY_LIFETIME_PERSISTENT,
+ 2048, 270, PSA_SUCCESS
+},
+
+{"Test psa_open_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEY_PAIR, 0x89,
+ {0},
+ 1193, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, PSA_KEY_LIFETIME_PERSISTENT,
+ 2048, 1193, PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_CIPER_MODE_CTR
+#ifdef ARCH_TEST_DES_1KEY
+{"Test psa_open_key with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES, 0x90,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, BYTES_TO_BITS(DES_8B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ PSA_KEY_LIFETIME_PERSISTENT,
+ BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_DES_2KEY
+{"Test psa_open_key with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES, 0x123,
+{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ DES3_2KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, PSA_KEY_LIFETIME_PERSISTENT,
+ BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_DES_3KEY
+{"Test psa_open_key with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES, 0x456,
+{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ DES3_3KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, PSA_KEY_LIFETIME_PERSISTENT,
+ BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_ECDSA
+#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
+{"Test psa_open_key with EC Public key\n", 9, 0x789,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+ {0},
+ 65, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY, PSA_KEY_LIFETIME_PERSISTENT,
+ 256, 65, PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
+{"Test psa_open_key with EC keypair\n", 10, 0x1234,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
+ {0},
+ 28, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY, PSA_KEY_LIFETIME_PERSISTENT,
+ 224, 28, PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_CIPER_MODE_CTR
+#ifdef ARCH_TEST_AES
+{"Test psa_open_key with key data greater than the algorithm size\n", 11, PSA_KEY_TYPE_AES,
+ 0x5678,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, PSA_KEY_LIFETIME_VOLATILE,
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+#endif
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c050/test_entry_c050.c b/api-tests/dev_apis/crypto/test_c050/test_entry_c050.c
new file mode 100644
index 00000000..1af4e507
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c050/test_entry_c050.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c050.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 50)
+#define TEST_DESC "Testing crypto key management APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c050_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c051/test.cmake b/api-tests/dev_apis/crypto/test_c051/test.cmake
new file mode 100644
index 00000000..bb075102
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c051/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c051.c
+ test_c051.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c051/test_c051.c b/api-tests/dev_apis/crypto/test_c051/test_c051.c
new file mode 100644
index 00000000..e9d2bd79
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c051/test_c051.c
@@ -0,0 +1,177 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c051.h"
+#include "test_data.h"
+
+client_test_t test_c051_crypto_list[] = {
+ NULL,
+ psa_close_key_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_close_key_test(caller_security_t caller)
+{
+ int32_t i, status;
+ const uint8_t *key_data;
+ psa_key_type_t get_key_type;
+ psa_key_id_t get_key_id;
+ psa_key_lifetime_t get_key_lifetime;
+ psa_key_usage_t get_key_usage_flags;
+ psa_algorithm_t get_key_algorithm;
+ size_t get_key_bits;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_key_attributes_t set_attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ /* Set the key data buffer to the input base on algorithm */
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEY_PAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &set_attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_BITS, &set_attributes, check1[i].attr_bits);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &set_attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ID, &set_attributes, check1[i].key_id);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_LIFETIME, &set_attributes, check1[i].key_lifetime);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &set_attributes, check1[i].key_alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &set_attributes, key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Close the key handle */
+ status = val->crypto_function(VAL_CRYPTO_CLOSE_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Getting the attributes of the closed key should return error */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_ATTRIBUTES, check1[i].key_handle,
+ &attributes);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(5));
+
+ /* Check if all the attributes are erased */
+ val->crypto_function(VAL_CRYPTO_GET_KEY_TYPE, &attributes, &get_key_type);
+ TEST_ASSERT_EQUAL(get_key_type, 0, TEST_CHECKPOINT_NUM(6));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ID, &attributes, &get_key_id);
+ TEST_ASSERT_EQUAL(get_key_id, 0, TEST_CHECKPOINT_NUM(7));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, &attributes, &get_key_lifetime);
+ TEST_ASSERT_EQUAL(get_key_lifetime, 0, TEST_CHECKPOINT_NUM(8));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_USAGE_FLAGS, &attributes, &get_key_usage_flags);
+ TEST_ASSERT_EQUAL(get_key_usage_flags, 0, TEST_CHECKPOINT_NUM(9));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ALGORITHM, &attributes, &get_key_algorithm);
+ TEST_ASSERT_EQUAL(get_key_algorithm, 0, TEST_CHECKPOINT_NUM(10));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_BITS, &attributes, &get_key_bits);
+ TEST_ASSERT_EQUAL(get_key_bits, 0, TEST_CHECKPOINT_NUM(11));
+
+ /* Closing an empty key handle should return error */
+ status = val->crypto_function(VAL_CRYPTO_CLOSE_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(12));
+
+ if (check1[i].key_lifetime == PSA_KEY_LIFETIME_PERSISTENT)
+ {
+ /* Open the key handle and retrieve the data */
+ status = val->crypto_function(VAL_CRYPTO_OPEN_KEY, check1[i].key_id,
+ &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(13));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_TYPE, &attributes, &get_key_type);
+ TEST_ASSERT_EQUAL(get_key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(14));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ID, &attributes, &get_key_id);
+ TEST_ASSERT_EQUAL(get_key_id, check1[i].key_id, TEST_CHECKPOINT_NUM(15));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, &attributes, &get_key_lifetime);
+ TEST_ASSERT_EQUAL(get_key_lifetime, check1[i].key_lifetime, TEST_CHECKPOINT_NUM(16));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_USAGE_FLAGS, &attributes, &get_key_usage_flags);
+ TEST_ASSERT_EQUAL(get_key_usage_flags, check1[i].usage, TEST_CHECKPOINT_NUM(17));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_ALGORITHM, &attributes, &get_key_algorithm);
+ TEST_ASSERT_EQUAL(get_key_algorithm, check1[i].key_alg, TEST_CHECKPOINT_NUM(18));
+
+ val->crypto_function(VAL_CRYPTO_GET_KEY_BITS, &attributes, &get_key_bits);
+ TEST_ASSERT_EQUAL(get_key_bits, check1[i].expected_bit_length,
+ TEST_CHECKPOINT_NUM(19));
+
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(20));
+
+ status = val->crypto_function(VAL_CRYPTO_CLOSE_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(21));
+ }
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c051/test_c051.h b/api-tests/dev_apis/crypto/test_c051/test_c051.h
new file mode 100644
index 00000000..a539ecc7
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c051/test_c051.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C051_CLIENT_TESTS_H_
+#define _TEST_C051_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c051)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c051_crypto_list[];
+
+int32_t psa_close_key_test(caller_security_t caller);
+#endif /* _TEST_C051_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c051/test_data.h b/api-tests/dev_apis/crypto/test_c051/test_data.h
new file mode 100644
index 00000000..6792a2ad
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c051/test_data.h
@@ -0,0 +1,272 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[34];
+ uint32_t key_length;
+ size_t attr_bits;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_key_id_t key_id;
+ psa_key_lifetime_t key_lifetime;
+ uint32_t expected_bit_length;
+ psa_status_t expected_status;
+} test_data;
+
+static const uint8_t rsa_384_keypair[1];
+static const uint8_t rsa_384_keydata[1];
+static const uint8_t rsa_256_keypair[] = {
+ 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
+ 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
+ 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
+ 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
+ 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
+ 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
+ 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
+ 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
+ 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
+ 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
+ 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
+ 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
+ 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
+ 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
+ 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
+ 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
+ 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
+ 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
+ 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
+ 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
+ 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
+ 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
+ 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
+ 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
+ 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
+ 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
+ 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
+ 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
+ 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
+ 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
+ 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
+ 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
+ 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
+ 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
+ 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
+ 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
+ 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
+ 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
+ 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
+ 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
+ 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
+ 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
+ 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
+ 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
+ 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
+ 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
+ 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
+ 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
+ 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
+ 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
+ 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
+ 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
+ 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
+ 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
+ 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
+ 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
+ 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
+ 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
+ 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
+ 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
+ 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
+ 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
+ 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
+ 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
+ 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
+ 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
+ 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
+ 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
+ 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
+ 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
+ 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
+ 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
+ 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
+ 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
+ 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
+ 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
+ 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
+ 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
+ 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
+ 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
+ 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
+ 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
+ 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
+ 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
+ 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
+ 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
+ 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
+ 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
+ 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
+ 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
+ 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
+
+static const uint8_t rsa_256_keydata[] = {
+ 0x30, 0x82, 0x01, 0x0A,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
+ 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
+ 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
+ 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
+ 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
+ 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
+ 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
+ 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
+ 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
+ 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
+ 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
+ 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
+ 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
+ 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
+ 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
+ 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
+ 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
+ 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
+ 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+static const uint8_t ec_keydata[] = {
+ 0x04, 0xde, 0xa5, 0xe4, 0x5d, 0x0e, 0xa3, 0x7f, 0xc5, 0x66, 0x23, 0x2a, 0x50, 0x8f,
+ 0x4a, 0xd2, 0x0e, 0xa1, 0x3d, 0x47, 0xe4, 0xbf, 0x5f, 0xa4, 0xd5, 0x4a, 0x57, 0xa0,
+ 0xba, 0x01, 0x20, 0x42, 0x08, 0x70, 0x97, 0x49, 0x6e, 0xfc, 0x58, 0x3f, 0xed, 0x8b,
+ 0x24, 0xa5, 0xb9, 0xbe, 0x9a, 0x51, 0xde, 0x06, 0x3f, 0x5a, 0x00, 0xa8, 0xb6, 0x98,
+ 0xa1, 0x6f, 0xd7, 0xf2, 0x9b, 0x54, 0x85, 0xf3, 0x20};
+
+static const uint8_t ec_keypair[] = {
+ 0x68, 0x49, 0xf9, 0x7d, 0x10, 0x66, 0xf6, 0x99, 0x77, 0x59, 0x63, 0x7c, 0x7e, 0x38,
+ 0x99, 0x46, 0x4c, 0xee, 0x3e, 0xc7, 0xac, 0x97, 0x06, 0x53, 0xa0, 0xbe, 0x07, 0x42};
+
+static test_data check1[] = {
+
+#ifdef ARCH_TEST_CIPER_MODE_CTR
+#ifdef ARCH_TEST_AES_128
+{"Test psa_close_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, 0, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ 0x12, PSA_KEY_LIFETIME_VOLATILE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_AES_192
+{"Test psa_close_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
+ AES_24B_KEY_SIZE, BYTES_TO_BITS(AES_24B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ 0x34, PSA_KEY_LIFETIME_PERSISTENT,
+ BYTES_TO_BITS(AES_24B_KEY_SIZE), PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_AES_256
+{"Test psa_close_key 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, BYTES_TO_BITS(AES_32B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ 0x56, PSA_KEY_LIFETIME_VOLATILE,
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
+#ifdef ARCH_TEST_RSA_2048
+{"Test psa_close_key 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ {0},
+ 270, 2048, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 0x78, PSA_KEY_LIFETIME_PERSISTENT,
+ 2048, PSA_SUCCESS
+},
+
+{"Test psa_close_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEY_PAIR,
+ {0},
+ 1193, 2048, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 0x89, PSA_KEY_LIFETIME_PERSISTENT,
+ 2048, PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_CIPER_MODE_CTR
+#ifdef ARCH_TEST_DES_1KEY
+{"Test psa_close_key with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, BYTES_TO_BITS(DES_8B_KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ 0xAB, PSA_KEY_LIFETIME_PERSISTENT,
+ BYTES_TO_BITS(DES_8B_KEY_SIZE), PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_DES_2KEY
+{"Test psa_close_key with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
+{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ DES3_2KEY_SIZE, BYTES_TO_BITS(DES3_2KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ 0xBC, PSA_KEY_LIFETIME_PERSISTENT,
+ BYTES_TO_BITS(DES3_2KEY_SIZE), PSA_SUCCESS
+},
+#endif
+
+#ifdef ARCH_TEST_DES_3KEY
+{"Test psa_close_key with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
+{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ DES3_3KEY_SIZE, BYTES_TO_BITS(DES3_3KEY_SIZE), PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ 0xCD, PSA_KEY_LIFETIME_PERSISTENT,
+ BYTES_TO_BITS(DES3_3KEY_SIZE), PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_ECDSA
+#ifdef ARCH_TEST_ECC_CURVE_SECP256R1
+{"Test psa_close_key with EC Public key\n", 9,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+ {0},
+ 65, 256, PSA_KEY_USAGE_EXPORT, PSA_ALG_ECDSA_ANY,
+ 0xEF, PSA_KEY_LIFETIME_PERSISTENT,
+ 256, PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_ASYMMETRIC_ENCRYPTION
+#ifdef ARCH_TEST_ECC_CURVE_SECP224R1
+{"Test psa_close_key with EC keypair\n", 10,
+ PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP224R1),
+ {0},
+ 28, 224, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 0x123, PSA_KEY_LIFETIME_PERSISTENT,
+ 224, PSA_SUCCESS
+},
+#endif
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c051/test_entry_c051.c b/api-tests/dev_apis/crypto/test_c051/test_entry_c051.c
new file mode 100644
index 00000000..7faa27d6
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c051/test_entry_c051.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c051.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 51)
+#define TEST_DESC "Testing crypto key management APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c051_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c052/test.cmake b/api-tests/dev_apis/crypto/test_c052/test.cmake
new file mode 100644
index 00000000..ea2b77f5
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c052/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c052.c
+ test_c052.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c052/test_c052.c b/api-tests/dev_apis/crypto/test_c052/test_c052.c
new file mode 100644
index 00000000..61cd7bbf
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c052/test_c052.c
@@ -0,0 +1,90 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c052.h"
+#include "test_data.h"
+
+client_test_t test_c052_crypto_list[] = {
+ NULL,
+ psa_aead_encrypt_setup_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_aead_encrypt_setup_test(caller_security_t caller)
+{
+ int32_t i, status;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the key for a multipart authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].alg);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Setting up aead on destroyed key handle should return an error */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c052/test_c052.h b/api-tests/dev_apis/crypto/test_c052/test_c052.h
new file mode 100644
index 00000000..65e5c5fc
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c052/test_c052.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C052_CLIENT_TESTS_H_
+#define _TEST_C052_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c052)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c052_crypto_list[];
+
+int32_t psa_aead_encrypt_setup_test(caller_security_t caller);
+
+#endif /* _TEST_C052_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c052/test_data.h b/api-tests/dev_apis/crypto/test_c052/test_data.h
new file mode 100644
index 00000000..efe55f52
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c052/test_data.h
@@ -0,0 +1,88 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_algorithm_t alg;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_CCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_encrypt_setup - AES-CCM\n", 1, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_encrypt_setup - AES-CCM 24 bytes Tag length = 4\n", 2, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+ PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_GCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_encrypt_setup - GCM - 16B AES - 12B Nounce & 12B addi data\n", 3, PSA_KEY_TYPE_AES,
+{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
+ 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
+ PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_CCM
+#ifdef ARCH_TEST_DES_1KEY
+{"Test psa_aead_encrypt_setup - DES Key\n", 4, PSA_KEY_TYPE_DES,
+{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29}, DES_8B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+ PSA_ERROR_NOT_SUPPORTED
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_AES_128
+#ifdef ARCH_TEST_CIPER_MODE_CFB
+{"Test psa_aead_encrypt_setup - Unsupported Algorithm\n", 5, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CFB, PSA_ALG_CFB,
+ PSA_ERROR_NOT_SUPPORTED
+},
+#endif
+
+#ifdef ARCH_TEST_GCM
+{"Test psa_aead_encrypt_setup - Invalid key usage\n", 6, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
+ PSA_ERROR_NOT_PERMITTED
+},
+#endif
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c052/test_entry_c052.c b/api-tests/dev_apis/crypto/test_c052/test_entry_c052.c
new file mode 100644
index 00000000..9a93bfd7
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c052/test_entry_c052.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c052.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 52)
+#define TEST_DESC "Testing crypto AEAD APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c052_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c053/test.cmake b/api-tests/dev_apis/crypto/test_c053/test.cmake
new file mode 100644
index 00000000..661f1d82
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c053/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c053.c
+ test_c053.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c053/test_c053.c b/api-tests/dev_apis/crypto/test_c053/test_c053.c
new file mode 100644
index 00000000..8b215041
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c053/test_c053.c
@@ -0,0 +1,90 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c053.h"
+#include "test_data.h"
+
+client_test_t test_c053_crypto_list[] = {
+ NULL,
+ psa_aead_decrypt_setup_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_aead_decrypt_setup_test(caller_security_t caller)
+{
+ int32_t i, status;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the key for a multipart authenticated decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].alg);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Setting up aead on destroyed key handle should return an error */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c053/test_c053.h b/api-tests/dev_apis/crypto/test_c053/test_c053.h
new file mode 100644
index 00000000..0f3dde79
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c053/test_c053.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C053_CLIENT_TESTS_H_
+#define _TEST_C053_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c053)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c053_crypto_list[];
+
+int32_t psa_aead_decrypt_setup_test(caller_security_t caller);
+
+#endif /* _TEST_C053_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c053/test_data.h b/api-tests/dev_apis/crypto/test_c053/test_data.h
new file mode 100644
index 00000000..1dd20fa6
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c053/test_data.h
@@ -0,0 +1,88 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_algorithm_t alg;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_CCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_decrypt_setup - AES-CCM\n", 1, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_decrypt_setup - AES-CCM 24 bytes Tag length = 4\n", 2, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM,
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+ PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_GCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_decrypt_setup - GCM - 16B AES - 12B Nounce & 12B addi data\n", 3, PSA_KEY_TYPE_AES,
+{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
+ 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
+ PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_CCM
+#ifdef ARCH_TEST_DES_1KEY
+{"Test psa_aead_decrypt_setup - DES Key\n", 4, PSA_KEY_TYPE_DES,
+{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29}, DES_8B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+ PSA_ERROR_NOT_SUPPORTED
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_AES_128
+#ifdef ARCH_TEST_CIPER_MODE_CFB
+{"Test psa_aead_decrypt_setup - Unsupported Algorithm\n", 5, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CFB, PSA_ALG_CFB,
+ PSA_ERROR_NOT_SUPPORTED
+},
+#endif
+
+#ifdef ARCH_TEST_GCM
+{"Test psa_aead_decrypt_setup - Invalid key usage\n", 6, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
+ PSA_ERROR_NOT_PERMITTED
+},
+#endif
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c053/test_entry_c053.c b/api-tests/dev_apis/crypto/test_c053/test_entry_c053.c
new file mode 100644
index 00000000..70c97199
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c053/test_entry_c053.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c053.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 53)
+#define TEST_DESC "Testing crypto AEAD APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c053_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c054/test.cmake b/api-tests/dev_apis/crypto/test_c054/test.cmake
new file mode 100644
index 00000000..6dcf140b
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c054/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c054.c
+ test_c054.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c054/test_c054.c b/api-tests/dev_apis/crypto/test_c054/test_c054.c
new file mode 100644
index 00000000..553e073e
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c054/test_c054.c
@@ -0,0 +1,127 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c054.h"
+#include "test_data.h"
+
+client_test_t test_c054_crypto_list[] = {
+ NULL,
+ psa_aead_generate_nonce_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_aead_generate_nonce_test(caller_security_t caller)
+{
+ int32_t i, j, status, nonce_sum;
+ uint8_t nonce[SIZE_32B];
+ size_t nonce_length;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the key for a multipart authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Generate a random nonce for an authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_GENERATE_NONCE, &operation, nonce,
+ check1[i].nonce_size, &nonce_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ continue;
+ }
+
+ /* Check that if generated iv are non-zero */
+ nonce_sum = 0;
+ for (j = 0; j < nonce_length; j++)
+ {
+ nonce_sum += nonce[j];
+ }
+
+ TEST_ASSERT_NOT_EQUAL(nonce_sum, 0, TEST_CHECKPOINT_NUM(8));
+
+ /* Generate a random nonce on an ongoing operation should be an error */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_GENERATE_NONCE, &operation, nonce,
+ check1[i].nonce_size, &nonce_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(9));
+
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ /* Generate a random nonce on an aborted operation should be an error */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_GENERATE_NONCE, &operation, nonce,
+ check1[i].nonce_size, &nonce_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(12));
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c054/test_c054.h b/api-tests/dev_apis/crypto/test_c054/test_c054.h
new file mode 100644
index 00000000..65607163
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c054/test_c054.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C054_CLIENT_TESTS_H_
+#define _TEST_C054_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c054)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c054_crypto_list[];
+
+int32_t psa_aead_generate_nonce_test(caller_security_t caller);
+
+#endif /* _TEST_C054_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c054/test_data.h b/api-tests/dev_apis/crypto/test_c054/test_data.h
new file mode 100644
index 00000000..7fbeb40e
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c054/test_data.h
@@ -0,0 +1,68 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_algorithm_t alg;
+ size_t nonce_size;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_CCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_generate_nonce - AES-CCM\n", 1, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM, SIZE_32B,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_generate_nonce - AES-CCM 24 bytes Tag length = 4\n", 2, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, SIZE_32B,
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_generate_nonce - Small buffer size\n", 3, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM, 8,
+ PSA_ERROR_BUFFER_TOO_SMALL
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_GCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_generate_nonce - GCM - 16B AES - 12B Nounce & 12B addi data\n", 4, PSA_KEY_TYPE_AES,
+{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
+ 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM, SIZE_32B,
+ PSA_SUCCESS
+},
+#endif
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c054/test_entry_c054.c b/api-tests/dev_apis/crypto/test_c054/test_entry_c054.c
new file mode 100644
index 00000000..0092c864
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c054/test_entry_c054.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c054.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 54)
+#define TEST_DESC "Testing crypto AEAD APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c054_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c055/test.cmake b/api-tests/dev_apis/crypto/test_c055/test.cmake
new file mode 100644
index 00000000..42bc8e68
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c055/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c055.c
+ test_c055.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c055/test_c055.c b/api-tests/dev_apis/crypto/test_c055/test_c055.c
new file mode 100644
index 00000000..741fad16
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c055/test_c055.c
@@ -0,0 +1,116 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c055.h"
+#include "test_data.h"
+
+client_test_t test_c055_crypto_list[] = {
+ NULL,
+ psa_aead_set_nonce_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_aead_set_nonce_test(caller_security_t caller)
+{
+ int32_t i, status;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the key for a multipart authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Set the nonce for an authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE, &operation, check1[i].nonce,
+ check1[i].nonce_size);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ continue;
+ }
+
+ /* Setting the nonce on an ongoing operation should be an error */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE, &operation, check1[i].nonce,
+ check1[i].nonce_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(8));
+
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ /* Setting the nonce on an aborted operation should be an error */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE, &operation, check1[i].nonce,
+ check1[i].nonce_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(11));
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c055/test_c055.h b/api-tests/dev_apis/crypto/test_c055/test_c055.h
new file mode 100644
index 00000000..6e4ae3fa
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c055/test_c055.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C055_CLIENT_TESTS_H_
+#define _TEST_C055_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c055)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c055_crypto_list[];
+
+int32_t psa_aead_set_nonce_test(caller_security_t caller);
+
+#endif /* _TEST_C055_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c055/test_data.h b/api-tests/dev_apis/crypto/test_c055/test_data.h
new file mode 100644
index 00000000..458e70bd
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c055/test_data.h
@@ -0,0 +1,86 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_algorithm_t alg;
+ uint8_t nonce[32];
+ size_t nonce_size;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_CCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_set_nonce - AES-CCM\n", 1, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_set_nonce - AES-CCM 24 bytes Tag length = 4\n", 2, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_set_nonce - Small nounce size\n", 3, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x00, 0x01, 0x02}, 3,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_aead_set_nonce - Large nonce size\n", 4, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+ 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F}, 32,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_GCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_set_nonce - GCM - 16B AES - 12B Nounce & 12B addi data\n", 6, PSA_KEY_TYPE_AES,
+{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
+ 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16,
+ PSA_SUCCESS
+},
+#endif
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c055/test_entry_c055.c b/api-tests/dev_apis/crypto/test_c055/test_entry_c055.c
new file mode 100644
index 00000000..d70ff1ab
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c055/test_entry_c055.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c055.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 55)
+#define TEST_DESC "Testing crypto AEAD APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c055_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c056/test.cmake b/api-tests/dev_apis/crypto/test_c056/test.cmake
new file mode 100644
index 00000000..6aa55f5f
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c056/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c056.c
+ test_c056.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c056/test_c056.c b/api-tests/dev_apis/crypto/test_c056/test_c056.c
new file mode 100644
index 00000000..5b9f0c73
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c056/test_c056.c
@@ -0,0 +1,121 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c056.h"
+#include "test_data.h"
+
+client_test_t test_c056_crypto_list[] = {
+ NULL,
+ psa_aead_set_lengths_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_aead_set_lengths_test(caller_security_t caller)
+{
+ int32_t i, status;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the key for a multipart authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Set the nonce for an authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE, &operation, check1[i].nonce,
+ check1[i].nonce_size);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Declare the lengths of the message and additional data for AEAD */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS, &operation, check1[i].ad_length,
+ check1[i].plaintext_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Declare the lengths of failed operation should be an error */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS, &operation,
+ check1[i].ad_length, check1[i].plaintext_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(7));
+
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ continue;
+ }
+
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ /* Declare the lengths of an aborted operation should be an error */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS, &operation, check1[i].ad_length,
+ check1[i].plaintext_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(12));
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c056/test_c056.h b/api-tests/dev_apis/crypto/test_c056/test_c056.h
new file mode 100644
index 00000000..ba639f19
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c056/test_c056.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C056_CLIENT_TESTS_H_
+#define _TEST_C056_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c056)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c056_crypto_list[];
+
+int32_t psa_aead_set_lengths_test(caller_security_t caller);
+
+#endif /* _TEST_C056_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c056/test_data.h b/api-tests/dev_apis/crypto/test_c056/test_data.h
new file mode 100644
index 00000000..8022ea99
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c056/test_data.h
@@ -0,0 +1,97 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_algorithm_t alg;
+ uint8_t nonce[32];
+ size_t nonce_size;
+ size_t ad_length;
+ size_t plaintext_length;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_CCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_set_lengths - AES-CCM\n", 1, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 8, 32,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_set_lengths - AES-CCM 24 bytes Tag length = 4\n", 2, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 8, 32,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_set_lengths - Zero ad size\n", 3, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 0, 32,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_aead_set_lengths - Zero plaintext size\n", 4, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 8, 0,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_aead_set_lengths - Invalid lengths\n", 5, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 1, 1,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_GCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_set_lengths - Vey large lengths\n", 6, PSA_KEY_TYPE_AES,
+{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
+ 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 1000, 1000,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+#endif
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c056/test_entry_c056.c b/api-tests/dev_apis/crypto/test_c056/test_entry_c056.c
new file mode 100644
index 00000000..7085f479
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c056/test_entry_c056.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c056.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 56)
+#define TEST_DESC "Testing crypto AEAD APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c056_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c057/test.cmake b/api-tests/dev_apis/crypto/test_c057/test.cmake
new file mode 100644
index 00000000..1458e522
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c057/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c057.c
+ test_c057.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c057/test_c057.c b/api-tests/dev_apis/crypto/test_c057/test_c057.c
new file mode 100644
index 00000000..95dd0f41
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c057/test_c057.c
@@ -0,0 +1,126 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c057.h"
+#include "test_data.h"
+
+client_test_t test_c057_crypto_list[] = {
+ NULL,
+ psa_aead_update_ad_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_aead_update_ad_test(caller_security_t caller)
+{
+ int32_t i, status;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the key for a multipart authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Set the nonce for an authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE, &operation, check1[i].nonce,
+ check1[i].nonce_size);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Declare the lengths of the message and additional data for AEAD */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS, &operation, check1[i].ad_length,
+ check1[i].plaintext_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Pass additional data to an active AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE_AD, &operation,
+ check1[i].additional_data, check1[i].ad_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(7));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Pass additional data to an inactive AEAD operation should fail */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE_AD, &operation,
+ check1[i].additional_data, check1[i].ad_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(8));
+
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ continue;
+ }
+
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ /* Pass additional data to an inactive AEAD operation should fail */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE_AD, &operation,
+ check1[i].additional_data, check1[i].ad_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(13));
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c057/test_c057.h b/api-tests/dev_apis/crypto/test_c057/test_c057.h
new file mode 100644
index 00000000..fcbfd89a
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c057/test_c057.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C057_CLIENT_TESTS_H_
+#define _TEST_C057_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c057)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c057_crypto_list[];
+
+int32_t psa_aead_update_ad_test(caller_security_t caller);
+
+#endif /* _TEST_C057_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c057/test_data.h b/api-tests/dev_apis/crypto/test_c057/test_data.h
new file mode 100644
index 00000000..68bb98cd
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c057/test_data.h
@@ -0,0 +1,104 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_algorithm_t alg;
+ uint8_t additional_data[32];
+ uint8_t nonce[32];
+ size_t nonce_size;
+ size_t ad_length;
+ size_t plaintext_length;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_CCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_update_ad - AES-CCM\n", 1, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 13, 32,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_update_ad - AES-CCM 24 bytes Tag length = 4\n", 2, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 13, 32,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_update_ad - Zero ad size\n", 3, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 0, 32,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_aead_update_ad - Zero plaintext size\n", 4, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x0B, 0xE1, 0xA8, 0x8B, 0xAC, 0xE0, 0x18, 0xB1},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 8, 0,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_aead_update_ad - Invalid lengths\n", 5, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+{0x72},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 1, 1,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_GCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_update_ad - Vey large lengths\n", 6, PSA_KEY_TYPE_AES,
+{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
+ 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
+{0x10},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 1000, 1000,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+#endif
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c057/test_entry_c057.c b/api-tests/dev_apis/crypto/test_c057/test_entry_c057.c
new file mode 100644
index 00000000..50d33f7e
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c057/test_entry_c057.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c057.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 57)
+#define TEST_DESC "Testing crypto AEAD APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c057_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c058/test.cmake b/api-tests/dev_apis/crypto/test_c058/test.cmake
new file mode 100644
index 00000000..fc3c86d6
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c058/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c058.c
+ test_c058.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c058/test_c058.c b/api-tests/dev_apis/crypto/test_c058/test_c058.c
new file mode 100644
index 00000000..5b6db96d
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c058/test_c058.c
@@ -0,0 +1,140 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c058.h"
+#include "test_data.h"
+
+client_test_t test_c058_crypto_list[] = {
+ NULL,
+ psa_aead_update_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_aead_update_test(caller_security_t caller)
+{
+ int32_t i, status;
+ uint8_t output[BUFFER_SIZE];
+ size_t length;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the key for a multipart authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Set the nonce for an authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE, &operation, check1[i].nonce,
+ check1[i].nonce_size);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Declare the lengths of the message and additional data for AEAD */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS, &operation, check1[i].ad_length,
+ check1[i].input_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Pass additional data to an active AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE_AD, &operation,
+ check1[i].additional_data, check1[i].ad_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Encrypt or decrypt a message fragment in an active AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE, &operation,
+ check1[i].plaintext_length, check1[i].plaintext, output,
+ check1[i].output_size, &length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(8));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Encrypt or decrypt a message fragment in an inactive AEAD operation should fail */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE, &operation,
+ check1[i].plaintext_length, check1[i].plaintext, output,
+ check1[i].output_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(9));
+
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ continue;
+ }
+
+ /* Compare the output and its length with the expected values */
+ TEST_ASSERT_EQUAL(length, check1[i].expected_length, TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_MEMCMP(output, check1[i].expected_output, length, TEST_CHECKPOINT_NUM(13));
+
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(15));
+
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ /* Encrypt or decrypt a message fragment in an inactive AEAD operation should fail */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE, &operation,
+ check1[i].plaintext_length, check1[i].plaintext, output,
+ check1[i].output_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(16));
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c058/test_c058.h b/api-tests/dev_apis/crypto/test_c058/test_c058.h
new file mode 100644
index 00000000..72129758
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c058/test_c058.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C058_CLIENT_TESTS_H_
+#define _TEST_C058_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c058)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c058_crypto_list[];
+
+int32_t psa_aead_update_test(caller_security_t caller);
+
+#endif /* _TEST_C058_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c058/test_data.h b/api-tests/dev_apis/crypto/test_c058/test_data.h
new file mode 100644
index 00000000..bdae86a5
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c058/test_data.h
@@ -0,0 +1,132 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_algorithm_t alg;
+ uint8_t plaintext[30];
+ uint8_t additional_data[32];
+ uint8_t nonce[32];
+ size_t nonce_size;
+ size_t ad_length;
+ size_t plaintext_length;
+ size_t input_length;
+ size_t output_size;
+ size_t expected_output[45];
+ size_t expected_length;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_CCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_update - AES-CCM\n", 1, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 13, 24, 24, BUFFER_SIZE,
+{0x26, 0xc5, 0x69, 0x61, 0xc0, 0x35, 0xa7, 0xe4, 0x52, 0xcc, 0xe6, 0x1b, 0xc6,
+ 0xee, 0x22, 0x0d, 0x77, 0xb3, 0xf9, 0x4d, 0x18, 0xfd, 0x10, 0xb6, 0xd8, 0x0e,
+ 0x8b, 0xf8, 0x0f, 0x4a, 0x46, 0xca, 0xb0, 0x6d, 0x43, 0x13, 0xf0, 0xdb, 0x9b,
+ 0xe9}, 40,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_update - AES-CCM 24 bytes Tag length = 4\n", 2, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 13, 24, 24, BUFFER_SIZE,
+{0x26, 0xc5, 0x69, 0x61, 0xc0, 0x35, 0xa7, 0xe4, 0x52, 0xcc, 0xe6, 0x1b, 0xc6,
+ 0xee, 0x22, 0x0d, 0x77, 0xb3, 0xf9, 0x4d, 0x18, 0xfd, 0x10, 0xb6, 0x64, 0x3b,
+ 0x4f, 0x39}, 28,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_update - Zero plaintext size\n", 3, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0},
+{0x0B, 0xE1, 0xA8, 0x8B, 0xAC, 0xE0, 0x18, 0xB1},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 8, 0, 0, BUFFER_SIZE, {0}, 0,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_aead_update - Small buffer size\n", 4, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 13, 24, 24, 10, {0}, 0,
+ PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{"Test psa_aead_update - Input length overflows plaintext length\n", 5, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 13, 24, 10, BUFFER_SIZE, {0}, 0,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_GCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_update - GCM - 16B AES - 12B Nounce & 12B addi data\n", 6, PSA_KEY_TYPE_AES,
+{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
+ 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
+{0x45, 0x00, 0x00, 0x1c, 0x42, 0xa2, 0x00, 0x00, 0x80, 0x01, 0x44, 0x1f, 0x40,
+ 0x67, 0x93, 0xb6, 0xe0, 0x00, 0x00, 0x02, 0x0a, 0x00, 0xf5, 0xff, 0x01, 0x02,
+ 0x02, 0x01},
+{0x42, 0xf6, 0x7e, 0x3f, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10},
+{0x57, 0x69, 0x0e, 0x43, 0x4e, 0x28, 0x00, 0x00, 0xa2, 0xfc, 0xa1, 0xa3},
+ 12, 12, 28, 28, BUFFER_SIZE,
+{0xFB, 0xA2, 0xCA, 0x84, 0x5E, 0x5D, 0xF9, 0xF0, 0xF2, 0x2C, 0x3E, 0x6E, 0x86,
+ 0xDD, 0x83, 0x1E, 0x1F, 0xC6, 0x57, 0x92, 0xCD, 0x1A, 0xF9, 0x13, 0x0E, 0x13,
+ 0x79, 0xED, 0x36, 0x9F, 0x07, 0x1F, 0x35, 0xE0, 0x34, 0xBE, 0x95, 0xF1, 0x12,
+ 0xE4, 0xE7, 0xD0, 0x5D, 0x35}, 44,
+ PSA_SUCCESS
+},
+#endif
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c058/test_entry_c058.c b/api-tests/dev_apis/crypto/test_c058/test_entry_c058.c
new file mode 100644
index 00000000..ba708614
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c058/test_entry_c058.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c058.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 58)
+#define TEST_DESC "Testing crypto AEAD APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c058_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c059/test.cmake b/api-tests/dev_apis/crypto/test_c059/test.cmake
new file mode 100644
index 00000000..8bd61d7a
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c059/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c059.c
+ test_c059.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c059/test_c059.c b/api-tests/dev_apis/crypto/test_c059/test_c059.c
new file mode 100644
index 00000000..86f3fb71
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c059/test_c059.c
@@ -0,0 +1,145 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c059.h"
+#include "test_data.h"
+
+client_test_t test_c059_crypto_list[] = {
+ NULL,
+ psa_aead_finish_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t output[BUFFER_SIZE], tag[SIZE_128B];
+
+int32_t psa_aead_finish_test(caller_security_t caller)
+{
+ int32_t i, status;
+ size_t length, tag_length;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the key for a multipart authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Set the nonce for an authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE, &operation, check1[i].nonce,
+ check1[i].nonce_size);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Declare the lengths of the message and additional data for AEAD */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS, &operation, check1[i].ad_length,
+ check1[i].input_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Pass additional data to an active AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE_AD, &operation,
+ check1[i].additional_data, check1[i].ad_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Encrypt or decrypt a message fragment in an active AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE, &operation,
+ check1[i].plaintext_length, check1[i].plaintext, output,
+ BUFFER_SIZE, &length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Finish encrypting a message in an AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_FINISH, &operation, output,
+ check1[i].output_size, &length, tag, check1[i].tag_size, &tag_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(9));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Finish encrypting a message with an inactive operator should fail */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_FINISH, &operation, output,
+ check1[i].output_size, &length, tag, check1[i].tag_size, &tag_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(10));
+
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ continue;
+ }
+
+ /* Compare the output and its length with the expected values */
+ TEST_ASSERT_EQUAL(length, check1[i].expected_length, TEST_CHECKPOINT_NUM(13));
+ TEST_ASSERT_MEMCMP(output, check1[i].expected_output, length, TEST_CHECKPOINT_NUM(14));
+ TEST_ASSERT_EQUAL(tag_length, check1[i].expected_tag_length, TEST_CHECKPOINT_NUM(15));
+ TEST_ASSERT_MEMCMP(tag, check1[i].expected_tag, tag_length, TEST_CHECKPOINT_NUM(16));
+
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(17));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(18));
+
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ /* Finish encrypting a message with an inactive operator should fail */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_FINISH, &operation, output,
+ check1[i].output_size, &length, tag, check1[i].tag_size, &tag_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(19));
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c059/test_c059.h b/api-tests/dev_apis/crypto/test_c059/test_c059.h
new file mode 100644
index 00000000..ed18925f
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c059/test_c059.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C059_CLIENT_TESTS_H_
+#define _TEST_C059_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c059)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c059_crypto_list[];
+
+int32_t psa_aead_finish_test(caller_security_t caller);
+
+#endif /* _TEST_C059_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c059/test_data.h b/api-tests/dev_apis/crypto/test_c059/test_data.h
new file mode 100644
index 00000000..9ea4b0ec
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c059/test_data.h
@@ -0,0 +1,124 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_algorithm_t alg;
+ uint8_t plaintext[30];
+ uint8_t additional_data[32];
+ uint8_t nonce[32];
+ size_t nonce_size;
+ size_t ad_length;
+ size_t plaintext_length;
+ size_t input_length;
+ size_t output_size;
+ size_t expected_output[45];
+ size_t expected_length;
+ size_t tag_size;
+ size_t expected_tag[64];
+ size_t expected_tag_length;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_CCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_finish - AES-CCM\n", 1, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 13, 24, 24, BUFFER_SIZE,
+{0x26, 0xc5, 0x69, 0x61, 0xc0, 0x35, 0xa7, 0xe4, 0x52, 0xcc, 0xe6, 0x1b, 0xc6,
+ 0xee, 0x22, 0x0d, 0x77, 0xb3, 0xf9, 0x4d, 0x18, 0xfd, 0x10, 0xb6, 0xd8, 0x0e,
+ 0x8b, 0xf8, 0x0f, 0x4a, 0x46, 0xca, 0xb0, 0x6d, 0x43, 0x13, 0xf0, 0xdb, 0x9b,
+ 0xe9}, 40, SIZE_32B, {0}, 0,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_finish - AES-CCM 24 bytes Tag length = 4\n", 2, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 13, 24, 24, BUFFER_SIZE,
+{0x26, 0xc5, 0x69, 0x61, 0xc0, 0x35, 0xa7, 0xe4, 0x52, 0xcc, 0xe6, 0x1b, 0xc6,
+ 0xee, 0x22, 0x0d, 0x77, 0xb3, 0xf9, 0x4d, 0x18, 0xfd, 0x10, 0xb6, 0x64, 0x3b,
+ 0x4f, 0x39}, 28, SIZE_32B, {0}, 0,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_finish - Small buffer size\n", 4, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 13, 24, 24, 10, {0}, 0, SIZE_32B, {0}, 0,
+ PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{"Test psa_aead_finish - Input length is less than plaintext length\n", 5, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 13, 24, 30, BUFFER_SIZE, {0}, 0,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_GCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_finish - GCM - 16B AES - 12B Nounce & 12B addi data\n", 6, PSA_KEY_TYPE_AES,
+{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
+ 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
+{0x45, 0x00, 0x00, 0x1c, 0x42, 0xa2, 0x00, 0x00, 0x80, 0x01, 0x44, 0x1f, 0x40,
+ 0x67, 0x93, 0xb6, 0xe0, 0x00, 0x00, 0x02, 0x0a, 0x00, 0xf5, 0xff, 0x01, 0x02,
+ 0x02, 0x01},
+{0x42, 0xf6, 0x7e, 0x3f, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10},
+{0x57, 0x69, 0x0e, 0x43, 0x4e, 0x28, 0x00, 0x00, 0xa2, 0xfc, 0xa1, 0xa3},
+ 12, 12, 28, 28, BUFFER_SIZE,
+{0xFB, 0xA2, 0xCA, 0x84, 0x5E, 0x5D, 0xF9, 0xF0, 0xF2, 0x2C, 0x3E, 0x6E, 0x86,
+ 0xDD, 0x83, 0x1E, 0x1F, 0xC6, 0x57, 0x92, 0xCD, 0x1A, 0xF9, 0x13, 0x0E, 0x13,
+ 0x79, 0xED, 0x36, 0x9F, 0x07, 0x1F, 0x35, 0xE0, 0x34, 0xBE, 0x95, 0xF1, 0x12,
+ 0xE4, 0xE7, 0xD0, 0x5D, 0x35}, 44,
+ PSA_SUCCESS
+},
+#endif
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c059/test_entry_c059.c b/api-tests/dev_apis/crypto/test_c059/test_entry_c059.c
new file mode 100644
index 00000000..6fe48021
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c059/test_entry_c059.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c059.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 59)
+#define TEST_DESC "Testing crypto AEAD APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c059_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c060/test.cmake b/api-tests/dev_apis/crypto/test_c060/test.cmake
new file mode 100644
index 00000000..37ad289c
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c060/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c060.c
+ test_c060.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c060/test_c060.c b/api-tests/dev_apis/crypto/test_c060/test_c060.c
new file mode 100644
index 00000000..e924a9ea
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c060/test_c060.c
@@ -0,0 +1,111 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c060.h"
+#include "test_data.h"
+
+client_test_t test_c060_crypto_list[] = {
+ NULL,
+ psa_aead_abort_test,
+ psa_aead_abort_init_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_aead_abort_test(caller_security_t caller)
+{
+ int32_t i, status;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the key for a multipart authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Reset the key attributes and check if psa_import_key fails */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_aead_abort_init_test(caller_security_t caller)
+{
+ int32_t i, status;
+ psa_aead_operation_t operation[] = {PSA_AEAD_OPERATION_INIT, psa_aead_operation_init(), {0} };
+ uint32_t operation_count = sizeof(operation)/sizeof(operation[0]);
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "Test psa_aead_abort with all initializations\n", 0);
+
+ for (i = 0; i < operation_count; i++)
+ {
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation[i]);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(2));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+
diff --git a/api-tests/dev_apis/crypto/test_c060/test_c060.h b/api-tests/dev_apis/crypto/test_c060/test_c060.h
new file mode 100644
index 00000000..334d180e
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c060/test_c060.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C060_CLIENT_TESTS_H_
+#define _TEST_C060_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c060)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c060_crypto_list[];
+
+int32_t psa_aead_abort_test(caller_security_t caller);
+int32_t psa_aead_abort_init_test(caller_security_t caller);
+
+#endif /* _TEST_C060_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c060/test_data.h b/api-tests/dev_apis/crypto/test_c060/test_data.h
new file mode 100644
index 00000000..fcdef1f8
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c060/test_data.h
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_algorithm_t alg;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_CCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_abort - AES-CCM\n", 1, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_abort - AES-CCM 24 bytes Tag length = 4\n", 2, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+ PSA_SUCCESS
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_GCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_abort - GCM - 16B AES - 12B Nounce & 12B addi data\n", 3, PSA_KEY_TYPE_AES,
+{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
+ 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
+ PSA_SUCCESS
+},
+#endif
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c060/test_entry_c060.c b/api-tests/dev_apis/crypto/test_c060/test_entry_c060.c
new file mode 100644
index 00000000..2f7e4c1d
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c060/test_entry_c060.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c060.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 60)
+#define TEST_DESC "Testing crypto AEAD APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c060_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c061/test.cmake b/api-tests/dev_apis/crypto/test_c061/test.cmake
new file mode 100644
index 00000000..5a24243f
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c061/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_c061.c
+ test_c061.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/crypto/test_c061/test_c061.c b/api-tests/dev_apis/crypto/test_c061/test_c061.c
new file mode 100644
index 00000000..4b6bec98
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c061/test_c061.c
@@ -0,0 +1,145 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c061.h"
+#include "test_data.h"
+
+client_test_t test_c061_crypto_list[] = {
+ NULL,
+ psa_aead_verify_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t output[BUFFER_SIZE], tag[SIZE_128B];
+
+int32_t psa_aead_verify_test(caller_security_t caller)
+{
+ int32_t i, status;
+ size_t length;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
+
+ if (num_checks == 0)
+ {
+ val->print(PRINT_TEST, "No test available for the selected crypto configuration\n", 0);
+ return RESULT_SKIP(VAL_STATUS_NO_TESTS);
+ }
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Setup the attributes for the key */
+ val->crypto_function(VAL_CRYPTO_SET_KEY_TYPE, &attributes, check1[i].key_type);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_USAGE_FLAGS, &attributes, check1[i].usage);
+ val->crypto_function(VAL_CRYPTO_SET_KEY_ALGORITHM, &attributes, check1[i].key_alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, &attributes, check1[i].key_data,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the key for a multipart authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Set the nonce for an authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_NONCE, &operation, check1[i].nonce,
+ check1[i].nonce_size);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Declare the lengths of the message and additional data for AEAD */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_SET_LENGTHS, &operation, check1[i].ad_length,
+ check1[i].input_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Pass additional data to an active AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE_AD, &operation,
+ check1[i].additional_data, check1[i].ad_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Encrypt or decrypt a message fragment in an active AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_UPDATE, &operation,
+ check1[i].plaintext_length, check1[i].plaintext, output,
+ BUFFER_SIZE, &length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Finish authenticating and decrypting a message in an AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_VERIFY, &operation, output,
+ check1[i].output_size, &length, tag, check1[i].tag_size);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(9));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Finish authenticating and decrypting a msg with an inactive operator should fail */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_VERIFY, &operation, output,
+ check1[i].output_size, &length, tag, check1[i].tag_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(10));
+
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+ continue;
+ }
+
+ /* Compare the output and its length with the expected values */
+ TEST_ASSERT_EQUAL(length, check1[i].expected_length, TEST_CHECKPOINT_NUM(13));
+ TEST_ASSERT_MEMCMP(output, check1[i].expected_output, length, TEST_CHECKPOINT_NUM(14));
+ TEST_ASSERT_MEMCMP(tag, check1[i].expected_tag, check1[i].expected_tag_length,
+ TEST_CHECKPOINT_NUM(15));
+
+ /* Abort the AEAD operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(16));
+
+ /* Destroy the key */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(17));
+
+ /* Reset the key attributes */
+ val->crypto_function(VAL_CRYPTO_RESET_KEY_ATTRIBUTES, &attributes);
+
+ /* Finish authenticating and decrypting a message with an inactive operator should fail */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_VERIFY, &operation, output,
+ check1[i].output_size, &length, tag, check1[i].tag_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(18));
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c061/test_c061.h b/api-tests/dev_apis/crypto/test_c061/test_c061.h
new file mode 100644
index 00000000..9ce0ed2e
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c061/test_c061.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C061_CLIENT_TESTS_H_
+#define _TEST_C061_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_, c061)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c061_crypto_list[];
+
+int32_t psa_aead_verify_test(caller_security_t caller);
+
+#endif /* _TEST_C061_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c061/test_data.h b/api-tests/dev_apis/crypto/test_c061/test_data.h
new file mode 100644
index 00000000..af8e2610
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c061/test_data.h
@@ -0,0 +1,124 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_algorithm_t alg;
+ uint8_t plaintext[30];
+ uint8_t additional_data[32];
+ uint8_t nonce[32];
+ size_t nonce_size;
+ size_t ad_length;
+ size_t plaintext_length;
+ size_t input_length;
+ size_t output_size;
+ size_t expected_output[45];
+ size_t expected_length;
+ size_t tag_size;
+ size_t expected_tag[64];
+ size_t expected_tag_length;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+#ifdef ARCH_TEST_CCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_verify - AES-CCM\n", 1, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 13, 24, 24, BUFFER_SIZE,
+{0x26, 0xc5, 0x69, 0x61, 0xc0, 0x35, 0xa7, 0xe4, 0x52, 0xcc, 0xe6, 0x1b, 0xc6,
+ 0xee, 0x22, 0x0d, 0x77, 0xb3, 0xf9, 0x4d, 0x18, 0xfd, 0x10, 0xb6, 0xd8, 0x0e,
+ 0x8b, 0xf8, 0x0f, 0x4a, 0x46, 0xca, 0xb0, 0x6d, 0x43, 0x13, 0xf0, 0xdb, 0x9b,
+ 0xe9}, 40, SIZE_32B, {0}, 0,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_verify - AES-CCM 24 bytes Tag length = 4\n", 2, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM,
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 13, 24, 24, BUFFER_SIZE,
+{0x26, 0xc5, 0x69, 0x61, 0xc0, 0x35, 0xa7, 0xe4, 0x52, 0xcc, 0xe6, 0x1b, 0xc6,
+ 0xee, 0x22, 0x0d, 0x77, 0xb3, 0xf9, 0x4d, 0x18, 0xfd, 0x10, 0xb6, 0x64, 0x3b,
+ 0x4f, 0x39}, 28, SIZE_32B, {0}, 0,
+ PSA_SUCCESS
+},
+
+{"Test psa_aead_verify - Small buffer size\n", 4, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 13, 24, 24, 10, {0}, 0, SIZE_32B, {0}, 0,
+ PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{"Test psa_aead_verify - Input length is less than plaintext length\n", 5, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM, PSA_ALG_CCM,
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef},
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16, 13, 24, 30, BUFFER_SIZE, {0}, 0,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+#endif
+#endif
+
+#ifdef ARCH_TEST_GCM
+#ifdef ARCH_TEST_AES_128
+{"Test psa_aead_verify - GCM - 16B AES - 12B Nounce & 12B addi data\n", 6, PSA_KEY_TYPE_AES,
+{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
+ 0x7e, 0xae, 0x1f}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_GCM, PSA_ALG_GCM,
+{0x45, 0x00, 0x00, 0x1c, 0x42, 0xa2, 0x00, 0x00, 0x80, 0x01, 0x44, 0x1f, 0x40,
+ 0x67, 0x93, 0xb6, 0xe0, 0x00, 0x00, 0x02, 0x0a, 0x00, 0xf5, 0xff, 0x01, 0x02,
+ 0x02, 0x01},
+{0x42, 0xf6, 0x7e, 0x3f, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10},
+{0x57, 0x69, 0x0e, 0x43, 0x4e, 0x28, 0x00, 0x00, 0xa2, 0xfc, 0xa1, 0xa3},
+ 12, 12, 28, 28, BUFFER_SIZE,
+{0xFB, 0xA2, 0xCA, 0x84, 0x5E, 0x5D, 0xF9, 0xF0, 0xF2, 0x2C, 0x3E, 0x6E, 0x86,
+ 0xDD, 0x83, 0x1E, 0x1F, 0xC6, 0x57, 0x92, 0xCD, 0x1A, 0xF9, 0x13, 0x0E, 0x13,
+ 0x79, 0xED, 0x36, 0x9F, 0x07, 0x1F, 0x35, 0xE0, 0x34, 0xBE, 0x95, 0xF1, 0x12,
+ 0xE4, 0xE7, 0xD0, 0x5D, 0x35}, 44,
+ PSA_SUCCESS
+},
+#endif
+#endif
+};
diff --git a/api-tests/dev_apis/crypto/test_c061/test_entry_c061.c b/api-tests/dev_apis/crypto/test_c061/test_entry_c061.c
new file mode 100644
index 00000000..4bc7d58a
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c061/test_entry_c061.c
@@ -0,0 +1,54 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c061.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 61)
+#define TEST_DESC "Testing crypto AEAD APIs\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c061_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/testsuite.db b/api-tests/dev_apis/crypto/testsuite.db
index ebe6839a..e857a3e1 100644
--- a/api-tests/dev_apis/crypto/testsuite.db
+++ b/api-tests/dev_apis/crypto/testsuite.db
@@ -64,5 +64,22 @@ test_c041
test_c042
test_c043
test_c044
+test_c045
+test_c046
+test_c047
+test_c048
+test_c049
+test_c050
+test_c051
+test_c052
+test_c053
+test_c054
+test_c055
+test_c056
+test_c057
+test_c058
+test_c059
+test_c060
+test_c061
(END)
diff --git a/api-tests/dev_apis/initial_attestation/suite.cmake b/api-tests/dev_apis/initial_attestation/suite.cmake
new file mode 100644
index 00000000..913f7a44
--- /dev/null
+++ b/api-tests/dev_apis/initial_attestation/suite.cmake
@@ -0,0 +1,62 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+foreach(test ${PSA_TEST_LIST})
+ include(${PSA_SUITE_DIR}/${test}/test.cmake)
+ foreach(source_file ${CC_SOURCE})
+ list(APPEND SUITE_CC_SOURCE
+ ${PSA_SUITE_DIR}/${test}/${source_file}
+ )
+ endforeach()
+ foreach(asm_file ${AS_SOURCE})
+ list(APPEND SUITE_AS_SOURCE
+ ${PSA_SUITE_DIR}/${test}/${asm_file}
+ )
+ endforeach()
+ unset(CC_SOURCE)
+ unset(AS_SOURCE)
+endforeach()
+
+add_definitions(${CC_OPTIONS})
+add_definitions(${AS_OPTIONS})
+add_library(${PSA_TARGET_TEST_COMBINE_LIB} STATIC ${SUITE_CC_SOURCE} ${SUITE_AS_SOURCE})
+
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE
+ ${PSA_QCBOR_INCLUDE_PATH}
+)
+endif()
+
+# Test related Include directories
+foreach(test ${PSA_TEST_LIST})
+ target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE ${PSA_SUITE_DIR}/${test})
+endforeach()
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE
+ ${psa_inc_path}
+ )
+endforeach()
+
+target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE
+ ${CMAKE_CURRENT_BINARY_DIR}
+ ${PSA_ROOT_DIR}/val/common
+ ${PSA_ROOT_DIR}/val/nspe
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto
+)
diff --git a/api-tests/dev_apis/initial_attestation/test_a001/source.mk b/api-tests/dev_apis/initial_attestation/test_a001/source.mk
deleted file mode 100644
index befc490b..00000000
--- a/api-tests/dev_apis/initial_attestation/test_a001/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_a001.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/initial_attestation/test_a001/test.cmake b/api-tests/dev_apis/initial_attestation/test_a001/test.cmake
new file mode 100644
index 00000000..55df1fa6
--- /dev/null
+++ b/api-tests/dev_apis/initial_attestation/test_a001/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_a001.c
+ test_a001.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/initial_attestation/test_a001/test_a001.c b/api-tests/dev_apis/initial_attestation/test_a001/test_a001.c
index 1f6276da..f46012d5 100644
--- a/api-tests/dev_apis/initial_attestation/test_a001/test_a001.c
+++ b/api-tests/dev_apis/initial_attestation/test_a001/test_a001.c
@@ -29,12 +29,14 @@ client_test_t test_a001_attestation_list[] = {
static int g_test_count = 1;
-int32_t psa_initial_attestation_get_token_test(security_t caller)
+int32_t psa_initial_attestation_get_token_test(caller_security_t caller)
{
int num_checks = sizeof(check1)/sizeof(check1[0]);
- uint32_t i, status, token_size;
+ uint32_t i;
+ int32_t status;
+ size_t token_buffer_size, token_size;
uint8_t challenge[PSA_INITIAL_ATTEST_CHALLENGE_SIZE_64+1];
- uint8_t token_buffer[TOKEN_SIZE];
+ uint8_t token_buffer[PSA_INITIAL_ATTEST_MAX_TOKEN_SIZE];
for (i = 0; i < num_checks; i++)
{
@@ -45,22 +47,28 @@ int32_t psa_initial_attestation_get_token_test(security_t caller)
memset(token_buffer, 0, sizeof(token_buffer));
status = val->attestation_function(VAL_INITIAL_ATTEST_GET_TOKEN_SIZE,
- check1[i].challenge_size, &token_size);
+ check1[i].challenge_size, &token_buffer_size);
if (status != PSA_SUCCESS)
{
if (check1[i].challenge_size != PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32 ||
check1[i].challenge_size != PSA_INITIAL_ATTEST_CHALLENGE_SIZE_48 ||
check1[i].challenge_size != PSA_INITIAL_ATTEST_CHALLENGE_SIZE_64)
{
- token_size = check1[i].token_size;
+ token_buffer_size = check1[i].token_size;
check1[i].challenge_size = check1[i].actual_challenge_size;
}
else
return status;
}
+ if (token_buffer_size > PSA_INITIAL_ATTEST_MAX_TOKEN_SIZE)
+ {
+ val->print(PRINT_ERROR, "Insufficient token buffer size\n", 0);
+ return VAL_STATUS_INSUFFICIENT_SIZE;
+ }
+
status = val->attestation_function(VAL_INITIAL_ATTEST_GET_TOKEN, challenge,
- check1[i].challenge_size, token_buffer, &token_size);
+ check1[i].challenge_size, token_buffer, token_buffer_size, &token_size);
TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(1));
if (check1[i].expected_status != PSA_SUCCESS)
@@ -75,10 +83,12 @@ int32_t psa_initial_attestation_get_token_test(security_t caller)
return VAL_STATUS_SUCCESS;
}
-int32_t psa_initial_attestation_get_token_size_test(security_t caller)
+int32_t psa_initial_attestation_get_token_size_test(caller_security_t caller)
{
int num_checks = sizeof(check2)/sizeof(check2[0]);
- uint32_t i, status, token_size;
+ uint32_t i;
+ int32_t status;
+ size_t token_size;
for (i = 0; i < num_checks; i++)
{
diff --git a/api-tests/dev_apis/initial_attestation/test_a001/test_a001.h b/api-tests/dev_apis/initial_attestation/test_a001/test_a001.h
index f4e7024c..432b4312 100644
--- a/api-tests/dev_apis/initial_attestation/test_a001/test_a001.h
+++ b/api-tests/dev_apis/initial_attestation/test_a001/test_a001.h
@@ -18,9 +18,9 @@
#define _TEST_A001_CLIENT_TESTS_H_
#include "val_attestation.h"
-#define test_entry CONCAT(test_entry_, a001)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, a001)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#define TOKEN_SIZE 512
@@ -28,6 +28,6 @@ extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_a001_attestation_list[];
-int32_t psa_initial_attestation_get_token_test(security_t caller);
-int32_t psa_initial_attestation_get_token_size_test(security_t caller);
+int32_t psa_initial_attestation_get_token_test(caller_security_t caller);
+int32_t psa_initial_attestation_get_token_size_test(caller_security_t caller);
#endif /* _TEST_A001_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/initial_attestation/test_a001/test_data.h b/api-tests/dev_apis/initial_attestation/test_a001/test_data.h
index bfeba554..036aab15 100644
--- a/api-tests/dev_apis/initial_attestation/test_a001/test_data.h
+++ b/api-tests/dev_apis/initial_attestation/test_a001/test_data.h
@@ -19,9 +19,9 @@
typedef struct {
char test_desc[100];
- uint32_t challenge_size;
- uint32_t actual_challenge_size;
- uint32_t token_size;
+ size_t challenge_size;
+ size_t actual_challenge_size;
+ size_t token_size;
psa_status_t expected_status;
} test_data;
@@ -40,31 +40,31 @@ static test_data check1[] = {
},
{"Test psa_initial_attestation_get_token with zero challenge size\n",
- 0, 0, TOKEN_SIZE, PSA_ATTEST_ERR_INVALID_INPUT
+ 0, 0, TOKEN_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
{"Test psa_initial_attestation_get_token with small challenge size\n",
PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32-1, PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32-1,
- TOKEN_SIZE, PSA_ATTEST_ERR_INVALID_INPUT
+ TOKEN_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
{"Test psa_initial_attestation_get_token with invalid challenge size\n",
PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32+1, PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32+1,
- TOKEN_SIZE, PSA_ATTEST_ERR_INVALID_INPUT
+ TOKEN_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
{"Test psa_initial_attestation_get_token with large challenge size\n",
- MAX_CHALLENGE_SIZE+1, MAX_CHALLENGE_SIZE+1, TOKEN_SIZE, PSA_ATTEST_ERR_INVALID_INPUT
+ MAX_CHALLENGE_SIZE+1, MAX_CHALLENGE_SIZE+1, TOKEN_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
{"Test psa_initial_attestation_get_token with zero as token size\n",
PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32-1, PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32,
- 0, PSA_ATTEST_ERR_INVALID_INPUT
+ 0, PSA_ERROR_INVALID_ARGUMENT
},
{"Test psa_initial_attestation_get_token with small token size\n",
PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32-1, PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32,
- PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32-1, PSA_ATTEST_ERR_TOKEN_BUFFER_OVERFLOW
+ PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32-1, PSA_ERROR_BUFFER_TOO_SMALL
},
};
@@ -83,21 +83,21 @@ static test_data check2[] = {
{"Test psa_initial_attestation_get_token_size with zero challenge size\n",
0, 0,
- TOKEN_SIZE, PSA_ATTEST_ERR_INVALID_INPUT
+ TOKEN_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
{"Test psa_initial_attestation_get_token_size with small challenge size\n",
PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32-1, PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32-1,
- TOKEN_SIZE, PSA_ATTEST_ERR_INVALID_INPUT
+ TOKEN_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
{"Test psa_initial_attestation_get_token_size with invalid challenge size\n",
PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32+1, PSA_INITIAL_ATTEST_CHALLENGE_SIZE_32+1,
- TOKEN_SIZE, PSA_ATTEST_ERR_INVALID_INPUT
+ TOKEN_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
{"Test psa_initial_attestation_get_token_size with large challenge size\n",
MAX_CHALLENGE_SIZE+1, MAX_CHALLENGE_SIZE+1,
- TOKEN_SIZE, PSA_ATTEST_ERR_INVALID_INPUT
+ TOKEN_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
};
diff --git a/api-tests/dev_apis/initial_attestation/test_a001/test_entry.c b/api-tests/dev_apis/initial_attestation/test_a001/test_entry_a001.c
similarity index 100%
rename from api-tests/dev_apis/initial_attestation/test_a001/test_entry.c
rename to api-tests/dev_apis/initial_attestation/test_a001/test_entry_a001.c
diff --git a/api-tests/dev_apis/internal_trusted_storage/suite.cmake b/api-tests/dev_apis/internal_trusted_storage/suite.cmake
new file mode 100644
index 00000000..e4de40c8
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/suite.cmake
@@ -0,0 +1,57 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+foreach(test ${PSA_TEST_LIST})
+ include(${PSA_SUITE_DIR}/${test}/test.cmake)
+ foreach(source_file ${CC_SOURCE})
+ list(APPEND SUITE_CC_SOURCE
+ ${PSA_SUITE_DIR}/${test}/${source_file}
+ )
+ endforeach()
+ foreach(asm_file ${AS_SOURCE})
+ list(APPEND SUITE_AS_SOURCE
+ ${PSA_SUITE_DIR}/${test}/${asm_file}
+ )
+ endforeach()
+ unset(CC_SOURCE)
+ unset(AS_SOURCE)
+endforeach()
+
+add_definitions(${CC_OPTIONS})
+add_definitions(${AS_OPTIONS})
+add_library(${PSA_TARGET_TEST_COMBINE_LIB} STATIC ${SUITE_CC_SOURCE} ${SUITE_AS_SOURCE})
+
+# Test related Include directories
+foreach(test ${PSA_TEST_LIST})
+ target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE ${PSA_SUITE_DIR}/${test})
+endforeach()
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE
+ ${psa_inc_path}
+ )
+endforeach()
+
+target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE
+ ${CMAKE_CURRENT_BINARY_DIR}
+ ${PSA_ROOT_DIR}/val/common
+ ${PSA_ROOT_DIR}/val/nspe
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage
+)
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s001/source.mk
deleted file mode 100644
index 4893e7c5..00000000
--- a/api-tests/dev_apis/internal_trusted_storage/test_s001/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s001.c
-CC_OPTIONS = -DITS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/test.cmake b/api-tests/dev_apis/internal_trusted_storage/test_s001/test.cmake
new file mode 100644
index 00000000..fb61ac17
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s001/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s001.c
+ test_s001.c
+)
+list(APPEND CC_OPTIONS -DITS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_entry_s001.c
similarity index 100%
rename from api-tests/dev_apis/internal_trusted_storage/test_s001/test_entry.c
rename to api-tests/dev_apis/internal_trusted_storage/test_s001/test_entry_s001.c
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_its_data.h
index af95d04b..b31767eb 100644
--- a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_its_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_its_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,62 +20,64 @@
#include "val_internal_trusted_storage.h"
#define SST_FUNCTION val->its_function
-#define psa_sst_uid_t psa_its_uid_t
typedef struct {
enum its_function_code api;
- psa_its_status_t status;
+ psa_status_t status;
} test_data;
-static struct psa_its_info_t info;
+static struct psa_storage_info_t info;
static const test_data s001_data[] = {
{
- 0, 0 /* Unused Index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_ITS_GET, PSA_ITS_ERROR_UID_NOT_FOUND /* Call the get API when no UID is set */
+ VAL_ITS_GET, PSA_ERROR_DOES_NOT_EXIST /* Index1 - Call the get API when no UID is set */
},
{
- VAL_ITS_GET_INFO, PSA_ITS_ERROR_UID_NOT_FOUND /* Call the get_info API when no UID is set */
+ VAL_ITS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index2 - Call the get_info API when no UID is set */
},
{
- VAL_ITS_REMOVE, PSA_ITS_ERROR_UID_NOT_FOUND /* Call the remove API when no UID is set */
+ VAL_ITS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index3 - Call the remove API when no UID is set */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Create a valid storage entity with UID1 */
+ VAL_ITS_SET, PSA_SUCCESS /* Index4 - Create a valid storage entity with UID1 */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Create a valid storage entity with UID2 */
+ VAL_ITS_SET, PSA_SUCCESS /* Index5 - Create a valid storage entity with UID2 */
},
{
- VAL_ITS_REMOVE, PSA_ITS_SUCCESS /* Remove UID1 */
+ VAL_ITS_REMOVE, PSA_SUCCESS /* Index6 - Remove UID1 */
},
{
- VAL_ITS_GET, PSA_ITS_ERROR_UID_NOT_FOUND /* Call get API for UID1 */
+ VAL_ITS_GET, PSA_ERROR_DOES_NOT_EXIST /* Index7 - Call get API for UID1 */
},
{
- VAL_ITS_GET_INFO, PSA_ITS_ERROR_UID_NOT_FOUND /* Call get_info API for UID1 */
+ VAL_ITS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index8 - Call get_info API for UID1 */
},
{
- VAL_ITS_REMOVE, PSA_ITS_ERROR_UID_NOT_FOUND /* Call remove API for UID1 */
+ VAL_ITS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index9 - Call remove API for UID1 */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Create a valid storage entity again with UID1 */
+ VAL_ITS_SET, PSA_SUCCESS /* Index10 - Create a valid storage entity again with UID1 */
},
{
- VAL_ITS_GET, PSA_ITS_ERROR_UID_NOT_FOUND /* Call get API for UID not same as UID1 or UID2 */
+ VAL_ITS_GET, PSA_ERROR_DOES_NOT_EXIST /* Index11 - Call get API for UID not same as UID1 or UID2 */
},
{
- VAL_ITS_GET_INFO, PSA_ITS_ERROR_UID_NOT_FOUND /* Call get_info for UID not same as UID1 or UID2 */
+ VAL_ITS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index12 - Call get_info for UID not same as UID1
+ or UID2 */
},
{
- VAL_ITS_REMOVE, PSA_ITS_ERROR_UID_NOT_FOUND /* Call remove API for UID not same as UID1 or UID2 */
+ VAL_ITS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index13 - Call remove API for UID not same as UID1
+ or UID2 */
},
{
- VAL_ITS_REMOVE, PSA_ITS_SUCCESS /* Remove UID1 */
+ VAL_ITS_REMOVE, PSA_SUCCESS /* Index14 - Remove UID1 */
},
{
- VAL_ITS_REMOVE, PSA_ITS_SUCCESS /* Remove UID2 */
+ VAL_ITS_REMOVE, PSA_SUCCESS /* Index15 - Remove UID2 */
},
};
#endif /* _TEST_S001_ITS_DATA_TESTS_H_ */
+
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_ps_data.h
index 20130585..b9b775ea 100644
--- a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_ps_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_ps_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,62 +20,63 @@
#include "val_protected_storage.h"
#define SST_FUNCTION val->ps_function
-#define psa_sst_uid_t psa_ps_uid_t
typedef struct {
enum ps_function_code api;
- psa_ps_status_t status;
+ psa_status_t status;
} test_data;
-static struct psa_ps_info_t info;
+static struct psa_storage_info_t info;
static const test_data s001_data[] = {
{
- 0, 0 /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_PS_GET, PSA_PS_ERROR_UID_NOT_FOUND /* Call the get API when no UID is set */
+ VAL_PS_GET, PSA_ERROR_DOES_NOT_EXIST /* Index1 - Call the get API when no UID is set */
},
{
- VAL_PS_GET_INFO, PSA_PS_ERROR_UID_NOT_FOUND /* Call the get_info API when no UID is set */
+ VAL_PS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index2 - Call the get_info API when no UID is set */
},
{
- VAL_PS_REMOVE, PSA_PS_ERROR_UID_NOT_FOUND /* Call the remove API when no UID is set */
+ VAL_PS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index3 - Call the remove API when no UID is set */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Create a valid storage entity with UID1 */
+ VAL_PS_SET, PSA_SUCCESS /* Index4 - Create a valid storage entity with UID1 */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Create a valid storage entity with UID2 */
+ VAL_PS_SET, PSA_SUCCESS /* Index5 - Create a valid storage entity with UID2 */
},
{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove UID1 */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index6 - Remove UID1 */
},
{
- VAL_PS_GET, PSA_PS_ERROR_UID_NOT_FOUND /* Call get API for UID1 */
+ VAL_PS_GET, PSA_ERROR_DOES_NOT_EXIST /* Index7 - Call get API for UID1 */
},
{
- VAL_PS_GET_INFO, PSA_PS_ERROR_UID_NOT_FOUND /* Call get_info API for UID1 */
+ VAL_PS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index8 - Call get_info API for UID1 */
},
{
- VAL_PS_REMOVE, PSA_PS_ERROR_UID_NOT_FOUND /* Call remove API for UID1 */
+ VAL_PS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index9 - Call remove API for UID1 */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Create a valid storage entity again with UID1 */
+ VAL_PS_SET, PSA_SUCCESS /* Index10 - Create a valid storage entity again with UID1 */
},
{
- VAL_PS_GET, PSA_PS_ERROR_UID_NOT_FOUND /* Call get API for UID not same as UID1 or UID2 */
+ VAL_PS_GET, PSA_ERROR_DOES_NOT_EXIST /* Index11 - Call get API for UID not same as UID1 or UID2 */
},
{
- VAL_PS_GET_INFO, PSA_PS_ERROR_UID_NOT_FOUND /* Call get_info for UID not same as UID1 or UID2 */
+ VAL_PS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index12 - Call get_info for UID not same as UID1
+ or UID2 */
},
{
- VAL_PS_REMOVE, PSA_PS_ERROR_UID_NOT_FOUND /* Call remove API for UID not same as UID1 or UID2 */
+ VAL_PS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index13 - Call remove API for UID not same as UID1
+ or UID2 */
},
{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove UID1 */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index14 - Remove UID1 */
},
{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove UID2 */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index15 - Remove UID2 */
},
};
#endif /* _TEST_S001_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.c b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.c
index 3eabe5b5..76bd7531 100644
--- a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.c
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -36,13 +36,13 @@ static uint8_t write_buff[TEST_BUFF_SIZE] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
static uint8_t read_buff[TEST_BUFF_SIZE] = {0};
-static int32_t sst_calls_without_set_call(psa_sst_uid_t p_uid)
+static int32_t sst_calls_without_set_call(psa_storage_uid_t p_uid)
{
- uint32_t status;
+ uint32_t status, p_data_length = 0;
/* get() without using set() before */
val->print(PRINT_TEST, "[Check 1] Call get API for UID %d which is not set\n", p_uid);
- status = SST_FUNCTION(s001_data[1].api, p_uid, 0, TEST_BUFF_SIZE, read_buff);
+ status = SST_FUNCTION(s001_data[1].api, p_uid, 0, TEST_BUFF_SIZE, read_buff, &p_data_length);
TEST_ASSERT_EQUAL(status,s001_data[1].status,TEST_CHECKPOINT_NUM(1));
/* get_info() without using set() before */
@@ -58,16 +58,18 @@ static int32_t sst_calls_without_set_call(psa_sst_uid_t p_uid)
return VAL_STATUS_SUCCESS;
}
-static int32_t sst_set_and_remove(psa_sst_uid_t p_uid)
+static int32_t sst_set_and_remove(psa_storage_uid_t p_uid)
{
uint32_t status;
/* set() a UID1 */
- status = SST_FUNCTION(s001_data[4].api, p_uid, TEST_BUFF_SIZE, write_buff, 0);
+ status = SST_FUNCTION(s001_data[4].api, p_uid, TEST_BUFF_SIZE, write_buff,
+ PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, s001_data[4].status, TEST_CHECKPOINT_NUM(4));
/* Also set() with a different UID */
- status = SST_FUNCTION(s001_data[5].api, p_uid + 1, TEST_BUFF_SIZE, write_buff, 0);
+ status = SST_FUNCTION(s001_data[5].api, p_uid + 1, TEST_BUFF_SIZE, write_buff,
+ PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, s001_data[5].status, TEST_CHECKPOINT_NUM(5));
/* remove() UID1 */
@@ -77,13 +79,13 @@ static int32_t sst_set_and_remove(psa_sst_uid_t p_uid)
return VAL_STATUS_SUCCESS;
}
-static int32_t sst_calls_after_uid_remove(psa_sst_uid_t p_uid)
+static int32_t sst_calls_after_uid_remove(psa_storage_uid_t p_uid)
{
- uint32_t status;
+ uint32_t status, p_data_length = 0;
/* get() for UID which is removed */
val->print(PRINT_TEST, "[Check 4] Call get API for UID %d which is removed\n", p_uid);
- status = SST_FUNCTION(s001_data[7].api, p_uid, 0, TEST_BUFF_SIZE, read_buff);
+ status = SST_FUNCTION(s001_data[7].api, p_uid, 0, TEST_BUFF_SIZE, read_buff, &p_data_length);
TEST_ASSERT_EQUAL(status, s001_data[7].status, TEST_CHECKPOINT_NUM(7));
/* get_info() for UID which is removed */
@@ -99,27 +101,29 @@ static int32_t sst_calls_after_uid_remove(psa_sst_uid_t p_uid)
return VAL_STATUS_SUCCESS;
}
-static int32_t sst_calls_with_different_uid(psa_sst_uid_t p_uid)
+static int32_t sst_calls_with_different_uid(psa_storage_uid_t p_uid)
{
- uint32_t status;
+ uint32_t status, p_data_length = 0;
/* set() a UID */
val->print(PRINT_TEST, "Set storage for UID %d\n", p_uid);
- status = SST_FUNCTION(s001_data[10].api, p_uid, TEST_BUFF_SIZE, write_buff, 0);
+ status = SST_FUNCTION(s001_data[10].api, p_uid, TEST_BUFF_SIZE, write_buff,
+ PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, s001_data[10].status, TEST_CHECKPOINT_NUM(10));
/* get() for different UID then set UID */
- val->print(PRINT_TEST, "[Check 7] Call get API for different UID %d\n", p_uid);
- status = SST_FUNCTION(s001_data[11].api, p_uid-1, 0, TEST_BUFF_SIZE - 1, read_buff);
+ val->print(PRINT_TEST, "[Check 7] Call get API for different UID %d\n", p_uid-1);
+ status = SST_FUNCTION(s001_data[11].api, p_uid-1, 0, TEST_BUFF_SIZE - 1, read_buff,
+ &p_data_length);
TEST_ASSERT_EQUAL(status, s001_data[11].status, TEST_CHECKPOINT_NUM(11));
/* get_info() for different UID then set UID */
- val->print(PRINT_TEST, "[Check 8] Call get_info API for different UID %d\n", p_uid);
+ val->print(PRINT_TEST, "[Check 8] Call get_info API for different UID %d\n", p_uid-1);
status = SST_FUNCTION(s001_data[12].api, p_uid-1, &info);
TEST_ASSERT_EQUAL(status, s001_data[12].status, TEST_CHECKPOINT_NUM(12));
/* remove() for different UID then set UID */
- val->print(PRINT_TEST, "[Check 9] Call remove API for different UID %d\n", p_uid);
+ val->print(PRINT_TEST, "[Check 9] Call remove API for different UID %d\n", p_uid-1);
status = SST_FUNCTION(s001_data[13].api, p_uid-1);
TEST_ASSERT_EQUAL(status, s001_data[13].status, TEST_CHECKPOINT_NUM(13));
@@ -130,7 +134,7 @@ static int32_t sst_calls_with_different_uid(psa_sst_uid_t p_uid)
return VAL_STATUS_SUCCESS;
}
-static int32_t sst_remove_stray_uid(psa_sst_uid_t p_uid)
+static int32_t sst_remove_stray_uid(psa_storage_uid_t p_uid)
{
uint32_t status;
@@ -141,10 +145,10 @@ static int32_t sst_remove_stray_uid(psa_sst_uid_t p_uid)
return VAL_STATUS_SUCCESS;
}
-int32_t psa_sst_uid_not_found(security_t caller)
+int32_t psa_sst_uid_not_found(caller_security_t caller)
{
int32_t test_status;
- psa_sst_uid_t uid = UID_BASE_VALUE + 6;
+ psa_storage_uid_t uid = UID_BASE_VALUE + 6;
test_status = sst_calls_without_set_call(uid);
if (test_status != VAL_STATUS_SUCCESS)
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.h b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.h
index af42fef8..eef582a0 100644
--- a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.h
@@ -19,17 +19,17 @@
#ifdef ITS_TEST
#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, s001)
+#define test_entry CONCAT(test_entry_, s001)
#elif PS_TEST
#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, p001)
+#define test_entry CONCAT(test_entry_, p001)
#endif
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_s001_sst_list[];
-int32_t psa_sst_uid_not_found(security_t caller);
+int32_t psa_sst_uid_not_found(caller_security_t caller);
#endif /* _TEST_S001_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s002/source.mk
deleted file mode 100755
index 614b897a..00000000
--- a/api-tests/dev_apis/internal_trusted_storage/test_s002/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s002.c
-CC_OPTIONS = -DITS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/test.cmake b/api-tests/dev_apis/internal_trusted_storage/test_s002/test.cmake
new file mode 100644
index 00000000..e8cfe6ac
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s002/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s002.c
+ test_s002.c
+)
+list(APPEND CC_OPTIONS -DITS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_entry_s002.c
similarity index 100%
rename from api-tests/dev_apis/internal_trusted_storage/test_s002/test_entry.c
rename to api-tests/dev_apis/internal_trusted_storage/test_s002/test_entry_s002.c
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_its_data.h
index 303b25fd..b0c25411 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_its_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_its_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,115 +20,116 @@
#include "val_internal_trusted_storage.h"
#define SST_FUNCTION val->its_function
-#define PSA_SST_FLAG_WRITE_ONCE PSA_ITS_FLAG_WRITE_ONCE
-#define psa_sst_uid_t psa_its_uid_t
typedef struct {
enum its_function_code api;
- psa_its_status_t status;
+ psa_status_t status;
} test_data;
-static struct psa_its_info_t orig_info;
-static struct psa_its_info_t new_info;
+static struct psa_storage_info_t orig_info;
+static struct psa_storage_info_t new_info;
static const test_data s002_data[] = {
{
- 0, 0 /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Create a valid storage with create flag value 0 */
+ VAL_ITS_SET, PSA_SUCCESS /* Index1 - Create a valid storage with create flag value 0 */
},
{
- VAL_ITS_GET_INFO, PSA_ITS_SUCCESS /* Call the get_info API to validate the attributes */
+ VAL_ITS_GET_INFO, PSA_SUCCESS /* Index2 - Call the get_info API to validate the attributes */
},
{
- 0, 0 /* Index not used as check for get info size */
+ 0, 0 /* This is dummy for Index3 */
},
{
- 0, 0 /* Index not used as check for get info flag */
+ 0, 0 /* This is dummy for Index4 */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Validate the data using get API */
+ VAL_ITS_GET, PSA_SUCCESS /* Index5 - Validate the data using get API */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index6 */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Change the flag to WRITE_ONCE using set API */
+ VAL_ITS_SET, PSA_SUCCESS /* Index7 - Change the flag to WRITE_ONCE using set API */
},
{
- VAL_ITS_GET_INFO, PSA_ITS_SUCCESS /* Call the get_info API to validate the flag change */
+ VAL_ITS_GET_INFO, PSA_SUCCESS /* Index8 - Call the get_info API to validate the flag change */
},
{
- 0, 0 /* Index not used as check for get info size */
+ 0, 0 /* This is dummy for Index9 */
},
{
- 0, 0 /* Index not used as check for get info flag */
+ 0, 0 /* This is dummy for Index10 */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Validate the data using get API after flag change */
+ VAL_ITS_GET, PSA_SUCCESS /* Index11 - Validate the data using get API after flag change */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index12 */
},
{
- VAL_ITS_REMOVE, PSA_ITS_ERROR_WRITE_ONCE /* Storage should not be removed after WRITE_ONCE flag */
+ VAL_ITS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index13 - Storage should not be removed after
+ WRITE_ONCE flag */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Create a storage with different UID and flag value WRITE_ONCE */
+ VAL_ITS_SET, PSA_SUCCESS /* Index14 - Create a storage with different UID and flag value
+ WRITE_ONCE */
},
{
- VAL_ITS_REMOVE, PSA_ITS_ERROR_WRITE_ONCE /* Storage should not be removed */
+ VAL_ITS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index15 - Storage should not be removed */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Validate the data using get API after flag change */
+ VAL_ITS_GET, PSA_SUCCESS /* Index16 - Validate the data using get API after flag change */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index17 */
},
{
- VAL_ITS_GET_INFO, PSA_ITS_SUCCESS /* Call the get_info API to validate the flag change */
+ VAL_ITS_GET_INFO, PSA_SUCCESS /* Index18 - Call the get_info API to validate the flag change */
},
{
- 0, 0 /* Index not used as check for get info size */
+ 0, 0 /* This is dummy for Index19 */
},
{
- 0, 0 /* Index not used as check for get info flag */
+ 0, 0 /* This is dummy for Index20 */
},
{
- VAL_ITS_SET, PSA_ITS_ERROR_WRITE_ONCE /* Try to set different size for same UID and flag value */
+ VAL_ITS_SET, PSA_ERROR_NOT_PERMITTED /* Index21 - Try to set different size for same UID and
+ flag value */
},
{
- VAL_ITS_REMOVE, PSA_ITS_ERROR_WRITE_ONCE /* Storage should not be removed */
+ VAL_ITS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index22 - Storage should not be removed */
},
{
- VAL_ITS_GET_INFO, PSA_ITS_SUCCESS /* Call the get_info API to validate the flag change */
+ VAL_ITS_GET_INFO, PSA_SUCCESS /* Index23 - Call the get_info API to validate the flag change */
},
{
- 0, 0 /* Index not used as check for get info size */
+ 0, 0 /* This is dummy for Index24 */
},
{
- 0, 0 /* Index not used as check for get info flag */
+ 0, 0 /* This is dummy for Index25 */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Validate the data using get API after flag change */
+ VAL_ITS_GET, PSA_SUCCESS /* Index26 - Validate the data using get API after flag change */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index27 */
},
{
- VAL_ITS_SET, PSA_ITS_ERROR_WRITE_ONCE /* Setting flag to zero for UID should fail */
+ VAL_ITS_SET, PSA_ERROR_NOT_PERMITTED /* Index28 - Setting flag to zero for UID should fail */
},
{
- VAL_ITS_REMOVE, PSA_ITS_ERROR_WRITE_ONCE /* Storage should not be removed */
+ VAL_ITS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index29 - Storage should not be removed */
},
{
- VAL_ITS_GET_INFO, PSA_ITS_SUCCESS /* Check that the WRITE_ONCE flag is preserved */
+ VAL_ITS_GET_INFO, PSA_SUCCESS /* Index30 - Check that the WRITE_ONCE flag is preserved */
},
{
- 0, 0 /* Index not used as check for get info size */
+ 0, 0 /* This is dummy for Index31 */
},
{
- 0, 0 /* Index not used as check for get info flag */
+ 0, 0 /* This is dummy for Index32 */
},
};
#endif /* _TEST_S002_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_ps_data.h
index 19e88b72..162984e9 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_ps_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_ps_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,115 +20,116 @@
#include "val_protected_storage.h"
#define SST_FUNCTION val->ps_function
-#define PSA_SST_FLAG_WRITE_ONCE PSA_PS_FLAG_WRITE_ONCE
-#define psa_sst_uid_t psa_ps_uid_t
typedef struct {
enum ps_function_code api;
- psa_ps_status_t status;
+ psa_status_t status;
} test_data;
-static struct psa_ps_info_t orig_info;
-static struct psa_ps_info_t new_info;
+static struct psa_storage_info_t orig_info;
+static struct psa_storage_info_t new_info;
static const test_data s002_data[] = {
{
- 0, 0 /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Create a valid storage with create flag value 0 */
+ VAL_PS_SET, PSA_SUCCESS /* Index1 - Create a valid storage with create flag value 0 */
},
{
- VAL_PS_GET_INFO, PSA_PS_SUCCESS /* Call the get_info API to validate the attributes */
+ VAL_PS_GET_INFO, PSA_SUCCESS /* Index2 - Call the get_info API to validate the attributes */
},
{
- 0, 0 /* Index not used as check for get info size */
+ 0, 0 /* This is dummy for Index3 */
},
{
- 0, 0 /* Index not used as check for get info flag */
+ 0, 0 /* This is dummy for Index4 */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Validate the data using get API */
+ VAL_PS_GET, PSA_SUCCESS /* Index5 - Validate the data using get API */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index6 */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Change the flag to WRITE_ONCE using set API */
+ VAL_PS_SET, PSA_SUCCESS /* Index7 - Change the flag to WRITE_ONCE using set API */
},
{
- VAL_PS_GET_INFO, PSA_PS_SUCCESS /* Call the get_info API to validate the flag change */
+ VAL_PS_GET_INFO, PSA_SUCCESS /* Index8 - Call the get_info API to validate the flag change */
},
{
- 0, 0 /* Index not used as check for get info size */
+ 0, 0 /* This is dummy for Index9 */
},
{
- 0, 0 /* Index not used as check for get info flag */
+ 0, 0 /* This is dummy for Index10 */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Validate the data using get API after flag change */
+ VAL_PS_GET, PSA_SUCCESS /* Index11 - Validate the data using get API after flag change */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index12 */
},
{
- VAL_PS_REMOVE, PSA_PS_ERROR_WRITE_ONCE /* Storage should not be removed after WRITE_ONCE flag */
+ VAL_PS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index13 - Storage should not be removed after
+ WRITE_ONCE flag */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Create storage with different UID and flag value WRITE_ONCE */
+ VAL_PS_SET, PSA_SUCCESS /* Index14 - Create a storage with different UID and flag value
+ WRITE_ONCE */
},
{
- VAL_PS_REMOVE, PSA_PS_ERROR_WRITE_ONCE /* Storage should not be removed */
+ VAL_PS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index15 - Storage should not be removed */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Validate the data using get API after flag change */
+ VAL_PS_GET, PSA_SUCCESS /* Index16 - Validate the data using get API after flag change */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index17 */
},
{
- VAL_PS_GET_INFO, PSA_PS_SUCCESS /* Call the get_info API to validate the flag change */
+ VAL_PS_GET_INFO, PSA_SUCCESS /* Index18 - Call the get_info API to validate the flag change */
},
{
- 0, 0 /* Index not used as check for get info size */
+ 0, 0 /* This is dummy for Index19 */
},
{
- 0, 0 /* Index not used as check for get info flag */
+ 0, 0 /* This is dummy for Index20 */
},
{
- VAL_PS_SET, PSA_PS_ERROR_WRITE_ONCE /* Try to set different size for same UID and flag value */
+ VAL_PS_SET, PSA_ERROR_NOT_PERMITTED /* Index21 - Try to set different size for same UID and
+ flag value */
},
{
- VAL_PS_REMOVE, PSA_PS_ERROR_WRITE_ONCE /* Storage should not be removed */
+ VAL_PS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index22 - Storage should not be removed */
},
{
- VAL_PS_GET_INFO, PSA_PS_SUCCESS /* Call the get_info API to validate the flag change */
+ VAL_PS_GET_INFO, PSA_SUCCESS /* Index23 - Call the get_info API to validate the flag change */
},
{
- 0, 0 /* Index not used as check for get info size */
+ 0, 0 /* This is dummy for Index24 */
},
{
- 0, 0 /* Index not used as check for get info flag */
+ 0, 0 /* This is dummy for Index25 */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Validate the data using get API after flag change */
+ VAL_PS_GET, PSA_SUCCESS /* Index26 - Validate the data using get API after flag change */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index27 */
},
{
- VAL_PS_SET, PSA_PS_ERROR_WRITE_ONCE /* Setting flag to zero for UID should fail */
+ VAL_PS_SET, PSA_ERROR_NOT_PERMITTED /* Index28 - Setting flag to zero for UID should fail */
},
{
- VAL_PS_REMOVE, PSA_PS_ERROR_WRITE_ONCE /* Storage should not be removed */
+ VAL_PS_REMOVE, PSA_ERROR_NOT_PERMITTED /* Index29 - Storage should not be removed */
},
{
- VAL_PS_GET_INFO, PSA_PS_SUCCESS /* Check that the WRITE_ONCE flag is preserved */
+ VAL_PS_GET_INFO, PSA_SUCCESS /* Index30 - Check that the WRITE_ONCE flag is preserved */
},
{
- 0, 0 /* Index not used as check for get info size */
+ 0, 0 /* This is dummy for Index31 */
},
{
- 0, 0 /* Index not used as check for get info flag */
+ 0, 0 /* This is dummy for Index32 */
},
};
#endif /* _TEST_S002_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.c b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.c
index 4fea4d61..5bb0ccd7 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.c
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or sst affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -35,59 +35,62 @@ client_test_t test_s002_sst_list[] = {
NULL,
};
-int32_t psa_sst_update_write_once_flag_after_create(security_t caller)
+int32_t psa_sst_update_write_once_flag_after_create(caller_security_t caller)
{
- uint32_t status;
- psa_sst_uid_t uid = UID_WRITE_ONCE_1;
+ uint32_t status, p_data_length = 0;
+ psa_storage_uid_t uid = UID_WRITE_ONCE_1;
uint8_t write_buff[TEST_BUFF_SIZE/2] = {0xDE, 0xAD, 0xBE, 0xEF, 0xCA, 0xFE, 0xBA, 0xBE};
uint8_t read_buff[TEST_BUFF_SIZE/2] = {0};
uint8_t write_buff_new[TEST_BUFF_SIZE/4] = {0xFF, 0xFF, 0xFF, 0xFF};
/* set() data without a WRITE_ONCE flag */
- status = SST_FUNCTION(s002_data[1].api, uid, TEST_BUFF_SIZE/2, write_buff, 0);
+ status = SST_FUNCTION(s002_data[1].api, uid, TEST_BUFF_SIZE/2, write_buff,
+ PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, s002_data[1].status, TEST_CHECKPOINT_NUM(1));
/* Check that get_info() returns correct attributes; also store for reference for later */
status = SST_FUNCTION(s002_data[2].api, uid, &orig_info);
TEST_ASSERT_EQUAL(status, s002_data[2].status, TEST_CHECKPOINT_NUM(2));
TEST_ASSERT_EQUAL(orig_info.size, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(3));
- TEST_ASSERT_EQUAL(orig_info.flags, 0, TEST_CHECKPOINT_NUM(4));
+ TEST_ASSERT_EQUAL(orig_info.flags, PSA_STORAGE_FLAG_NONE, TEST_CHECKPOINT_NUM(4));
/* Check for data consistency using get() */
- status = SST_FUNCTION(s002_data[5].api, uid, 0, TEST_BUFF_SIZE/2, read_buff);
+ status = SST_FUNCTION(s002_data[5].api, uid, 0, TEST_BUFF_SIZE/2, read_buff, &p_data_length);
TEST_ASSERT_EQUAL(status, s002_data[5].status, TEST_CHECKPOINT_NUM(5));
- TEST_ASSERT_MEMCMP(write_buff, read_buff, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_MEMCMP(write_buff, read_buff, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(7));
/* set() with WRITE_ONCE_FLAG */
val->print(PRINT_TEST, "[Check 1] Update the flag of UID %d with WRITE_ONCE flag\n", uid);
status = SST_FUNCTION(s002_data[7].api, uid, TEST_BUFF_SIZE/4, write_buff_new,
- PSA_SST_FLAG_WRITE_ONCE);
- TEST_ASSERT_EQUAL(status, s002_data[7].status, TEST_CHECKPOINT_NUM(7));
+ PSA_STORAGE_FLAG_WRITE_ONCE);
+ TEST_ASSERT_EQUAL(status, s002_data[7].status, TEST_CHECKPOINT_NUM(8));
/* Check that info is updated, after new set */
status = SST_FUNCTION(s002_data[8].api, uid, &new_info);
- TEST_ASSERT_EQUAL(status, s002_data[8].status, TEST_CHECKPOINT_NUM(8));
- TEST_ASSERT_EQUAL(new_info.size, new_info.size, TEST_CHECKPOINT_NUM(9));
- TEST_ASSERT_EQUAL(new_info.flags, new_info.flags, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, s002_data[8].status, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(new_info.size, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(new_info.flags, PSA_STORAGE_FLAG_WRITE_ONCE, TEST_CHECKPOINT_NUM(11));
/* Check that data contents are preserved which were written with WRITE_ONCE_FLAG originally */
- status = SST_FUNCTION(s002_data[11].api, uid, 0, TEST_BUFF_SIZE/4, read_buff);
- TEST_ASSERT_EQUAL(status, s002_data[11].status, TEST_CHECKPOINT_NUM(11));
- TEST_ASSERT_MEMCMP(write_buff_new, read_buff, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(12));
+ status = SST_FUNCTION(s002_data[11].api, uid, 0, TEST_BUFF_SIZE/4, read_buff, &p_data_length);
+ TEST_ASSERT_EQUAL(status, s002_data[11].status, TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(13));
+ TEST_ASSERT_MEMCMP(write_buff_new, read_buff, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(14));
/* remove() the UID */
val->print(PRINT_TEST, "[Check 2] Try to remove the UID %d having WRITE_ONCE flag\n", uid);
status = SST_FUNCTION(s002_data[13].api, uid);
- TEST_ASSERT_EQUAL(status, s002_data[13].status, TEST_CHECKPOINT_NUM(13));
+ TEST_ASSERT_EQUAL(status, s002_data[13].status, TEST_CHECKPOINT_NUM(15));
return VAL_STATUS_SUCCESS;
}
-int32_t psa_sst_create_with_write_once_flag(security_t caller)
+int32_t psa_sst_create_with_write_once_flag(caller_security_t caller)
{
- uint32_t status;
- psa_sst_uid_t uid = UID_WRITE_ONCE_2;
+ uint32_t status, p_data_length = 0;
+ psa_storage_uid_t uid = UID_WRITE_ONCE_2;
uint8_t write_buff[TEST_BUFF_SIZE] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
uint8_t read_buff[TEST_BUFF_SIZE] = {0};
@@ -98,64 +101,67 @@ int32_t psa_sst_create_with_write_once_flag(security_t caller)
/* Set data for a UID using WRITE_ONCE flag */
val->print(PRINT_TEST, "[Check 3] Create a new UID %d with WRITE_ONCE flag\n", uid);
status = SST_FUNCTION(s002_data[14].api, uid, TEST_BUFF_SIZE, write_buff,
- PSA_SST_FLAG_WRITE_ONCE);
- TEST_ASSERT_EQUAL(status, s002_data[14].status, TEST_CHECKPOINT_NUM(14));
+ PSA_STORAGE_FLAG_WRITE_ONCE);
+ TEST_ASSERT_EQUAL(status, s002_data[14].status, TEST_CHECKPOINT_NUM(16));
/* Check that remove() fails with PSA_SST_ERROR_WRITE_ONCE */
val->print(PRINT_TEST, "[Check 4] Try to remove the UID %d having WRITE_ONCE flag\n", uid);
status = SST_FUNCTION(s002_data[15].api, uid);
- TEST_ASSERT_EQUAL(status, s002_data[15].status, TEST_CHECKPOINT_NUM(15));
+ TEST_ASSERT_EQUAL(status, s002_data[15].status, TEST_CHECKPOINT_NUM(17));
/* Check data consistency using get()*/
- status = SST_FUNCTION(s002_data[16].api, uid, 0, TEST_BUFF_SIZE, read_buff);
- TEST_ASSERT_EQUAL(status, s002_data[16].status, TEST_CHECKPOINT_NUM(16));
- TEST_ASSERT_MEMCMP(write_buff, read_buff, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(17));
+ status = SST_FUNCTION(s002_data[16].api, uid, 0, TEST_BUFF_SIZE, read_buff, &p_data_length);
+ TEST_ASSERT_EQUAL(status, s002_data[16].status, TEST_CHECKPOINT_NUM(18));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(19));
+ TEST_ASSERT_MEMCMP(write_buff, read_buff, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(20));
/* Check that info values is as expected */
status = SST_FUNCTION(s002_data[18].api, uid, &orig_info);
- TEST_ASSERT_EQUAL(status, s002_data[18].status, TEST_CHECKPOINT_NUM(18));
- TEST_ASSERT_EQUAL(orig_info.size, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(19));
- TEST_ASSERT_EQUAL(orig_info.flags, PSA_SST_FLAG_WRITE_ONCE, TEST_CHECKPOINT_NUM(20));
+ TEST_ASSERT_EQUAL(status, s002_data[18].status, TEST_CHECKPOINT_NUM(21));
+ TEST_ASSERT_EQUAL(orig_info.size, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(22));
+ TEST_ASSERT_EQUAL(orig_info.flags, PSA_STORAGE_FLAG_WRITE_ONCE, TEST_CHECKPOINT_NUM(23));
/* Try to overwrite using set() with same UID as used before with WRITE_ONCE_FLAG */
val->print(PRINT_TEST, "[Check 5] Try to change the length of write_once UID %d\n", uid);
status = SST_FUNCTION(s002_data[21].api, uid, (TEST_BUFF_SIZE + 1), write_buff_new,
- PSA_SST_FLAG_WRITE_ONCE);
- TEST_ASSERT_EQUAL(status, s002_data[21].status, TEST_CHECKPOINT_NUM(21));
+ PSA_STORAGE_FLAG_WRITE_ONCE);
+ TEST_ASSERT_EQUAL(status, s002_data[21].status, TEST_CHECKPOINT_NUM(24));
/* Check that remove() still fails with PSA_SST_ERROR_WRITE_ONCE */
val->print(PRINT_TEST, "[Check 6] Check UID removal still fails\n", 0);
status = SST_FUNCTION(s002_data[22].api, uid);
- TEST_ASSERT_EQUAL(status, s002_data[22].status, TEST_CHECKPOINT_NUM(22));
+ TEST_ASSERT_EQUAL(status, s002_data[22].status, TEST_CHECKPOINT_NUM(25));
/* Check that info is preserved */
status = SST_FUNCTION(s002_data[23].api, uid, &new_info);
- TEST_ASSERT_EQUAL(status, s002_data[23].status, TEST_CHECKPOINT_NUM(23));
- TEST_ASSERT_EQUAL(new_info.size, orig_info.size, TEST_CHECKPOINT_NUM(24));
- TEST_ASSERT_EQUAL(new_info.flags, orig_info.flags, TEST_CHECKPOINT_NUM(25));
+ TEST_ASSERT_EQUAL(status, s002_data[23].status, TEST_CHECKPOINT_NUM(26));
+ TEST_ASSERT_EQUAL(new_info.size, orig_info.size, TEST_CHECKPOINT_NUM(27));
+ TEST_ASSERT_EQUAL(new_info.flags, orig_info.flags, TEST_CHECKPOINT_NUM(28));
/* Check that data contents are preserved which were written with WRITE_ONCE_FLAG originally */
- status = SST_FUNCTION(s002_data[26].api, uid, 0, TEST_BUFF_SIZE, read_buff);
- TEST_ASSERT_EQUAL(status, s002_data[26].status, TEST_CHECKPOINT_NUM(26));
- TEST_ASSERT_MEMCMP(write_buff, read_buff, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(27));
+ status = SST_FUNCTION(s002_data[26].api, uid, 0, TEST_BUFF_SIZE, read_buff, &p_data_length);
+ TEST_ASSERT_EQUAL(status, s002_data[26].status, TEST_CHECKPOINT_NUM(29));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(30));
+ TEST_ASSERT_MEMCMP(write_buff, read_buff, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(31));
/* Try to overwrite using set() with same UID as used before without WRITE_ONCE_FLAG */
val->print(PRINT_TEST, "[Check 7] Try to change the WRITE_ONCE flag to None for UID %d\n", uid);
new_info.size = 0;
new_info.flags = 0;
- status = SST_FUNCTION(s002_data[28].api, uid, (TEST_BUFF_SIZE - 1), write_buff_new, 0);
- TEST_ASSERT_EQUAL(status, s002_data[28].status, TEST_CHECKPOINT_NUM(28));
+ status = SST_FUNCTION(s002_data[28].api, uid, (TEST_BUFF_SIZE - 1), write_buff_new,
+ PSA_STORAGE_FLAG_NONE);
+ TEST_ASSERT_EQUAL(status, s002_data[28].status, TEST_CHECKPOINT_NUM(32));
/* Check that remove() still fails with PSA_SST_ERROR_WRITE_ONCE */
val->print(PRINT_TEST, "[Check 8] Check UID removal still fails\n", 0);
status = SST_FUNCTION(s002_data[29].api, uid);
- TEST_ASSERT_EQUAL(status, s002_data[29].status, TEST_CHECKPOINT_NUM(29));
+ TEST_ASSERT_EQUAL(status, s002_data[29].status, TEST_CHECKPOINT_NUM(33));
/* Check that info is preserved */
status = SST_FUNCTION(s002_data[30].api, uid, &new_info);
- TEST_ASSERT_EQUAL(status, s002_data[30].status, TEST_CHECKPOINT_NUM(30));
- TEST_ASSERT_EQUAL(new_info.size, orig_info.size, TEST_CHECKPOINT_NUM(31));
- TEST_ASSERT_EQUAL(new_info.flags, orig_info.flags, TEST_CHECKPOINT_NUM(32));
+ TEST_ASSERT_EQUAL(status, s002_data[30].status, TEST_CHECKPOINT_NUM(34));
+ TEST_ASSERT_EQUAL(new_info.size, orig_info.size, TEST_CHECKPOINT_NUM(35));
+ TEST_ASSERT_EQUAL(new_info.flags, orig_info.flags, TEST_CHECKPOINT_NUM(36));
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.h b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.h
index 91c7aef2..e4b339e4 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.h
@@ -19,18 +19,18 @@
#ifdef ITS_TEST
#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, s002)
+#define test_entry CONCAT(test_entry_, s002)
#elif PS_TEST
#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, p002)
+#define test_entry CONCAT(test_entry_, p002)
#endif
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_s002_sst_list[];
-int32_t psa_sst_update_write_once_flag_after_create(security_t caller);
-int32_t psa_sst_create_with_write_once_flag(security_t caller);
+int32_t psa_sst_update_write_once_flag_after_create(caller_security_t caller);
+int32_t psa_sst_create_with_write_once_flag(caller_security_t caller);
#endif /* _TEST_S002_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s003/source.mk
deleted file mode 100755
index 6ab2796f..00000000
--- a/api-tests/dev_apis/internal_trusted_storage/test_s003/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s003.c
-CC_OPTIONS = -DITS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/test.cmake b/api-tests/dev_apis/internal_trusted_storage/test_s003/test.cmake
new file mode 100644
index 00000000..da2f1adf
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s003/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s003.c
+ test_s003.c
+)
+list(APPEND CC_OPTIONS -DITS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_entry_s003.c
similarity index 100%
rename from api-tests/dev_apis/internal_trusted_storage/test_s003/test_entry.c
rename to api-tests/dev_apis/internal_trusted_storage/test_s003/test_entry_s003.c
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_its_data.h
index 511e418b..095dcfe0 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_its_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_its_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,23 +20,22 @@
#include "val_internal_trusted_storage.h"
#define SST_FUNCTION val->its_function
-#define PSA_SST_SUCCESS PSA_ITS_SUCCESS
-#define psa_sst_uid_t psa_its_uid_t
+#define PSA_SST_SUCCESS PSA_SUCCESS
typedef struct {
enum its_function_code api;
- psa_its_status_t status;
+ psa_status_t status;
} test_data;
static const test_data s003_data[] = {
{
- 0, 0 /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_ITS_SET, PSA_ITS_ERROR_INSUFFICIENT_SPACE /* Call set API till insufficent space */
+ VAL_ITS_SET, PSA_ERROR_INSUFFICIENT_STORAGE /* Index1 - Call set API till insufficent space */
},
{
- VAL_ITS_REMOVE, PSA_ITS_SUCCESS /* Remove the UID created */
+ VAL_ITS_REMOVE, PSA_SUCCESS /* Index2 - Remove the UID created */
},
};
#endif /* _TEST_S003_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_ps_data.h
index db48c35b..60e750d6 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_ps_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_ps_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,23 +20,21 @@
#include "val_protected_storage.h"
#define SST_FUNCTION val->ps_function
-#define PSA_SST_SUCCESS PSA_PS_SUCCESS
-#define psa_sst_uid_t psa_ps_uid_t
typedef struct {
enum ps_function_code api;
- psa_ps_status_t status;
+ psa_status_t status;
} test_data;
static const test_data s003_data[] = {
{
- 0, 0 /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_PS_SET, PSA_PS_ERROR_INSUFFICIENT_SPACE /* Call set API till insufficent space */
+ VAL_PS_SET, PSA_ERROR_INSUFFICIENT_STORAGE /* Index1 - Call set API till insufficent space */
},
{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove the UID created */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index2 - Remove the UID created */
},
};
#endif /* _TEST_S003_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.c b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.c
index fcd9a081..90573169 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.c
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -24,7 +24,6 @@
#include "test_ps_data.h"
#endif
-#define TEST_BUFF_SIZE 1024
#define NUM_ITERATIONS 2
#define TEST_BASE_UID_VALUE UID_BASE_VALUE + 5
@@ -34,15 +33,15 @@ client_test_t test_s003_sst_list[] = {
NULL,
};
-static uint8_t write_buff[TEST_BUFF_SIZE];
+static uint8_t write_buff[PLATFORM_MAX_UID_SIZE];
static char test_desc[2][80] = {
"Overload storage space\n",
"Overload storage again to verify all previous UID removed\n"};
-int32_t psa_sst_insufficient_space(security_t caller)
+int32_t psa_sst_insufficient_space(caller_security_t caller)
{
- uint32_t status = PSA_SST_SUCCESS;
- psa_sst_uid_t uid;
+ uint32_t status = PSA_SUCCESS;
+ psa_storage_uid_t uid;
uint32_t count = 0, results[NUM_ITERATIONS] = {0};
int i = 0;
@@ -51,14 +50,15 @@ int32_t psa_sst_insufficient_space(security_t caller)
{
val->print(PRINT_TEST, "[Check %d] ", i + 1);
val->print(PRINT_TEST, &test_desc[i][0], 0);
- for (uid = TEST_BASE_UID_VALUE; status == PSA_SST_SUCCESS; uid++)
+ for (uid = TEST_BASE_UID_VALUE; status == PSA_SUCCESS; uid++)
{
- val->print(PRINT_INFO, "Setting 0x%x bytes for ", TEST_BUFF_SIZE);
+ val->print(PRINT_INFO, "Setting 0x%x bytes for ", PLATFORM_MAX_UID_SIZE);
val->print(PRINT_INFO, "UID %d\n", uid);
- status = SST_FUNCTION(s003_data[1].api, uid, TEST_BUFF_SIZE, write_buff, 0);
- if (status != PSA_SST_SUCCESS)
+ status = SST_FUNCTION(s003_data[1].api, uid, PLATFORM_MAX_UID_SIZE, write_buff,
+ PSA_STORAGE_FLAG_NONE);
+ if (status != PSA_SUCCESS)
{
- val->print(PRINT_INFO, "UID %d set failed due to insufficient space\n", uid);
+ val->print(PRINT_TEST, "UID %d set failed due to insufficient space\n", uid);
break;
}
}
@@ -74,7 +74,7 @@ int32_t psa_sst_insufficient_space(security_t caller)
{
val->print(PRINT_INFO, "Removing UID %d\n", uid);
status = SST_FUNCTION(s003_data[2].api, uid);
- if (status != PSA_SST_SUCCESS)
+ if (status != PSA_SUCCESS)
break;
}
if (count)
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.h b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.h
index ab2d6aa6..e022142f 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.h
@@ -19,17 +19,17 @@
#ifdef ITS_TEST
#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, s003)
+#define test_entry CONCAT(test_entry_, s003)
#elif PS_TEST
#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, p003)
+#define test_entry CONCAT(test_entry_, p003)
#endif
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_s003_sst_list[];
-int32_t psa_sst_insufficient_space(security_t caller);
+int32_t psa_sst_insufficient_space(caller_security_t caller);
#endif /* _TEST_S003_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s004/source.mk
deleted file mode 100755
index 8c265c59..00000000
--- a/api-tests/dev_apis/internal_trusted_storage/test_s004/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s004.c
-CC_OPTIONS = -DITS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/test.cmake b/api-tests/dev_apis/internal_trusted_storage/test_s004/test.cmake
new file mode 100644
index 00000000..88caf832
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s004/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s004.c
+ test_s004.c
+)
+list(APPEND CC_OPTIONS -DITS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_entry_s004.c
similarity index 100%
rename from api-tests/dev_apis/internal_trusted_storage/test_s004/test_entry.c
rename to api-tests/dev_apis/internal_trusted_storage/test_s004/test_entry_s004.c
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_its_data.h
index b41dc1be..f92ab6df 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_its_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_its_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,46 +20,36 @@
#include "val_internal_trusted_storage.h"
#define SST_FUNCTION val->its_function
-#define psa_sst_uid_t psa_its_uid_t
typedef struct {
enum its_function_code api;
- psa_its_status_t status;
+ psa_status_t status;
} test_data;
static const test_data s004_data[] = {
{
- 0, 0 /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Create a valid storage entity */
+ VAL_ITS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Validate the data using get API after set API failure */
+ VAL_ITS_GET, PSA_SUCCESS /* Index2 - Validate the data using get API after set API failure */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index3 */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* For same UID set the length as half of previous */
+ VAL_ITS_SET, PSA_SUCCESS /* Index4 - For same UID set the length as half of previous */
},
{
- VAL_ITS_GET, PSA_ITS_ERROR_INCORRECT_SIZE /* Call get with incorrect length */
+ VAL_ITS_GET, PSA_SUCCESS /* Index5 - Call get with incorrect length */
},
{
- 0, 0 /* No data should be returned */
+ 0, 0 /* This is dummy for Index6 */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Call get API with correct length */
-},
-{
- 0, 0 /* No data should be returned */
-},
-{
- 0, 0 /* Check that we should not be able to access the old data */
-},
-{
- VAL_ITS_REMOVE, PSA_ITS_SUCCESS /* Remove the valid storage entity */
+ VAL_ITS_REMOVE, PSA_SUCCESS /* Index7 - Remove the valid storage entity */
},
};
#endif /* _TEST_S004_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_ps_data.h
index baaf194f..e17dfde7 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_ps_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_ps_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,46 +20,36 @@
#include "val_protected_storage.h"
#define SST_FUNCTION val->ps_function
-#define psa_sst_uid_t psa_ps_uid_t
typedef struct {
enum ps_function_code api;
- psa_ps_status_t status;
+ psa_status_t status;
} test_data;
static const test_data s004_data[] = {
{
- 0, 0 /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Create a valid storage entity */
+ VAL_PS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Validate the data using get API after set API failure */
+ VAL_PS_GET, PSA_SUCCESS /* Index2 - Validate the data using get API after set API failure */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index3 */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* For same UID set the length as half of previous */
+ VAL_PS_SET, PSA_SUCCESS /* Index4 - For same UID set the length as half of previous */
},
{
- VAL_PS_GET, PSA_PS_ERROR_INCORRECT_SIZE /* Call get with incorrect length */
+ VAL_PS_GET, PSA_SUCCESS /* Index5 - Call get with incorrect length */
},
{
- 0, 0 /* No data should be returned */
+ 0, 0 /* This is dummy for Index6 */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Call get API with correct length */
-},
-{
- 0, 0 /* No data should be returned */
-},
-{
- 0, 0 /* Check that we should not be able to access the old data */
-},
-{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove the valid storage entity */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index7 - Remove the valid storage entity */
},
};
#endif /* _TEST_S004_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.c b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.c
index 9db24a79..94240c0c 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.c
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -32,53 +32,42 @@ client_test_t test_s004_sst_list[] = {
NULL,
};
-static psa_sst_uid_t uid = UID_BASE_VALUE + 5;
+static psa_storage_uid_t uid = UID_BASE_VALUE + 5;
static uint8_t read_buff[TEST_BUFF_SIZE] = {0};
static uint8_t write_buff[TEST_BUFF_SIZE] = {0x99, 0x01, 0x30, 0x50, 0x04, 0x23, 0xF6, 0x07, 0x08, \
0x0D, 0x70, 0xA1, 0xFF, 0xFF, 0x14, 0x73, 0x46, 0x97, 0xE8, 0xDD};
-int32_t psa_sst_get_data_check(security_t caller)
+int32_t psa_sst_get_data_check(caller_security_t caller)
{
- uint32_t status,j;
+ uint32_t status, p_data_length = 0;
/* Set data for UID */
- status = SST_FUNCTION(s004_data[1].api, uid, TEST_BUFF_SIZE, write_buff,0);
+ status = SST_FUNCTION(s004_data[1].api, uid, TEST_BUFF_SIZE, write_buff, PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, s004_data[1].status, TEST_CHECKPOINT_NUM(1));
/* Call get function and check the data consistency */
- status = SST_FUNCTION(s004_data[2].api, uid, 0, TEST_BUFF_SIZE, read_buff);
+ status = SST_FUNCTION(s004_data[2].api, uid, 0, TEST_BUFF_SIZE, read_buff, &p_data_length);
TEST_ASSERT_EQUAL(status, s004_data[2].status, TEST_CHECKPOINT_NUM(2));
TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(3));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(4));
/* Call the set again for same uid and set the length as half */
- status = SST_FUNCTION(s004_data[4].api, uid, TEST_BUFF_SIZE/2, write_buff, 0);
- TEST_ASSERT_EQUAL(status, s004_data[4].status, TEST_CHECKPOINT_NUM(4));
+ val->print(PRINT_TEST, "[Check 1] Call set API with reduced length - TEST_BUFF_SIZE/2\n", 0);
+ status = SST_FUNCTION(s004_data[4].api, uid, TEST_BUFF_SIZE/2, write_buff,
+ PSA_STORAGE_FLAG_NONE);
+ TEST_ASSERT_EQUAL(status, s004_data[4].status, TEST_CHECKPOINT_NUM(5));
/* Call get function with incorrect buffer length */
- val->print(PRINT_TEST, "[Check 1] Call get API with incorrect length\n", 0);
- memset(read_buff, 0, TEST_BUFF_SIZE);
- status = SST_FUNCTION(s004_data[5].api, uid, 0, TEST_BUFF_SIZE, read_buff);
- TEST_ASSERT_EQUAL(status, s004_data[5].status, TEST_CHECKPOINT_NUM(5));
- for (j = 0; j < TEST_BUFF_SIZE; j++)
- {
- TEST_ASSERT_EQUAL(read_buff[j], 0, TEST_CHECKPOINT_NUM(6));
- }
-
- /* Call get function with CORRECT buffer length */
- status = SST_FUNCTION(s004_data[7].api, uid, 0, TEST_BUFF_SIZE/2, read_buff);
- TEST_ASSERT_EQUAL(status, s004_data[7].status, TEST_CHECKPOINT_NUM(7));
- TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(8));
-
- /* Check we should not be able to access old set data */
- val->print(PRINT_TEST, "[Check 2] Old buffer invalid after length change\n", 0);
- for (j = TEST_BUFF_SIZE/2; j < TEST_BUFF_SIZE; j++)
- {
- TEST_ASSERT_EQUAL(read_buff[j], 0, TEST_CHECKPOINT_NUM(9));
- }
+ val->print(PRINT_TEST, "[Check 2] Call get API with default length - TEST_BUFF_SIZE\n", 0);
+ status = SST_FUNCTION(s004_data[5].api, uid, 0, TEST_BUFF_SIZE, read_buff, &p_data_length);
+ TEST_ASSERT_EQUAL(status, s004_data[5].status, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(7));
+ /* Expect p_data_length = TEST_BUFF_SIZE/2 */
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(8));
/* Remove the UID */
- status = SST_FUNCTION(s004_data[10].api, uid);
- TEST_ASSERT_EQUAL(status, s004_data[10].status, TEST_CHECKPOINT_NUM(10));
+ status = SST_FUNCTION(s004_data[7].api, uid);
+ TEST_ASSERT_EQUAL(status, s004_data[7].status, TEST_CHECKPOINT_NUM(9));
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.h b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.h
index f556f85b..85e6c346 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.h
@@ -19,17 +19,17 @@
#ifdef ITS_TEST
#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, s004)
+#define test_entry CONCAT(test_entry_, s004)
#elif PS_TEST
#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, p004)
+#define test_entry CONCAT(test_entry_, p004)
#endif
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_s004_sst_list[];
-int32_t psa_sst_get_data_check(security_t caller);
+int32_t psa_sst_get_data_check(caller_security_t caller);
#endif /* _TEST_S004_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s005/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s005/source.mk
deleted file mode 100755
index c7d00f7b..00000000
--- a/api-tests/dev_apis/internal_trusted_storage/test_s005/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s005.c
-CC_OPTIONS = -DITS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s005/test.cmake b/api-tests/dev_apis/internal_trusted_storage/test_s005/test.cmake
new file mode 100644
index 00000000..33559cb1
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s005/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s005.c
+ test_s005.c
+)
+list(APPEND CC_OPTIONS -DITS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_entry_s005.c
similarity index 100%
rename from api-tests/dev_apis/internal_trusted_storage/test_s005/test_entry.c
rename to api-tests/dev_apis/internal_trusted_storage/test_s005/test_entry_s005.c
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_its_data.h
index 653f7cc0..5f985e8e 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_its_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_its_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,39 +20,37 @@
#include "val_internal_trusted_storage.h"
#define SST_FUNCTION val->its_function
-#define psa_sst_uid_t psa_its_uid_t
-#define psa_sst_create_flags_t psa_its_create_flags_t
typedef struct {
enum its_function_code api;
- psa_its_status_t status;
+ psa_status_t status;
} test_data;
-static struct psa_its_info_t info;
+static struct psa_storage_info_t info;
static const test_data s005_data[] = {
{
- 0, 0 /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Create a valid storage entity */
+ VAL_ITS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Validate the data using get API */
+ VAL_ITS_GET, PSA_SUCCESS /* Index2 - Validate the data using get API */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index3 */
},
{
- VAL_ITS_GET_INFO, PSA_ITS_SUCCESS /* Validate the data attributes get_info API */
+ VAL_ITS_GET_INFO, PSA_SUCCESS /* Index4 - Validate the data attributes get_info API */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index5 */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index6 */
},
{
- VAL_ITS_REMOVE, PSA_ITS_SUCCESS /* Remove the valid storage entity */
+ VAL_ITS_REMOVE, PSA_SUCCESS /* Index7 - Remove the valid storage entity */
},
};
#endif /* _TEST_S005_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_ps_data.h
index a961269a..ad248bd5 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_ps_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_ps_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,39 +20,37 @@
#include "val_protected_storage.h"
#define SST_FUNCTION val->ps_function
-#define psa_sst_uid_t psa_ps_uid_t
-#define psa_sst_create_flags_t psa_ps_create_flags_t
typedef struct {
enum ps_function_code api;
- psa_ps_status_t status;
+ psa_status_t status;
} test_data;
-static struct psa_ps_info_t info;
+static struct psa_storage_info_t info;
static const test_data s005_data[] = {
{
- 0, 0 /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Create a valid storage entity */
+ VAL_PS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Validate the data using get API */
+ VAL_PS_GET, PSA_SUCCESS /* Index2 - Validate the data using get API */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index3 */
},
{
- VAL_PS_GET_INFO, PSA_PS_SUCCESS /* Validate the data attributes get_info API */
+ VAL_PS_GET_INFO, PSA_SUCCESS /* Index4 - Validate the data attributes get_info API */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index5 */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index6 */
},
{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove the valid storage entity */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index7 - Remove the valid storage entity */
},
};
#endif /* _TEST_S005_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_s005.c b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_s005.c
index ac7f40bf..51bf8a4b 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_s005.c
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_s005.c
@@ -37,41 +37,42 @@ static uint8_t write_buff[TEST_BUFF_SIZE] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x23, 0xF6, 0x07, 0x08, 0x0D, 0x0A, 0x1B, 0x0C, 0x5D, 0x0E,\
0x70, 0xA1, 0xFF, 0xFF, 0x14, 0x73, 0x46, 0x97, 0xE8, 0xDD, 0xCA, 0x0B, 0x3C, 0x0D, 0x2E};
-static int32_t psa_sst_apis_check(psa_sst_uid_t uid, uint32_t data_len,
- uint8_t *data_buff, psa_sst_create_flags_t create_flag)
+static int32_t psa_sst_apis_check(psa_storage_uid_t uid, uint32_t data_len,
+ uint8_t *data_buff, psa_storage_create_flags_t create_flag)
{
- uint32_t status;
+ uint32_t status, p_data_length = 0;
/* Set the UID with the data_len and data_buff */
status = SST_FUNCTION(s005_data[1].api, uid, data_len, data_buff, create_flag);
TEST_ASSERT_EQUAL(status, s005_data[1].status, TEST_CHECKPOINT_NUM(1));
/* Call the get function to get the data buffer and match the buffer */
- status = SST_FUNCTION(s005_data[2].api, uid, 0, data_len, read_buff);
+ status = SST_FUNCTION(s005_data[2].api, uid, 0, data_len, read_buff, &p_data_length);
TEST_ASSERT_EQUAL(status, s005_data[2].status, TEST_CHECKPOINT_NUM(2));
TEST_ASSERT_MEMCMP(read_buff, data_buff, data_len, TEST_CHECKPOINT_NUM(3));
+ TEST_ASSERT_EQUAL(p_data_length, data_len, TEST_CHECKPOINT_NUM(4));
/* Call the get_info function and match the attributes */
status = SST_FUNCTION(s005_data[4].api, uid, &info);
- TEST_ASSERT_EQUAL(status, s005_data[4].status, TEST_CHECKPOINT_NUM(4));
- TEST_ASSERT_EQUAL(info.size, data_len, TEST_CHECKPOINT_NUM(5));
- TEST_ASSERT_EQUAL(info.flags, create_flag, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(status, s005_data[4].status, TEST_CHECKPOINT_NUM(5));
+ TEST_ASSERT_EQUAL(info.size, data_len, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(info.flags, create_flag, TEST_CHECKPOINT_NUM(7));
/* Remove the UID */
status = SST_FUNCTION(s005_data[7].api, uid);
- TEST_ASSERT_EQUAL(status, s005_data[7].status, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, s005_data[7].status, TEST_CHECKPOINT_NUM(8));
return VAL_STATUS_SUCCESS;
}
-int32_t psa_sst_apis_check_success_case(security_t caller)
+int32_t psa_sst_apis_check_success_case(caller_security_t caller)
{
- psa_sst_uid_t uid = UID_BASE_VALUE + 4;
+ psa_storage_uid_t uid = UID_BASE_VALUE + 4;
uint32_t data_len = 0, status = VAL_STATUS_SUCCESS;
/* Calling set function with data_len 1 and valid data pointer */
val->print(PRINT_TEST, "[Check 1] Set UID with data length zero and call storage APIs\n", 0);
- if (psa_sst_apis_check(uid, data_len, write_buff, 0))
+ if (psa_sst_apis_check(uid, data_len, write_buff, PSA_STORAGE_FLAG_NONE))
{
val->print(PRINT_ERROR, "Data Len = %d\n", data_len);
return VAL_STATUS_ERROR;
@@ -79,7 +80,7 @@ int32_t psa_sst_apis_check_success_case(security_t caller)
data_len = TEST_BUFF_SIZE/2;
val->print(PRINT_TEST, "[Check 2] Resetting the length check\n", 0);
- if (psa_sst_apis_check(uid, data_len, write_buff, 0))
+ if (psa_sst_apis_check(uid, data_len, write_buff, PSA_STORAGE_FLAG_NONE))
{
val->print(PRINT_ERROR, "Data Len = %d\n", data_len);
return VAL_STATUS_ERROR;
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_s005.h b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_s005.h
index 84cbf43a..453bb929 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_s005.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_s005.h
@@ -19,18 +19,18 @@
#ifdef ITS_TEST
#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, s005)
+#define test_entry CONCAT(test_entry_, s005)
#elif PS_TEST
#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, p005)
+#define test_entry CONCAT(test_entry_, p005)
#endif
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_s005_sst_list[];
-int32_t psa_sst_apis_check_success_case(security_t caller);
+int32_t psa_sst_apis_check_success_case(caller_security_t caller);
#endif /* _TEST_S005_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s006/source.mk
deleted file mode 100755
index cdcebd25..00000000
--- a/api-tests/dev_apis/internal_trusted_storage/test_s006/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s006.c
-CC_OPTIONS = -DITS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/test.cmake b/api-tests/dev_apis/internal_trusted_storage/test_s006/test.cmake
new file mode 100644
index 00000000..7810ff6e
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s006/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s006.c
+ test_s006.c
+)
+list(APPEND CC_OPTIONS -DITS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_entry_s006.c
similarity index 96%
rename from api-tests/dev_apis/internal_trusted_storage/test_s006/test_entry.c
rename to api-tests/dev_apis/internal_trusted_storage/test_s006/test_entry_s006.c
index dda491bd..f3f2af34 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_entry.c
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_entry_s006.c
@@ -20,7 +20,7 @@
#include "test_s006.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 6)
-#define TEST_DESC "Flags not supported check\n"
+#define TEST_DESC "Check for storage create flags\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_its_data.h
index 4426f2c0..b6a3cf9d 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_its_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_its_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,34 +20,31 @@
#include "val_internal_trusted_storage.h"
#define SST_FUNCTION val->its_function
-#define PSA_SST_FLAG_WRITE_ONCE PSA_ITS_FLAG_WRITE_ONCE
-#define psa_sst_uid_t psa_its_uid_t
-#define psa_sst_create_flags_t psa_its_create_flags_t
typedef struct {
enum its_function_code api;
- psa_its_status_t status;
+ psa_status_t status;
} test_data;
-static struct psa_its_info_t info;
+static struct psa_storage_info_t info;
static const test_data s006_data[] = {
{
- 0, PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Create a valid storage entity with different flag values */
+ VAL_ITS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity with different flag values */
},
{
- VAL_ITS_GET_INFO, PSA_ITS_SUCCESS /* Validate the flag value get_info API */
+ VAL_ITS_GET_INFO, PSA_SUCCESS /* Index2 - Validate the flag value get_info API */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index3 */
},
{
- VAL_ITS_REMOVE, PSA_ITS_SUCCESS /* Remove the storage entity */
+ VAL_ITS_REMOVE, PSA_SUCCESS /* Index4 - Remove the storage entity */
},
{
- VAL_ITS_REMOVE, PSA_ITS_ERROR_UID_NOT_FOUND /* Storage entity remove fails */
+ VAL_ITS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index5 - Storage entity remove fails */
},
};
#endif /* _TEST_S006_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_ps_data.h
index 86e1e301..0bf7305e 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_ps_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_ps_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,34 +20,31 @@
#include "val_protected_storage.h"
#define SST_FUNCTION val->ps_function
-#define PSA_SST_FLAG_WRITE_ONCE PSA_PS_FLAG_WRITE_ONCE
-#define psa_sst_uid_t psa_ps_uid_t
-#define psa_sst_create_flags_t psa_ps_create_flags_t
typedef struct {
enum ps_function_code api;
- psa_ps_status_t status;
+ psa_status_t status;
} test_data;
-static struct psa_ps_info_t info;
+static struct psa_storage_info_t info;
static const test_data s006_data[] = {
{
- 0, PSA_PS_ERROR_FLAGS_NOT_SUPPORTED /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Create a valid storage entity with different flag values */
+ VAL_PS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity with different flag values */
},
{
- VAL_PS_GET_INFO, PSA_PS_SUCCESS /* Validate the flag value get_info API */
+ VAL_PS_GET_INFO, PSA_SUCCESS /* Index2 - Validate the flag value get_info API */
},
{
- 0, 0 /* Index not used */
+ 0, 0 /* This is dummy for Index3 */
},
{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove the storage entity */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index4 - Remove the storage entity */
},
{
- VAL_PS_REMOVE, PSA_PS_ERROR_UID_NOT_FOUND /* Remove the storage entity */
+ VAL_PS_REMOVE, PSA_ERROR_DOES_NOT_EXIST /* Index5 - Storage entity remove fails */
}
};
#endif /* _TEST_S006_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.c b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.c
index d1d81bc7..bda5fccd 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.c
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -36,55 +36,89 @@ static uint8_t write_buff[TEST_BUFF_SIZE] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x23, 0xF6, 0x07, 0x08, 0x0D, 0x0A, 0x1B, 0x0C, 0x5D, 0x0E,\
0x70, 0xA1, 0xFF, 0xFF, 0x14, 0x73, 0x46, 0x97, 0xE8, 0xDD, 0xCA, 0x0B, 0x3C, 0x0D, 0x2E};
-static int32_t psa_sst_remove_api(psa_sst_uid_t uid, uint32_t data_len,
- uint8_t *data_buff, psa_sst_create_flags_t create_flag)
+static int32_t psa_sst_remove_api(psa_storage_uid_t uid, uint32_t data_len,
+ uint8_t *data_buff, psa_storage_create_flags_t create_flag)
{
uint32_t status;
/* Call the get_info function and match the attributes */
status = SST_FUNCTION(s006_data[2].api, uid, &info);
- TEST_ASSERT_EQUAL(status, s006_data[2].status, TEST_CHECKPOINT_NUM(2));
- TEST_ASSERT_EQUAL(info.flags, create_flag, TEST_CHECKPOINT_NUM(3));
+ TEST_ASSERT_EQUAL(status, s006_data[2].status, TEST_CHECKPOINT_NUM(1));
+ if ((create_flag != PSA_STORAGE_FLAG_NO_CONFIDENTIALITY) ||
+ (create_flag != PSA_STORAGE_FLAG_NO_REPLAY_PROTECTION))
+ {
+ TEST_ASSERT_EQUAL(info.flags, create_flag, TEST_CHECKPOINT_NUM(2));
+ }
/* Remove the UID */
status = SST_FUNCTION(s006_data[4].api, uid);
- TEST_ASSERT_EQUAL(status, s006_data[4].status, TEST_CHECKPOINT_NUM(4));
+ TEST_ASSERT_EQUAL(status, s006_data[4].status, TEST_CHECKPOINT_NUM(3));
return VAL_STATUS_SUCCESS;
}
-int32_t psa_sst_flags_not_supported(security_t caller)
+static int32_t psa_sst_create_storage_api(psa_storage_uid_t uid, uint32_t data_len,
+ uint8_t *data_buff, psa_storage_create_flags_t create_flag)
{
- psa_sst_create_flags_t flag = 0x80000000;
- uint32_t status = VAL_STATUS_SUCCESS;
- psa_sst_uid_t uid = UID_BASE_VALUE + 5;
- int32_t test_status;
-
- /* Calling set function with different create flag value */
-
- val->print(PRINT_TEST, "[Check 1] Call set API with valid flag values\n", 0);
- while (flag)
- {
- /* Create storage with flag value */
- status = SST_FUNCTION(s006_data[1].api, uid, TEST_BUFF_SIZE, write_buff,
- (flag & (~PSA_SST_FLAG_WRITE_ONCE)));
-
- if (status == s006_data[1].status)
- {
- test_status = psa_sst_remove_api(uid, TEST_BUFF_SIZE, write_buff,
- (flag & (~PSA_SST_FLAG_WRITE_ONCE)));
- if (test_status != VAL_STATUS_SUCCESS)
- return test_status;
- }
- else if (status == s006_data[0].status)
- {
- /* Remove UID should fail */
- status = SST_FUNCTION(s006_data[5].api, uid);
- TEST_ASSERT_EQUAL(status, s006_data[5].status, TEST_CHECKPOINT_NUM(5));
- }
-
- flag = flag >> 1;
- };
-
- return status;
+ uint32_t status;
+ int32_t test_status;
+
+ status = SST_FUNCTION(s006_data[1].api, uid, data_len, data_buff, create_flag);
+ if (status == s006_data[1].status)
+ {
+ test_status = psa_sst_remove_api(uid, data_len, data_buff, create_flag);
+ if (test_status != VAL_STATUS_SUCCESS)
+ {
+ return test_status;
+ }
+ }
+ else
+ {
+ /* Remove UID should fail */
+ status = SST_FUNCTION(s006_data[5].api, uid);
+ TEST_ASSERT_EQUAL(status, s006_data[5].status, TEST_CHECKPOINT_NUM(4));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_sst_flags_not_supported(caller_security_t caller)
+{
+ psa_storage_create_flags_t flag;
+ uint32_t status = VAL_STATUS_SUCCESS;
+ psa_storage_uid_t uid = UID_BASE_VALUE + 5;
+ int32_t test_status;
+
+ /* Calling set function with different create flag value */
+
+ val->print(PRINT_TEST, "[Check 1] Call set API with flag - PSA_STORAGE_FLAG_NONE\n", 0);
+ /* Create storage with flag value */
+ flag = PSA_STORAGE_FLAG_NONE;
+ test_status = psa_sst_create_storage_api(uid, TEST_BUFF_SIZE, write_buff, flag);
+ if (test_status != VAL_STATUS_SUCCESS)
+ {
+ return test_status;
+ }
+
+ val->print(PRINT_TEST, "[Check 2] Call set API with flag - "
+ "PSA_STORAGE_FLAG_NO_CONFIDENTIALITY\n", 0);
+ /* Create storage with flag value */
+ flag = PSA_STORAGE_FLAG_NO_CONFIDENTIALITY;
+ test_status = psa_sst_create_storage_api(uid, TEST_BUFF_SIZE, write_buff, flag);
+ if (test_status != VAL_STATUS_SUCCESS)
+ {
+ return test_status;
+ }
+
+ val->print(PRINT_TEST, "[Check 3] Call set API with flag - "
+ "PSA_STORAGE_FLAG_NO_REPLAY_PROTECTION\n", 0);
+ /* Create storage with flag value */
+ flag = PSA_STORAGE_FLAG_NO_REPLAY_PROTECTION;
+ test_status = psa_sst_create_storage_api(uid, TEST_BUFF_SIZE, write_buff, flag);
+ if (test_status != VAL_STATUS_SUCCESS)
+ {
+ return test_status;
+ }
+
+ return status;
}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.h b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.h
index 43adf748..8b9b2bab 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.h
@@ -19,18 +19,18 @@
#ifdef ITS_TEST
#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, s006)
+#define test_entry CONCAT(test_entry_, s006)
#elif PS_TEST
#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, p006)
+#define test_entry CONCAT(test_entry_, p006)
#endif
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_s006_sst_list[];
-int32_t psa_sst_flags_not_supported(security_t caller);
+int32_t psa_sst_flags_not_supported(caller_security_t caller);
#endif /* _TEST_S006_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s007/source.mk
deleted file mode 100755
index f57b3918..00000000
--- a/api-tests/dev_apis/internal_trusted_storage/test_s007/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s007.c
-CC_OPTIONS = -DITS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/test.cmake b/api-tests/dev_apis/internal_trusted_storage/test_s007/test.cmake
new file mode 100644
index 00000000..cee8525f
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s007/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s007.c
+ test_s007.c
+)
+list(APPEND CC_OPTIONS -DITS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_entry_s007.c
similarity index 100%
rename from api-tests/dev_apis/internal_trusted_storage/test_s007/test_entry.c
rename to api-tests/dev_apis/internal_trusted_storage/test_s007/test_entry_s007.c
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_its_data.h
index 550dffb0..b5be47ee 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_its_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_its_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,46 +20,45 @@
#include "val_internal_trusted_storage.h"
#define SST_FUNCTION val->its_function
-#define psa_sst_uid_t psa_its_uid_t
typedef struct {
enum its_function_code api;
- psa_its_status_t status;
+ psa_status_t status;
} test_data;
static const test_data s007_data[] = {
{
- 0, 0 /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Create a valid storage entity */
+ VAL_ITS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Increase the length of storage */
+ VAL_ITS_SET, PSA_SUCCESS /* Index2 - Increase the length of storage */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Try to access old length */
+ VAL_ITS_GET, PSA_SUCCESS /* Index3 - Try to access old length */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Try to access valid length less than set length */
+ VAL_ITS_GET, PSA_SUCCESS /* Index4 - Try to access valid length less than set length */
},
{
- 0, 0 /* This is dummy for index5 */
+ 0, 0 /* This is dummy for Index5 */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Decrease the length of storage */
+ VAL_ITS_SET, PSA_SUCCESS /* Index6 - Decrease the length of storage */
},
{
- VAL_ITS_GET, PSA_ITS_ERROR_INCORRECT_SIZE /* Try to access old length */
+ VAL_ITS_GET, PSA_SUCCESS /* Index7 - Try to access old length */
},
{
- VAL_ITS_GET, PSA_ITS_ERROR_INCORRECT_SIZE /* Try to access old length */
+ VAL_ITS_GET, PSA_SUCCESS /* Index8 - Try to access old length */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Try to access data with correct length */
+ VAL_ITS_GET, PSA_SUCCESS /* Index9 - Try to access data with correct length */
},
{
- VAL_ITS_REMOVE, PSA_ITS_SUCCESS /* Remove the storage entity */
+ VAL_ITS_REMOVE, PSA_SUCCESS /* Index10 - Remove the storage entity */
},
};
#endif /* _TEST_S007_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_ps_data.h
index fa032c18..6414d2c6 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_ps_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_ps_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,46 +20,45 @@
#include "val_protected_storage.h"
#define SST_FUNCTION val->ps_function
-#define psa_sst_uid_t psa_ps_uid_t
typedef struct {
enum ps_function_code api;
- psa_ps_status_t status;
+ psa_status_t status;
} test_data;
static const test_data s007_data[] = {
{
- 0, 0 /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Create a valid storage entity */
+ VAL_PS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Increase the length of storage */
+ VAL_PS_SET, PSA_SUCCESS /* Index2 - Increase the length of storage */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Try to access old length */
+ VAL_PS_GET, PSA_SUCCESS /* Index3 - Try to access old length */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Try to access valid length less than set length */
+ VAL_PS_GET, PSA_SUCCESS /* Index4 - Try to access valid length less than set length */
},
{
- 0, 0 /* This is dummy for index5 */
+ 0, 0 /* This is dummy for Index5 */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Decrease the length of storage */
+ VAL_PS_SET, PSA_SUCCESS /* Index6 - Decrease the length of storage */
},
{
- VAL_PS_GET, PSA_PS_ERROR_INCORRECT_SIZE /* Try to access old length */
+ VAL_PS_GET, PSA_SUCCESS /* Index7 - Try to access old length */
},
{
- VAL_PS_GET, PSA_PS_ERROR_INCORRECT_SIZE /* Try to access old length */
+ VAL_PS_GET, PSA_SUCCESS /* Index8 - Try to access old length */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Try to access data with correct length */
+ VAL_PS_GET, PSA_SUCCESS /* Index9 - Try to access data with correct length */
},
{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove the storage entity */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index10 - Remove the storage entity */
},
};
#endif /* _TEST_S007_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.c b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.c
index 3e1a880d..610e0455 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.c
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -37,53 +37,71 @@ static uint8_t write_buff[TEST_BUFF_SIZE] = {
0x70, 0xA1, 0xFF, 0xFF, 0x14, 0x73, 0x46, 0x97, 0xE8, 0xDD, 0xCA, 0x0B, 0x3C, 0x0D, 0x2E};
static uint8_t read_buff[TEST_BUFF_SIZE];
-int32_t psa_sst_get_incorrect_size(security_t caller)
+int32_t psa_sst_get_incorrect_size(caller_security_t caller)
{
- psa_sst_uid_t uid = UID_BASE_VALUE + 5;
- uint32_t status = VAL_STATUS_SUCCESS;
+ psa_storage_uid_t uid = UID_BASE_VALUE + 5;
+ uint32_t status = VAL_STATUS_SUCCESS, p_data_length = 0;
/* Set the UID with the data_len and data_buff */
- val->print(PRINT_TEST, "Create a valid Storage\n", 0);
- status = SST_FUNCTION(s007_data[1].api, uid, TEST_BUFF_SIZE/2, write_buff, 0);
+ val->print(PRINT_TEST, "Create a valid Storage - TEST_BUFF_SIZE/2\n", 0);
+ status = SST_FUNCTION(s007_data[1].api, uid, TEST_BUFF_SIZE/2, write_buff,
+ PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, s007_data[1].status, TEST_CHECKPOINT_NUM(1));
/* Call set for same UID and increase the length */
- val->print(PRINT_TEST, "Increase the length of storage\n", 0);
- status = SST_FUNCTION(s007_data[2].api, uid, TEST_BUFF_SIZE, write_buff, 0);
+ val->print(PRINT_TEST, "Increase the length of storage - TEST_BUFF_SIZE\n", 0);
+ status = SST_FUNCTION(s007_data[2].api, uid, TEST_BUFF_SIZE, write_buff,
+ PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, s007_data[2].status, TEST_CHECKPOINT_NUM(2));
/* Access data using get API and old length */
- val->print(PRINT_TEST, "[Check 1] Call get API with old length\n", 0);
- status = SST_FUNCTION(s007_data[3].api, uid, 0, TEST_BUFF_SIZE/2, read_buff);
+ val->print(PRINT_TEST, "[Check 1] Call get API with old length - TEST_BUFF_SIZE/2\n", 0);
+ status = SST_FUNCTION(s007_data[3].api, uid, 0, TEST_BUFF_SIZE/2, read_buff, &p_data_length);
TEST_ASSERT_EQUAL(status, s007_data[3].status, TEST_CHECKPOINT_NUM(3));
+ TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(4));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(5));
/* Access data using get API and valid length */
- status = SST_FUNCTION(s007_data[4].api, uid, 0, TEST_BUFF_SIZE/4, read_buff);
- TEST_ASSERT_EQUAL(status, s007_data[4].status, TEST_CHECKPOINT_NUM(4));
- TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(5));
+ val->print(PRINT_TEST, "[Check 2] Call get API with old length - TEST_BUFF_SIZE/4\n", 0);
+ memset(read_buff, 0x0, TEST_BUFF_SIZE);
+ status = SST_FUNCTION(s007_data[4].api, uid, 0, TEST_BUFF_SIZE/4, read_buff, &p_data_length);
+ TEST_ASSERT_EQUAL(status, s007_data[4].status, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(8));
/* Decrease the length again */
- val->print(PRINT_TEST, "Decrease the length of storage\n", 0);
- status = SST_FUNCTION(s007_data[6].api, uid, TEST_BUFF_SIZE/4, write_buff, 0);
- TEST_ASSERT_EQUAL(status, s007_data[6].status, TEST_CHECKPOINT_NUM(6));
+ val->print(PRINT_TEST, "Decrease the length of storage - TEST_BUFF_SIZE/4\n", 0);
+ status = SST_FUNCTION(s007_data[6].api, uid, TEST_BUFF_SIZE/4, write_buff,
+ PSA_STORAGE_FLAG_NONE);
+ TEST_ASSERT_EQUAL(status, s007_data[6].status, TEST_CHECKPOINT_NUM(9));
/* Access data using get API and old length */
- status = SST_FUNCTION(s007_data[7].api, uid, 0, TEST_BUFF_SIZE/2, read_buff);
- TEST_ASSERT_EQUAL(status, s007_data[7].status, TEST_CHECKPOINT_NUM(7));
+ val->print(PRINT_TEST, "[Check 3] Call get API with old length - TEST_BUFF_SIZE/2\n", 0);
+ memset(read_buff, 0x0, TEST_BUFF_SIZE);
+ status = SST_FUNCTION(s007_data[7].api, uid, 0, TEST_BUFF_SIZE/2, read_buff, &p_data_length);
+ TEST_ASSERT_EQUAL(status, s007_data[7].status, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(11));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(12));
/* Access data using get API and old length */
- val->print(PRINT_TEST, "[Check 2] Call get API with old length\n", 0);
- status = SST_FUNCTION(s007_data[8].api, uid, 0, TEST_BUFF_SIZE, read_buff);
- TEST_ASSERT_EQUAL(status, s007_data[8].status, TEST_CHECKPOINT_NUM(8));
+ val->print(PRINT_TEST, "[Check 4] Call get API with old length - TEST_BUFF_SIZE\n", 0);
+ memset(read_buff, 0x0, TEST_BUFF_SIZE);
+ status = SST_FUNCTION(s007_data[8].api, uid, 0, TEST_BUFF_SIZE, read_buff, &p_data_length);
+ TEST_ASSERT_EQUAL(status, s007_data[8].status, TEST_CHECKPOINT_NUM(13));
+ TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(14));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(15));
/* Access data using correct length */
- val->print(PRINT_TEST, "[Check 3] Call get API with valid length\n", 0);
- status = SST_FUNCTION(s007_data[9].api, uid, 0, TEST_BUFF_SIZE/4, read_buff);
- TEST_ASSERT_EQUAL(status, s007_data[9].status, TEST_CHECKPOINT_NUM(9));
+ val->print(PRINT_TEST, "[Check 5] Call get API with valid length - TEST_BUFF_SIZE/4\n", 0);
+ memset(read_buff, 0x0, TEST_BUFF_SIZE);
+ status = SST_FUNCTION(s007_data[9].api, uid, 0, TEST_BUFF_SIZE/4, read_buff, &p_data_length);
+ TEST_ASSERT_EQUAL(status, s007_data[9].status, TEST_CHECKPOINT_NUM(16));
+ TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(17));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(18));
/* Remove the UID */
status = SST_FUNCTION(s007_data[10].api, uid);
- TEST_ASSERT_EQUAL(status, s007_data[10].status, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(status, s007_data[10].status, TEST_CHECKPOINT_NUM(19));
return status;
}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.h b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.h
index 5a71e4be..1fe0b5f8 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.h
@@ -19,18 +19,18 @@
#ifdef ITS_TEST
#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, s007)
+#define test_entry CONCAT(test_entry_, s007)
#elif PS_TEST
#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, p007)
+#define test_entry CONCAT(test_entry_, p007)
#endif
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_s007_sst_list[];
-int32_t psa_sst_get_incorrect_size(security_t caller);
+int32_t psa_sst_get_incorrect_size(caller_security_t caller);
#endif /* _TEST_S007_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s008/source.mk
deleted file mode 100755
index fce0cd0f..00000000
--- a/api-tests/dev_apis/internal_trusted_storage/test_s008/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s008.c
-CC_OPTIONS = -DITS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/test.cmake b/api-tests/dev_apis/internal_trusted_storage/test_s008/test.cmake
new file mode 100644
index 00000000..ecba9c3a
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s008/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s008.c
+ test_s008.c
+)
+list(APPEND CC_OPTIONS -DITS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_entry_s008.c
similarity index 100%
rename from api-tests/dev_apis/internal_trusted_storage/test_s008/test_entry.c
rename to api-tests/dev_apis/internal_trusted_storage/test_s008/test_entry_s008.c
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_its_data.h
index 89093d49..f5476c3b 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_its_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_its_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,55 +20,54 @@
#include "val_internal_trusted_storage.h"
#define SST_FUNCTION val->its_function
-#define psa_sst_uid_t psa_its_uid_t
typedef struct {
enum its_function_code api;
- psa_its_status_t status;
+ psa_status_t status;
} test_data;
static const test_data s008_data[] = {
{
- 0, 0 /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Create a valid storage entity with zero flag value */
+ VAL_ITS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity with zero flag value */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Call get API with offset + data_len = total_size */
+ VAL_ITS_GET, PSA_SUCCESS /* Index2 - Call get API with offset + data_len = total_size */
},
{
- 0, 0 /* This is dummy for index3 */
+ 0, 0 /* This is dummy for Index3 */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Call get API with offset + data_len < total_size */
+ VAL_ITS_GET, PSA_SUCCESS /* Index4 - Call get API with offset + data_len < total_size */
},
{
- 0, 0 /* This is dummy for index5 */
+ 0, 0 /* This is dummy for Index5 */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Call get API with offset = total data_size + 1 */
+ VAL_ITS_GET, PSA_SUCCESS /* Index6 - Call get API with offset = total data_size + 1 */
},
{
- 0, 0 /* This is dummy for index7 */
+ 0, 0 /* This is dummy for Index7 */
},
{
- VAL_ITS_GET, PSA_ITS_ERROR_INCORRECT_SIZE /* get API with offset + data_len > total data_size */
+ VAL_ITS_GET, PSA_SUCCESS /* Index8 - get API with offset = total data_size */
},
{
- 0, 0 /* This is dummy for index9 */
+ 0, 0 /* This is dummy for Index9 */
},
{
- VAL_ITS_GET, PSA_ITS_ERROR_INCORRECT_SIZE /* Call get API with invalid data len and offset zero */
+ VAL_ITS_GET, PSA_SUCCESS /* Index10 - Call get API with invalid data len and offset zero */
},
{
- 0, 0 /* This is dummy for index11 */
+ 0, 0 /* This is dummy for Index11 */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Call get API with offset = MAX_UINT32 */
+ VAL_ITS_GET, PSA_ERROR_INVALID_ARGUMENT /* Index12 - Call get API with offset = MAX_UINT32 */
},
{
- VAL_ITS_REMOVE, PSA_ITS_SUCCESS /* Remove the storage entity */
+ VAL_ITS_REMOVE, PSA_SUCCESS /* Index13 - Remove the storage entity */
},
};
#endif /* _TEST_S008_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_ps_data.h
index 2b15d358..e9945925 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_ps_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_ps_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,55 +20,54 @@
#include "val_protected_storage.h"
#define SST_FUNCTION val->ps_function
-#define psa_sst_uid_t psa_ps_uid_t
typedef struct {
enum ps_function_code api;
- psa_ps_status_t status;
+ psa_status_t status;
} test_data;
static const test_data s008_data[] = {
{
- 0, 0 /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Create a valid storage entity with zero flag value */
+ VAL_PS_SET, PSA_SUCCESS /* Index1 - Create a valid storage entity with zero flag value */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Call get API with offset + data_len = total_size */
+ VAL_PS_GET, PSA_SUCCESS /* Index2 - Call get API with offset + data_len = total_size */
},
{
- 0, 0 /* This is dummy for index3 */
+ 0, 0 /* This is dummy for Index3 */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Call get API with offset + data_len < total_size */
+ VAL_PS_GET, PSA_SUCCESS /* Index4 - Call get API with offset + data_len < total_size */
},
{
- 0, 0 /* This is dummy for index5 */
+ 0, 0 /* This is dummy for Index5 */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS/* Call get API with offset = total data_size + 1 */
+ VAL_PS_GET, PSA_SUCCESS/* Index6 - Call get API with offset = total data_size + 1 */
},
{
- 0, 0 /* This is dummy for index7 */
+ 0, 0 /* This is dummy for Index7 */
},
{
- VAL_PS_GET, PSA_PS_ERROR_INCORRECT_SIZE /* Call get API with offset + data_len > total data_size */
+ VAL_PS_GET, PSA_SUCCESS /* Index8 - get API with offset = total data_size */
},
{
- 0, 0 /* This is dummy for index9 */
+ 0, 0 /* This is dummy for Index9 */
},
{
- VAL_PS_GET, PSA_PS_ERROR_INCORRECT_SIZE /* Call get API with invalid data len and offset zero */
+ VAL_PS_GET, PSA_SUCCESS /* Index10 - Call get API with invalid data len and offset zero */
},
{
- 0, 0 /* This is dummy for index11 */
+ 0, 0 /* This is dummy for Index11 */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Call get API with offset = MAX_UINT32 */
+ VAL_PS_GET, PSA_ERROR_INVALID_ARGUMENT /* Index12 - Call get API with offset = MAX_UINT32 */
},
{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove the storage entity */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index13 - Remove the storage entity */
},
};
#endif /* _TEST_S008_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.c b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.c
index 8374f36e..32ddfc50 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.c
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -34,58 +34,58 @@ client_test_t test_s008_sst_list[] = {
NULL,
};
-static psa_sst_uid_t uid = UID_BASE_VALUE + 5;
+static psa_storage_uid_t uid = UID_BASE_VALUE + 5;
static uint8_t read_buff[TEST_BUFF_SIZE];
static uint8_t write_buff[TEST_BUFF_SIZE] = {0x99, 0x01, 0x02, 0x03, 0x04, 0x23, 0xF6, 0x07, 0x08, \
0x0D, 0x70, 0xA1, 0xFF, 0xFF, 0x14, 0x73, 0x46, 0x97, 0xE8, 0xDD};
-int32_t psa_sst_invalid_offset_failure(security_t caller)
+int32_t psa_sst_invalid_offset_failure(caller_security_t caller)
{
- uint32_t status, j;
+ uint32_t status, j, p_data_length = 0;
- /* Case where offset = data_size +1 , data_len 0. Also check nothing is returned in read buff*/
+ /* Case where offset = data_size +1 , data_len 0. Also check nothing is returned in read buff */
val->print(PRINT_TEST, "[Check 2] Try to access data with varying invalid offset\n", 0);
memset(read_buff, 0, TEST_BUFF_SIZE);
- status = SST_FUNCTION(s008_data[6].api, uid, TEST_BUFF_SIZE+1, 0, read_buff);
- TEST_ASSERT_NOT_EQUAL(status, s008_data[6].status, TEST_CHECKPOINT_NUM(6));
+ status = SST_FUNCTION(s008_data[6].api, uid, TEST_BUFF_SIZE+1, 0, read_buff, &p_data_length);
+ TEST_ASSERT_NOT_EQUAL(status, s008_data[6].status, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(p_data_length, 0, TEST_CHECKPOINT_NUM(9));
for (j = 0; j < TEST_BUFF_SIZE; j++)
{
- TEST_ASSERT_EQUAL(read_buff[j], 0x00, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(read_buff[j], 0x00, TEST_CHECKPOINT_NUM(10));
}
- /* Case where offset = data_size , data_len= 1 Also check nothing is returned in read buff*/
- status = SST_FUNCTION(s008_data[8].api, uid, TEST_BUFF_SIZE, 1, read_buff);
- TEST_ASSERT_EQUAL(status, s008_data[8].status, TEST_CHECKPOINT_NUM(8));
- for (j = 0; j < TEST_BUFF_SIZE; j++)
- {
- TEST_ASSERT_EQUAL(read_buff[j], 0x00, TEST_CHECKPOINT_NUM(9));
- }
+ /* Case where offset = data_size , data_len= 1 Also check nothing is returned in read buff */
+ memset(read_buff, 0xCD, TEST_BUFF_SIZE);
+ p_data_length = 0xFF;
+ status = SST_FUNCTION(s008_data[8].api, uid, TEST_BUFF_SIZE, 1, read_buff, &p_data_length);
+ TEST_ASSERT_EQUAL(status, s008_data[8].status, TEST_CHECKPOINT_NUM(11));
+ TEST_ASSERT_EQUAL(p_data_length, 0, TEST_CHECKPOINT_NUM(12));
- /* Case where offset = 0 , data_len > data_size Also check nothing is returned in read buff*/
- status = SST_FUNCTION(s008_data[10].api, uid, 0, TEST_BUFF_SIZE+1, read_buff);
- TEST_ASSERT_EQUAL(status, s008_data[10].status, TEST_CHECKPOINT_NUM(10));
- for (j = 0; j < TEST_BUFF_SIZE; j++)
- {
- TEST_ASSERT_EQUAL(read_buff[j], 0x00, TEST_CHECKPOINT_NUM(11));
- }
+ /* Case where offset = 0, data_len > data_size, check if just data_size is returned */
+ status = SST_FUNCTION(s008_data[10].api, uid, 0, TEST_BUFF_SIZE+1, read_buff, &p_data_length);
+ TEST_ASSERT_EQUAL(status, s008_data[10].status, TEST_CHECKPOINT_NUM(13));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(14));
+ TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(15));
/* Try to access data with offset as MAX_UINT32 and length less than buffer size */
- status = SST_FUNCTION(s008_data[12].api, uid, TEST_MAX_UINT32, TEST_BUFF_SIZE/2, read_buff);
- TEST_ASSERT_NOT_EQUAL(status, s008_data[12].status, TEST_CHECKPOINT_NUM(12));
+ status = SST_FUNCTION(s008_data[12].api, uid, TEST_MAX_UINT32, TEST_BUFF_SIZE/2, read_buff,
+ &p_data_length);
+ TEST_ASSERT_EQUAL(status, s008_data[12].status, TEST_CHECKPOINT_NUM(16));
/* Remove the UID */
status = SST_FUNCTION(s008_data[13].api, uid);
- TEST_ASSERT_EQUAL(status, s008_data[13].status, TEST_CHECKPOINT_NUM(13));
+ TEST_ASSERT_EQUAL(status, s008_data[13].status, TEST_CHECKPOINT_NUM(17));
return VAL_STATUS_SUCCESS;
}
-int32_t psa_sst_valid_offset_success(security_t caller)
+int32_t psa_sst_valid_offset_success(caller_security_t caller)
{
uint32_t status, data_len, offset = TEST_BUFF_SIZE;
+ uint32_t p_data_length = 0;
/* Set data for UID */
- status = SST_FUNCTION(s008_data[1].api, uid, TEST_BUFF_SIZE, write_buff, 0);
+ status = SST_FUNCTION(s008_data[1].api, uid, TEST_BUFF_SIZE, write_buff, PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, s008_data[1].status, TEST_CHECKPOINT_NUM(1));
/* Case where offset + datalen = data_size */
@@ -94,9 +94,10 @@ int32_t psa_sst_valid_offset_success(security_t caller)
{
data_len = TEST_BUFF_SIZE - offset;
memset(read_buff, 0, TEST_BUFF_SIZE);
- status = SST_FUNCTION(s008_data[2].api, uid, offset, data_len, read_buff);
+ status = SST_FUNCTION(s008_data[2].api, uid, offset, data_len, read_buff, &p_data_length);
TEST_ASSERT_EQUAL(status, s008_data[2].status, TEST_CHECKPOINT_NUM(2));
TEST_ASSERT_MEMCMP(read_buff, write_buff + offset, data_len, TEST_CHECKPOINT_NUM(3));
+ TEST_ASSERT_EQUAL(p_data_length, data_len, TEST_CHECKPOINT_NUM(4));
offset >>= 1;
}
@@ -105,9 +106,10 @@ int32_t psa_sst_valid_offset_success(security_t caller)
/* Case where offset + datalen < data_size */
while (offset > 0)
{
- status = SST_FUNCTION(s008_data[4].api, uid, offset, data_len, read_buff);
- TEST_ASSERT_EQUAL(status, s008_data[4].status, TEST_CHECKPOINT_NUM(4));
- TEST_ASSERT_MEMCMP(read_buff, write_buff + offset, data_len, TEST_CHECKPOINT_NUM(5));
+ status = SST_FUNCTION(s008_data[4].api, uid, offset, data_len, read_buff, &p_data_length);
+ TEST_ASSERT_EQUAL(status, s008_data[4].status, TEST_CHECKPOINT_NUM(5));
+ TEST_ASSERT_MEMCMP(read_buff, write_buff + offset, data_len, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(p_data_length, data_len, TEST_CHECKPOINT_NUM(7));
offset >>= 1;
data_len <<= 1;
}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.h b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.h
index de4cd0d2..c4426d8d 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.h
@@ -19,19 +19,19 @@
#ifdef ITS_TEST
#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, s008)
+#define test_entry CONCAT(test_entry_, s008)
#elif PS_TEST
#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, p008)
+#define test_entry CONCAT(test_entry_, p008)
#endif
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_s008_sst_list[];
-int32_t psa_sst_valid_offset_success(security_t caller);
-int32_t psa_sst_invalid_offset_failure(security_t caller);
+int32_t psa_sst_valid_offset_success(caller_security_t caller);
+int32_t psa_sst_invalid_offset_failure(caller_security_t caller);
#endif /* _TEST_S008_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s009/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s009/source.mk
deleted file mode 100755
index dff1830f..00000000
--- a/api-tests/dev_apis/internal_trusted_storage/test_s009/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s009.c
-CC_OPTIONS = -DITS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s009/test.cmake b/api-tests/dev_apis/internal_trusted_storage/test_s009/test.cmake
new file mode 100644
index 00000000..e5fe7ee5
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s009/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s009.c
+ test_s009.c
+)
+list(APPEND CC_OPTIONS -DITS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_entry_s009.c
similarity index 100%
rename from api-tests/dev_apis/internal_trusted_storage/test_s009/test_entry.c
rename to api-tests/dev_apis/internal_trusted_storage/test_s009/test_entry_s009.c
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_its_data.h
index 80e7fb1a..606f02e7 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_its_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_its_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,50 +20,49 @@
#include "val_internal_trusted_storage.h"
#define SST_FUNCTION val->its_function
-#define psa_sst_uid_t psa_its_uid_t
typedef struct {
enum its_function_code api;
- psa_its_status_t status;
+ psa_status_t status;
} test_data;
-static struct psa_its_info_t info;
+static struct psa_storage_info_t info;
static const test_data s009_data[] = {
{
- 0, 0 /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Call set API with NULL write buffer and 0 length */
+ VAL_ITS_SET, PSA_SUCCESS /* Index1 - Call set API with NULL write buffer and 0 length */
},
{
- VAL_ITS_GET_INFO, PSA_ITS_SUCCESS /* Verify UID is created */
+ VAL_ITS_GET_INFO, PSA_SUCCESS /* Index2 - Verify UID is created */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Call get API with NULL write buffer and 0 length */
+ VAL_ITS_GET, PSA_SUCCESS /* Index3 - Call get API with NULL write buffer and 0 length */
},
{
- VAL_ITS_REMOVE, PSA_ITS_SUCCESS /* Remove the storage entity */
+ VAL_ITS_REMOVE, PSA_SUCCESS /* Index4 - Remove the storage entity */
},
{
- VAL_ITS_GET_INFO, PSA_ITS_ERROR_UID_NOT_FOUND /* Verify UID is removed */
+ VAL_ITS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index5 - Verify UID is removed */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Create storage of zero size and valid write buffer */
+ VAL_ITS_SET, PSA_SUCCESS /* Index6 - Create storage of zero size and valid write buffer */
},
{
- VAL_ITS_GET_INFO, PSA_ITS_SUCCESS /* Call get_info API to check data size */
+ VAL_ITS_GET_INFO, PSA_SUCCESS /* Index7 - Call get_info API to check data size */
},
{
- 0, 0 /* This is dummy for index8 */
+ 0, 0 /* This is dummy for Index8 */
},
{
- VAL_ITS_GET, PSA_ITS_SUCCESS /* Call get API with 0 length and NULL read buffer */
+ VAL_ITS_GET, PSA_SUCCESS /* Index9 - Call get API with 0 length and NULL read buffer */
},
{
- VAL_ITS_SET, PSA_ITS_SUCCESS /* Increase the asset size */
+ VAL_ITS_SET, PSA_SUCCESS /* Index10 - Increase the asset size */
},
{
- VAL_ITS_REMOVE, PSA_ITS_SUCCESS /* Remove the storage entity */
+ VAL_ITS_REMOVE, PSA_SUCCESS /* Index11 - Remove the storage entity */
},
};
#endif /* _TEST_S009_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_ps_data.h
index 129bca08..efc8a2ce 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_ps_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_ps_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,50 +20,49 @@
#include "val_protected_storage.h"
#define SST_FUNCTION val->ps_function
-#define psa_sst_uid_t psa_ps_uid_t
typedef struct {
enum ps_function_code api;
- psa_ps_status_t status;
+ psa_status_t status;
} test_data;
-static struct psa_ps_info_t info;
+static struct psa_storage_info_t info;
static const test_data s009_data[] = {
{
- 0, 0 /* This is dummy for index0 */
+ 0, 0 /* This is dummy for Index0 */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Call set API with NULL write buffer and 0 length */
+ VAL_PS_SET, PSA_SUCCESS /* Index1 - Call set API with NULL write buffer and 0 length */
},
{
- VAL_PS_GET_INFO, PSA_PS_SUCCESS /* Verify UID is created */
+ VAL_PS_GET_INFO, PSA_SUCCESS /* Index2 - Verify UID is created */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Call get API with NULL write buffer and 0 length */
+ VAL_PS_GET, PSA_SUCCESS /* Index3 - Call get API with NULL write buffer and 0 length */
},
{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove the storage entity */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index4 - Remove the storage entity */
},
{
- VAL_PS_GET_INFO, PSA_PS_ERROR_UID_NOT_FOUND /* Verify UID is removed */
+ VAL_PS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index5 - Verify UID is removed */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Create storage of zero size and valid write buffer */
+ VAL_PS_SET, PSA_SUCCESS /* Index6 - Create storage of zero size and valid write buffer */
},
{
- VAL_PS_GET_INFO, PSA_PS_SUCCESS /* Call get_info API to check data size */
+ VAL_PS_GET_INFO, PSA_SUCCESS /* Index7 - Call get_info API to check data size */
},
{
- 0, 0 /* This is dummy for index8 */
+ 0, 0 /* This is dummy for Index8 */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Call get API with 0 length and NULL read buffer */
+ VAL_PS_GET, PSA_SUCCESS /* Index9 - Call get API with 0 length and NULL read buffer */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Increase the asset size */
+ VAL_PS_SET, PSA_SUCCESS /* Index10 - Increase the asset size */
},
{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove the storage entity */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index11 - Remove the storage entity */
},
};
#endif /* _TEST_S009_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_s009.c b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_s009.c
index 4567c666..f3e103cc 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_s009.c
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_s009.c
@@ -32,17 +32,17 @@ client_test_t test_s009_sst_list[] = {
NULL,
};
-static psa_sst_uid_t uid = UID_BASE_VALUE + 5;
+static psa_storage_uid_t uid = UID_BASE_VALUE + 5;
static uint8_t write_buff[TEST_BUFF_SIZE] = {0x99, 0x01, 0x02, 0x03, 0x04, 0x23, 0xF6, 0x07, 0x08, \
0x0D, 0x70, 0xA1, 0xFF, 0xFF, 0x14, 0x73, 0x46, 0x97, 0xE8, 0xDD};
-int32_t psa_sst_zero_length_check(security_t caller)
+int32_t psa_sst_zero_length_check(caller_security_t caller)
{
- uint32_t status;
+ uint32_t status, p_data_length = 0;
/* Set data for UID with length 0 and NULL pointer */
val->print(PRINT_TEST, "[Check 1] Call set API with NULL pointer and data length 0\n", 0);
- status = SST_FUNCTION(s009_data[1].api, uid, 0, NULL, 0);
+ status = SST_FUNCTION(s009_data[1].api, uid, 0, NULL, PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, s009_data[1].status, TEST_CHECKPOINT_NUM(1));
/* Call the get_info function to verify UID created */
@@ -51,42 +51,45 @@ int32_t psa_sst_zero_length_check(security_t caller)
/* Call get API with NULL read buffer */
val->print(PRINT_TEST, "[Check 2] Call get API with NULL read buffer and data length 0\n", 0);
- status = SST_FUNCTION(s009_data[3].api, uid, 0, 0, NULL);
+ status = SST_FUNCTION(s009_data[3].api, uid, 0, 0, NULL, &p_data_length);
TEST_ASSERT_EQUAL(status, s009_data[3].status, TEST_CHECKPOINT_NUM(3));
+ TEST_ASSERT_EQUAL(p_data_length, 0, TEST_CHECKPOINT_NUM(4));
/* Remove the UID */
val->print(PRINT_TEST, "[Check 3] Remove the UID\n", 0);
status = SST_FUNCTION(s009_data[4].api, uid);
- TEST_ASSERT_EQUAL(status, s009_data[4].status, TEST_CHECKPOINT_NUM(4));
+ TEST_ASSERT_EQUAL(status, s009_data[4].status, TEST_CHECKPOINT_NUM(5));
/* Call the get_info function to verify UID is removed */
val->print(PRINT_TEST, "[Check 4] Call get_info API to verify UID removed\n", 0);
status = SST_FUNCTION(s009_data[5].api, uid, &info);
- TEST_ASSERT_EQUAL(status, s009_data[5].status, TEST_CHECKPOINT_NUM(5));
+ TEST_ASSERT_EQUAL(status, s009_data[5].status, TEST_CHECKPOINT_NUM(6));
/* Create UID with length 0 and valid write buffer */
val->print(PRINT_TEST, "[Check 5] Create UID with zero data_len and valid write buffer\n", 0);
- status = SST_FUNCTION(s009_data[6].api, uid, 0, write_buff, 0);
- TEST_ASSERT_EQUAL(status, s009_data[6].status, TEST_CHECKPOINT_NUM(6));
+ status = SST_FUNCTION(s009_data[6].api, uid, 0, write_buff, PSA_STORAGE_FLAG_NONE);
+ TEST_ASSERT_EQUAL(status, s009_data[6].status, TEST_CHECKPOINT_NUM(7));
/* Call the get_info function and match the attributes */
status = SST_FUNCTION(s009_data[7].api, uid, &info);
- TEST_ASSERT_EQUAL(status, s009_data[7].status, TEST_CHECKPOINT_NUM(7));
- TEST_ASSERT_EQUAL(info.size, 0, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(status, s009_data[7].status, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(info.size, 0, TEST_CHECKPOINT_NUM(9));
/* Call get API with NULL read buffer and valid UID */
val->print(PRINT_TEST, "[Check 8] Call get API with NULL read buffer and data length 0\n", 0);
- status = SST_FUNCTION(s009_data[9].api, uid, 0, 0, NULL);
- TEST_ASSERT_EQUAL(status, s009_data[9].status, TEST_CHECKPOINT_NUM(9));
+ status = SST_FUNCTION(s009_data[9].api, uid, 0, 0, NULL, &p_data_length);
+ TEST_ASSERT_EQUAL(status, s009_data[9].status, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(p_data_length, 0, TEST_CHECKPOINT_NUM(11));
/* Change the length to test_buff_size */
val->print(PRINT_TEST, "[Check 9] Increase the length\n", 0);
- status = SST_FUNCTION(s009_data[10].api, uid, TEST_BUFF_SIZE, write_buff, 0);
- TEST_ASSERT_EQUAL(status, s009_data[10].status, TEST_CHECKPOINT_NUM(10));
+ status = SST_FUNCTION(s009_data[10].api, uid, TEST_BUFF_SIZE, write_buff,
+ PSA_STORAGE_FLAG_NONE);
+ TEST_ASSERT_EQUAL(status, s009_data[10].status, TEST_CHECKPOINT_NUM(12));
/* Remove the UID */
status = SST_FUNCTION(s009_data[11].api, uid);
- TEST_ASSERT_EQUAL(status, s009_data[11].status, TEST_CHECKPOINT_NUM(11));
+ TEST_ASSERT_EQUAL(status, s009_data[11].status, TEST_CHECKPOINT_NUM(13));
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_s009.h b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_s009.h
index 11b32d17..f1c396a5 100755
--- a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_s009.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_s009.h
@@ -19,18 +19,18 @@
#ifdef ITS_TEST
#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, s009)
+#define test_entry CONCAT(test_entry_, s009)
#elif PS_TEST
#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, p009)
+#define test_entry CONCAT(test_entry_, p009)
#endif
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_s009_sst_list[];
-int32_t psa_sst_zero_length_check(security_t caller);
+int32_t psa_sst_zero_length_check(caller_security_t caller);
#endif /* _TEST_S009_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s010/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s010/source.mk
deleted file mode 100644
index b1862f76..00000000
--- a/api-tests/dev_apis/internal_trusted_storage/test_s010/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s010.c
-CC_OPTIONS = -DITS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s010/test.cmake b/api-tests/dev_apis/internal_trusted_storage/test_s010/test.cmake
new file mode 100644
index 00000000..4c3dc6ad
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s010/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s010.c
+ test_s010.c
+)
+list(APPEND CC_OPTIONS -DITS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s010/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s010/test_entry_s010.c
similarity index 100%
rename from api-tests/dev_apis/internal_trusted_storage/test_s010/test_entry.c
rename to api-tests/dev_apis/internal_trusted_storage/test_s010/test_entry_s010.c
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s010/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s010/test_its_data.h
index 1a811b11..8dd4cb87 100644
--- a/api-tests/dev_apis/internal_trusted_storage/test_s010/test_its_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s010/test_its_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,16 +20,23 @@
#include "val_internal_trusted_storage.h"
#define SST_FUNCTION val->its_function
-#define psa_sst_uid_t psa_its_uid_t
typedef struct {
enum its_function_code api;
- psa_its_status_t status;
+ psa_status_t status;
} test_data;
static const test_data s010_data[] = {
{
- VAL_ITS_SET, PSA_ITS_ERROR_INVALID_ARGUMENTS /* Create with UID value zero should fail */
+ VAL_ITS_SET, PSA_ERROR_INVALID_ARGUMENT /* Index0 - Create with UID value zero should fail */
+},
+{
+ VAL_ITS_GET_INFO, PSA_ERROR_INVALID_ARGUMENT /* Index1 - Call to get_info API for UID 0
+ should fail */
+},
+{
+ VAL_ITS_REMOVE, PSA_ERROR_INVALID_ARGUMENT /* Index2 - Call to remove API UID value zero
+ should fail */
},
};
#endif /* _TEST_S010_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s010/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s010/test_ps_data.h
index fb06deb9..2c7f1493 100644
--- a/api-tests/dev_apis/internal_trusted_storage/test_s010/test_ps_data.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s010/test_ps_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,16 +20,23 @@
#include "val_protected_storage.h"
#define SST_FUNCTION val->ps_function
-#define psa_sst_uid_t psa_ps_uid_t
typedef struct {
enum ps_function_code api;
- psa_ps_status_t status;
+ psa_status_t status;
} test_data;
static const test_data s010_data[] = {
{
- VAL_PS_SET, PSA_PS_ERROR_INVALID_ARGUMENT /* Create with UID value zero should fail */
+ VAL_PS_SET, PSA_ERROR_INVALID_ARGUMENT /* Index0 - Create with UID value zero should fail */
+},
+{
+ VAL_PS_GET_INFO, PSA_ERROR_INVALID_ARGUMENT /* Index1 - Call to get_info API for UID 0
+ should fail */
+},
+{
+ VAL_PS_REMOVE, PSA_ERROR_INVALID_ARGUMENT /* Index2 - Call to remove API UID value zero
+ should fail */
},
};
#endif /* _TEST_S010_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s010/test_s010.c b/api-tests/dev_apis/internal_trusted_storage/test_s010/test_s010.c
index 8e556ce1..5cff99c8 100644
--- a/api-tests/dev_apis/internal_trusted_storage/test_s010/test_s010.c
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s010/test_s010.c
@@ -34,16 +34,27 @@ client_test_t test_s010_sst_list[] = {
static uint8_t write_buff[TEST_BUFF_SIZE] = {0xFF};
-int32_t psa_sst_uid_value_zero_check(security_t caller)
+int32_t psa_sst_uid_value_zero_check(caller_security_t caller)
{
int32_t status;
- psa_sst_uid_t uid = 0;
+ psa_storage_uid_t uid = 0;
+ struct psa_storage_info_t info;
/* Set with UID value zero should fail */
- val->print(PRINT_TEST, "[Check 1] Creating storage with UID 0 should fail\n", 0 );
- status = SST_FUNCTION(s010_data[0].api, uid, TEST_BUFF_SIZE, write_buff, 0);
+ val->print(PRINT_TEST, "[Check 1] Creating storage with UID 0 should fail\n", 0);
+ status = SST_FUNCTION(s010_data[0].api, uid, TEST_BUFF_SIZE, write_buff, PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, s010_data[0].status, TEST_CHECKPOINT_NUM(1));
+ /* Call to get_info call with UID zero should fail */
+ val->print(PRINT_TEST, "[Check 2] Get_info for UID 0 should fail\n", 0);
+ status = SST_FUNCTION(s010_data[1].api, uid, &info);
+ TEST_ASSERT_EQUAL(status, s010_data[1].status, TEST_CHECKPOINT_NUM(2));
+
+ /* UID removal should fail */
+ val->print(PRINT_TEST, "[Check 3] Removing storage with UID 0 should fail\n", 0);
+ status = SST_FUNCTION(s010_data[2].api, uid);
+ TEST_ASSERT_EQUAL(status, s010_data[2].status, TEST_CHECKPOINT_NUM(3));
+
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s010/test_s010.h b/api-tests/dev_apis/internal_trusted_storage/test_s010/test_s010.h
index 96ac55d4..ef4202ec 100644
--- a/api-tests/dev_apis/internal_trusted_storage/test_s010/test_s010.h
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s010/test_s010.h
@@ -19,17 +19,17 @@
#ifdef ITS_TEST
#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, s010)
+#define test_entry CONCAT(test_entry_, s010)
#elif PS_TEST
#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
-#define test_entry CONCAT(test_entry_, p010)
+#define test_entry CONCAT(test_entry_, p010)
#endif
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_s010_sst_list[];
-int32_t psa_sst_uid_value_zero_check(security_t caller);
+int32_t psa_sst_uid_value_zero_check(caller_security_t caller);
#endif /* _TEST_S010_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/protected_storage/suite.cmake b/api-tests/dev_apis/protected_storage/suite.cmake
new file mode 100644
index 00000000..6daf1701
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/suite.cmake
@@ -0,0 +1,72 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+foreach(test ${PSA_TEST_LIST})
+ string(SUBSTRING ${test} 0 6 ITS_TEST_STR)
+ if(${ITS_TEST_STR} STREQUAL "test_s")
+ string(REPLACE ${SUITE_LOWER} "internal_trusted_storage" ACTUAL_PSA_SUITE_DIR ${PSA_SUITE_DIR})
+ else()
+ set(ACTUAL_PSA_SUITE_DIR ${PSA_SUITE_DIR})
+ endif()
+ include(${PSA_SUITE_DIR}/${test}/test.cmake)
+ foreach(source_file ${CC_SOURCE})
+ list(APPEND SUITE_CC_SOURCE
+ ${ACTUAL_PSA_SUITE_DIR}/${test}/${source_file}
+ )
+ endforeach()
+ foreach(asm_file ${AS_SOURCE})
+ list(APPEND SUITE_AS_SOURCE
+ ${ACTUAL_PSA_SUITE_DIR}/${test}/${asm_file}
+ )
+ endforeach()
+ unset(CC_SOURCE)
+ unset(AS_SOURCE)
+ unset(ACTUAL_PSA_SUITE_DIR)
+endforeach()
+
+add_definitions(${CC_OPTIONS})
+add_definitions(${AS_OPTIONS})
+add_library(${PSA_TARGET_TEST_COMBINE_LIB} STATIC ${SUITE_CC_SOURCE} ${SUITE_AS_SOURCE})
+
+# Test related Include directories
+foreach(test ${PSA_TEST_LIST})
+ string(SUBSTRING ${test} 0 6 ITS_TEST_STR)
+ if(${ITS_TEST_STR} STREQUAL "test_s")
+ string(REPLACE ${SUITE_LOWER} "internal_trusted_storage" ACTUAL_PSA_SUITE_DIR ${PSA_SUITE_DIR})
+ else()
+ set(ACTUAL_PSA_SUITE_DIR ${PSA_SUITE_DIR})
+ endif()
+ target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE ${ACTUAL_PSA_SUITE_DIR}/${test})
+ unset(ACTUAL_PSA_SUITE_DIR)
+endforeach()
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE
+ ${psa_inc_path}
+ )
+endforeach()
+
+target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE
+ ${CMAKE_CURRENT_BINARY_DIR}
+ ${PSA_ROOT_DIR}/val/common
+ ${PSA_ROOT_DIR}/val/nspe
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage
+)
diff --git a/api-tests/dev_apis/protected_storage/test_p011/source.mk b/api-tests/dev_apis/protected_storage/test_p011/source.mk
deleted file mode 100644
index e3b72357..00000000
--- a/api-tests/dev_apis/protected_storage/test_p011/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_p011.c
-CC_OPTIONS = -DPS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_p011/test.cmake b/api-tests/dev_apis/protected_storage/test_p011/test.cmake
new file mode 100644
index 00000000..67884da4
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_p011/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_p011.c
+ test_p011.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_p011/test_entry.c b/api-tests/dev_apis/protected_storage/test_p011/test_entry_p011.c
similarity index 100%
rename from api-tests/dev_apis/protected_storage/test_p011/test_entry.c
rename to api-tests/dev_apis/protected_storage/test_p011/test_entry_p011.c
diff --git a/api-tests/dev_apis/protected_storage/test_p011/test_p011.c b/api-tests/dev_apis/protected_storage/test_p011/test_p011.c
index f7090150..83aa4103 100644
--- a/api-tests/dev_apis/protected_storage/test_p011/test_p011.c
+++ b/api-tests/dev_apis/protected_storage/test_p011/test_p011.c
@@ -34,9 +34,9 @@ static uint8_t read_buff[TEST_BUFF_SIZE] = {0};
static int32_t psa_sst_uid_not_found()
{
- uint32_t status,j;
- psa_ps_uid_t p_uid = UID_BASE_VALUE + 5;
- struct psa_ps_info_t orig_info;
+ uint32_t status, j, p_data_length = 0;
+ psa_storage_uid_t p_uid = UID_BASE_VALUE + 5;
+ struct psa_storage_info_t orig_info;
/* Call the set_extended API with UID which is not created */
val->print(PRINT_TEST, "[Check 1] Call set_extended API for UID %d which is not set\n", p_uid);
@@ -44,59 +44,61 @@ static int32_t psa_sst_uid_not_found()
TEST_ASSERT_EQUAL(status, p011_data[1].status, TEST_CHECKPOINT_NUM(1));
/* Create a valid storage with set API */
- status = SST_FUNCTION(p011_data[2].api, p_uid, TEST_BUFF_SIZE, write_buff, 0);
+ status = SST_FUNCTION(p011_data[2].api, p_uid, TEST_BUFF_SIZE, write_buff,
+ PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, p011_data[2].status, TEST_CHECKPOINT_NUM(2));
/* Try to change data length for same UID using create API */
val->print(PRINT_TEST, "[Check 2] Call create API with length different than original\n", 0);
- status = SST_FUNCTION(p011_data[3].api, p_uid, TEST_BUFF_SIZE/2, 0);
+ status = SST_FUNCTION(p011_data[3].api, p_uid, TEST_BUFF_SIZE/2, PSA_STORAGE_FLAG_WRITE_ONCE);
TEST_ASSERT_EQUAL(status, p011_data[3].status, TEST_CHECKPOINT_NUM(3));
/* Try to change flag value associated with the UID */
val->print(PRINT_TEST, "[Check 3] Call create API with flag value different than original\n", 0);
- status = SST_FUNCTION(p011_data[4].api, p_uid, TEST_BUFF_SIZE, PSA_PS_FLAG_WRITE_ONCE);
+ status = SST_FUNCTION(p011_data[4].api, p_uid, TEST_BUFF_SIZE, PSA_STORAGE_FLAG_WRITE_ONCE);
TEST_ASSERT_EQUAL(status, p011_data[4].status, TEST_CHECKPOINT_NUM(4));
/* Check the flag value should be same as original*/
status = SST_FUNCTION(p011_data[5].api, p_uid, &orig_info);
TEST_ASSERT_EQUAL(status, p011_data[5].status, TEST_CHECKPOINT_NUM(5));
TEST_ASSERT_EQUAL(orig_info.size, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(6));
- TEST_ASSERT_EQUAL(orig_info.flags, 0, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(orig_info.flags, PSA_STORAGE_FLAG_NONE, TEST_CHECKPOINT_NUM(7));
/* Remove the UID */
status = SST_FUNCTION(p011_data[8].api, p_uid);
TEST_ASSERT_EQUAL(status, p011_data[8].status, TEST_CHECKPOINT_NUM(8));
/* Create a valid storage */
- status = SST_FUNCTION(p011_data[9].api, p_uid, TEST_BUFF_SIZE/2, 0);
+ status = SST_FUNCTION(p011_data[9].api, p_uid, TEST_BUFF_SIZE/2, PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, p011_data[9].status, TEST_CHECKPOINT_NUM(9));
/* Try to change length using create API */
val->print(PRINT_TEST, "[Check 4] Call create API with parameters different than original\n", 0);
- status = SST_FUNCTION(p011_data[10].api, p_uid, TEST_BUFF_SIZE, 0);
+ status = SST_FUNCTION(p011_data[10].api, p_uid, TEST_BUFF_SIZE, PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, p011_data[10].status, TEST_CHECKPOINT_NUM(10));
/* Check the storage should be empty */
- status = SST_FUNCTION(p011_data[11].api, p_uid, 0, TEST_BUFF_SIZE, read_buff);
+ status = SST_FUNCTION(p011_data[11].api, p_uid, 0, TEST_BUFF_SIZE, read_buff, &p_data_length);
TEST_ASSERT_EQUAL(status, p011_data[11].status, TEST_CHECKPOINT_NUM(11));
for (j = 0; j < TEST_BUFF_SIZE; j++)
{
TEST_ASSERT_EQUAL(read_buff[j], 0, TEST_CHECKPOINT_NUM(12));
}
+ TEST_ASSERT_EQUAL(p_data_length, 0, TEST_CHECKPOINT_NUM(13));
/* Remove the UID */
status = SST_FUNCTION(p011_data[13].api, p_uid);
- TEST_ASSERT_EQUAL(status, p011_data[13].api, TEST_CHECKPOINT_NUM(13));
+ TEST_ASSERT_EQUAL(status, p011_data[13].status, TEST_CHECKPOINT_NUM(14));
/* Call the set_extended API with UID which is removed */
val->print(PRINT_TEST, "[Check 5] Call set_extended API for UID %d which is removed\n", p_uid);
status = SST_FUNCTION(p011_data[14].api, p_uid, 0, TEST_BUFF_SIZE, write_buff);
- TEST_ASSERT_EQUAL(status, p011_data[14].status, TEST_CHECKPOINT_NUM(14));
+ TEST_ASSERT_EQUAL(status, p011_data[14].status, TEST_CHECKPOINT_NUM(15));
return VAL_STATUS_SUCCESS;
}
-int32_t psa_sst_optional_api_uid_not_found(security_t caller)
+int32_t psa_sst_optional_api_uid_not_found(caller_security_t caller)
{
uint32_t status;
int32_t test_status;
@@ -119,4 +121,3 @@ int32_t psa_sst_optional_api_uid_not_found(security_t caller)
return VAL_STATUS_SUCCESS;
}
-
diff --git a/api-tests/dev_apis/protected_storage/test_p011/test_p011.h b/api-tests/dev_apis/protected_storage/test_p011/test_p011.h
index b87c36f3..73aba0d3 100644
--- a/api-tests/dev_apis/protected_storage/test_p011/test_p011.h
+++ b/api-tests/dev_apis/protected_storage/test_p011/test_p011.h
@@ -17,13 +17,13 @@
#ifndef _TEST_P011_CLIENT_TESTS_H_
#define _TEST_P011_CLIENT_TESTS_H_
-#define test_entry CONCAT(test_entry_, p011)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, p011)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_p011_sst_list[];
-int32_t psa_sst_optional_api_uid_not_found(security_t caller);
+int32_t psa_sst_optional_api_uid_not_found(caller_security_t caller);
#endif /* _TEST_P011_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/protected_storage/test_p011/test_ps_data.h b/api-tests/dev_apis/protected_storage/test_p011/test_ps_data.h
index faa35cb2..97ac2dc3 100644
--- a/api-tests/dev_apis/protected_storage/test_p011/test_ps_data.h
+++ b/api-tests/dev_apis/protected_storage/test_p011/test_ps_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,54 +23,58 @@
typedef struct {
enum ps_function_code api;
- psa_ps_status_t status;
+ psa_status_t status;
} test_data;
static const test_data p011_data[] = {
{
- VAL_PS_GET_SUPPORT, PSA_PS_SUPPORT_SET_EXTENDED /* Check if optional PS API supported */
+ VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Index0 - Check if optional PS API
+ supported */
},
{
- VAL_PS_SET_EXTENDED, PSA_PS_ERROR_UID_NOT_FOUND /* Call set_extended call for non-existing UID */
+ VAL_PS_SET_EXTENDED, PSA_ERROR_DOES_NOT_EXIST /* Index1 - Call set_extended call for
+ non-existing UID */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Create valid storage using set API */
+ VAL_PS_SET, PSA_SUCCESS /* Index2 - Create valid storage using set API */
},
{
- VAL_PS_CREATE, PSA_PS_ERROR_INVALID_ARGUMENT /* Create API for present UID with different length */
+ VAL_PS_CREATE, PSA_ERROR_INVALID_ARGUMENT /* Index3 - Create API for present UID with different
+ length */
},
{
- VAL_PS_CREATE, PSA_PS_ERROR_INVALID_ARGUMENT /* Call create API for to set WRITE_ONCE flag */
+ VAL_PS_CREATE, PSA_ERROR_INVALID_ARGUMENT /* Index4 - Call create API for to set WRITE_ONCE flag */
},
{
- VAL_PS_GET_INFO, PSA_PS_SUCCESS /* Validate existing UID attributes maintained */
+ VAL_PS_GET_INFO, PSA_SUCCESS /* Index5 - Validate existing UID attributes maintained */
},
{
- 0, 0 /* This is dummy for index6 */
+ 0, 0 /* This is dummy for Index6 */
},
{
- 0, 0 /* This is dummy for index7 */
+ 0, 0 /* This is dummy for Index7 */
},
{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove the UID */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index8 - Remove the UID */
},
{
- VAL_PS_CREATE, PSA_PS_SUCCESS /* Create valid storage using create API */
+ VAL_PS_CREATE, PSA_SUCCESS /* Index9 - Create valid storage using create API */
},
{
- VAL_PS_CREATE, PSA_PS_ERROR_INVALID_ARGUMENT /* Again call create API with different length */
+ VAL_PS_CREATE, PSA_ERROR_INVALID_ARGUMENT /* Index10 - Again call create API with different
+ length */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Validate the storage is empty */
+ VAL_PS_GET, PSA_SUCCESS /* Index11 - Validate the storage is empty */
},
{
- 0, 0 /* This is dummy for index12 */
+ 0, 0 /* This is dummy for Index12 */
},
{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove the UID */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index13 - Remove the UID */
},
{
- VAL_PS_SET_EXTENDED, PSA_PS_ERROR_UID_NOT_FOUND /* Set_extended call for removed UID */
+ VAL_PS_SET_EXTENDED, PSA_ERROR_DOES_NOT_EXIST /* Index14 - Set_extended call for removed UID */
}
};
#endif /* _TEST_P011_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/protected_storage/test_p012/source.mk b/api-tests/dev_apis/protected_storage/test_p012/source.mk
deleted file mode 100644
index 20354091..00000000
--- a/api-tests/dev_apis/protected_storage/test_p012/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_p012.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_p012/test.cmake b/api-tests/dev_apis/protected_storage/test_p012/test.cmake
new file mode 100644
index 00000000..28b41034
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_p012/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_p012.c
+ test_p012.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_p012/test_entry.c b/api-tests/dev_apis/protected_storage/test_p012/test_entry_p012.c
similarity index 100%
rename from api-tests/dev_apis/protected_storage/test_p012/test_entry.c
rename to api-tests/dev_apis/protected_storage/test_p012/test_entry_p012.c
diff --git a/api-tests/dev_apis/protected_storage/test_p012/test_p012.c b/api-tests/dev_apis/protected_storage/test_p012/test_p012.c
index 999fff28..93d786fb 100644
--- a/api-tests/dev_apis/protected_storage/test_p012/test_p012.c
+++ b/api-tests/dev_apis/protected_storage/test_p012/test_p012.c
@@ -28,7 +28,7 @@ client_test_t test_p012_sst_list[] = {
NULL,
};
-static psa_ps_uid_t p_uid = UID_BASE_VALUE + 6;
+static psa_storage_uid_t p_uid = UID_BASE_VALUE + 6;
static uint8_t write_buff[TEST_BUFF_SIZE] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
static uint8_t read_buff[TEST_BUFF_SIZE] = {0};
@@ -37,10 +37,10 @@ static uint8_t write_buff_2[TEST_BUFF_SIZE] = {0xFF, 0xC1, 0xA2, 0xE3, 0x04, 0x0
int32_t psa_sst_offset_invalid()
{
- uint32_t status;
+ uint32_t status, p_data_length = 0;
/* Create valid storage using create API */
- status = SST_FUNCTION(p012_data[1].api, p_uid, TEST_BUFF_SIZE, 0);
+ status = SST_FUNCTION(p012_data[1].api, p_uid, TEST_BUFF_SIZE, PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, p012_data[1].status, TEST_CHECKPOINT_NUM(1));
/* Set some data in the storage created */
@@ -74,13 +74,15 @@ int32_t psa_sst_offset_invalid()
/* Set data using set API */
val->print(PRINT_TEST, "[Check 6] Overwrite the whole data with set API\n", 0);
- status = SST_FUNCTION(p012_data[8].api, p_uid, TEST_BUFF_SIZE, write_buff, 0);
+ status = SST_FUNCTION(p012_data[8].api, p_uid, TEST_BUFF_SIZE, write_buff,
+ PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, p012_data[8].status, TEST_CHECKPOINT_NUM(8));
/* Call the get function to check data is correctly overwritten */
- status = SST_FUNCTION(p012_data[9].api, p_uid, 0, TEST_BUFF_SIZE, read_buff);
+ status = SST_FUNCTION(p012_data[9].api, p_uid, 0, TEST_BUFF_SIZE, read_buff, &p_data_length);
TEST_ASSERT_EQUAL(status, p012_data[9].status, TEST_CHECKPOINT_NUM(9));
TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(10));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(11));
return VAL_STATUS_SUCCESS;
}
@@ -89,28 +91,29 @@ static int32_t psa_sst_bad_pointer()
{
uint32_t status;
- /* Call set extended with NULL write_buff */
- val->print(PRINT_TEST, "[Check 7] Call set_extended with NULL write buffer\n", 0);
- status = SST_FUNCTION(p012_data[11].api, p_uid, 0, TEST_BUFF_SIZE, NULL);
- TEST_ASSERT_EQUAL(status, p012_data[11].status, TEST_CHECKPOINT_NUM(11));
+ /* Call create API with UID value 0 */
+ val->print(PRINT_TEST, "[Check 7] Call create API with UID 0\n", 0);
+ status = SST_FUNCTION(p012_data[11].api, 0, 0, TEST_BUFF_SIZE, write_buff);
+ TEST_ASSERT_EQUAL(status, p012_data[11].status, TEST_CHECKPOINT_NUM(12));
- /* Call set extended to overwrite data with new values */
- status = SST_FUNCTION(p012_data[12].api, p_uid, 0, TEST_BUFF_SIZE, write_buff_2);
- TEST_ASSERT_EQUAL(status, p012_data[12].status, TEST_CHECKPOINT_NUM(12));
+ /* Call set extended API with UID value 0 */
+ val->print(PRINT_TEST, "[Check 8] Call set_extended API with UID 0\n", 0);
+ status = SST_FUNCTION(p012_data[12].api, 0, 0, TEST_BUFF_SIZE, write_buff_2);
+ TEST_ASSERT_EQUAL(status, p012_data[12].status, TEST_CHECKPOINT_NUM(13));
- /* Call the get function to get the data buffer and match the buffer */
- status = SST_FUNCTION(p012_data[13].api, p_uid, 0, TEST_BUFF_SIZE, read_buff);
- TEST_ASSERT_EQUAL(status, p012_data[13].status, TEST_CHECKPOINT_NUM(13));
- TEST_ASSERT_MEMCMP(read_buff, write_buff_2, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(14));
+ /* Call remove API with UID value 0 */
+ val->print(PRINT_TEST, "[Check 9] Call remove API with UID 0\n", 0);
+ status = SST_FUNCTION(p012_data[13].api, 0);
+ TEST_ASSERT_EQUAL(status, p012_data[13].status, TEST_CHECKPOINT_NUM(14));
- /* Remove the storage */
- status = SST_FUNCTION(p012_data[15].api, p_uid);
- TEST_ASSERT_EQUAL(status, p012_data[15].status, TEST_CHECKPOINT_NUM(15));
+ /* Remove the UID */
+ status = SST_FUNCTION(p012_data[14].api, p_uid);
+ TEST_ASSERT_EQUAL(status, p012_data[14].status, TEST_CHECKPOINT_NUM(15));
return VAL_STATUS_SUCCESS;
}
-int32_t psa_sst_optional_api_offset_invalid(security_t caller)
+int32_t psa_sst_optional_api_offset_invalid(caller_security_t caller)
{
uint32_t status;
int32_t test_status;
diff --git a/api-tests/dev_apis/protected_storage/test_p012/test_p012.h b/api-tests/dev_apis/protected_storage/test_p012/test_p012.h
index 835fe218..7754a44f 100644
--- a/api-tests/dev_apis/protected_storage/test_p012/test_p012.h
+++ b/api-tests/dev_apis/protected_storage/test_p012/test_p012.h
@@ -17,13 +17,13 @@
#ifndef _TEST_P012_CLIENT_TESTS_H_
#define _TEST_P012_CLIENT_TESTS_H_
-#define test_entry CONCAT(test_entry_, p012)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, p012)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_p012_sst_list[];
-int32_t psa_sst_optional_api_offset_invalid(security_t caller);
+int32_t psa_sst_optional_api_offset_invalid(caller_security_t caller);
#endif /* _TEST_P012_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/protected_storage/test_p012/test_ps_data.h b/api-tests/dev_apis/protected_storage/test_p012/test_ps_data.h
index 0ca495bd..1372ab79 100644
--- a/api-tests/dev_apis/protected_storage/test_p012/test_ps_data.h
+++ b/api-tests/dev_apis/protected_storage/test_p012/test_ps_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,57 +23,58 @@
typedef struct {
enum ps_function_code api;
- psa_ps_status_t status;
+ psa_status_t status;
} test_data;
static const test_data p012_data[] = {
{
- VAL_PS_GET_SUPPORT, PSA_PS_SUPPORT_SET_EXTENDED /* Check if optional PS API supported */
+ VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Index0 -Check if optional PS API
+ supported */
},
{
- VAL_PS_CREATE, PSA_PS_SUCCESS /* Create valid storage */
+ VAL_PS_CREATE, PSA_SUCCESS /* Index1 - Create valid storage */
},
{
- VAL_PS_SET_EXTENDED, PSA_PS_SUCCESS /* Set data using set_extended API */
+ VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Index2 - Set data using set_extended API */
},
{
- VAL_PS_SET_EXTENDED, PSA_PS_ERROR_OFFSET_INVALID /* Set_extended with invalid offset + length */
+ VAL_PS_SET_EXTENDED, PSA_ERROR_INVALID_ARGUMENT /* Index3 - Set_extended with invalid offset +
+ length */
},
{
- VAL_PS_SET_EXTENDED, PSA_PS_ERROR_OFFSET_INVALID /* Set_extended call with invalid offset */
+ VAL_PS_SET_EXTENDED, PSA_ERROR_INVALID_ARGUMENT /* Index4 - Set_extended call with invalid
+ offset */
},
{
- VAL_PS_SET_EXTENDED, PSA_PS_SUCCESS /* Set_extended call with valid offset and zero length */
+ VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Index5 - Set_extended call with valid offset and zero length */
},
{
- VAL_PS_SET_EXTENDED, PSA_PS_ERROR_OFFSET_INVALID /* Set_extended with invalid offset + length */
+ VAL_PS_SET_EXTENDED, PSA_ERROR_INVALID_ARGUMENT /* Index6 - Set_extended with invalid offset +
+ length */
},
{
- VAL_PS_SET_EXTENDED, PSA_PS_ERROR_OFFSET_INVALID /* Set_extended with invalid length */
+ VAL_PS_SET_EXTENDED, PSA_ERROR_INVALID_ARGUMENT /* Index7 - Set_extended with invalid length */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Write data using set API */
+ VAL_PS_SET, PSA_SUCCESS /* Index8 - Write data using set API */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Check data validity using get API */
+ VAL_PS_GET, PSA_SUCCESS /* Index9 - Check data validity using get API */
},
{
- 0, 0 /* This is dummy for index10 */
+ 0, 0 /* This is dummy for Index10 */
},
{
- VAL_PS_SET_EXTENDED, PSA_PS_ERROR_INVALID_ARGUMENT /* Set_extended call with NULL write buffer */
+ VAL_PS_CREATE, PSA_ERROR_INVALID_ARGUMENT /* Index11 - Create call with UID 0 */
},
{
- VAL_PS_SET_EXTENDED, PSA_PS_SUCCESS /* Overwrite data using set_extended */
+ VAL_PS_SET_EXTENDED, PSA_ERROR_INVALID_ARGUMENT /* Index12 - Call set_extended with UID 0 */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Check data validity using get API */
+ VAL_PS_REMOVE, PSA_ERROR_INVALID_ARGUMENT /* Index13 - Call remove with UID 0 */
},
{
- 0, 0 /* This is dummy for index14 */
-},
-{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove the UID */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index14 - Remove with UID */
},
};
#endif /* _TEST_P012_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/protected_storage/test_p013/source.mk b/api-tests/dev_apis/protected_storage/test_p013/source.mk
deleted file mode 100644
index 4ae9f4ba..00000000
--- a/api-tests/dev_apis/protected_storage/test_p013/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_p013.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_p013/test.cmake b/api-tests/dev_apis/protected_storage/test_p013/test.cmake
new file mode 100644
index 00000000..6c1913f4
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_p013/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_p013.c
+ test_p013.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_p013/test_entry.c b/api-tests/dev_apis/protected_storage/test_p013/test_entry_p013.c
similarity index 100%
rename from api-tests/dev_apis/protected_storage/test_p013/test_entry.c
rename to api-tests/dev_apis/protected_storage/test_p013/test_entry_p013.c
diff --git a/api-tests/dev_apis/protected_storage/test_p013/test_p013.c b/api-tests/dev_apis/protected_storage/test_p013/test_p013.c
index 6eb47464..d4d5026e 100644
--- a/api-tests/dev_apis/protected_storage/test_p013/test_p013.c
+++ b/api-tests/dev_apis/protected_storage/test_p013/test_p013.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,7 +28,7 @@ client_test_t test_p013_sst_list[] = {
NULL,
};
-static psa_ps_uid_t p_uid = UID_BASE_VALUE + 4;
+static psa_storage_uid_t p_uid = UID_BASE_VALUE + 4;
static uint8_t write_buff[TEST_BUFF_SIZE/2] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07};
static uint8_t write_buff_2[TEST_BUFF_SIZE/2] = {0xFF, 0x11, 0xA2, 0xE3, 0x04, 0xA5, 0xD6, 0x97};
static uint8_t read_buff[TEST_BUFF_SIZE] = {0};
@@ -37,12 +37,12 @@ static uint8_t write_buff_3[TEST_BUFF_SIZE] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x0
static int32_t psa_sst_set_extended_create_success()
{
- uint32_t status;
- struct psa_ps_info_t info;
+ uint32_t status, p_data_length = 0;
+ struct psa_storage_info_t info;
/* Create storage of zero length using create API */
val->print(PRINT_TEST, "[Check 1] Create storage using create API for 0 length\n", 0);
- status = SST_FUNCTION(p013_data[1].api, p_uid, 0, 0);
+ status = SST_FUNCTION(p013_data[1].api, p_uid, 0, PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, p013_data[1].status, TEST_CHECKPOINT_NUM(1));
/* Set some data in the storage created */
@@ -53,7 +53,7 @@ static int32_t psa_sst_set_extended_create_success()
/* Call the get_info function to match attributes */
status = SST_FUNCTION(p013_data[3].api, p_uid, &info);
TEST_ASSERT_EQUAL(status, p013_data[3].status, TEST_CHECKPOINT_NUM(3));
- TEST_ASSERT_EQUAL(info.flags, 0, TEST_CHECKPOINT_NUM(4));
+ TEST_ASSERT_EQUAL(info.flags, PSA_STORAGE_FLAG_NONE, TEST_CHECKPOINT_NUM(4));
TEST_ASSERT_EQUAL(info.size, 0, TEST_CHECKPOINT_NUM(5));
/* Remove the storage */
@@ -62,7 +62,7 @@ static int32_t psa_sst_set_extended_create_success()
TEST_ASSERT_EQUAL(status, p013_data[6].status, TEST_CHECKPOINT_NUM(6));
/* Create a valid storage */
- status = SST_FUNCTION(p013_data[7].api, p_uid, TEST_BUFF_SIZE, 0);
+ status = SST_FUNCTION(p013_data[7].api, p_uid, TEST_BUFF_SIZE, PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, p013_data[7].status, TEST_CHECKPOINT_NUM(7));
/* Try to set data in first half of buffer */
@@ -76,48 +76,52 @@ static int32_t psa_sst_set_extended_create_success()
/* Call the get function to match the data */
val->print(PRINT_TEST, "[Check 4] Valid data written by multiple set_extended\n", 0);
- status = SST_FUNCTION(p013_data[10].api, p_uid, 0, TEST_BUFF_SIZE, read_buff);
+ status = SST_FUNCTION(p013_data[10].api, p_uid, 0, TEST_BUFF_SIZE, read_buff, &p_data_length);
TEST_ASSERT_EQUAL(status, p013_data[10].status, TEST_CHECKPOINT_NUM(10));
TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(11));
TEST_ASSERT_MEMCMP(read_buff + TEST_BUFF_SIZE/2, write_buff_2, TEST_BUFF_SIZE/2,\
TEST_CHECKPOINT_NUM(12));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(13));
/* Overwrite data using set API */
val->print(PRINT_TEST, "[Check 5] Overwrite whole data using SET API\n", 0);
- status = SST_FUNCTION(p013_data[13].api, p_uid, TEST_BUFF_SIZE, write_buff_3, 0);
- TEST_ASSERT_EQUAL(status, p013_data[13].status, TEST_CHECKPOINT_NUM(13));
+ status = SST_FUNCTION(p013_data[13].api, p_uid, TEST_BUFF_SIZE, write_buff_3,
+ PSA_STORAGE_FLAG_NONE);
+ TEST_ASSERT_EQUAL(status, p013_data[13].status, TEST_CHECKPOINT_NUM(14));
/* Call the get function to match the data */
val->print(PRINT_TEST, "[Check 6] Validate the data using get API\n", 0);
- status = SST_FUNCTION(p013_data[14].api, p_uid, 0, TEST_BUFF_SIZE, read_buff);
- TEST_ASSERT_EQUAL(status, p013_data[14].status, TEST_CHECKPOINT_NUM(14));
- TEST_ASSERT_MEMCMP(read_buff, write_buff_3, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(15));
+ status = SST_FUNCTION(p013_data[14].api, p_uid, 0, TEST_BUFF_SIZE, read_buff, &p_data_length);
+ TEST_ASSERT_EQUAL(status, p013_data[14].status, TEST_CHECKPOINT_NUM(15));
+ TEST_ASSERT_MEMCMP(read_buff, write_buff_3, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(16));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(17));
/* Call create API for existing UID with same parameters */
val->print(PRINT_TEST, "[Check 7] Call create API for existing UID with same parameters\n", 0);
- status = SST_FUNCTION(p013_data[16].api, p_uid, TEST_BUFF_SIZE, 0);
- TEST_ASSERT_EQUAL(status, p013_data[16].status, TEST_CHECKPOINT_NUM(16));
+ status = SST_FUNCTION(p013_data[16].api, p_uid, TEST_BUFF_SIZE, PSA_STORAGE_FLAG_NONE);
+ TEST_ASSERT_EQUAL(status, p013_data[16].status, TEST_CHECKPOINT_NUM(18));
/* Call the get function to match the data */
val->print(PRINT_TEST, "[Check 8] Validity of data after create API call\n", 0);
- status = SST_FUNCTION(p013_data[17].api, p_uid, 0, TEST_BUFF_SIZE, read_buff);
- TEST_ASSERT_EQUAL(status, p013_data[17].status, TEST_CHECKPOINT_NUM(17));
- TEST_ASSERT_MEMCMP(read_buff, write_buff_3, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(18));
+ status = SST_FUNCTION(p013_data[17].api, p_uid, 0, TEST_BUFF_SIZE, read_buff, &p_data_length);
+ TEST_ASSERT_EQUAL(status, p013_data[17].status, TEST_CHECKPOINT_NUM(19));
+ TEST_ASSERT_MEMCMP(read_buff, write_buff_3, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(20));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(21));
/* Remove the storage */
val->print(PRINT_TEST, "[Check 9] Remove the UID\n", 0);
status = SST_FUNCTION(p013_data[19].api, p_uid);
- TEST_ASSERT_EQUAL(status, p013_data[19].status, TEST_CHECKPOINT_NUM(19));
+ TEST_ASSERT_EQUAL(status, p013_data[19].status, TEST_CHECKPOINT_NUM(22));
/* Validate there should not be duplicate UID present */
val->print(PRINT_TEST, "[Check 10] No duplicate entry of UID present\n", 0);
status = SST_FUNCTION(p013_data[20].api, p_uid, 0, TEST_BUFF_SIZE, read_buff);
- TEST_ASSERT_EQUAL(status, p013_data[20].status, TEST_CHECKPOINT_NUM(20));
+ TEST_ASSERT_EQUAL(status, p013_data[20].status, TEST_CHECKPOINT_NUM(23));
return VAL_STATUS_SUCCESS;
}
-int32_t psa_sst_optional_api_success_check(security_t caller)
+int32_t psa_sst_optional_api_success_check(caller_security_t caller)
{
uint32_t status;
int32_t test_status;
diff --git a/api-tests/dev_apis/protected_storage/test_p013/test_p013.h b/api-tests/dev_apis/protected_storage/test_p013/test_p013.h
index 20d7f92f..73247768 100644
--- a/api-tests/dev_apis/protected_storage/test_p013/test_p013.h
+++ b/api-tests/dev_apis/protected_storage/test_p013/test_p013.h
@@ -17,14 +17,14 @@
#ifndef _TEST_P013_CLIENT_TESTS_H_
#define _TEST_P013_CLIENT_TESTS_H_
-#define test_entry CONCAT(test_entry_, p013)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, p013)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_p013_sst_list[];
-int32_t psa_sst_optional_api_success_check(security_t caller);
+int32_t psa_sst_optional_api_success_check(caller_security_t caller);
#endif /* _TEST_P013_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/protected_storage/test_p013/test_ps_data.h b/api-tests/dev_apis/protected_storage/test_p013/test_ps_data.h
index 917ac086..b2c58faf 100644
--- a/api-tests/dev_apis/protected_storage/test_p013/test_ps_data.h
+++ b/api-tests/dev_apis/protected_storage/test_p013/test_ps_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,72 +23,75 @@
typedef struct {
enum ps_function_code api;
- psa_ps_status_t status;
+ psa_status_t status;
} test_data;
static const test_data p013_data[] = {
{
- VAL_PS_GET_SUPPORT, PSA_PS_SUPPORT_SET_EXTENDED /* Check if optional PS API supported */
+ VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Index0 - Check if optional PS API
+ supported */
},
{
- VAL_PS_CREATE, PSA_PS_SUCCESS /* Create storage of zero length */
+ VAL_PS_CREATE, PSA_SUCCESS /* Index1 - Create storage of zero length */
},
{
- VAL_PS_SET_EXTENDED, PSA_PS_SUCCESS /* Call set_extened with zero length */
+ VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Index2 - Call set_extended with zero length */
},
{
- VAL_PS_GET_INFO, PSA_PS_SUCCESS /* Validate the storage attributes */
+ VAL_PS_GET_INFO, PSA_SUCCESS /* Index3 - Validate the storage attributes */
},
{
- 0, 0 /* This is dummy for index4 */
+ 0, 0 /* This is dummy for Index4 */
},
{
- 0, 0 /* This is dummy for index5 */
+ 0, 0 /* This is dummy for Index5 */
},
{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove the UID */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index6 - Remove the UID */
},
{
- VAL_PS_CREATE, PSA_PS_SUCCESS /* Create storage of non-zero length */
+ VAL_PS_CREATE, PSA_SUCCESS /* Index7 - Create storage of non-zero length */
},
{
- VAL_PS_SET_EXTENDED, PSA_PS_SUCCESS /* Call set_extened to write data in first half of buffer */
+ VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Index8 - Call set_extended to write data in first half of
+ buffer */
},
{
- VAL_PS_SET_EXTENDED, PSA_PS_SUCCESS /* Call set_extened to write data in second half of buffer */
+ VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Index9 - Call set_extended to write data in second half of
+ buffer */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Validate the data stored */
+ VAL_PS_GET, PSA_SUCCESS /* Index10 - Validate the data stored */
},
{
- 0, 0 /* This is dummy for index11 */
+ 0, 0 /* This is dummy for Index11 */
},
{
- 0, 0 /* This is dummy for index12 */
+ 0, 0 /* This is dummy for Index12 */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Overwrite data with set API */
+ VAL_PS_SET, PSA_SUCCESS /* Index13 - Overwrite data with set API */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Validate the data written */
+ VAL_PS_GET, PSA_SUCCESS /* Index14 - Validate the data written */
},
{
- 0, 0 /* This is dummy for index15 */
+ 0, 0 /* This is dummy for Index15 */
},
{
- VAL_PS_CREATE, PSA_PS_SUCCESS /* Call Create API for existing UID with same parameters */
+ VAL_PS_CREATE, PSA_SUCCESS /* Index16 - Call Create API for existing UID with same parameters */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Validate the data */
+ VAL_PS_GET, PSA_SUCCESS /* Index17 - Validate the data */
},
{
- 0, 0 /* This is dummy for index18 */
+ 0, 0 /* This is dummy for Index18 */
},
{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove the UID */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index19 - Remove the UID */
},
{
- VAL_PS_GET, PSA_PS_ERROR_UID_NOT_FOUND /* Check no duplicate entry of UID present */
+ VAL_PS_GET, PSA_ERROR_DOES_NOT_EXIST /* Index20 - Check no duplicate entry of UID present */
}
};
#endif /* _TEST_P013_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/protected_storage/test_p014/source.mk b/api-tests/dev_apis/protected_storage/test_p014/source.mk
deleted file mode 100644
index 09f07a5c..00000000
--- a/api-tests/dev_apis/protected_storage/test_p014/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_p014.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_p014/test.cmake b/api-tests/dev_apis/protected_storage/test_p014/test.cmake
new file mode 100644
index 00000000..a794d8c8
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_p014/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_p014.c
+ test_p014.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_p014/test_entry.c b/api-tests/dev_apis/protected_storage/test_p014/test_entry_p014.c
similarity index 100%
rename from api-tests/dev_apis/protected_storage/test_p014/test_entry.c
rename to api-tests/dev_apis/protected_storage/test_p014/test_entry_p014.c
diff --git a/api-tests/dev_apis/protected_storage/test_p014/test_p014.c b/api-tests/dev_apis/protected_storage/test_p014/test_p014.c
index a6e74f1d..d210c2ff 100644
--- a/api-tests/dev_apis/protected_storage/test_p014/test_p014.c
+++ b/api-tests/dev_apis/protected_storage/test_p014/test_p014.c
@@ -28,18 +28,18 @@ client_test_t test_p014_sst_list[] = {
NULL,
};
-static psa_ps_uid_t p_uid = UID_BASE_VALUE + 5;
+static psa_storage_uid_t p_uid = UID_BASE_VALUE + 5;
static uint8_t write_buff[TEST_BUFF_SIZE/4] = { 0x03, 0x04, 0x05, 0x07};
static uint8_t read_buff[TEST_BUFF_SIZE/4] = {0};
static int32_t psa_sst_optional_api_not_supported()
{
- uint32_t status;
- struct psa_ps_info_t info;
+ uint32_t status, p_data_length = 0;
+ struct psa_storage_info_t info;
/* Try to create storage using create API */
val->print(PRINT_TEST, "[Check 1] Call to create API should fail as API not supported\n", 0);
- status = SST_FUNCTION(p014_data[1].api, p_uid, TEST_BUFF_SIZE, 0);
+ status = SST_FUNCTION(p014_data[1].api, p_uid, TEST_BUFF_SIZE, PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, p014_data[1].status, TEST_CHECKPOINT_NUM(1));
/* Verify that UID doesn't exist */
@@ -48,7 +48,8 @@ static int32_t psa_sst_optional_api_not_supported()
/* Create a valid storage using set API */
val->print(PRINT_TEST, "[Check 2] Create valid storage with set API\n", 0);
- status = SST_FUNCTION(p014_data[3].api, p_uid, TEST_BUFF_SIZE/4, write_buff, 0);
+ status = SST_FUNCTION(p014_data[3].api, p_uid, TEST_BUFF_SIZE/4, write_buff,
+ PSA_STORAGE_FLAG_NONE);
TEST_ASSERT_EQUAL(status, p014_data[3].status, TEST_CHECKPOINT_NUM(3));
/* Partial data write with set_extended API should fail */
@@ -58,18 +59,19 @@ static int32_t psa_sst_optional_api_not_supported()
/* Call the get function to match the data */
val->print(PRINT_TEST, "[Check 4] Verify data is unchanged\n", 0);
- status = SST_FUNCTION(p014_data[5].api, p_uid, 0, TEST_BUFF_SIZE/4, read_buff);
+ status = SST_FUNCTION(p014_data[5].api, p_uid, 0, TEST_BUFF_SIZE/4, read_buff, &p_data_length);
TEST_ASSERT_EQUAL(status, p014_data[5].status, TEST_CHECKPOINT_NUM(5));
TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(p_data_length, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(7));
/* Remove the storage */
status = SST_FUNCTION(p014_data[7].api, p_uid);
- TEST_ASSERT_EQUAL(status, p014_data[7].status, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(status, p014_data[7].status, TEST_CHECKPOINT_NUM(8));
return VAL_STATUS_SUCCESS;
}
-int32_t psa_sst_optional_api_not_supported_check(security_t caller)
+int32_t psa_sst_optional_api_not_supported_check(caller_security_t caller)
{
uint32_t status;
int32_t test_status;
diff --git a/api-tests/dev_apis/protected_storage/test_p014/test_p014.h b/api-tests/dev_apis/protected_storage/test_p014/test_p014.h
index 1f4faa37..7b2b0f01 100644
--- a/api-tests/dev_apis/protected_storage/test_p014/test_p014.h
+++ b/api-tests/dev_apis/protected_storage/test_p014/test_p014.h
@@ -17,14 +17,14 @@
#ifndef _TEST_P014_CLIENT_TESTS_H_
#define _TEST_P014_CLIENT_TESTS_H_
-#define test_entry CONCAT(test_entry_, p014)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, p014)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_p014_sst_list[];
-int32_t psa_sst_optional_api_not_supported_check(security_t caller);
+int32_t psa_sst_optional_api_not_supported_check(caller_security_t caller);
#endif /* _TEST_P014_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/protected_storage/test_p014/test_ps_data.h b/api-tests/dev_apis/protected_storage/test_p014/test_ps_data.h
index f939f4c6..0ee29e45 100644
--- a/api-tests/dev_apis/protected_storage/test_p014/test_ps_data.h
+++ b/api-tests/dev_apis/protected_storage/test_p014/test_ps_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,33 +23,33 @@
typedef struct {
enum ps_function_code api;
- psa_ps_status_t status;
+ psa_status_t status;
} test_data;
static const test_data p014_data[] = {
{
- VAL_PS_GET_SUPPORT, PSA_PS_SUPPORT_SET_EXTENDED /* Check if Optional API supported */
+ VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Index0 -Check if Optional API supported */
},
{
- VAL_PS_CREATE, PSA_PS_ERROR_NOT_SUPPORTED /* Create API call should fail */
+ VAL_PS_CREATE, PSA_ERROR_NOT_SUPPORTED /* Index1 - Create API call should fail */
},
{
- VAL_PS_GET_INFO, PSA_PS_ERROR_UID_NOT_FOUND /* UID should not exist */
+ VAL_PS_GET_INFO, PSA_ERROR_DOES_NOT_EXIST /* Index2 - UID should not exist */
},
{
- VAL_PS_SET, PSA_PS_SUCCESS /* Create storage of non-zero length */
+ VAL_PS_SET, PSA_SUCCESS /* Index3 - Create storage of non-zero length */
},
{
- VAL_PS_SET_EXTENDED, PSA_PS_ERROR_NOT_SUPPORTED /* Set_extened API call should fail */
+ VAL_PS_SET_EXTENDED, PSA_ERROR_NOT_SUPPORTED /* Index4 - Set_extended API call should fail */
},
{
- VAL_PS_GET, PSA_PS_SUCCESS /* Validate the data should not changed */
+ VAL_PS_GET, PSA_SUCCESS /* Index5 - Validate the data should not changed */
},
{
- 0, 0 /* Unused Index */
+ 0, 0 /* Unused Index6 */
},
{
- VAL_PS_REMOVE, PSA_PS_SUCCESS /* Remove the UID */
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index7 - Remove the UID */
},
};
#endif /* _TEST_P014_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/protected_storage/test_p015/source.mk b/api-tests/dev_apis/protected_storage/test_p015/source.mk
deleted file mode 100644
index eae0ddb7..00000000
--- a/api-tests/dev_apis/protected_storage/test_p015/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_p015.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_p015/test.cmake b/api-tests/dev_apis/protected_storage/test_p015/test.cmake
new file mode 100644
index 00000000..b2a8b62d
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_p015/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_p015.c
+ test_p015.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_p015/test_entry.c b/api-tests/dev_apis/protected_storage/test_p015/test_entry_p015.c
similarity index 100%
rename from api-tests/dev_apis/protected_storage/test_p015/test_entry.c
rename to api-tests/dev_apis/protected_storage/test_p015/test_entry_p015.c
diff --git a/api-tests/dev_apis/protected_storage/test_p015/test_p015.c b/api-tests/dev_apis/protected_storage/test_p015/test_p015.c
index d9974e4c..54b45ceb 100644
--- a/api-tests/dev_apis/protected_storage/test_p015/test_p015.c
+++ b/api-tests/dev_apis/protected_storage/test_p015/test_p015.c
@@ -28,9 +28,9 @@ client_test_t test_p015_sst_list[] = {
NULL,
};
-static psa_ps_uid_t p_uid = UID_BASE_VALUE + 5;
+static psa_storage_uid_t p_uid = UID_BASE_VALUE + 5;
-int32_t psa_sst_create_api_write_once_flag_check(security_t caller)
+int32_t psa_sst_create_api_write_once_flag_check(caller_security_t caller)
{
uint32_t status;
@@ -41,7 +41,7 @@ int32_t psa_sst_create_api_write_once_flag_check(security_t caller)
{
/* Call create API with write_once flag */
val->print(PRINT_TEST, "[Check 1] Call create API with write_once flag\n", 0);
- status = SST_FUNCTION(p015_data[1].api, p_uid, TEST_BUFF_SIZE, PSA_SST_FLAG_WRITE_ONCE);
+ status = SST_FUNCTION(p015_data[1].api, p_uid, TEST_BUFF_SIZE, PSA_STORAGE_FLAG_WRITE_ONCE);
TEST_ASSERT_EQUAL(status, p015_data[1].status, TEST_CHECKPOINT_NUM(1));
}
else
diff --git a/api-tests/dev_apis/protected_storage/test_p015/test_p015.h b/api-tests/dev_apis/protected_storage/test_p015/test_p015.h
index 4fddadad..2f21d391 100644
--- a/api-tests/dev_apis/protected_storage/test_p015/test_p015.h
+++ b/api-tests/dev_apis/protected_storage/test_p015/test_p015.h
@@ -17,14 +17,14 @@
#ifndef _TEST_P015_CLIENT_TESTS_H_
#define _TEST_P015_CLIENT_TESTS_H_
-#define test_entry CONCAT(test_entry_, p015)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, p015)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
extern val_api_t *val;
extern psa_api_t *psa;
extern client_test_t test_p015_sst_list[];
-int32_t psa_sst_create_api_write_once_flag_check(security_t caller);
+int32_t psa_sst_create_api_write_once_flag_check(caller_security_t caller);
#endif /* _TEST_P015_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/protected_storage/test_p015/test_ps_data.h b/api-tests/dev_apis/protected_storage/test_p015/test_ps_data.h
index f5062ae8..716e4d36 100644
--- a/api-tests/dev_apis/protected_storage/test_p015/test_ps_data.h
+++ b/api-tests/dev_apis/protected_storage/test_p015/test_ps_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,19 +20,19 @@
#include "val_protected_storage.h"
#define SST_FUNCTION val->ps_function
-#define PSA_SST_FLAG_WRITE_ONCE PSA_PS_FLAG_WRITE_ONCE
typedef struct {
enum ps_function_code api;
- psa_ps_status_t status;
+ psa_status_t status;
} test_data;
static const test_data p015_data[] = {
{
- VAL_PS_GET_SUPPORT, PSA_PS_SUPPORT_SET_EXTENDED /* Check if optional PS API supported */
+ VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Index0 - Check if optional PS API
+ supported */
},
{
- VAL_PS_CREATE, PSA_PS_ERROR_FLAGS_NOT_SUPPORTED /* Call create API with write_once flag */
+ VAL_PS_CREATE, PSA_ERROR_NOT_SUPPORTED /* Index1 - Call create API with write_once flag */
},
};
#endif /* _TEST_P015_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/protected_storage/test_p016/test.cmake b/api-tests/dev_apis/protected_storage/test_p016/test.cmake
new file mode 100644
index 00000000..b2c7a026
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_p016/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_p016.c
+ test_p016.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_p016/test_entry_p016.c b/api-tests/dev_apis/protected_storage/test_p016/test_entry_p016.c
new file mode 100644
index 00000000..8bf29b00
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_p016/test_entry_p016.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_p016.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_PROTECTED_STORAGE_BASE, 16)
+#define TEST_DESC "Storage assest capacity modification check\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_protected_storage_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_p016_sst_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/protected_storage/test_p016/test_p016.c b/api-tests/dev_apis/protected_storage/test_p016/test_p016.c
new file mode 100644
index 00000000..d9d953a3
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_p016/test_p016.c
@@ -0,0 +1,118 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_p016.h"
+#include "test_ps_data.h"
+
+#define TEST_BUFF_SIZE_1 10
+#define TEST_BUFF_SIZE_2 14
+#define TEST_BUFF_SIZE_3 8
+
+client_test_t test_p016_sst_list[] = {
+ NULL,
+ psa_sst_optional_api_sst_capacity_check,
+ NULL,
+};
+
+static psa_storage_uid_t p_uid = UID_BASE_VALUE + 5;
+static uint8_t write_buff[TEST_BUFF_SIZE_2] = {0x03, 0x04, 0x05, 0x07, 0xFF, 0x00, 0x32, 0x67,
+ 0x99, 0x78, 0x43, 0x20, 0xFF, 0x91};
+
+static int32_t psa_sst_optional_api_sst_capacity(void)
+{
+ uint32_t status;
+ struct psa_storage_info_t info;
+
+ /* Try to create storage using create API */
+ status = SST_FUNCTION(p016_data[1].api, p_uid, TEST_BUFF_SIZE_1, PSA_STORAGE_FLAG_NONE);
+ TEST_ASSERT_EQUAL(status, p016_data[1].status, TEST_CHECKPOINT_NUM(1));
+
+ /* Call to create API for existing UID should fail */
+ val->print(PRINT_TEST, "[Check 1] Create API call for existing UID\n", 0);
+ status = SST_FUNCTION(p016_data[2].api, p_uid, TEST_BUFF_SIZE_2, PSA_STORAGE_FLAG_NONE);
+ TEST_ASSERT_EQUAL(status, p016_data[2].status, TEST_CHECKPOINT_NUM(2));
+
+ /* Check the attributes of storage are unchanged */
+ status = SST_FUNCTION(p016_data[3].api, p_uid, &info);
+ TEST_ASSERT_EQUAL(status, p016_data[3].status, TEST_CHECKPOINT_NUM(3));
+ TEST_ASSERT_EQUAL(info.capacity, TEST_BUFF_SIZE_1, TEST_CHECKPOINT_NUM(4));
+ TEST_ASSERT_EQUAL(info.size, 0, TEST_CHECKPOINT_NUM(5));
+
+ /* Override storage using set API */
+ val->print(PRINT_TEST, "[Check 2] Call to set API call for existing UID\n", 0);
+ status = SST_FUNCTION(p016_data[6].api, p_uid, TEST_BUFF_SIZE_3, write_buff,
+ PSA_STORAGE_FLAG_NONE);
+ TEST_ASSERT_EQUAL(status, p016_data[6].status, TEST_CHECKPOINT_NUM(6));
+
+ /* Check the attributes of storage are changed */
+ status = SST_FUNCTION(p016_data[7].api, p_uid, &info);
+ TEST_ASSERT_EQUAL(status, p016_data[7].status, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(info.capacity, TEST_BUFF_SIZE_3, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(info.size, TEST_BUFF_SIZE_3, TEST_CHECKPOINT_NUM(9));
+
+ /* Accessing old capacity with set_extended API should fail */
+ val->print(PRINT_TEST, "[Check 3] Access old capacity using set_extended API\n", 0);
+ status = SST_FUNCTION(p016_data[10].api, p_uid, 0, TEST_BUFF_SIZE_1, write_buff);
+ TEST_ASSERT_EQUAL(status, p016_data[10].status, TEST_CHECKPOINT_NUM(10));
+
+ /* Remove the storage */
+ status = SST_FUNCTION(p016_data[11].api, p_uid);
+ TEST_ASSERT_EQUAL(status, p016_data[11].status, TEST_CHECKPOINT_NUM(11));
+
+ /* Create new storage assest using set API */
+ val->print(PRINT_TEST, "[Check 4] Creation of new storage assest\n", 0);
+ status = SST_FUNCTION(p016_data[12].api, p_uid, TEST_BUFF_SIZE_2, write_buff,
+ PSA_STORAGE_FLAG_NONE);
+ TEST_ASSERT_EQUAL(status, p016_data[12].status, TEST_CHECKPOINT_NUM(12));
+
+ /* Call to create API for existing UID should fail */
+ val->print(PRINT_TEST, "[Check 5] Create API call for existing UID\n", 0);
+ status = SST_FUNCTION(p016_data[13].api, p_uid, TEST_BUFF_SIZE_2, PSA_STORAGE_FLAG_NONE);
+ TEST_ASSERT_EQUAL(status, p016_data[13].status, TEST_CHECKPOINT_NUM(13));
+
+ /* Remove the storage */
+ status = SST_FUNCTION(p016_data[14].api, p_uid);
+ TEST_ASSERT_EQUAL(status, p016_data[14].status, TEST_CHECKPOINT_NUM(14));
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_sst_optional_api_sst_capacity_check(caller_security_t caller)
+{
+ uint32_t status;
+ int32_t test_status;
+
+ /* Call the get_support API and check if create and set_extended API are supported */
+ status = SST_FUNCTION(p016_data[0].api);
+
+ if (status != p016_data[0].status)
+ {
+ val->print(PRINT_TEST, "Test Case skipped as Optional PS APIs not are supported.\n", 0);
+ return RESULT_SKIP(VAL_STATUS_UNSUPPORTED);
+ } else {
+ val->print(PRINT_TEST, "Optional PS APIs are supported.\n", 0);
+ test_status = psa_sst_optional_api_sst_capacity();
+ if (test_status != VAL_STATUS_SUCCESS)
+ {
+ return test_status;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/protected_storage/test_p016/test_p016.h b/api-tests/dev_apis/protected_storage/test_p016/test_p016.h
new file mode 100644
index 00000000..6e1bf936
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_p016/test_p016.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_P016_CLIENT_TESTS_H_
+#define _TEST_P016_CLIENT_TESTS_H_
+
+#define test_entry CONCAT(test_entry_, p016)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_p016_sst_list[];
+
+int32_t psa_sst_optional_api_sst_capacity_check(caller_security_t caller);
+
+#endif /* _TEST_P016_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/protected_storage/test_p016/test_ps_data.h b/api-tests/dev_apis/protected_storage/test_p016/test_ps_data.h
new file mode 100644
index 00000000..7f167875
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_p016/test_ps_data.h
@@ -0,0 +1,79 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_P016_PS_DATA_TESTS_H_
+#define _TEST_P016_PS_DATA_TESTS_H_
+
+#include "val_protected_storage.h"
+
+#define SST_FUNCTION val->ps_function
+
+typedef struct {
+ enum ps_function_code api;
+ psa_status_t status;
+} test_data;
+
+static const test_data p016_data[] = {
+{
+ VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Index0 - Check if Optional API supported */
+},
+{
+ VAL_PS_CREATE, PSA_SUCCESS /* Index1 - Storage creation */
+},
+{
+ VAL_PS_CREATE, PSA_ERROR_ALREADY_EXISTS /* Index2 - Calling create API for existing UID should
+ fail */
+},
+{
+ VAL_PS_GET_INFO, PSA_SUCCESS /* Index3 - Check the storage attributes are unchanged */
+},
+{
+ 0, 0 /* Unused Index4 */
+},
+{
+ 0, 0 /* Unused Index5 */
+},
+{
+ VAL_PS_SET, PSA_SUCCESS /* Index6 - Set API can change capacity of storage */
+},
+{
+ VAL_PS_GET_INFO, PSA_SUCCESS /* Index7 - Check the storage attributes are changed */
+},
+{
+ 0, 0 /* Unused Index8 */
+},
+{
+ 0, 0 /* Unused Index9 */
+},
+{
+ VAL_PS_SET_EXTENDED, PSA_ERROR_STORAGE_FAILURE /* Index10 - Set_extended on old capacity should
+ not work */
+},
+{
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index11 - Remove the UID */
+},
+{
+ VAL_PS_SET, PSA_SUCCESS /* Index12 - Storage creation */
+},
+{
+ VAL_PS_CREATE, PSA_ERROR_ALREADY_EXISTS /* Index13 - Calling create API for existing UID should
+ fail */
+},
+{
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index14 - Remove the UID */
+},
+};
+#endif /* _TEST_P016_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/protected_storage/test_p017/test.cmake b/api-tests/dev_apis/protected_storage/test_p017/test.cmake
new file mode 100644
index 00000000..cb1bda96
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_p017/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_p017.c
+ test_p017.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_p017/test_entry_p017.c b/api-tests/dev_apis/protected_storage/test_p017/test_entry_p017.c
new file mode 100644
index 00000000..134fd49b
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_p017/test_entry_p017.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_p017.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_PROTECTED_STORAGE_BASE, 17)
+#define TEST_DESC "Storage assest capacity modification check\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_protected_storage_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_p017_sst_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/protected_storage/test_p017/test_p017.c b/api-tests/dev_apis/protected_storage/test_p017/test_p017.c
new file mode 100644
index 00000000..e1643c19
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_p017/test_p017.c
@@ -0,0 +1,96 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_p017.h"
+#include "test_ps_data.h"
+
+#define TEST_BUFF_SIZE_1 14
+#define TEST_BUFF_SIZE_2 10
+
+client_test_t test_p017_sst_list[] = {
+ NULL,
+ psa_sst_optional_api_partial_write_check,
+ NULL,
+};
+
+static psa_storage_uid_t p_uid = UID_BASE_VALUE + 5;
+static uint8_t write_buff[TEST_BUFF_SIZE_1] = {0x03, 0x04, 0x05, 0x07, 0xFF, 0x00, 0x32, 0x67,
+ 0x99, 0x78, 0x43, 0x20, 0xFF, 0x91};
+
+static int32_t psa_sst_optional_api_partial_write(void)
+{
+ uint32_t status;
+ struct psa_storage_info_t info;
+
+ /* Try to create storage using create API */
+ status = SST_FUNCTION(p017_data[1].api, p_uid, TEST_BUFF_SIZE_1, PSA_STORAGE_FLAG_NONE);
+ TEST_ASSERT_EQUAL(status, p017_data[1].status, TEST_CHECKPOINT_NUM(1));
+
+ /* Call set extended API to set data in first half */
+ val->print(PRINT_TEST, "[Check 1] Set data in first half of storage\n", 0);
+ status = SST_FUNCTION(p017_data[2].api, p_uid, 0, TEST_BUFF_SIZE_1/2, write_buff);
+ TEST_ASSERT_EQUAL(status, p017_data[2].status, TEST_CHECKPOINT_NUM(2));
+
+ /* Call set extended API to set data with gaps */
+ val->print(PRINT_TEST, "[Check 2] Set data having gap with existing data \n", 0);
+ status = SST_FUNCTION(p017_data[3].api, p_uid, (TEST_BUFF_SIZE_1/2) + 2, 2, write_buff);
+ TEST_ASSERT_EQUAL(status, p017_data[3].status, TEST_CHECKPOINT_NUM(3));
+
+ /* Call set extended API to overwrite and extend the existing data */
+ val->print(PRINT_TEST, "[Check 3] Overwrite and extend existing data\n", 0);
+ status = SST_FUNCTION(p017_data[4].api, p_uid, 0, TEST_BUFF_SIZE_2, write_buff);
+ TEST_ASSERT_EQUAL(status, p017_data[4].status, TEST_CHECKPOINT_NUM(4));
+
+ /* Check the attributes of existing storage */
+ val->print(PRINT_TEST, "[Check 4] Check the storage attributes\n", 0);
+ status = SST_FUNCTION(p017_data[5].api, p_uid, &info);
+ TEST_ASSERT_EQUAL(status, p017_data[5].status, TEST_CHECKPOINT_NUM(5));
+ TEST_ASSERT_EQUAL(info.size, TEST_BUFF_SIZE_2, TEST_CHECKPOINT_NUM(6));
+ TEST_ASSERT_EQUAL(info.capacity, TEST_BUFF_SIZE_1, TEST_CHECKPOINT_NUM(7));
+
+ /* Remove the storage */
+ status = SST_FUNCTION(p017_data[8].api, p_uid);
+ TEST_ASSERT_EQUAL(status, p017_data[8].status, TEST_CHECKPOINT_NUM(8));
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_sst_optional_api_partial_write_check(caller_security_t caller)
+{
+ uint32_t status;
+ int32_t test_status;
+
+ /* Call the get_support API and check if create and set_extended API are supported */
+ status = SST_FUNCTION(p017_data[0].api);
+
+ if (status != p017_data[0].status)
+ {
+ val->print(PRINT_TEST, "Test Case skipped as Optional PS APIs not are supported.\n", 0);
+ return RESULT_SKIP(VAL_STATUS_UNSUPPORTED);
+ } else {
+ val->print(PRINT_TEST, "Optional PS APIs are supported.\n", 0);
+ test_status = psa_sst_optional_api_partial_write();
+ if (test_status != VAL_STATUS_SUCCESS)
+ {
+ return test_status;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/protected_storage/test_p017/test_p017.h b/api-tests/dev_apis/protected_storage/test_p017/test_p017.h
new file mode 100644
index 00000000..61beae7f
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_p017/test_p017.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_P017_CLIENT_TESTS_H_
+#define _TEST_P017_CLIENT_TESTS_H_
+
+#define test_entry CONCAT(test_entry_, p017)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_p017_sst_list[];
+
+int32_t psa_sst_optional_api_partial_write_check(caller_security_t caller);
+
+#endif /* _TEST_P017_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/protected_storage/test_p017/test_ps_data.h b/api-tests/dev_apis/protected_storage/test_p017/test_ps_data.h
new file mode 100644
index 00000000..9677e909
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_p017/test_ps_data.h
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_P017_PS_DATA_TESTS_H_
+#define _TEST_P017_PS_DATA_TESTS_H_
+
+#include "val_protected_storage.h"
+
+#define SST_FUNCTION val->ps_function
+
+typedef struct {
+ enum ps_function_code api;
+ psa_status_t status;
+} test_data;
+
+static const test_data p017_data[] = {
+{
+ VAL_PS_GET_SUPPORT, PSA_STORAGE_SUPPORT_SET_EXTENDED /* Index0 - Check if Optional API supported */
+},
+{
+ VAL_PS_CREATE, PSA_SUCCESS /* Index1 - Storage creation */
+},
+{
+ VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Index2 - Write data in created storage */
+},
+{
+ VAL_PS_SET_EXTENDED, PSA_ERROR_STORAGE_FAILURE /* Index3 - Try to set data in noncontinous
+ manner */
+},
+{
+ VAL_PS_SET_EXTENDED, PSA_SUCCESS /* Index4 - Overwrite the existing data */
+},
+{
+ VAL_PS_GET_INFO, PSA_SUCCESS /* Index5 - Check for valid storage attributes */
+},
+{
+ 0, 0 /* Unused Index6 */
+},
+{
+ 0, 0 /* Unused Index7 */
+},
+{
+ VAL_PS_REMOVE, PSA_SUCCESS /* Index8 - Remove the UID */
+},
+};
+#endif /* _TEST_P017_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/protected_storage/test_s001/source.mk b/api-tests/dev_apis/protected_storage/test_s001/source.mk
deleted file mode 100644
index bccfcb0a..00000000
--- a/api-tests/dev_apis/protected_storage/test_s001/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s001.c
-CC_OPTIONS = -DPS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s001/test.cmake b/api-tests/dev_apis/protected_storage/test_s001/test.cmake
new file mode 100644
index 00000000..ee15ef43
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s001/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s001.c
+ test_s001.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_s002/source.mk b/api-tests/dev_apis/protected_storage/test_s002/source.mk
deleted file mode 100644
index 36258fcb..00000000
--- a/api-tests/dev_apis/protected_storage/test_s002/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s002.c
-CC_OPTIONS = -DPS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s002/test.cmake b/api-tests/dev_apis/protected_storage/test_s002/test.cmake
new file mode 100644
index 00000000..c588caa6
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s002/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s002.c
+ test_s002.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_s003/source.mk b/api-tests/dev_apis/protected_storage/test_s003/source.mk
deleted file mode 100644
index 9296c79f..00000000
--- a/api-tests/dev_apis/protected_storage/test_s003/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s003.c
-CC_OPTIONS = -DPS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s003/test.cmake b/api-tests/dev_apis/protected_storage/test_s003/test.cmake
new file mode 100644
index 00000000..6a38d567
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s003/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s003.c
+ test_s003.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_s004/source.mk b/api-tests/dev_apis/protected_storage/test_s004/source.mk
deleted file mode 100644
index 53c0f57f..00000000
--- a/api-tests/dev_apis/protected_storage/test_s004/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s004.c
-CC_OPTIONS = -DPS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s004/test.cmake b/api-tests/dev_apis/protected_storage/test_s004/test.cmake
new file mode 100644
index 00000000..1210631f
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s004/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s004.c
+ test_s004.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_s005/source.mk b/api-tests/dev_apis/protected_storage/test_s005/source.mk
deleted file mode 100644
index bc2938be..00000000
--- a/api-tests/dev_apis/protected_storage/test_s005/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s005.c
-CC_OPTIONS = -DPS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s005/test.cmake b/api-tests/dev_apis/protected_storage/test_s005/test.cmake
new file mode 100644
index 00000000..bf3786ad
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s005/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s005.c
+ test_s005.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_s006/source.mk b/api-tests/dev_apis/protected_storage/test_s006/source.mk
deleted file mode 100644
index 084d424c..00000000
--- a/api-tests/dev_apis/protected_storage/test_s006/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s006.c
-CC_OPTIONS = -DPS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s006/test.cmake b/api-tests/dev_apis/protected_storage/test_s006/test.cmake
new file mode 100644
index 00000000..c661ac32
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s006/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s006.c
+ test_s006.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_s007/source.mk b/api-tests/dev_apis/protected_storage/test_s007/source.mk
deleted file mode 100644
index 7af6777c..00000000
--- a/api-tests/dev_apis/protected_storage/test_s007/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s007.c
-CC_OPTIONS = -DPS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s007/test.cmake b/api-tests/dev_apis/protected_storage/test_s007/test.cmake
new file mode 100644
index 00000000..5c6606d5
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s007/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s007.c
+ test_s007.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_s008/source.mk b/api-tests/dev_apis/protected_storage/test_s008/source.mk
deleted file mode 100644
index e843437a..00000000
--- a/api-tests/dev_apis/protected_storage/test_s008/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s008.c
-CC_OPTIONS = -DPS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s008/test.cmake b/api-tests/dev_apis/protected_storage/test_s008/test.cmake
new file mode 100644
index 00000000..b91d92d5
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s008/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s008.c
+ test_s008.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_s009/source.mk b/api-tests/dev_apis/protected_storage/test_s009/source.mk
deleted file mode 100644
index 10eae95a..00000000
--- a/api-tests/dev_apis/protected_storage/test_s009/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s009.c
-CC_OPTIONS = -DPS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s009/test.cmake b/api-tests/dev_apis/protected_storage/test_s009/test.cmake
new file mode 100644
index 00000000..9d664362
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s009/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s009.c
+ test_s009.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/test_s010/source.mk b/api-tests/dev_apis/protected_storage/test_s010/source.mk
deleted file mode 100644
index 1530965f..00000000
--- a/api-tests/dev_apis/protected_storage/test_s010/source.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_s010.c
-CC_OPTIONS = -DPS_TEST
-AS_SOURCE =
-AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s010/test.cmake b/api-tests/dev_apis/protected_storage/test_s010/test.cmake
new file mode 100644
index 00000000..b36e23f8
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s010/test.cmake
@@ -0,0 +1,24 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_s010.c
+ test_s010.c
+)
+list(APPEND CC_OPTIONS -DPS_TEST)
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
diff --git a/api-tests/dev_apis/protected_storage/testsuite.db b/api-tests/dev_apis/protected_storage/testsuite.db
index bfe67344..2e95c622 100644
--- a/api-tests/dev_apis/protected_storage/testsuite.db
+++ b/api-tests/dev_apis/protected_storage/testsuite.db
@@ -35,5 +35,7 @@ test_p012
test_p013
test_p014
test_p015
+test_p016
+test_p017
(END)
diff --git a/api-tests/docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf b/api-tests/docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf
index b22a7242..49e0788d 100755
Binary files a/api-tests/docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf and b/api-tests/docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf differ
diff --git a/api-tests/docs/porting_guide_dev_apis.md b/api-tests/docs/porting_guide_dev_apis.md
index 83491235..64407561 100644
--- a/api-tests/docs/porting_guide_dev_apis.md
+++ b/api-tests/docs/porting_guide_dev_apis.md
@@ -33,19 +33,18 @@ An example input configuration file is as shown.
### Adding a new target
- 1. Create a new directory in **platform/targets/**. For reference, see the existing platform **tgt_dev_apis_mbedos_fvp_mps2_m4** directory.
- 2. Execute `cp -rf platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/ platform/targets//`.
+ 1. Create a new directory in **platform/targets/**. For reference, see the existing platform **tgt_dev_apis_tfm_an521** directory.
+ 2. Execute `cp -rf platform/targets/tgt_dev_apis_tfm_an521/ platform/targets//`.
3. Update **platform/targets//target.cfg** with your platform details. Refer to **val/common/val_target.h** for structure details.
- 4. Update **platform/targets//Makefile** appropriately to select the correct instances of PAL files for compilation. To compile **dev_apis** suites, you must set **PSA_IPC_IMPLEMENTED** to 0. This selects the Non-secure PAL instances for the driver services and eliminates IPC dependency for dev_apis tests.
- 5. Refer to the **List of PAL APIs** section to view the list of PAL APIs that must be ported for your target platform. These API definitions are available in **nspe//pal_\*\_intf.c**. These APIs are written for tgt_dev_apis_mbedos_fvp_mps2_m4 platform. You can reuse the code if it works for your platform. Otherwise, you must port them for your platform-specific peripherals.
+ 4. Update **platform/targets//target.cmake** appropriately to select the correct instances of PAL files for compilation.
+ 5. Refer to the **List of PAL APIs** section to view the list of PAL APIs that must be ported for your target platform. These API definitions are available in **nspe//pal_\*\_intf.c**. These APIs are written for tgt_dev_apis_tfm_an521 platform. You can reuse the code if it works for your platform. Otherwise, you must port them for your platform-specific peripherals.
6. Update Crypto configuration file **nspe/crypto/pal_crypto_config.h** to enable or disable Crypto features selectively for the Crypto test suite.
**Note**:
-- The platform makefile is invoked as part of test suite build tool (**./setup.sh**) step and it creates **/BUILD/platform/pal_nspe.a** archive.
-- The test suite requires access the following peripherals:
- - One UART to print NSPE and SPE messages
+The test suite requires access to the following peripherals:
+ - One UART to print Test NSPE messages
- One Watchdog timer to help recover from any fatal error conditions
- - Non-volatile memory support to preserve test status over watchdog timer reset
+ - Non-volatile memory support to preserve test status over watchdog timer reset. Each byte of this region must be initialised to FF at power on reset.
## List of PAL APIs
@@ -53,22 +52,23 @@ Since the test suite is agnostic to various system targets, you must port the fo
| No | Prototype | Description | Parameters |
|----|-----------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------|----------------------------------------------------------|
-| 01 | int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len); | Reads peripherals using SPI commands | addr : Address of the peripheral data : Read buffer len : Length of the read buffer in bytes |
-| 02 | int pal_uart_init_ns(uint32_t uart_base_addr); | Initializes the UART | UART base address |
-| 03 | int pal_print_ns(char *str, int32_t data); | Parses the input string and writes bytes into UART TX FIFO| str : Input String data : Value for format specifier |
-| 04 | int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us); | Initializes a hardware watchdog timer | base_addr : Base address of the watchdog module time_us : Time in micro seconds timer_tick_us : Number of ticks per micro second |
-| 05 | int pal_wd_timer_enable_ns(addr_t base_addr); | Enables a hardware watchdog timer | base_addr : Base address of the watchdog module |
-| 06 | int pal_wd_timer_disable_ns(addr_t base_addr); | Disables a hardware watchdog timer | base_addr : Base address of the watchdog module |
-| 07 | int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size); | Reads from the given non-volatile address. | base : Base address of nvmem offset : Offset buffer : Pointer to source address size : Number of bytes |
-| 08 | int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size); | Writes into given non-volatile address. | base : Base address of nvmem offset : Offset buffer : Pointer to source address size : Number of bytes |
-| 09 | int32_t pal_crypto_function(int type, va_list valist); | Calls the requested Crypto function | type : Function code valist : variable argument list |
-| 10 | uint32_t pal_its_function(int type, va_list valist); | Calls the requested Internal Trusted Storage function | type : Function code valist : Variable argument list |
-| 11 | uint32_t pal_ps_function(int type, va_list valist); | Calls the requested Protected Storage function | type : Function code valist : Variable argument list |
-| 12 | int32_t pal_attestation_function(int type, va_list valist); | Calls the requested Initial Attestation function | type : Function code valist : Variable argument list |
+| 01 | int pal_uart_init_ns(uint32_t uart_base_addr); | Initializes the UART | UART base address |
+| 02 | int pal_print_ns(char *str, int32_t data); | Parses the input string and writes bytes into UART TX FIFO| str : Input String data : Value for format specifier |
+| 03 | int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us); | Initializes a hardware watchdog timer | base_addr : Base address of the watchdog module time_us : Time in micro seconds timer_tick_us : Number of ticks per micro second |
+| 04 | int pal_wd_timer_enable_ns(addr_t base_addr); | Enables a hardware watchdog timer | base_addr : Base address of the watchdog module |
+| 05 | int pal_wd_timer_disable_ns(addr_t base_addr); | Disables a hardware watchdog timer | base_addr : Base address of the watchdog module |
+| 06 | int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size); | Reads from the given non-volatile address. | base : Base address of nvmem offset : Offset buffer : Pointer to source address size : Number of bytes |
+| 07 | int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size); | Writes into given non-volatile address. | base : Base address of nvmem offset : Offset buffer : Pointer to source address size : Number of bytes |
+| 08 | int32_t pal_crypto_function(int type, va_list valist); | Calls the requested Crypto function | type : Function code valist : variable argument list |
+| 09 | uint32_t pal_its_function(int type, va_list valist); | Calls the requested Internal Trusted Storage function | type : Function code valist : Variable argument list |
+| 10 | uint32_t pal_ps_function(int type, va_list valist); | Calls the requested Protected Storage function | type : Function code valist : Variable argument list |
+| 11 | int32_t pal_attestation_function(int type, va_list valist); | Calls the requested Initial Attestation function | type : Function code valist : Variable argument list |
+| 12 | uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash, struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers, struct q_useful_buf_c payload); | Computes hash for the requested data | cose_alg_id : Algorithm ID buffer_for_hash : Temp buffer for calculating hash
hash : Pointer to store the hash buffer_for_hash : Temp buffer for calculating hash protected_headers : data to be hashed payload : Payload data |
+| 13 | uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash, struct q_useful_buf_c signature); | Function call to verify the signature using the public key | cose_algorithm_id : Algorithm ID token_hash : Data that needs to be verified signature : Signature to be verified against |
## License
Arm PSA test suite is distributed under Apache v2.0 License.
--------------
-*Copyright (c) 2019, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/docs/porting_guide_ff.md b/api-tests/docs/porting_guide_ff.md
index adceb371..207a7192 100644
--- a/api-tests/docs/porting_guide_ff.md
+++ b/api-tests/docs/porting_guide_ff.md
@@ -33,30 +33,24 @@ An example input configuration file is as shown.
### Adding a new target
- 1. Create a new directory in **platform/targets/**. For reference, see the existing platform tgt_ff_mbedos_fvp_mps2_m4 directory.
- 2. Execute `cp -rf platform/targets/tgt_ff_mbedos_fvp_mps2_m4/ platform/targets//`.
+ 1. Create a new directory in **platform/targets/**. For reference, see the existing platform tgt_ff_tfm_an521 directory.
+ 2. Execute `cp -rf platform/targets/tgt_ff_tfm_an521/ platform/targets//`.
3. Update **platform/targets//target.cfg** with your target platform details. Refer to **val/common/val_target.h** for structure details.
- 4. Update the platform information available in manifest files located in **platform/targets//manifests/** directory with your platform information. The platform details must match the device details provided in the target.cfg file.
- 5. Update **platform/targets//Makefile** appropriately to select the correct instances of PAL files for compilation. To compile IPC tests, you must set PSA_IPC_IMPLEMENTED to 1 and the remaining Developer APIs related variables to 0. This selects the Secure PAL instances for the driver services and eliminates dev_apis dependency for IPC tests.
- 6. Refer to the **List of PAL APIs** section to view the list of PAL APIs that must be ported for your target platform. These API definitions are available in **nspe//pal_\*\_intf.c** and **spe/pal_\*\_intf.c** files. These APIs are written for **tgt_ff_mbedos_fvp_mps2_m4** platform. You can reuse the code if it works for your platform. Otherwise, you must port them for your platform-specific peripherals.
+ 4. Update the platform information available in manifest files located in **platform/manifests/** directory with your platform information. The platform details must match the device details provided in the target.cfg file.
+ 5. Update **platform/targets//target.cmake** appropriately to select the correct instances of PAL files for compilation.
+ 6. Refer to the **List of PAL APIs** section to view the list of PAL APIs that must be ported for your target platform. These API definitions are available in **nspe//pal_\*\_intf.c** and **spe/pal_\*\_intf.c** files. These APIs are written for **tgt_ff_tfm_an521** platform. You can reuse the code if it works for your platform. Otherwise, you must port them for your platform-specific peripherals.
**Note**:
-- The platform makefile is invoked as part of test suite build tool (**./setup.sh**) step and it creates **/BUILD/platform/pal_nspe.a** archive for NPSE files and respective object for SPE files at **/BUILD/platform/spe/\*\_driver_sp.o**. These SPE objects are used by **spbuild.mk** to create the appropriate SPE partition archive file.
-- The test suite requires access to the peripherals mentioned below. When PSA_IPC_IMPLEMENTED is set to 1, driver functionalities are implemented as RoT-services in driver partition. Other Secure partitions and Non-secure code calls to these RoT-services to get appropriate driver services.
- - One UART to print NSPE or SPE messages and to cover secure partition interrupt handling scenarios
+- The test suite requires access to the peripherals mentioned below. For IPC suite, driver functionalities are implemented as RoT-services in driver partition. Other Secure partitions and Non-secure code calls to these RoT-services to get appropriate driver services.
+ - One UART to print Test NSPE or SPE messages and to cover secure partition interrupt handling scenarios
- One Watchdog timer to help recover from any fatal error conditions
- - Non-volatile memory support to preserve test status over watchdog timer reset
+ - Non-volatile memory support to preserve test status over watchdog timer reset. Each byte of this region must be initialised to FF at power on reset.
+
## List of PAL APIs
Since the test suite is agnostic to various system targets, you must port the following PAL NSPE APIs before building the tests. Implement these functions for your target platform.
-The following is the list of PAL APIs used in NSPE:
-
-| No | Prototype | Description | Parameters |
-|----|-----------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------|----------------------------------------------------------|
-| 01 | int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len); | Reads peripherals using SPI commands | addr : Address of the peripheral data : Read buffer len : Length of the read buffer in bytes |
-
The following is the list of PAL APIs used in SPE:
| No | Prototype | Description | Parameters |
@@ -77,4 +71,4 @@ Arm PSA test suite is distributed under Apache v2.0 License.
--------------
-*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2018-2020, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/docs/psa_attestation_testlist.md b/api-tests/docs/psa_attestation_testlist.md
index 478b494e..c43cbe48 100644
--- a/api-tests/docs/psa_attestation_testlist.md
+++ b/api-tests/docs/psa_attestation_testlist.md
@@ -2,17 +2,19 @@
| Test | Return value | API | Test Algorithm | Test Cases |
|-----------|--------------------------------------|-------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| test_a001 | PSA_ATTEST_ERR_SUCCESS | psa_initial_attest_get_token() psa_initial_attest_get_token_size() | 1. Provide correct inputs to API with described challenge sizes 2. Expect API to return this define as return value each time 3. Verify the token | 1. Challenge_size = 32 2. Challenge_size = 48 3. Challenge_size = 64 |
-| | PSA_ATTEST_ERR_INVALID_INPUT | psa_initial_attest_get_token() psa_initial_attest_get_token_size() | 1. Provide described challenge sizes to the API along with other valid parameters 2. Expect API to return this define as return value each time | 1. Challenge_size is zero 2. Invalid challenge size between 0 and 32 3. Invalid challenge size between 32 and 64 4. Challenge_size is greater than MAX_CHALLENGE_SIZE |
-| | PSA_ATTEST_ERR_TOKEN_BUFFER_OVERFLOW | psa_initial_attest_get_token() | 1. Provide described taken size to the API along with other valid parameters 2. Expect API to return this define as return value each time | 1. Token_size as zero 2. Token_size less than challenge size |
-| | PSA_ATTEST_ERR_INIT_FAILED | psa_initial_attest_get_token() psa_initial_attest_get_token_size() | Can't simulate. Test can't generate stimulus where attestation initialisation fails | |
-| | PSA_ATTEST_ERR_CLAIM_UNAVAILABLE | psa_initial_attest_get_token() | Can't simulate. Test can't generate stimulus where claim can unavailable | |
-| | PSA_ATTEST_ERR_GENERAL | psa_initial_attest_get_token() psa_initial_attest_get_token_size() | Can't simulate. Test can't generate stimulus where unexpected error happened during API operation | |
+| test_a001 | PSA_SUCCESS | psa_initial_attest_get_token() psa_initial_attest_get_token_size() | 1. Provide correct inputs to API with described challenge sizes 2. Expect API to return this define as return value each time 3. Verify the token | 1. Challenge_size = 32 2. Challenge_size = 48 3. Challenge_size = 64 |
+| | PSA_ERROR_INVALID_ARGUMENT | psa_initial_attest_get_token() psa_initial_attest_get_token_size() | 1. Provide described challenge sizes to the API along with other valid parameters 2. Expect API to return this define as return value each time | 1. Challenge_size is zero 2. Invalid challenge size between 0 and 32 3. Invalid challenge size between 32 and 64 4. Challenge_size is greater than MAX_CHALLENGE_SIZE |
+| | PSA_ERROR_BUFFER_TOO_SMALL | psa_initial_attest_get_token() | 1. Provide described taken size to the API along with other valid parameters 2. Expect API to return this define as return value each time | 1. Token_size as zero 2. Token_size less than challenge size |
+| | PSA_ERROR_SERVICE_FAILURE | psa_initial_attest_get_token() psa_initial_attest_get_token_size() | Can't simulate. Test can't generate stimulus where attestation initialisation fails | |
+| | PSA_ERROR_GENERIC_ERROR | psa_initial_attest_get_token() psa_initial_attest_get_token_size() | Can't simulate. Test can't generate stimulus where unexpected error happened during API operation | |
## Note
-1. In verifying the token, only the data type of claims and presence of the mandatory claims are checked and the values of the claims are not checked.
-2. Checks related to token signature validation will be part of future release
+1. In verifying the token, only the data type of claims and presence of the mandatory claims are checked and the values of the claims are not checked.
+2. Specify the version of underlying PSA crypto in /api-tests/platform/targets//nspe/common/pal_config.h
+3. Supported crypto versions are CRYPTO_VERSION_BETA1, CRYPTO_VERSION_BETA2 and CRYPTO_VERSION_BETA3
+4. Signer ID and Version fields of the software component must be present to be compliant with the PSA-SM
+5. Define the macro PLATFORM_OVERRIDE_ATTEST_PK in /api-tests/platform/targets//nspe/common/pal_config.h to use hardcoded public key
# License
Arm PSA test suite is distributed under Apache v2.0 License.
diff --git a/api-tests/docs/psa_crypto_testlist.md b/api-tests/docs/psa_crypto_testlist.md
index 983ba367..67aa616e 100644
--- a/api-tests/docs/psa_crypto_testlist.md
+++ b/api-tests/docs/psa_crypto_testlist.md
@@ -2,626 +2,750 @@
-| Group | Test | Function | Scenario | Return Value | Steps | Test Case |
-|------------------------------|-----------|----------------------------|-----------------------------------------------------------------------------------------------------------------------|---------------------------------|------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
-| Basic | test_c001 | psa_crypto_init | Library initialization | PSA_SUCCESS | Calling this function should return SUCCESS | |
-| | | | Applications must call this function before calling any other function in this module. | PSA_SUCCESS | Try calling crypto operations doing a crypto_init should be successful(can be covered as part of other testcase) | |
-| | | | Applications may call this function more than once. Once a call succeeds, subsequent calls are guaranteed to succeed. | PSA_SUCCESS | Try calling multiple crypto init and should return SUCCESS | |
-| | | | Applications must call this function before calling any other function in this module. | PSA_ERROR_BAD_STATE | Try calling crypto operations without doing a crypto_init should return FAILURE | |
-| | | | | | | |
-| Key Management | test_c002 | psa_import_key | Import a key in binary format. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
-| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. 24 Byte AES |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
-| | | | | | 4. Set the usage policy on a key slot | 4. 2048 RSA public key |
-| | | | | | 5. Import the key data into the key slot | 5. 2048 RSA keypair |
-| | | | | | 6. Get basic metadata about a key | 6. DES 64 bit key |
-| | | | | | 7. Export a key in binary format | 7. Triple DES 2-Key |
-| | | | | | 8. Check if original key data matches with the exported data | 8. Triple DES 3-Key |
-| | | | | | | 9. EC Public key |
-| | | | | | | 10. EC keypair |
-| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with incorrect key type | Incorrect key type |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Key data greater than the algorithm size |
-| | | | | | | 2. Incorrect key data size |
-| | | | | | | |
-| | | | | | | |
-| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid key handle should return this error | 1. Destroyed key handle 2. Zero as key handle 3. Unallocated key handle |
-| | | | | PSA_ERROR_ALREADY_EXISTS | Pass the key slot to store data which is already occupied | Already occupied key slot |
-| | test_c003 | psa_export_key | Export a key in binary format | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
-| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. 24 Byte AES |
-| | | | | | | |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
-| | | | | | 4. Set the usage policy on a key slot | 4. 2048 RSA public key |
-| | | | | | 5. Import the key data into the key slot | 5. 2048 RSA keypair |
-| | | | | | 6. Get basic metadata about a key | 6. DES 64 bit key |
-| | | | | | 7. Export a key in binary format | 7. Triple DES 2-Key |
-| | | | | | 8. Check if original key data matches with the exported data | 8. Triple DES 3-Key |
-| | | | | | | 9. EC Public key |
-| | | | | | | 10. EC keypair |
-| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with buffer size less than required | Less buffer size |
-| | | | | PSA_ERROR_NOT_PERMITTED | Calling this function with with key policy as verify should return this error | Key policy as PSA_KEY_USAGE_VERIFY |
-| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid parameter should return this error | 1. Zero key slot |
-| | | | | | | 2. Unallocated key slot |
-| | | | | | | 3. Destroyed key slot |
-| | | | | PSA_ERROR_BAD_STATE | Calling this function with key policy that cannot be exported | Invalid key policy usage |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | Calling this function with empty key slot | Empty key slot |
-| | test_c004 | psa_export_public_key | Export a public key or the public part of a key pair in binary format. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 2048 RSA public key |
-| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. 2048 RSA keypair |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. EC Public key |
-| | | | | | 4. Set the usage policy on a key slot | 4. EC keypair |
-| | | | | | 5. Import the key data into the key slot | |
-| | | | | | 6. Get basic metadata about a key | |
-| | | | | | 7. Export a key in binary format | |
-| | | | | | 8. Check if original key data matches with the exported data | |
-| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with buffer size less than required | Less buffer size |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. DES 64 bit key |
-| | | | | | | 2. Triple DES 2-Key |
-| | | | | | | 3. Triple DES 3-Key |
-| | | | | PSA_ERROR_NOT_PERMITTED | Calling this function with with key policy as verify should return this error | Key policy as PSA_KEY_USAGE_VERIFY |
-| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid key handle should return this error | 1. Zero key slot |
-| | | | | | | 2. Unallocated key slot |
-| | | | | | | 3. Destroyed key slot |
-| | | | | PSA_ERROR_BAD_STATE | Calling this function with key policy that cannot be exported | Invalid key policy usage |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | Calling this function with empty key slot | Empty key slot |
-| | test_c005 | psa_destroy_key | Destroy a key and restore the slot to its default state. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
-| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. 24 Byte AES |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
-| | | | | | 4. Set the usage policy on a key slot | 4. 2048 RSA public key |
-| | | | | | 5. Import the key data into the key slot | 5. 2048 RSA keypair |
-| | | | | | 6. Get basic metadata about a key | 6. DES 64 bit key |
-| | | | | | 7. Destroy a key and restore the slot to its default state | 7. Triple DES 2-Key |
-| | | | | | 8. Check that if the key metadata are destroyed | 8. Triple DES 3-Key |
-| | | | | | | 9. EC Public key |
-| | | | | | | 10. EC keypair |
-| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid parameter should return this error | 1. Invalid key slot |
-| | | | | | | 2. Zero key slot |
-| | | | | | | 3. Empty key slot |
-| | test_c006 | psa_get_key_information | Get basic metadata about a key. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
-| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. 24 Byte AES |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
-| | | | | | 4. Set the usage policy on a key slot | 4. 2048 RSA public key |
-| | | | | | 5. Import the key data into the key slot | 5. 2048 RSA keypair |
-| | | | | | 6. Get basic metadata about a key | 6. DES 64 bit key |
-| | | | | | | 7. Triple DES 2-Key |
-| | | | | | | 8. Triple DES 3-Key |
-| | | | | | | 9. EC Public key |
-| | | | | | | 10. EC keypair |
-| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid parameter should return this error | 1. Zero key slot |
-| | | | | | | 2. Unallocated key slot |
-| | | | | | | 2. Destroyed key slot |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | Pass the key slot number which has the key type as none | Empty key slot |
-| | NO TEST | psa_key_policy_set_usage | Set the standard fields of a policy structure. | void | Void function. Covered as part of other cases | |
-| | | | | | | |
-| Key Policies | test_c007 | psa_set_key_policy | Set the usage policy on a key slot. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
-| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. 24 Byte AES |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
-| | | | | | 4. Set the usage policy on a key slot | 4. 2048 RSA public key |
-| | | | | | 5. Import the key data into the key slot | 5. 2048 RSA keypair |
-| | | | | | 6. Get the usage policy for a key slot | 6. DES 64 bit key |
-| | | | | | 7. Check if the policy matches the original input | 7. Triple DES 2-Key |
-| | | | | | | 8. Triple DES 3-Key |
-| | | | | | | 9. EC Public key |
-| | | | | | | 10. EC keypair |
-| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid parameter should return this error | 1. Unallocated key slot |
-| | | | | | | 2. Zero key slot |
-| | | | | | | 3. Destroyed key slot |
-| | | | | PSA_ERROR_ALREADY_EXISTS | Pass the key slot to store data which is already occupied | Already occupied key slot |
-| | test_c008 | psa_get_key_policy | Get the usage policy for a key slot | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
-| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. 24 Byte AES |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
-| | | | | | 4. Set the usage policy on a key slot | 4. 2048 RSA public key |
-| | | | | | 5. Change the lifetime of a key slot | 5. 2048 RSA keypair |
-| | | | | | 6. Import the key data into the key slot | 6. DES 64 bit key |
-| | | | | | 7. Get the usage policy for a key slot | 7. Triple DES 2-Key |
-| | | | | | 8. Retrieve the usage field of a policy structure | 8. Triple DES 3-Key |
-| | | | | | 9. Retrieve the algorithm field of a policy structure | 9. EC Public key |
-| | | | | | 10. Make sure they match the original value | 10. EC keypair |
-| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid parameter should return this error | 1. Zero key slot |
-| | | | | | | 2. Destroyed key slot |
-| | test_c009 | psa_allocate_key | Allocate a key slot for a transient key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Volatile keys |
-| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | |
-| | | | | | 3. Allocate a key slot for a transient key | |
-| | | | | | | |
-| | | | | | | |
-| | | | | | | |
-| | | | | | | |
-| | | | | | | |
-| | | | | PSA_ERROR_INSUFFICIENT_MEMORY | Calling this function with multiple time | |
-| | | | | | | |
-| | | | | | | |
-| | test_c010 | psa_get_key_lifetime | Retrieve the lifetime of a key slot. | PSA_SUCCESS | 1. Initialize the PSA crypto library | Testing only volatile keys and persistance key types will be supported in future release |
-| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | |
-| | | | | | 4. Set the usage policy on a key slot | |
-| | | | | | 5. Change the lifetime of a key slot | |
-| | | | | | 6. Import the key data into the key slot | |
-| | | | | | 7. Get the lifetime of a key slot | |
-| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Zero key slot |
-| | | | | | | 2. Invalid key slot |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key policy |
-| Message Authentication Codes | test_c011 | psa_hash_start | Start a multipart hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 |
-| | | | | | 2. Start a multipart hash operation | 2. MD4 |
-| | | | | | | 3. MD5 |
-| | | | | | | 4. RIPEMD160 |
-| | | | | | | 5. SHA1 |
-| | | | | | | 6. SHA224 |
-| | | | | | | 7. SHA256 |
-| | | | | | | 8. SHA512 |
-| | | | | | | 9. SHA512_224 |
-| | | | | | | 10. SHA512_256 |
-| | | | | | | 11. SHA3_224 1 |
-| | | | | | | 2. SHA3_256 1 |
-| | | | | | | 3. SHA3_384 1 |
-| | | | | | | 4. SHA3_512 |
-| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with unsupported algorithm should return error | Invalid hash algorithm |
-| | test_c012 | psa_hash_update | Add a message fragment to a multipart hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 |
-| | | | | | 2. Start a multipart hash operation | 2. MD4 |
-| | | | | | 3. Add a message fragment to a multipart hash operation | 3. MD5 |
-| | | | | | | 4. RIPEMD160 |
-| | | | | | | 5. SHA1 |
-| | | | | | | 6. SHA224 |
-| | | | | | | 7. SHA256 |
-| | | | | | | 8. SHA384 |
-| | | | | | | 9. SHA512 |
-| | | | | PSA_ERROR_BAD_STATE | 1. Calling this function without calling the psa_hash_start() should return error | Inactive operation handle |
-| | | | | | 2. Calling this function with completed operation handle should return error | Completed operation handle |
-| | test_c013 | psa_hash_verify | Finish the calculation of the hash of a message and compare it with an expected value. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 |
-| | | | | | 2. Start a multipart hash operation | 2. MD4 |
-| | | | | | 3. Add a message fragment to a multipart hash operation | 3. MD5 |
-| | | | | | 4. Finish the calculation of the hash of a message and compare it with an expected value | 4. RIPEMD160 |
-| | | | | | | 5. SHA1 |
-| | | | | | | 6. SHA224 |
-| | | | | | | 7. SHA256 |
-| | | | | | | 8. SHA384 |
-| | | | | | | 9. SHA512 |
-| | | | | PSA_ERROR_BAD_STATE | Calling this function with inactive operation handle should return error | 1. Inactive operation handle |
-| | | | | | Calling this function with invalid operation handle should return error | 2. Invalid operation handle |
-| | | | | PSA_ERROR_INVALID_SIGNATURE | Calling this function with incorrect expected value should return error | 1. Incorrect expected hash value |
-| | | | | | | 2. Incorrect expected hash length |
-| | test_c014 | psa_hash_finish | Finish the calculation of the hash of a message. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 |
-| | | | | | 2. Start a multipart hash operation | 2. MD4 |
-| | | | | | 3. Add a message fragment to a multipart hash operation | 3. MD5 |
-| | | | | | 4. Finish the calculation of the hash of a message | 4. RIPEMD160 |
-| | | | | | 5. Compare it with the expected value | 5. SHA1 |
-| | | | | | | 6. SHA224 |
-| | | | | | | 7. SHA256 |
-| | | | | | | 8. SHA384 |
-| | | | | | | 9. SHA512 |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with an inactive operation handle should return error | Inactive operation handle |
-| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with a hash buffer whose size is less than the algorithm output should return error | Buffer size less than required |
-| | test_c015 | psa_hash_abort | Abort a hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 |
-| | | | | | 2. Start a multipart hash operation | 2. MD4 |
-| | | | | | 3. Abort a hash operation | 3. MD5 |
-| | | | | | | 4. RIPEMD160 |
-| | | | | | | 5. SHA1 |
-| | | | | | | 6. SHA224 |
-| | | | | | | 7. SHA256 |
-| | | | | | | 8. SHA384 |
-| | | | | | | 9. SHA512 |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling psa_hash_finish after calling psa_hash_abort should return error | |
-| Generator | test_c016 | psa_generate_key | Generate a key or key pair | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES |
-| | | | | | 2. Initialize a key policy structure | 2. DES |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. ECC |
-| | | | | | 4. Set the usage policy on a key slot | 4. RSA |
-| | | | | | 5. Generate a key or key pair | |
-| | | | | | 6. Get basic metadata about a key | |
-| | | | | | 7. Check if key type and key length matches | |
-| | | | | | 8. Export a key in binary format | |
-| | | | | | 9. Check if the metadata matches | |
-| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with unallocated key slot should return this error | Unallocated key slot |
-| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with zero as key slot should return this error | Zero as key slot |
-| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with destroyed key slot should return this error | Destroyed as key slot |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with Null extra and Non-Zero extra size should return this error | Null extra and Non-Zero extra size |
-| | | | | PSA_ERROR_ALREADY_EXISTS | Calling this function with pre-occupied key slot should return this error | Pre-occupied key slot |
-| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function to generate only public key should return this error | Key type as public key |
-| | test_c017 | psa_generate_random | Generate random bytes | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte data |
-| | | | | | 2. Generate random bytes Run several times, to ensure that every output byte will be nonzero at least once | 2. 24 Byte data |
-| | | | | | 3. Check that no more than bytes have been overwritten | 3. 32 Byte data |
-| | | | | | 4. Check that every byte was changed to nonzero at least once. | 4. 64 Byte data |
-| | | | | | | 5. 128 Byte data |
-| | | | | | | 6. 256 Byte data |
-| | | | | | | 7. 512 Byte data |
-| | | | | | | 8. 1000 Byte data |
-| | | | | | | 9. 1024 Byte data |
-| | test_c018 | psa_generator_read | Read some data from a generator | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte key |
-| | | | | | 2. Initialize a key policy structure | 2. 32 Byte key |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 8 Byte Key |
-| | | | | | 4. Set the usage policy on a key slot | 4. SHA 256 |
-| | | | | | 5. Import the key data into the key slot | 5. SHA 512 |
-| | | | | | 6. Set up a key derivation operation | 6. SHA 1 |
-| | | | | | 7. Generate random bytes | 7. Output size less than generator capacity |
-| | | | | | 8. Check that if generated data are non-zero | 8. Output size equal to generator capacity |
-| | | | | | 9. Generate random bytes for remaining capacity | 9. Request maximum capacity |
-| | | | | | 10. Check that if generated data are non-zero | |
-| | | | | | 11. Generate random bytes and check that it fails | |
-| | | | | PSA_ERROR_INSUFFICIENT_DATA | Calling this function with output size greater than the current capacity should return this error | Output size greater than the current capacity |
-| | | | | PSA_ERROR_INSUFFICIENT_DATA | Calling this function with capacity greater than the allowed capacity should return this error | Request maximum capacity +1 |
-| | | | | PSA_ERROR_BAD_STATE | Calling this function without setup should return this error | |
-| | test_c019 | psa_get_generator_capacity | Retrieve the current capacity of a generator | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Output size less than generator capacity |
-| | | | | | 2. Initialize a key policy structure | 2. Output size equal to generator capacity |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | |
-| | | | | | 4. Set the usage policy on a key slot | |
-| | | | | | 5. Import the key data into the key slot | |
-| | | | | | 6. Set up a key derivation operation | |
-| | | | | | 7. Retrieve the current capacity of a generator | |
-| | | | | | 8. Check that it is equal to the input capacity | |
-| | | | | | 9. Generate random bytes | |
-| | | | | | 10. Retrieve the current capacity of a generator | |
-| | | | | | 11. Check that it is equal to the remaining capacity | |
-| | | | | PSA_ERROR_BAD_STATE | Calling this function without setup should return this error | |
-| | test_c020 | psa_generator_import_key | Create a symmetric key from data read from a generator | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
-| | | | | | 2. Initialize a key policy structure | 2. 32 Byte AES |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | |
-| | | | | | 4. Set the usage policy on a key slot | |
-| | | | | | 5. Import the key data into the key slot | |
-| | | | | | 6. Set up a key derivation operation | |
-| | | | | | 7. Initialize a key policy structure for new slot | |
-| | | | | | 8. Set the standard fields of a policy structure | |
-| | | | | | 9. Set the usage policy on a new key slot | |
-| | | | | | 10. Create a symmetric key from data read from a generator | |
-| | | | | | 11. Export a key in binary format | |
-| | | | | | 12. Check that length of the key matches | |
-| | | | | | 13. Check that the key is non-zero | |
-| | | | | | 14. Initialize a key policy structure for new slot | |
-| | | | | | 15. Set the standard fields of a policy structure | |
-| | | | | | 16. Set the usage policy on a new key slot | |
-| | | | | | 17. Create a symmetric key from data read from a generator for the remaining size | |
-| | | | | | 18. Export a key in binary format | |
-| | | | | | 19. Check that length of the key matches | |
-| | | | | | 20. Check that the key is non-zero | |
-| | | | | | 21. Initialize a key policy structure for new slot | |
-| | | | | | 22. Set the standard fields of a policy structure | |
-| | | | | | 23. Set the usage policy on a new key slot | |
-| | | | | | 24. Create a symmetric key from data read from a generator for the some size | |
-| | | | | | Check that it fails | |
-| | | | | PSA_ERROR_INSUFFICIENT_DATA | Calling this function with output greater than capacity should return this error | Output greater than capacity |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with public key algorithm should return this error | 1. RSA public key 2.Invalid key size |
-| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid arguments should return this error | 1. Invalid key slot |
-| | | | | | | 2. Zero as key slot |
-| | | | | | | |
-| | | | | PSA_ERROR_ALREADY_EXISTS | Calling this function with already occupied key slot should return this error | Pre-occupied key slot |
-| | test_c021 | psa_generator_abort | Abort a generator | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Abort |
-| | | | | | 2. Initialize a key policy structure | 2. Multiple |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. Calling generator functions after abort should fail |
-| | | | | | 4. Set the usage policy on a key slot | |
-| | | | | | 5. Import the key data into the key slot | |
-| | | | | | 6. Set the key for a multipart symmetric encryption/decryption operation | |
-| | | | | | 7. Abort a cipher operation | |
-| | | | | | 8. Multiple abort cipher operation should return success | |
-| Key derivation | test_c022 | psa_key_derivation | Set up a key derivation operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte data with SHA-256 |
-| | | | | | 2. Initialize a key policy structure | 2. 32 byte data with SHA-512 |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte data with MD-5 |
-| | | | | | 4. Import the key data into the key slot | 4. Salt and label provided as input |
-| | | | | | 5. Set up a key derivation operation | |
-| | | | | | 6. Retrieve the current capacity of a generator | |
-| | | | | | 7. Make sure that the capacity is same as input capacity | |
-| | | | | PSA_INVALID_ARGUMENT | Calling this function with invalid argument should return this error | 1. Invalid algorithm |
-| | | | | | | 2. Unsupported generator capacity |
-| | | | | | | 3. Unsupported key type |
-| | | | | PSA_ERROR_NOT_PERMITTED | Calling this function with incorrect usage should return this error | 1. Incorrect usage |
-| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with unsupported key derivation algorithm should return this error | 1. Unsupported key derivation algorithm |
-| | | | | PSA_ERROR_INVALID_HANDLE | Calling this functoin wih incorrect key handle | 1. Invalid key handle 2. Zero as key slot |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | Calling this function with empty key slot should return this error | Empty key slot |
-| Key policies | test_c023 | psa_key_policy_get_usage | Retrieve the usage field of a policy structure | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Encrypt |
-| | | | | | 2. Initialize a key policy structure | 2. Decrypt |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. Export |
-| | | | | | 4. Retrieve the usage field of a policy structure | 4. Sign |
-| | | | | | 5. Check that usage is same as input | 5. Verify |
-| | | | | | | 6. Derive |
-| AEAD | test_c024 | psa_aead_encrypt | Process an authenticated encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. CCM - 16B AES - Nounce and additional data |
-| | | | | | 2. Initialize a key policy structure | 2. GCM - 16B AES - NULL Nounce & addi data |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. GCM -16B AES - 12B Nounce & 12B addi data |
-| | | | | | 4. Set the usage policy on a key slot | 4. CCM - 16B AES - 13B Nounce & 8B addi data |
-| | | | | | 5. Import the key data into the key slot | |
-| | | | | | 6. Call aead encrypt | |
-| | | | | | 7. Check if the status is expected | |
-| | | | | | 8. Check if the cipher text is expected length | |
-| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. DES key |
-| | | | | | | 2. Unsupported algorithm |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot |
-| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Zero as key slot |
-| | | | | | | 2. Invalid key slot |
-| | | | | PSA_ERROR_NOT_PERMITTED | | 1. Small output buffer size |
-| | | | | | | 2. Invalid key usage |
-| | test_c025 | psa_aead_decrypt | Process an authenticated decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. CCM - 16B AES - Nounce and additional data |
-| | | | | | 2. Initialize a key policy structure | 2. GCM - 16B AES - NULL Nounce & addi data |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. GCM -16B AES - 12B Nounce & 12B addi data |
-| | | | | | 4. Set the usage policy on a key slot | 4. CCM - 16B AES - 13B Nounce & 8B addi data |
-| | | | | | 5. Import the key data into the key slot | |
-| | | | | | 6. Call aead decrypt | |
-| | | | | | 7. Check if the status is expected | |
-| | | | | | 8. Check if the plain text is expected length | |
-| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. DES key |
-| | | | | | | 2. Unsupported algorithm |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | | Invalid tag length |
-| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Zero as key slot |
-| | | | | | | 2. Invalid key slot |
-| | | | | PSA_ERROR_NOT_PERMITTED | | 1. Small output buffer size |
-| | | | | | | 2. Invalid key usage |
-| Message Authentication Codes | test_c026 | psa_mac_sign_setup | Start a multipart MAC calculation operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 64 Byte HMAC |
-| | | | | | 2. Initialize a key policy structure | 2. 16 Byte AES - CMAC |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | |
-| | | | | | 4. Set the usage policy on a key slot | |
-| | | | | | 5. Import the key data into the key slot | |
-| | | | | | 6. Start a multipart MAC calculation operation | |
-| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte AES - GMAC |
-| | | | | | | 2. Incompatible HMAC for CMAC |
-| | | | | | | 3. Bad algorithm (unknown MAC algorithm) |
-| | | | | | | 4. Truncated MAC too small |
-| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key type |
-| | | | | | | 2. Truncated MAC too large |
-| | | | | | | 3. Bad algorithm (not a MAC algorithm) |
-| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key handle |
-| | | | | | | 2. Zero as key handle |
-| | test_c027 | psa_mac_update | Add a message fragment to a multipart MAC operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1.64 Byte HMAC SHA256 |
-| | | | | | 2. Initialize a key policy structure | 2. 16 Byte AES - CMAC |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte HMAC SHA512 |
-| | | | | | 4. Set the usage policy on a key slot | |
-| | | | | | 5. Import the key data into the key slot | |
-| | | | | | 6. Start a multipart MAC calculation operation | |
-| | | | | | 7. Add a message fragment to a multipart MAC operation | |
-| | | | | | 8. Check for the expected status | |
-| | | | | | 9. If success, Finish the calculation of the MAC of a message | |
-| | | | | | 10. Add a message fragment to the same multipart MAC operation should fail | |
-| | | | | PSA_ERROR_BAD_STATE | | 1. Completed operation as input |
-| | | | | | | 2. Uninitialized operation as input |
-| | test_c028 | psa_mac_sign_finish | Finish the calculation of the MAC of a message | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 |
-| | | | | | 2. Initialize a key policy structure | 2. HMAC SHA 256 |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. HMAC SHA 512 |
-| | | | | | 4. Set the usage policy on a key slot | 4. HMAC SHA 224 (truncated to 8 Byte) |
-| | | | | | 5. Import the key data into the key slot | 5. CMAC AES 128 |
-| | | | | | 6. Start a multipart MAC calculation operation | |
-| | | | | | 7. Add a message fragment to a multipart MAC operation | |
-| | | | | | 8. Finish the calculation of the MAC of a message | |
-| | | | | | 9. Check for the expected status | |
-| | | | | | 10. If success, Check if the MAC length matches with the expected length | |
-| | | | | | 11. Check if the MAC data matches with the expected data | |
-| | | | | | 12. Finish the calculation of the MAC of a message using same operation should return error | |
-| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small size buffer |
-| | | | | PSA_ERROR_BAD_STATE | | Invalid operation as input |
-| | test_c029 | psa_mac_verify_setup | | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 64 Byte HMAC |
-| | | | | | 2. Initialize a key policy structure | 2. 16 Byte AES - CMAC |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | |
-| | | | | | 4. Set the usage policy on a key slot | |
-| | | | | | 5. Import the key data into the key slot | |
-| | | | | | 6. Start a multipart MAC verification operation | |
-| | | | | | 7. Check for the expected status | |
-| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte AES - GMAC |
-| | | | | | | 2. Incompatible HMAC for CMAC |
-| | | | | | | 3. Bad algorithm (unknown MAC algorithm) |
-| | | | | | | 4. Truncated MAC too small |
-| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty slot as input |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key type |
-| | | | | | | 2. Truncated MAC too large |
-| | | | | | | 3. Bad algorithm (unknown MAC algorithm) |
-| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key handle |
-| | | | | | | 2. Zero as key handle |
-| | test_c030 | psa_mac_verify_finish | Finish the calculation of the MAC of a message and compare it with an expected value | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 |
-| | | | | | 2. Initialize a key policy structure | 2. HMAC SHA 256 |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. HMAC SHA 512 |
-| | | | | | 4. Set the usage policy on a key slot | 4. HMAC SHA 224 (truncated to 8 Byte) |
-| | | | | | 5. Import the key data into the key slot | 5. CMAC AES 128 |
-| | | | | | 6. Start a multipart MAC calculation operation | |
-| | | | | | 7. Add a message fragment to a multipart MAC operation | |
-| | | | | | 8. Finish the calculation of the MAC of a message | |
-| | | | | | 9. Check for the expected status | |
-| | | | | | 10. Finish the calculation of the MAC of a message using same operation should return error | |
-| | | | | PSA_ERROR_INVALID_SIGNATURE | | 1. Small size buffer |
-| | | | | | | 2. Incorrect expected hash |
-| | | | | PSA_ERROR_BAD_STATE | | Invalid operation as input |
-| | test_c031 | psa_mac_abort | Abort a MAC operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 |
-| | | | | | 2. Initialize a key policy structure | 2. HMAC SHA 256 |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. HMAC SHA 512 |
-| | | | | | 4. Set the usage policy on a key slot | 4. CMAC AES 128 |
-| | | | | | 5. Import the key data into the key slot | 5. HMAC truncated |
-| | | | | | 6. Start a multipart MAC calculation operation | 6. Multiple abort |
-| | | | | | 7. Abort the MAC operation | 7. psa_mac_finish after psa_mac_abort should return failure |
-| Symmetric Ciphers | test_c032 | psa_cipher_encrypt_setup | Set the key for a multipart symmetric encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
-| | | | | | 2. Initialize a key policy structure | 2. 24 Byte AES |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
-| | | | | | 4. Set the usage policy on a key slot | 4. DES 64 bit key |
-| | | | | | 5. Import the key data into the key slot | 5. Triple DES 2-Key |
-| | | | | | 6. Set the key for a multipart symmetric encryption operation | 6. Triple DES 3-Key |
-| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte raw data |
-| | | | | | | 2. Unknown cipher algorithm |
-| | | | | | | 3. Incompatible key ARC4 |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Not a cipher algorithm |
-| | | | | | | 2. RSA public key |
-| | | | | | | 3. RSA keypair |
-| | | | | | | 4. EC Public key |
-| | | | | | | 5. EC keypair |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot |
-| | | | | PSA_ERROR_NOT_PERMITTED | | Incorrect usage |
-| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Unallocated key handle |
-| | | | | | | 2. Zero as key handle |
-| | test_c033 | psa_cipher_decrypt_setup | Set the key for a multipart symmetric decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 |
-| | | | | | 2. Initialize a key policy structure | 2. HMAC SHA 256 |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. HMAC SHA 512 |
-| | | | | | 4. Set the usage policy on a key slot | 4. CMAC AES 128 |
-| | | | | | 5. Import the key data into the key slot | 5. HMAC truncated |
-| | | | | | 6. Set the key for a multipart symmetric decryption operation | 6. Multiple abort |
-| | | | | | | 7. psa_mac_finish after psa_mac_abort should return failure |
-| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte raw data |
-| | | | | | | 2. Unknown cipher algorithm |
-| | | | | | | 3. Incompatible key ARC4 |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Not a cipher algorithm |
-| | | | | | | 2. RSA public key |
-| | | | | | | 3. RSA keypair |
-| | | | | | | 4. EC Public key |
-| | | | | | | 5. EC keypair |
-| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Unallocated key handle |
-| | | | | | | 2. Zero as key handle |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot |
-| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage |
-| | test_c034 | psa_cipher_generate_iv | Generate an IV for a symmetric encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
-| | | | | | 2. Initialize a key policy structure | 2. 24 Byte AES |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
-| | | | | | 4. Set the usage policy on a key slot | 4. DES 64 bit key |
-| | | | | | 5. Import the key data into the key slot | 5. Triple DES 2-Key |
-| | | | | | 6. Set the key for a multipart symmetric encryption operation | 6. Triple DES 3-Key |
-| | | | | | 7. Generate an IV for a symmetric encryption operation | 7. AES - large iv buffer |
-| | | | | | 8. Check that if generated iv length match the expected length | 8. DES - large iv buffer |
-| | | | | | 9. Check that if generated iv are zero | |
-| | | | | | 10. Generating an IV for a symmetric encryption operation using the same operator should fail | |
-| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | 1. AES - small iv buffer |
-| | | | | | | 2. DES - small iv buffer |
-| | | | | PSA_ERROR_BAD_STATE | | 1. Completed operation handle |
-| | test_c035 | psa_cipher_set_iv | Set the IV for a symmetric encryption or decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
-| | | | | | 2. Initialize a key policy structure | 2. 24 Byte AES |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
-| | | | | | 4. Set the usage policy on a key slot | 4. DES 64 bit key |
-| | | | | | 5. Import the key data into the key slot | 5. Triple DES 2-Key |
-| | | | | | 6. Set the key for a multipart symmetric encryption/decryption operation | 6. Triple DES 3-Key |
-| | | | | | 7. Set an IV for a symmetric encryption/decryption operation | |
-| | | | | | 8. Check that if generated iv length match the expected length | |
-| | | | | | 9. Check that if generated iv are zero | |
-| | | | | | 10. Setting an IV for a symmetric encryption/decryption operation using the same operator should fail | |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. AES - small iv buffer 2. DES - small iv buffer 3. AES - large iv buffer 4. DES - large iv buffer |
-| | | | | PSA_ERROR_BAD_STATE | | 1. Completed operation handle |
-| | test_c036 | psa_cipher_update | Encrypt or decrypt a message fragment in an active cipher operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES CBC_NO_PADDING |
-| | | | | | 2. Initialize a key policy structure | 2. AES CBC_NO_PADDING (Short input) |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. AES CBC_PKCS7 |
-| | | | | | 4. Set the usage policy on a key slot | 4. AES CBC_PKCS7 (Short input) |
-| | | | | | 5. Import the key data into the key slot | 5. AES CTR |
-| | | | | | 6. Set the key for a multipart symmetric encryption operation | 6. DES CBC (nopad) |
-| | | | | | 7. Set an IV for a symmetric encryption operation | 7. 2-key 3DE -CBC (nopad) |
-| | | | | | 8. Encrypt or decrypt a message fragment in an active cipher operation | 8. 3-key 3DE -CBC (nopad) |
-| | | | | | 9. Check if the output length matches the expected length | |
-| | | | | | 10. Check if the output data matches the expected data | |
-| | | | | | 11. Encrypt or decrypt a message fragment in an invalid cipher operation should fail | |
-| | | | | PSA_ERROR_BAD_STATE | Encrypt or decrypt a message fragment in an invalid cipher operation should fail | Invalid operation as input |
-| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer size |
-| | test_c037 | psa_cipher_finish | Finish encrypting or decrypting a message in a cipher operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES CBC_NO_PADDING |
-| | | | | | 2. Initialize a key policy structure | 2. AES CBC_NO_PADDING (Short input) |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. AES CBC_PKCS7 |
-| | | | | | 4. Set the usage policy on a key slot | 4. AES CBC_PKCS7 (Short input) |
-| | | | | | 5. Import the key data into the key slot | 5. AES CTR |
-| | | | | | 6. Set the key for a multipart symmetric encryption operation | 6. DES CBC (nopad) |
-| | | | | | 7. Set an IV for a symmetric encryption operation | 7. 2-key 3DE -CBC (nopad) |
-| | | | | | 8. Encrypt or decrypt a message fragment in an active cipher operation | 8. 3-key 3DE -CBC (nopad) |
-| | | | | | 9. Finish encrypting or decrypting a message in a cipher operation | |
-| | | | | | 10. Check if the output length matches the expected length | |
-| | | | | | 11. Check if the output data matches the expected data | |
-| | | | | | 12. Finish encrypting or decrypting a message using an invalid operation should fail | |
-| | | | | PSA_ERROR_BAD_STATE | Encrypt or decrypt a message fragment in an invalid cipher operation should fail | Invalid operation as input |
-| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer size |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | | AES CBC_NO_PADDING (Short input) |
-| | test_c038 | psa_cipher_abort | Abort a cipher operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Encrypt - AES CBC_NO_PADDING |
-| | | | | | 2. Initialize a key policy structure | 2. Encrypt - AES CBC_PKCS7 |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. Encrypt - AES CTR |
-| | | | | | 4. Set the usage policy on a key slot | 4. Encrypt - DES CBC (nopad) |
-| | | | | | 5. Import the key data into the key slot | 5. Encrypt - 2-key 3DE -CBC (nopad) |
-| | | | | | 6. Set the key for a multipart symmetric encryption/decryption operation | 6. Encrypt - 3-key 3DE -CBC (nopad) |
-| | | | | | 7. Abort a cipher operation | 7. Decrypt - AES CBC_NO_PADDING |
-| | | | | | 8. Multiple abort cipher operation should return success | 8. Decrypt - AES CBC_PKCS7 |
-| | | | | | | 9. Decrypt - AES CTR |
-| | | | | | | 10. Decrypt - DES CBC (nopad) |
-| | | | | | | 11. Decrypt - 2-key 3DE -CBC (nopad) |
-| | | | | | | 12. Decrypt - 3-key 3DE -CBC (nopad) |
-| | | | | | | 13. psa_cipher_update after psa_cipher_abort should fail |
-| Asymmetric Cryptography | test_c039 | psa_asymmetric_encrypt | Encrypt a short message with a public key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA PKCS1V15 |
-| | | | | | 2. Initialize a key policy structure | 2. RSA OAEP SHA256 |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. RSA OAEP SHA256 with label |
-| | | | | | 4. Set the usage policy on a key slot | 4. RSA KEYPAIR PKCS1V15 |
-| | | | | | 5. Import the key data into the key slot | |
-| | | | | | 6. Encrypt a short message with a public key | |
-| | | | | | 7. Check if the output length matches with the expected output length | |
-| | | | | | 8. Decrypt the cipher text | |
-| | | | | | 9. Check if the output length matches with the input length | |
-| | | | | | 10. Check if the output matches with the given input data | |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key type |
-| | | | | | | 2. Invalid algorithm |
-| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot |
-| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer |
-| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Unallocated key handle |
-| | | | | | | 2. Zero as key handle |
-| | test_c040 | psa_asymmetric_decrypt | Decrypt a short message with a private key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 |
-| | | | | | 2. Initialize a key policy structure | 2. RSA KEYPAIR OAEP SHA256 |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. RSA KEYPAIR OAEP SHA256 with label |
-| | | | | | 4. Set the usage policy on a key slot | |
-| | | | | | 5. Import the key data into the key slot | |
-| | | | | | 6. Decrypt a short message with a private key | |
-| | | | | | 7. Check if the output length matches with the expected length | |
-| | | | | | 8. Check if the output matches with the expected data | |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key type (RSA public key) |
-| | | | | | | 2. Invalid algorithm |
-| | | | | | | 3. Invalid key type (AES Key) |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot |
-| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage |
-| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key slot 2. Zero key slot |
-| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer |
-| | test_c041 | psa_asymmetric_sign | Sign a hash or short message with a private key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 RAW |
-| | | | | | 2. Initialize a key policy structure | 2. RSA KEYPAIR PKCS1V15 SHA-256 |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. ECDSA KEYPAIR SECP256R1 SHA-256 |
-| | | | | | 4. Set the usage policy on a key slot | |
-| | | | | | 5. Import the key data into the key slot | |
-| | | | | | 6. Sign a hash or short message with a private key | |
-| | | | | | 7. Check if the output length matches with the expected length | |
-| | | | | | 8. Check if the output matches with the expected data | |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key type (RSA public key) |
-| | | | | | | 2. Invalid algorithm |
-| | | | | | | 3. Invalid key type (AES Key) |
-| | | | | | | 4. Wrong hash size |
-| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key slot 2. Zero key slot |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot |
-| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage |
-| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer |
-| | test_c042 | psa_asymmetric_verify | Verify the signature a hash or short message using a public key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 RAW |
-| | | | | | 2. Initialize a key policy structure | 2. RSA KEYPAIR PKCS1V15 SHA-256 |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. ECDSA KEYPAIR SECP256R1 SHA-256 |
-| | | | | | 4. Set the key data based on key type | 4. RSA public key |
-| | | | | | 5. Set the usage policy on a key slot | 5. EC public key |
-| | | | | | 6. Import the key data into the key slot | |
-| | | | | | 7. Verify the signature a hash or short message using a public key | |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid algorithm |
-| | | | | | | 2. Wrong hash size |
-| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key slot 2. Zero key slot |
-| | | | | PSA_ERROR_INVALID_SIGNATURE | | Wrong signature size |
-| | | | | | | Wrong signature |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot |
-| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage |
-| | | | | PSA_ERROR_NOT_SUPPORTED | | Invalid key type (AES Key) |
-| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer |
-| | test_c043 | psa_key_agreement | Set up a key agreement operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. ECDH SECP256R1 |
-| | | | | | 2. Initialize a key policy structure | 2. ECDH SECP384R1 |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | |
-| | | | | | 4. Set the key data based on key type | |
-| | | | | | 5. Set the usage policy on a key slot | |
-| | | | | | 6. Import the key data into the key slot | |
-| | | | | | 7. Set up a key agreement operation | |
-| | | | | | 8. Retrieve the current capacity of a generator | |
-| | | | | | 9. Check if the generator capacity matches with the expected capacity | |
-| | | | | | 10. Read some data from a generator | |
-| | | | | | 11. Check if the output matches with the expected data | |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Not a key agreement alg |
-| | | | | | | 2. Public key on different curve |
-| | | | | | | 2. Public key instead of private key |
-| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key slot 2. Zero key slot |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot |
-| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage |
-| | | | | PSA_ERROR_NOT_SUPPORTED | | Invalid key type (AES Key) |
-| | test_c044 | psa_copy_key | Copy key material from one location to another | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
-| | | | | | 2. Initialize a key policy structure | 2. 24 Byte AES |
-| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES with constraints |
-| | | | | | 4. Set the key data based on key type | 4. 2048 RSA public key |
-| | | | | | 5. Set the usage policy on a key slot | 5. 2048 RSA key pair |
-| | | | | | 6. Import the key data into the key slot | 6. DES 64 bit key |
-| | | | | | 7. Allocate a key slot for the target key | 7. Triple DES 2-Key |
-| | | | | | 8. Set the usage policy on a key slot | 8. Triple DES 3-Key |
-| | | | | | 9. Make a copy of a key | 9. EC Public key |
-| | | | | | 10. Destroy the source to ensure that this doesn't affect the target | 10. EC key pair |
-| | | | | | 11. Export a key in binary format and check if it matches with source material | 11. Incompatible target polic |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Incompatible target policy(source and target) |
-| | | | | | | 2. Incompatible constraint |
-| | | | | PSA_SUCCESS | | 1. Unexport source key usage |
-| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Unallocated target key slot |
-| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty source handle |
-| | | | | PSA_ERROR_ALREADY_EXISTS | | Target already containing key material |
-
+| Group | Test | Function | Scenario | Return Value | Steps | Test Case | |
+|------------------------------|-----------|----------------------------------|----------------------------------------------------------------------------------------|---------------------------------------------|------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------|---|
+| Library Initialization | test_c001 | psa_crypto_init | Library initialization | PSA_SUCCESS | Calling this function should return SUCCESS | | |
+| | | | Applications must call this function before calling any other function in this module. | PSA_SUCCESS | Try calling crypto operations doing a crypto_init should be successful(can be covered as part of other testcase) | | |
+| | | | Applications may call this function more than once. Once a call succeeds | subsequent calls are guaranteed to succeed. | PSA_SUCCESS | Try calling multiple crypto init and should return SUCCESS | |
+| | | | Applications must call this function before calling any other function in this module. | PSA_ERROR_BAD_STATE | Try calling crypto operations without doing a crypto_init should return FAILURE | | |
+| | | | | | | | |
+| Key Management | test_c002 | psa_import_key | Import a key in binary format. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | |
+| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | |
+| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | |
+| | | | | | 4. Get basic metadata about a key | 4. 2048 RSA public key | |
+| | | | | | 5. Export a key in binary format | 5. 2048 RSA keypair | |
+| | | | | | 6. Check if original key data matches with the exported data | 6. DES 64 bit key | |
+| | | | | | 7. Reset the key attributes | 7. Triple DES 2-Key | |
+| | | | | | | 8. Triple DES 3-Key | |
+| | | | | | | 9. EC Public key | |
+| | | | | | | 10. EC keypair | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with incorrect key type | Incorrect key type | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Key data greater than the algorithm size | |
+| | | | | | | 2. Incorrect key data size | |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid key handle should return this error | | |
+| Key Management | test_c003 | psa_export_key | Export a key in binary format | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | |
+| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | |
+| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | |
+| | | | | | 4. Get basic metadata about a key | 4. 2048 RSA public key | |
+| | | | | | 5. Export a key in binary format | 5. 2048 RSA keypair | |
+| | | | | | 6. Check if original key data matches with the exported data | 6. DES 64 bit key | |
+| | | | | | 7. Reset the key attributes | 7. Triple DES 2-Key | |
+| | | | | | | 8. Triple DES 3-Key | |
+| | | | | | | 9. EC Public key | |
+| | | | | | | 10. EC keypair | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with buffer size less than required | Less buffer size | |
+| | | | | PSA_ERROR_NOT_PERMITTED | Calling this function with with key policy as verify should return this error | Key policy as PSA_KEY_USAGE_VERIFY | |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid parameter should return this error | 1. Destroyed key slot | |
+| Key Management | test_c004 | psa_export_public_key | Export a public key or the public part of a key pair in binary format. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 2048 RSA public key | |
+| | | | | | 2. Setup the attributes for the key | 2. 2048 RSA keypair | |
+| | | | | | 3. Import the key data into the key slot | 3. EC Public key | |
+| | | | | | 4. Get basic metadata about a key | 4. EC keypair | |
+| | | | | | 5. Export a key in binary format | | |
+| | | | | | 6. Check if original key data matches with the exported data | | |
+| | | | | | 7. Reset the key attributes | | |
+| | | | | | | | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with buffer size less than required | Less buffer size | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. DES 64 bit key | |
+| | | | | | | 2. Triple DES 2-Key | |
+| | | | | | | 3. Triple DES 3-Key | |
+| | | | | PSA_ERROR_NOT_PERMITTED | Calling this function with with key policy as verify should return this error | Key usage as PSA_KEY_USAGE_VERIFY | |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid key handle should return this error | 1. Destroyed key slot | |
+| | | | | PSA_ERROR_BAD_STATE | Calling this function with key policy that cannot be exported | Invalid key policy usage | |
+| | | | | PSA_ERROR_DOES_NOT_EXIST | Calling this function with empty key slot | Empty key slot | |
+| Key Management | test_c005 | psa_destroy_key | Destroy a key and restore the slot to its default state. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | |
+| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | |
+| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | |
+| | | | | | 4. Get basic metadata about a key | 4. 2048 RSA public key | |
+| | | | | | 5. Destroy a key and restore the slot to its default state | 5. 2048 RSA keypair | |
+| | | | | | 6. Check that if the key metadata are destroyed | 6. DES 64 bit key | |
+| | | | | | | 7. Triple DES 2-Key | |
+| | | | | | | 8. Triple DES 3-Key | |
+| | | | | | | 9. EC Public key | |
+| | | | | | | 10. EC keypair | |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid parameter should return this error | Already destroyed key slot | |
+| Message Digests | test_c006 | psa_hash_compute | Calculate the hash (digest) of a message | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | |
+| | | | | | 2. Calculate the hash (digest) of a message | 2. MD4 | |
+| | | | | | 3. Check if it matches with the expected values | 3. MD5 | |
+| | | | | | | 4. RIPEMD160 | |
+| | | | | | | 5. SHA1 | |
+| | | | | | | 6. SHA224 | |
+| | | | | | | 7. SHA256 | |
+| | | | | | | 8. SHA384 | |
+| | | | | | | 9. SHA512 | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with small buffer size should return this error | small buffer size | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with invalid algorithm should return this error | Invalid algorithm | |
+| Message Digests | test_c007 | psa_hash_compare | Calculate the hash (digest) of a message and compare it with a reference value | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | |
+| | | | | | 2. Calculate the hash (digest) of a message and compare it with a reference value | 2. MD4 | |
+| | | | | | | 3. MD5 | |
+| | | | | | | 4. RIPEMD160 | |
+| | | | | | | 5. SHA1 | |
+| | | | | | | 6. SHA224 | |
+| | | | | | | 7. SHA256 | |
+| | | | | | | 8. SHA384 | |
+| | | | | | | 9. SHA512 | |
+| | | | | PSA_ERROR_INVALID_SIGNATURE | Calling this function with incorrect expected hash | Incorrect expected hash | |
+| | | | | | Calling this function with incorrect expected hash | Incorrect expected hash length | |
+| Key Derivation | test_c008 | psa_key_derivation_setup | Set up a key derivation operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. ECDH + HKDF-SHA-256 | |
+| | | | | | 2. Set up a key derivation operation | | |
+| | | | | | 3. Abort the key derivation operation | | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Bad key derivation algorithm | |
+| | | | | | | 2. Invalid Algorithm | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with unsupported parameter should return this error | ECDH, unknown KDF | |
+| Key Derivation | test_c009 | psa_key_derivation_input_bytes | Provide an input for key derivation or key agreement | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Step as Info | |
+| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. Step as salt | |
+| | | | | | 3. Provide an input for key derivation or key agreement | 3. Step as label | |
+| | | | | | 4. Allocate a key slot for a transient key | 4. Step as seed | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Step as secret | |
+| | | | | | | 2. Invalid step | |
+| | | | | PSA_ERROR_BAD_STATE | Key derivation on an aborted operation | Aborted operation | |
+| Key Attributes | test_c010 | psa_set_key_id | Set the attributes for the key | NA | 1. Initialize the PSA crypto library | Testing only volatile keys and persistence key types will be supported in future release | |
+| | | psa_set_key_lifetime | | | 2. Check if all the attributes are initialized to zero | | |
+| | | psa_set_key_type | | | 3. Setup the attributes for the key | | |
+| | | psa_set_key_bits | | | 4. Check if all the attributes are as per the input | | |
+| | | psa_set_key_usage_flags | | | 5. Reset the attributes | | |
+| | | psa_set_key_algorithm | | | 6. Check if all the attributes are erased | | |
+| | | psa_get_key_id | Get the attributes for the key | | | | |
+| | | psa_get_key_lifetime | | | | | |
+| | | psa_get_key_type | | | | | |
+| | | psa_get_key_bits | | | | | |
+| | | psa_get_key_usage_flags | | | | | |
+| | | psa_get_key_algorithm | | | | | |
+| | | psa_reset_key_attributes | | | | | |
+| Message Digests | test_c011 | psa_hash_start | Start a multipart hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | |
+| | | | | | 2. Start a multipart hash operation | 2. MD4 | |
+| | | | | | 3. Abort the hash operation | 3. MD5 | |
+| | | | | | | 4. RIPEMD160 | |
+| | | | | | | 5. SHA1 | |
+| | | | | | | 6. SHA224 | |
+| | | | | | | 7. SHA256 | |
+| | | | | | | 8. SHA512 | |
+| | | | | | | 9. SHA512_224 | |
+| | | | | | | 10. SHA512_256 | |
+| | | | | | | 11. SHA3_224 1 | |
+| | | | | | | 2. SHA3_256 1 | |
+| | | | | | | 3. SHA3_384 1 | |
+| | | | | | | 4. SHA3_512 | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with unsupported algorithm should return error | Invalid hash algorithm | |
+| | | | | PSA_ERROR_BAD_STATE | Calling this function again after setup | Multiple setup calls after one another | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Invalid algorithm | |
+| | | | | | | 2. CTR algorithm | |
+| Message Digests | test_c012 | psa_hash_update | Add a message fragment to a multipart hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | |
+| | | | | | 2. Start a multipart hash operation | 2. MD4 | |
+| | | | | | 3. Add a message fragment to a multipart hash operation | 3. MD5 | |
+| | | | | | 4. Abort the hash operation | 4. RIPEMD160 | |
+| | | | | | | 5. SHA1 | |
+| | | | | | | 6. SHA224 | |
+| | | | | | | 7. SHA256 | |
+| | | | | | | 8. SHA384 | |
+| | | | | | | 9. SHA512 | |
+| | | | | PSA_ERROR_BAD_STATE | 1. Calling this function without calling the psa_hash_setup() should return error | Operation handle without setup | |
+| | | | | | 2. Calling this function with completed operation handle should return error | Completed operation handle | |
+| Message Digests | test_c013 | psa_hash_verify | Finish the calculation of the hash of a message and compare it with an expected value. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | |
+| | | | | | 2. Start a multipart hash operation | 2. MD4 | |
+| | | | | | 3. Add a message fragment to a multipart hash operation | 3. MD5 | |
+| | | | | | 4. Finish the calculation of the hash of a message and compare it with an expected value | 4. RIPEMD160 | |
+| | | | | | 5. Abort the hash operation | 5. SHA1 | |
+| | | | | | | 6. SHA224 | |
+| | | | | | | 7. SHA256 | |
+| | | | | | | 8. SHA384 | |
+| | | | | | | 9. SHA512 | |
+| | | | | PSA_ERROR_BAD_STATE | Calling this function with inactive operation handle should return error | 1. Inactive operation handle | |
+| | | | | | Calling this function with invalid operation handle should return error | 2. Invalid operation handle | |
+| | | | | PSA_ERROR_INVALID_SIGNATURE | Calling this function with incorrect expected value should return error | 1. Incorrect expected hash value | |
+| | | | | | | 2. Incorrect expected hash length | |
+| Message Digests | test_c014 | psa_hash_finish | Finish the calculation of the hash of a message. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | |
+| | | | | | 2. Start a multipart hash operation | 2. MD4 | |
+| | | | | | 3. Add a message fragment to a multipart hash operation | 3. MD5 | |
+| | | | | | 4. Finish the calculation of the hash of a message | 4. RIPEMD160 | |
+| | | | | | 5. Compare it with the expected value | 5. SHA1 | |
+| | | | | | 6. Abort the hash operation | 6. SHA224 | |
+| | | | | | | 7. SHA256 | |
+| | | | | | | 8. SHA384 | |
+| | | | | | | 9. SHA512 | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with an inactive operation handle should return error | Inactive operation handle | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with a hash buffer whose size is less than the algorithm output should return error | Buffer size less than required | |
+| | | | | PSA_ERROR_BAD_STATE | Calling this function with completed operation handle | completed operation handle | |
+| Message Digests | test_c015 | psa_hash_abort | Abort a hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | |
+| | | | | | 2. Start a multipart hash operation | 2. MD4 | |
+| | | | | | 3. Abort a hash operation | 3. MD5 | |
+| | | | | | | 4. RIPEMD160 | |
+| | | | | | | 5. SHA1 | |
+| | | | | | | 6. SHA224 | |
+| | | | | | | 7. SHA256 | |
+| | | | | | | 8. SHA384 | |
+| | | | | | | 9. SHA512 | |
+| Generation | test_c016 | psa_generate_key | Generate a key or key pair | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES | |
+| | | | | | 2. Setup the attributes for the key | 2. DES | |
+| | | | | | 3. Generate a key or key pair | 3. ECC | |
+| | | | | | 4. Get basic metadata about a key | 4. RSA | |
+| | | | | | 5. Check if key type and key length matches | | |
+| | | | | | 6. Export a key in binary format | | |
+| | | | | | 7. Check if the metadata matches | | |
+| | | | | | 8. Reset and destroy the key | | |
+| | | | | | | | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid usage flags | invalid usage flags | |
+| | | | | PSA_ERROR_ALREADY_EXISTS | Calling this function with pre-occupied key slot should return this error | Pre-occupied key slot | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function to generate only public key should return this error | 1. Key type as public key | |
+| | | | | | | 2. Invalid key type | |
+| Generation | test_c017 | psa_generate_random | Generate random bytes | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte data | |
+| | | | | | 2. Generate random bytes Run several times to ensure that every output byte will be nonzero at least once | 2. 24 Byte data | |
+| | | | | | 3. Check that no more than bytes have been overwritten | 3. 32 Byte data | |
+| | | | | | 4. Check that every byte was changed to nonzero at least once. | 4. 64 Byte data | |
+| | | | | | | 5. 128 Byte data | |
+| | | | | | | 6. 256 Byte data | |
+| | | | | | | 7. 512 Byte data | |
+| | | | | | | 8. 1000 Byte data | |
+| | | | | | | 9. 1024 Byte data | |
+| Key Derivation | test_c018 | psa_key_derivation_input_key | Provide an input for key derivation in the form of a key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte key | |
+| | | | | | 2. Setup the attributes for the key | | |
+| | | | | | 3. Import the key data into the key slot | | |
+| | | | | | 4. Set up a key derivation operation | | |
+| | | | | | 5. Provide an input for key derivation or key agreement | | |
+| | | | | | 6. Abort the key derivation operation | | |
+| | | | | PSA_ERROR_NOT_PERMITTED | Calling this function with incorrect data | 1. Invalid usage | |
+| | | | | | | 2. Incorrect key algorithm | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Step as label | |
+| | | | | | | 2. Step as info | |
+| | | | | | | 3. Step as seed | |
+| | | | | | | 4. Step as salt | |
+| | | | | | | 5. Input key type as AES (not derive) | |
+| | | | | | | 6. Key type a RSA public key | |
+| | | | | | | 7. Key type as RSA Keypair | |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with destroyed key handle | 1. No key in slot | |
+| | | | | PSA_ERROR_BAD_STATE | Calling this function without setup should return this error | | |
+| Key Derivation | test_c019 | psa_key_derivation_key_agreement | Perform a key agreement and use the shared secret as input to a key derivation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. ECDH SECP256R1 | |
+| | | | | | 2. Setup the attributes for the key | 2. ECDH SECP384R1 | |
+| | | | | | 3. Import the key data into the key slot | | |
+| | | | | | 4. Set up a key agreement operation | | |
+| | | | | | 5. Perform a key agreement | | |
+| | | | | | 6. Abort | | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Invalid step | |
+| | | | | | | 2. Invalid usage | |
+| | | | | | | 3. KDF instead of a key agreement algorithm | |
+| | | | | | | 4. Public key on different curve | |
+| | | | | | | 5. Public key instead of private key | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Zero as key slot | |
+| | | | | | | 2. Empty key handle | |
+| Key Derivation | test_c020 | psa_key_derivation_output_bytes | Read some data from a key derivation operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Key | |
+| | | | | | 2. Setup the attributes for the key | 2. Info | |
+| | | | | | 3. Import the key if the derivation input is key | | |
+| | | | | | 4. Set up a key derivation operation | | |
+| | | | | | 5. Set the capacity for the generator | | |
+| | | | | | 6. Provide input as key or data depending on the step | | |
+| | | | | | 7. Read some data from a key derivation operation | | |
+| | | | | | 8. Abort the derivation operation | | |
+| | | | | PSA_ERROR_BAD_STATE | Calling this function with only supportive step | 1. Salt | |
+| | | | | | | 2. Label | |
+| | | | | | | 3. Seed | |
+| | | | | | | 4. Aborted operation | |
+| | | | | PSA_ERROR_INSUFFICIENT_DATA | Calling this function when there are no capacity | 1. Requesting greater capacity than available | |
+| | | | | | | 2. No data available in the operation | |
+| Key Derivation | test_c021 | psa_key_derivation_output_key | Derive a key from an ongoing key derivation operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Key | |
+| | | | | | 2. Setup the attributes for the key | 2. Indo | |
+| | | | | | 3. Import the key if the derivation input is key | 3. Label | |
+| | | | | | 4. Set up a key derivation operation | 4. Seed | |
+| | | | | | 5. Set the capacity for the generator | 5. Salt | |
+| | | | | | 6. Provide input as key or data depending on the step | 6. DES key export | |
+| | | | | | 7. Setup the attributes for the new key | 7. ECC keypair | |
+| | | | | | 8. Derive a key from an ongoing key derivation operation | 9. RSA keypair | |
+| | | | | | 9. Abort the derivation operation | | |
+| | | | | PSA_ERROR_INSUFFICIENT_DATA | Calling this function with insufficient data | 1. Requesting greater capacity than available | |
+| | | | | | | 2. No data available in the operation | |
+| | | | | PSA_ERROR_BAD_STATE | Calling this function on an aborted operation shoukd return this error | Aborted operation | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | Generating public key | 1. RSA public key | |
+| | | | | | | 2. ECC public key | |
+| Key Derivation | test_c022 | psa_key_derivation_abort | Abort a key derivation operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | | |
+| | | | | | 2. Abort the key derivation operation for the different types of initialization | | |
+| | | | | | 3. Read some data from a key derivation operation with no data in the operation | | |
+| Key Derivation | test_c023 | psa_key_derivation_set_capacity | Set the maximum capacity of a key derivation operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Less than operation's capacity | |
+| | | psa_key_derivation_get_capacity | Retrieve the current capacity of a key derivation operation | | 2. Start the key derivation operation | 2. Equal to operation's capacity | |
+| | | | | | 3. Set the capacity for the generator | | |
+| | | | | | 4. Get the capacity for the generator | | |
+| | | | | | 5. Check if the capacity as per the expected value | | |
+| | | | | | 6. Abort the operation | | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | More than operation's capacity | |
+| | | | | PSA_ERROR_BAD_STATE | Calling this function on an aborted operation shoukd return this error | 1. Get capacity on an aborted operation | |
+| | | | | | | 2. Set capacity on an aborted operation | |
+| AEAD | test_c024 | psa_aead_encrypt | Process an authenticated encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. CCM - 16B AES - 13B Nounce & 8B addi data | |
+| | | | | | 2. Setup the attributes for the key | 2. AES-CCM | |
+| | | | | | 3. Import the key data into the key slot | 3. AES-CCM 24 bytes Tag length = 4 | |
+| | | | | | 4. Call aead encrypt | 4. GCM - 16B AES - 12B Nounce & 12B addi data | |
+| | | | | | 5. Check if the status is expected | 5 | |
+| | | | | | 6. Check if the cipher text and length is as expected | | |
+| | | | | | 7. Destroy and reset the key | | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. DES key | |
+| | | | | | | 2. Unsupported algorithm | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | Operation on a destroyed key handle | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | 1. Small output buffer size | |
+| | | | | | | 2. Invalid key usage | |
+| AEAD | test_c025 | psa_aead_decrypt | Process an authenticated decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. GCM -16B AES - 12B Nounce & 12B addi data | |
+| | | | | | 2. Setup the attributes for the key | 2. CCM - 16B AES - 13B Nounce & 8B addi data | |
+| | | | | | 3. Import the key data into the key slot | 3. AES CCM | |
+| | | | | | 4. Call aead decrypt | 4. AES-CCM 24 bytes Tag length = 4 | |
+| | | | | | 5. Check if the status is expected | | |
+| | | | | | 6. Check if the cipher text and length is as expected | | |
+| | | | | | 7. Destroy and reset the key | | |
+| | | | | | | | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. DES key | |
+| | | | | | | 2. Unsupported algorithm | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer size | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | Invalid tag length | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | Destroyed key handle | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid key usage | |
+| | | | | PSA_ERROR_INVALID_SIGNATURE | | 1. Invalid cipher text | |
+| | | | | | | 2. Invalid cipher text size | |
+| Message Authentication Codes | test_c026 | psa_mac_sign_setup | Start a multipart MAC calculation operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 64 Byte HMAC | |
+| | | | | | 2. Setup the attributes for the key | 2. 16 Byte AES - CMAC | |
+| | | | | | 3. Import the key data into the key slot | | |
+| | | | | | 4. Start a multipart MAC calculation operation | | |
+| | | | | | 5. Abort the MAC operation | | |
+| | | | | | 6. Destroy the key | | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte AES - GMAC | |
+| | | | | | | 2. Incompatible HMAC for CMAC | |
+| | | | | | | 3. Bad algorithm (unknown MAC algorithm) | |
+| | | | | | | 4. Truncated MAC too small | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key type | |
+| | | | | | | 2. Truncated MAC too large | |
+| | | | | | | 3. Bad algorithm (not a MAC algorithm) | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key handle | |
+| | | | | | | 2. Zero as key handle | |
+| Message Authentication Codes | test_c027 | psa_mac_update | Add a message fragment to a multipart MAC operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1.64 Byte HMAC SHA256 | |
+| | | | | | 2. Setup the attributes for the key | 2. 16 Byte AES - CMAC | |
+| | | | | | 3. Import the key data into the key slot | 3. 32 Byte HMAC SHA512 | |
+| | | | | | 4. Start a multipart MAC calculation operation | | |
+| | | | | | 5. Add a message fragment to a multipart MAC operation | | |
+| | | | | | 6. Finish the calculation of the MAC of a message | | |
+| | | | | | 7. Abort a MAC operation | | |
+| | | | | | 8. Destroy the key | | |
+| | | | | PSA_ERROR_BAD_STATE | | 1. Completed operation as input | |
+| | | | | | | 2. Uninitialized operation as input | |
+| Message Authentication Codes | test_c028 | psa_mac_sign_finish | Finish the calculation of the MAC of a message | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 | |
+| | | | | | 2. Setup the attributes for the key | 2. HMAC SHA 256 | |
+| | | | | | 3. Import the key data into the key slot | 3. HMAC SHA 512 | |
+| | | | | | 4. Start a multipart MAC calculation operation | 4. HMAC SHA 224 (truncated to 8 Byte) | |
+| | | | | | 5. Add a message fragment to a multipart MAC operation | 5. CMAC AES 128 | |
+| | | | | | 6. Finish the calculation of the MAC of a message | | |
+| | | | | | 7. Check if the MAC length matches with the expected length | | |
+| | | | | | 8. Check if the MAC data matches with the expected data | | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small size buffer | |
+| | | | | PSA_ERROR_BAD_STATE | Finish the calculation of the MAC of a message using same operation should return error | Aborted operation as input | |
+| Message Authentication Codes | test_c029 | psa_mac_verify_setup | | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 64 Byte HMAC | |
+| | | | | | 2. Setup the attributes for the key | 2. 16 Byte AES - CMAC | |
+| | | | | | 3. Import the key data into the key slot | | |
+| | | | | | 4. Start a multipart MAC calculation operation | | |
+| | | | | | 5. Abort the MAC operation | | |
+| | | | | | 6. Destroy the key | | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte AES - GMAC | |
+| | | | | | | 2. Incompatible HMAC for CMAC | |
+| | | | | | | 3. Bad algorithm (unknown MAC algorithm) | |
+| | | | | | | 4. Truncated MAC too small | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key type | |
+| | | | | | | 2. Truncated MAC too large | |
+| | | | | | | 3. Bad algorithm (unknown MAC algorithm) | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key handle | |
+| | | | | | | 2. Zero as key handle | |
+| Message Authentication Codes | test_c030 | psa_mac_verify_finish | Finish the calculation of the MAC of a message and compare it with an expected value | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 | |
+| | | | | | 2. Setup the attributes for the key | 2. HMAC SHA 256 | |
+| | | | | | 3. Import the key data into the key slot | 3. HMAC SHA 512 | |
+| | | | | | 4. Start a multipart MAC calculation operation | 4. HMAC SHA 224 (truncated to 8 Byte) | |
+| | | | | | 5. Add a message fragment to a multipart MAC operation | 5. CMAC AES 128 | |
+| | | | | | 6. Finish the calculation of the MAC of a message and compare with expected value | | |
+| | | | | PSA_ERROR_INVALID_SIGNATURE | | 1. Small size buffer | |
+| | | | | | | 2. Incorrect expected hash | |
+| | | | | PSA_ERROR_BAD_STATE | | Invalid operation as input | |
+| Message Authentication Codes | test_c031 | psa_mac_abort | Abort a MAC operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 | |
+| | | | | | 2. Setup the attributes for the key | 2. HMAC SHA 256 | |
+| | | | | | 3. Import the key data into the key slot | 3. HMAC SHA 512 | |
+| | | | | | 4. Start a multipart MAC calculation operation | 4. CMAC AES 128 | |
+| | | | | | 5. Abort the MAC operation | 5. HMAC truncated | |
+| | | | | | 6. Destroy the key | 6. Multiple abort | |
+| | | | | | | 7. psa_mac_finish after psa_mac_abort should return failure | |
+| Symmetric Ciphers | test_c032 | psa_cipher_encrypt_setup | Set the key for a multipart symmetric encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | |
+| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | |
+| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | |
+| | | | | | 4. Set the key for a multipart symmetric encryption operation | 4. DES 64 bit key | |
+| | | | | | 5. Reset and destroy the key | 5. Triple DES 2-Key | |
+| | | | | | | 6. Triple DES 3-Key | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte raw data | |
+| | | | | | | 2. Unknown cipher algorithm | |
+| | | | | | | 3. Incompatible key ARC4 | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Not a cipher algorithm | |
+| | | | | | | 2. RSA public key | |
+| | | | | | | 3. RSA keypair | |
+| | | | | | | 4. EC Public key | |
+| | | | | | | 5. EC keypair | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Incorrect usage | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Unallocated key handle | |
+| | | | | | | 2. Zero as key handle | |
+| Symmetric Ciphers | test_c033 | psa_cipher_decrypt_setup | Set the key for a multipart symmetric decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | |
+| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | |
+| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | |
+| | | | | | 4. Set the key for a multipart symmetric decryption operation | 4. DES 64 bit key | |
+| | | | | | 5. Reset and destroy the key | 5. Triple DES 2-Key | |
+| | | | | | | 6. Triple DES 3-Key | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte raw data | |
+| | | | | | | 2. Unknown cipher algorithm | |
+| | | | | | | 3. Incompatible key ARC4 | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Not a cipher algorithm | |
+| | | | | | | 2. RSA public key | |
+| | | | | | | 3. RSA keypair | |
+| | | | | | | 4. EC Public key | |
+| | | | | | | 5. EC keypair | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Unallocated key handle | |
+| | | | | | | 2. Zero as key handle | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | |
+| Symmetric Ciphers | test_c034 | psa_cipher_generate_iv | Generate an IV for a symmetric encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | |
+| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | |
+| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | |
+| | | | | | 4. Set the key for a multipart symmetric decryption operation | 4. DES 64 bit key | |
+| | | | | | 5. Generate an IV for a symmetric encryption operation | 5. Triple DES 2-Key | |
+| | | | | | 6. Check that if generated iv length match the expected length | 6. Triple DES 3-Key | |
+| | | | | | 7. Check that if generated iv are not zero | 7. AES - large iv buffer | |
+| | | | | | 8. Reset and destroy the key | 8. DES - large iv buffer | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | 1. AES - small iv buffer | |
+| | | | | | | 2. DES - small iv buffer | |
+| | | | | PSA_ERROR_BAD_STATE | | 1. Completed operation handle | |
+| Symmetric Ciphers | test_c035 | psa_cipher_set_iv | Set the IV for a symmetric encryption or decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | |
+| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | |
+| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | |
+| | | | | | 4. Set the key for a multipart symmetric encryption/decryption operation | 4. DES 64 bit key | |
+| | | | | | 5. Set an IV for a symmetric encryption/decryption operation | 5. Triple DES 2-Key | |
+| | | | | | 6. Reset and destroy the key | 6. Triple DES 3-Key | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. AES - small iv buffer | |
+| | | | | | | 2. DES - small iv buffer | |
+| | | | | | | 3. AES - large iv buffer | |
+| | | | | | | 4. DES - large iv buffer | |
+| | | | | PSA_ERROR_BAD_STATE | Setting an IV for a symmetric encryption/decryption operation using the same operator should fail | 1. Completed operation handle | |
+| Symmetric Ciphers | test_c036 | psa_cipher_update | Encrypt or decrypt a message fragment in an active cipher operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES CBC_NO_PADDING | |
+| | | | | | 2. Setup the attributes for the key | 2. AES CBC_NO_PADDING (Short input) | |
+| | | | | | 3. Import the key data into the key slot | 3. AES CBC_PKCS7 | |
+| | | | | | 4. Set the key for a multipart symmetric encryption operation | 4. AES CBC_PKCS7 (Short input) | |
+| | | | | | 5. Set an IV for a symmetric encryption operation | 5. AES CTR | |
+| | | | | | 6. Encrypt or decrypt a message fragment in an active cipher operation | 6. DES CBC (nopad) | |
+| | | | | | 7. Check if the output length matches the expected length | 7. 2-key 3DE -CBC (nopad) | |
+| | | | | | 8. Check if the output data matches the expected data | 8. 3-key 3DE -CBC (nopad) | |
+| | | | | | 9. Reset and destroy the key | | |
+| | | | | PSA_ERROR_BAD_STATE | Encrypt or decrypt a message fragment in an invalid cipher operation should fail | Invalid operation as input | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer size | |
+| Symmetric Ciphers | test_c037 | psa_cipher_finish | Finish encrypting or decrypting a message in a cipher operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES CBC_NO_PADDING | |
+| | | | | | 2. Setup the attributes for the key | 2. AES CBC_PKCS7 | |
+| | | | | | 3. Import the key data into the key slot | 3. AES CBC_PKCS7 (Short input) | |
+| | | | | | 4. Set the key for a multipart symmetric encryption operation | 4. AES CTR | |
+| | | | | | 5. Set an IV for a symmetric encryption operation | 5. DES CBC (nopad) | |
+| | | | | | 6. Encrypt or decrypt a message fragment in an active cipher operation | 6. 2-key 3DE -CBC (nopad) | |
+| | | | | | 7. Finish encrypting or decrypting a message in a cipher operation | 7. 3-key 3DE -CBC (nopad) | |
+| | | | | | 8. Check if the output length matches the expected length | | |
+| | | | | | 9. Check if the output data matches the expected data | | |
+| | | | | | 10. Reset and destroy the key | | |
+| | | | | PSA_ERROR_BAD_STATE | Encrypt or decrypt a message fragment in an invalid cipher operation should fail | Invalid operation as input | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer size | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | AES CBC_NO_PADDING (Short input) | |
+| Symmetric Ciphers | test_c038 | psa_cipher_abort | Abort a cipher operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Encrypt - AES CBC_NO_PADDING | |
+| | | | | | 2. Setup the attributes for the key | 2. Encrypt - AES CBC_PKCS7 | |
+| | | | | | 3. Import the key data into the key slot | 3. Encrypt - AES CTR | |
+| | | | | | 4. Set the key for a multipart symmetric encryption/decryption operation | 4. Encrypt - DES CBC (nopad) | |
+| | | | | | 5. Abort a cipher operation | 5. Encrypt - 2-key 3DE -CBC (nopad) | |
+| | | | | | 6. Multiple abort cipher operation should return success | 6. Encrypt - 3-key 3DE -CBC (nopad) | |
+| | | | | | | 7. Decrypt - AES CBC_NO_PADDING | |
+| | | | | | | 8. Decrypt - AES CBC_PKCS7 | |
+| | | | | | | 9. Decrypt - AES CTR | |
+| | | | | | | 10. Decrypt - DES CBC (nopad) | |
+| | | | | | | 11. Decrypt - 2-key 3DE -CBC (nopad) | |
+| | | | | | | 12. Decrypt - 3-key 3DE -CBC (nopad) | |
+| | | | | | | 13. psa_cipher_update after psa_cipher_abort should fail | |
+| Asymmetric Cryptography | test_c039 | psa_asymmetric_encrypt | Encrypt a short message with a public key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA PKCS1V15 | |
+| | | | | | 2. Setup the attributes for the key | 2. RSA OAEP SHA256 | |
+| | | | | | 3. Import the key data into the key slot | 3. RSA OAEP SHA256 with label | |
+| | | | | | 4. Encrypt a short message with a public key | 4. RSA KEYPAIR PKCS1V15 | |
+| | | | | | 5. Check if the output length matches with the expected output length | | |
+| | | | | | 6. Decrypt the cipher text | | |
+| | | | | | 7. Check if the output length matches with the input length | | |
+| | | | | | 8. Check if the output matches with the given input data | | |
+| | | | | | 9. Reset and destroy the key | | |
+| | | | | | | | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key type | |
+| | | | | | | 2. Invalid algorithm | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid handle | |
+| | | | | | | 2. Zero as key handle | |
+| Asymmetric Cryptography | test_c040 | psa_asymmetric_decrypt | Decrypt a short message with a private key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 | |
+| | | | | | 2. Setup the attributes for the key | 2. RSA KEYPAIR OAEP SHA256 | |
+| | | | | | 3. Import the key data into the key slot | 3. RSA KEYPAIR OAEP SHA256 with label | |
+| | | | | | 4. Decrypt a short message with a private key | | |
+| | | | | | 5. Check if the output length matches with the expected length | | |
+| | | | | | 6. Check if the output matches with the expected data | | |
+| | | | | | 7. Reset and destroy the key | | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT+E524 | | 1. Invalid key type (RSA public key) | |
+| | | | | | | 2. Invalid algorithm | |
+| | | | | | | 3. Invalid key type (AES Key) | |
+| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | Uninitialized key handle | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer | |
+| Asymmetric Cryptography | test_c041 | psa_asymmetric_sign | Sign a hash or short message with a private key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 RAW | |
+| | | | | | 2. Setup the attributes for the key | 2. RSA KEYPAIR PKCS1V15 SHA-256 | |
+| | | | | | 3. Import the key data into the key slot | 3. ECDSA KEYPAIR SECP256R1 SHA-256 | |
+| | | | | | 4. Sign a hash or short message with a private key | | |
+| | | | | | 4. Check if the output length matches with the expected length | | |
+| | | | | | 5. Check if the output matches with the expected data | | |
+| | | | | | 6. Reset and destroy the key | | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key type (RSA public key) | |
+| | | | | | | 2. Invalid algorithm | |
+| | | | | | | 3. Invalid key type (AES Key) | |
+| | | | | | | 4. Wrong hash size | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | Uninitialized key handle | |
+| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer | |
+| Asymmetric Cryptography | test_c042 | psa_asymmetric_verify | Verify the signature a hash or short message using a public key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 RAW | |
+| | | | | | 2. Setup the attributes for the key | 2. RSA KEYPAIR PKCS1V15 SHA-256 | |
+| | | | | | 3. Import the key data into the key slot | 3. ECDSA KEYPAIR SECP256R1 SHA-256 | |
+| | | | | | 4. Verify the signature a hash or short message using a public key | 4. RSA public key | |
+| | | | | | 5. Reset and destroy the key | 5. EC public key | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid algorithm | |
+| | | | | | | 2. Wrong hash size | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | | |
+| | | | | PSA_ERROR_INVALID_SIGNATURE | | Wrong signature size | |
+| | | | | | | Wrong signature | |
+| | | | | PSA_ERROR_DOES_NOT_EXIST | | Empty key slot | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | Invalid key type (AES Key) | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer | |
+| Key Derivation | test_c043 | psa_raw_key_agreement | Perform a key agreement and return the raw shared secret | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. ECDH SECP256R1 | |
+| | | | | | 2. Setup the attributes for the key | 2. ECDH SECP384R1 | |
+| | | | | | 3. Import the key data into the key slot | | |
+| | | | | | 4. Set up a key agreement operation | | |
+| | | | | | 5. Reset and destroy the key | | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Not a key agreement alg | |
+| | | | | | | 2. Public key on different curve | |
+| | | | | | | 3. Public key instead of private key | |
+| | | | | | | 4. Unknown KDF | |
+| | | | | | | 5. Small size buffer | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | Uninitialized key handle | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage | |
+| Key Management | test_c044 | psa_copy_key | Copy key material from one location to another | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | |
+| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | |
+| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES with constraints | |
+| | | | | | 4. Setup the attributes for the target key | 4. 2048 RSA public key | |
+| | | | | | 5. Make a copy of a key | 5. 2048 RSA key pair | |
+| | | | | | 6. Destroy the source to ensure that this doesn't affect the target | 6. DES 64 bit key | |
+| | | | | | 7. Export a key in binary format and check if it matches with source material | 7. Triple DES 2-Key | |
+| | | | | | 8. Reset and destroy the key | 8. Triple DES 3-Key | |
+| | | | | | | 9. EC Public key | |
+| | | | | | | 10. EC key pair | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Incompatible target policy(source and target) | |
+| | | | | | | 2. Incompatible constraint | |
+| | | | | | | 3. Incompatible target policy | |
+| | | | | | | 4. Copy on a destroyed source | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Unallocated target key slot | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Usage set as export (not copy) | |
+| Key Management | test_c045 | psa_hash_clone | Clone a hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 | |
+| | | | | | 2. Start a multipart hash operation | 2. MD4 | |
+| | | | | | 3. Clone a hash operation | 3. MD5 | |
+| | | | | | 4. Add a message fragment to a multipart hash source_operation | 4. RIPEMD160 | |
+| | | | | | 5. Finish the calculation of the hash of a message | 5. SHA1 | |
+| | | | | | 6. Abort the hash operation | 6. SHA224 | |
+| | | | | | | 7. SHA256 | |
+| | | | | | | 8. SHA512 | |
+| | | | | PSA_ERROR_BAD_STATE | Cloning to an active hash operation should be an error | 1. Active clone hash | |
+| | | | | | | 2. Aborted operator | |
+| Message Authentication Codes | test_c046 | psa_mac_compute | Calculate the MAC (message authentication code) of a message. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 | |
+| | | | | | 2. Setup the attributes for the key | 2. CMAC AES 128 | |
+| | | | | | 3. Import the key data into the key slot | 3. HMAC SHA 224 (truncated to 8 Byte | |
+| | | | | | 4. Calculate the MAC (message authentication code) of a message | 4. HMAC SHA 512 | |
+| | | | | | 5. Check if the MAC length and data matches with the expected values | 5. HMAC SHA 256 | |
+| | | | | | 6. Reset and destroy the key | | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with unsupported values | 1. Incompactible HMAC for CMAC | |
+| | | | | | | 2. Invalid usage | |
+| | | | | | | 3. Truncated MAC too small | |
+| | | | | | | 4. Bad algorithm (unknown MAC algorithm) | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Invalid key type | |
+| | | | | | | 2. Truncated MAC too large | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small size buffer | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | Destroyed key handle | |
+| Message Authentication Codes | test_c047 | psa_mac_verify | Calculate the MAC of a message and compare it with a reference value | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 | |
+| | | | | | 2. Setup the attributes for the key | 2. HMAC SHA 256 | |
+| | | | | | 3. Import the key data into the key slot | 3. HMAC SHA 512 | |
+| | | | | | 4. Calculate and verify MAC with reference value | 4. HMAC SHA 224 (truncated to 8 Byte) | |
+| | | | | | 5. Reset and destroy the key | 5. CMAC AES 128 | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with unsupported values | 1. Incompactible HMAC for CMAC | |
+| | | | | | | 2. Invalid usage | |
+| | | | | | | 3. Truncated MAC too small | |
+| | | | | | | 4. Bad algorithm (unknown MAC algorithm) | |
+| | | | | PSA_ERROR_INVALID_SIGNATURE | | 1. Small size buffer | |
+| | | | | | | 2. Incorrect expected MAC | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Truncated MAC too large | |
+| | | | | | | 2. Invalid key type | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | Destroyed key handle | |
+| Symmetric Ciphers | test_c048 | psa_cipher_encrypt | Encrypt a message using a symmetric cipher. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES CBC_NO_PADDING | |
+| | | | | | 2. Setup the attributes for the key | 2. AES CBC_PKCS7 | |
+| | | | | | 3. Import the key data into the key slot | 3. AES CBC_PKCS7 (Short input) | |
+| | | | | | 4. Encrypt a message using a symmetric cipher | 4. AES CTR | |
+| | | | | | 5. Check if the output matches the expected value | 5. AES CTR (short input) | |
+| | | | | | 6. Reset and destroy the key | 6. DES CBC (nopad) | |
+| | | | | | | 7. 2-key 3DE -CBC (nopad) | |
+| | | | | | | 8. 3-key 3DE -CBC (nopad) | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Decrypt - AES CBC_NO_PADDING | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer size | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | AES CBC_NO_PADDING (Short input) | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | Aborted key handle | |
+| Symmetric Ciphers | test_c049 | psa_cipher_decrypt | Decrypt a message using a symmetric cipher. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES CBC_NO_PADDING | |
+| | | | | | 2. Setup the attributes for the key | 2. AES CBC_PKCS7 | |
+| | | | | | 3. Import the key data into the key slot | 3. AES CBC_PKCS7 (Short input) | |
+| | | | | | 4. Encrypt a message using a symmetric cipher | 4. AES CTR | |
+| | | | | | 5. Check if the output matches the expected value | 5. AES CTR (short input) | |
+| | | | | | 6. Reset and destroy the key | 6. DES CBC (nopad) | |
+| | | | | | | 7. 2-key 3DE -CBC (nopad) | |
+| | | | | | | 8. 3-key 3DE -CBC (nopad) | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | AES CBC_NO_PADDING (Short input) | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | AES CBC_NO_PADDING | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer size | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | Aborted key handle | |
+| Key Management | test_c050 | psa_open_key | Open a handle to an existing persistent key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | |
+| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | |
+| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | |
+| | | | | | 4. Save the details of current check, key id and key handle value in NV memory | 4. 2048 RSA public key | |
+| | | | | | 5. Reset the system | 5. 2048 RSA keypair | |
+| | | | | | 6. After reset, get the values of check, key id and key handle value before the system was reset from NV | 6. DES 64 bit key | |
+| | | | | | 7. Get the attributes of the imported key and check if it matches the given value | 7. Triple DES 2-Key | |
+| | | | | | 8. Export a key in binary format | 8. Triple DES 3-Key | |
+| | | | | | 9. Check the value of the exported key | 9. EC Public key | |
+| | | | | | 10. Reset and destroy the key | 10. EC keypair | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | Key data greater than the algorithm size | |
+| Key Management | test_c051 | psa_close_key | Close a key handle | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES | |
+| | | | | | 2. Setup the attributes for the key | 2. 24 Byte AES | |
+| | | | | | 3. Import the key data into the key slot | 3. 32 Byte AES | |
+| | | | | | 4. Close the key handle | 4. 2048 RSA public key | |
+| | | | | | 5. Check if all the attributes are erased | 5. 2048 RSA keypair | |
+| | | | | | 6. Open the key handle and retrieve the data | 6. DES 64 bit key | |
+| | | | | | | 7. Triple DES 2-Key | |
+| | | | | | | 8. Triple DES 3-Key | |
+| | | | | | | 9. EC Public key | |
+| | | | | | | 10. EC keypair | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | Closing an empty key handle | |
+| AEAD | test_c052 | psa_aead_encrypt_setup | Set the key for a multipart authenticated encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | |
+| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | |
+| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | |
+| | | | | | 4. Set the key for a multipart authenticated encryption operation | | |
+| | | | | | 5. Destroy the key | | |
+| | | | | | 6. Abort the AEAD operation | | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. DES Key | |
+| | | | | | | 2. Unsupported Algorithm | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid key usage | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | Destroyed key handle | |
+| AEAD | test_c053 | psa_aead_decrypt_setup | Set the key for a multipart authenticated decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | |
+| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | |
+| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | |
+| | | | | | 4. Set the key for a multipart authenticated decryption operation | | |
+| | | | | | 5. Destroy the key | | |
+| | | | | | 6. Abort the AEAD operation | | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. DES Key | |
+| | | | | | | 2. Unsupported Algorithm | |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid key usage | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | Destroyed key handle | |
+| AEAD | test_c054 | psa_aead_generate_nonce | Generate a random nonce for an authenticated encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | |
+| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | |
+| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | |
+| | | | | | 4. Set the key for a multipart authenticated decryption operation | | |
+| | | | | | 5. Generate a random nonce for an authenticated encryption operation | | |
+| | | | | | 6. Check that if generated iv are non zero | | |
+| | | | | | 7. Destroy the key | | |
+| | | | | | 8. Reset the key attributes | | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small buffer size | |
+| | | | | PSA_ERROR_BAD_STATE | | 1. Call generate a random nonce twice | |
+| | | | | | | 2. Aborted operation | |
+| AEAD | test_c055 | psa_aead_set_nonce | Set the nonce for an authenticated encryption or decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | |
+| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | |
+| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | |
+| | | | | | 4. Set the key for a multipart authenticated decryption operation | | |
+| | | | | | 5. Set the nonce for an authenticated encryption operation | | |
+| | | | | | 6. Reset and destroy the key | | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Small nounce size | |
+| | | | | | | 2. Large nonce size | |
+| | | | | PSA_ERROR_BAD_STATE | | 1. Call set nonce twice | |
+| | | | | | | 2. Aborted operation | |
+| AEAD | test_c056 | psa_aead_set_lengths | Declare the lengths of the message and additional data for AEAD | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | |
+| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | |
+| | | | | | 3. Import the key data into the key slot | | |
+| | | | | | 4. Set the key for a multipart authenticated decryption operation | | |
+| | | | | | 5. Set the nonce for an authenticated encryption operation | | |
+| | | | | | 6. Declare the lengths of the message and additional data for AEAD | | |
+| | | | | | 7. Abort the AEAD operation | | |
+| | | | | | 8. Reset and destroy the key | | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Zero ad size | |
+| | | | | | | 2. Zero plaintext size | |
+| | | | | | | 3. Invalid lengths | |
+| | | | | | | 4. Vey large lengths | |
+| | | | | PSA_ERROR_BAD_STATE | | 1. Failed operation | |
+| | | | | | | 2. Aborted operation | |
+| AEAD | test_c057 | psa_aead_update_ad | Pass additional data to an active AEAD operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | |
+| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | |
+| | | | | | 3. Import the key data into the key slot | | |
+| | | | | | 4. Set the key for a multipart authenticated decryption operation | | |
+| | | | | | 5. Set the nonce for an authenticated encryption operation | | |
+| | | | | | 6. Declare the lengths of the message and additional data for AEAD | | |
+| | | | | | 7. Pass additional data to an active AEAD operation | | |
+| | | | | | 8. Reset and destroy the key | | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Zero ad size | |
+| | | | | | | 2. Zero plaintext size | |
+| | | | | | | 3. Invalid lengths | |
+| | | | | | | 4. Vey large lengths | |
+| | | | | PSA_ERROR_BAD_STATE | | Inactive AEAD operation | |
+| AEAD | test_c058 | psa_aead_update | Encrypt or decrypt a message fragment in an active AEAD operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | |
+| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | |
+| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | |
+| | | | | | 4. Set the key for a multipart authenticated decryption operation | | |
+| | | | | | 5. Set the nonce for an authenticated encryption operation | | |
+| | | | | | 6. Declare the lengths of the message and additional data for AEAD | | |
+| | | | | | 7. Pass additional data to an active AEAD operation | | |
+| | | | | | 8. Encrypt or decrypt a message fragment in an active AEAD operation | | |
+| | | | | | 9. Compare the output and its length with the expected values | | |
+| | | | | | 10. Abort the AEAD operation | | |
+| | | | | | 11. Reset and destroy the key | | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Zero plaintext size | |
+| | | | | | | 2. Input length overflows plaintext length | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small buffer size | |
+| | | | | PSA_ERROR_BAD_STATE | | Inactive AEAD operation | |
+| AEAD | test_c059 | psa_aead_finish | Finish encrypting a message in an AEAD operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | |
+| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | |
+| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | |
+| | | | | | 4. Set the key for a multipart authenticated decryption operation | | |
+| | | | | | 5. Set the nonce for an authenticated encryption operation | | |
+| | | | | | 6. Declare the lengths of the message and additional data for AEAD | | |
+| | | | | | 7. Pass additional data to an active AEAD operation | | |
+| | | | | | 8. Encrypt or decrypt a message fragment in an active AEAD operation | | |
+| | | | | | 9. Finish encrypting a message in an AEAD operation | | |
+| | | | | | 10. Compare the output and its length with the expected values | | |
+| | | | | | 11. Abort the AEAD operation | | |
+| | | | | | 12. Reset and destroy the key | | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Zero plaintext size | |
+| | | | | | | 2. Input length overflows plaintext length | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small buffer size | |
+| | | | | PSA_ERROR_BAD_STATE | | Inactive AEAD operation | |
+| AEAD | test_c060 | psa_aead_abort | Abort an AEAD operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | |
+| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | |
+| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | |
+| | | | | | 4. Set the key for a multipart authenticated decryption operation | | |
+| | | | | | 5. Abort the AEAD operation | | |
+| | | | | | 6. Reset and destroy the key | | |
+| AEAD | test_c061 | psa_aead_verify | Finish authenticating and decrypting a message in an AEAD operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES-CCM | |
+| | | | | | 2. Setup the attributes for the key | 2. AES-CCM 24 bytes Tag length = 4 | |
+| | | | | | 3. Import the key data into the key slot | 3. GCM - 16B AES - 12B Nounce & 12B addi data | |
+| | | | | | 4. Set the key for a multipart authenticated decryption operation | | |
+| | | | | | 5. Set the nonce for an authenticated encryption operation | | |
+| | | | | | 6. Declare the lengths of the message and additional data for AEAD | | |
+| | | | | | 7. Pass additional data to an active AEAD operation | | |
+| | | | | | 8. Encrypt or decrypt a message fragment in an active AEAD operation | | |
+| | | | | | 9. Finish decrypting a message in an AEAD operation | | |
+| | | | | | 10. Compare the output and its length with the expected values | | |
+| | | | | | 11. Abort the AEAD operation | | |
+| | | | | | 12. Reset and destroy the key | | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | Input length is less than plaintext length | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small buffer size | |
+| | | | | PSA_ERROR_BAD_STATE | | Inactive operator | |
## License
Arm PSA test suite is distributed under Apache v2.0 License.
diff --git a/api-tests/docs/psa_ipc_testlist.md b/api-tests/docs/psa_ipc_testlist.md
index 2313422c..c8343db5 100644
--- a/api-tests/docs/psa_ipc_testlist.md
+++ b/api-tests/docs/psa_ipc_testlist.md
@@ -1,122 +1,123 @@
# PSA FF IPC Testcase checklist
-| Tests | Scenario Rules | Client- Server Test Functions Pair | Test Algorithm/Comments/Test Limitation | Rule optional for API compliance? | Is scenario implemented in this release? |
-|------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------|------------------------------------------|
-| test_i001 | 1. psa_framework_version(): Retrieve the version of the PSA Framework API that is implemented. Manifest field- psa_framework_version: Version of the PSA Firmware Framework specification this manifest conforms to. | [client/server]_test_psa_framework_version() | Call the psa_framework_version() API from both SPE and NSPE side and compare the return value with PSA_FRAMEWORK_VERSION. | Mandatory | Yes |
-| | 1. psa_version() returns PSA_VERSION_NONE when the RoT Service is not implemented, or the caller is not permitted to access the service OR return > 0 with the minor version of the implemented RoT Service. | [client/server]_test_psa_version() | 1. Pass un-implemented SID and expects PSA_VERSION_NONE as return value. 2. Call to API from NSPE with a SID who doesn't provide service to NSPE and expects PSA_VERSION_NONE as return value. 3. Pass SID who is implemented and provides service to NSPE and expect minor number(>0) of given RoT service as return. Perform all above checks from SPE too. | Mandatory | Yes |
-| test_i002 | 1. psa_connect() returns the PSA_ERROR_CONNECTION_BUSY when RoT Service cannot make the connection at the moment (transient error). 2. psa_connect() returns the PSA_ERROR_CONNECTION_REFUSED when RoT Service has refused the connection 3. psa_wait() returns the Secure Partition interrupt signals that have been asserted from a subset of signals provided by the caller. Returns > 0 when at least one signal is asserted 4. psa_get():Get the message which corresponds to a given RoT Service signal and remove the message from the queue. 5. psa_get() returns PSA_SUCCESS when *msg will contain the delivered message. 6. The type member of the psa_msg_t object should return PSA_IPC_CONNECT for a new connection request following a psa_get() call to psa_connect() and msg.handle must be positive. 7. psa_reply(): If the message type is PSA_IPC_CONNECT then server can reject the connection by sending PSA_ERROR_CONNECTION_REFUSED (permanent error) or PSA_ERROR_CONNECTION_BUSY (transient error) status code. | [client/server]_test_connection_busy_and_reject() | 1. Client tries to connect to ROT service using psa_connect() 2. RoT service checks the delivery of PSA_IPC_CONNECT message type and positive handle value returned by psa_get() 3. RoT service rejects the connection by executing psa_reply(handle,PSA_ERROR_CONNECTION_BUSY) 4. Client tries to connect to same ROT service using psa_connect() again 5. This time, RoT service rejects the connection by executing psa_reply(handle,PSA_ERROR_CONNECTION_REFUSED) Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. psa_connect(): When SID is implemented and client is permitted to access the service, SPM delivers a PSA_IPC_CONNECT message from the client to the Secure Partition that implements the RoT Service and positive handle is returned to client. 2. psa_get():Get the message which corresponds to a given RoT Service signal and remove the message from the queue. 3. psa_get() returns PSA_SUCCESS when *msg will contain the delivered message 4. psa_get():The type member of the psa_msg_t object should return PSA_IPC_CONNECT for a new connection request following a psa_get() call to psa_connect() and msg.handle must be positive. 5. psa_get(): The type member of the psa_msg_t object should return PSA_IPC_DISCONNECT for a new connection request following a psa_get() call to psa_close() and msg.handle must be positive. 6. psa_reply(): If the message type is PSA_IPC_CONNECT then server can accept the connection by sending PSA_SUCCESS status code. If the message type is PSA_IPC_DISCONNECT then the status code is ignored. 7. psa_close(): Closes a connection to a RoT Service. Sends the PSA_IPC_DISCONNECT message to the RoT Service. This function will have no effect if called with the null handle. | [client/server]_test_accept_and_close_connect() | 1.Client tries to connect to ROT service 2. RoT service checks the delivery of PSA_IPC_CONNECT message type and positive handle value return by psa_get() 3. RoT service accepts the connection by executing psa_reply(.., PSA_CONNECTION_ACCEPTED). 4. Client calls the psa_close with PSA_NULL_HANDLE and later it closes the connection using psa_close() with actual handle value 5. RoT service checks the delivery of PSA_IPC_DISCONNECT message type, checks handle value eqaul to NULL returned by psa_get() and completes the PSA_IPC_DISCONNECT by executing psa_reply() . Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
-| | Following are allowed minor version condition to psa_connect(): 1. Version policy is not mentioned and requested version is 1 which is default minimum version 2. Version policy is STRICT and requested version equals minimum version 3. Version policy is relaxed and requested version is smaller than the minimum version 4. Version policy is relaxed and requested version is euqal to the minimum version | [client/server]_test_connect_with_allowed_minor_version_policy() | Client tries connecting ROT service of following properties and expects connection to establish: - Version policy is not mentioned and requested version is 1 which is default minimum version - Version policy is STRICT and requested version equals minimum version - Version policy is relaxed and requested version is smaller than the minimum version - Version policy is relaxed and requested version is equal to the minimum version Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. psa_call(): The valid psa_call, make SPM to send PSA_IPC_CALL msg.type to the RoT servicee partition and the successful call should return >=0 handle value. 2. psa_call() receives return value >= 0 for RoT-specific return code 3. psa_call() receive return value < 0 for RoT-specific error code 4. psa_reply(): If the message type is PSA_IPC_CALL, all status codes other than PSA_ERROR_PROGRAMMER_ERROR must be reported to the client. | [client/server]_test_psa_call_with_allowed_status_code() | 1. Client connects to RoT service 2. Client sends message using psa_call() 3. RoT service checks the delivery of PSA_IPC_CALL message type and positive handle value return by psa_get() 4. RoT service ends the call using psa_reply(status_code) 5. Client checks the return value of psa_call() and Client closes the connectionRepeat (1) to (5) for different status code, SUCCESS, +ve, -ve.. Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. A msg.client_id that has a positive value indicates that the client is in the SPE and this the Secure Partition ID of the client. A negative client_id indicates that the client is in the NSPE. 2. Client_id is valid during PSA_IPC_CONNECT, PSA_IPC_CALL and PSA_IPC_DISCONNECT msg type. 3. Manifest Parameter- name (required, unique) A Partition must have an alphanumeric name for source code to directly refer to a specific Partition. The format of the name must follow the rules of a C macro. | [client/server]_test_identity() | - Check the value returned by msg.client_id during PSA_IPC_CONNECT, PSA_IPC_CALL and PSA_IPC_DISCONNECT. For NSPE connection, client_id should be <0 and for SPE, it should be >0. Perform all above steps from NSPE and SPE both. - Access the Partition ID of client partition and compare the value with expected ID value. | Mandatory | Yes |
-| | 1. psa_connect() will return the PSA_ERROR_CONNECTION_REFUSED OR PSA_ERROR_CONNECTION_BUSY when the SPM has reached the limit of concurrent connections | [client/server]_test_spm_concurrent_connect_limit() | Execute psa_connect() API in a loop until it returns PSA_CONNECTION_REFUSED or PSA_CONNECTION_BUSY to indicate end of concurrent connections limit. Perform above step from NSPE and SPE both. | Mandatory | Yes |
-| | 1. psa_wait(): When MODE(PSA_BLOCK) is one, the function will block the caller until one of the requested signals is asserted. 2. psa_wait(): Callers must set RES to zero, implementations must ignore the value of RES. | [client/server]_test_psa_block_behave() | 1. Client connects to a RoT service mutilpe times. 2. RoT service psa_wait(PSA_BLOCK|(Non-zero value for timeout[30:0])) API is executed without while(1) loop. 3. RoT service serves the connections by rejecting them. This is a sanity check, a successful handshaking between client and server for requested connection represents check pass. Perform above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. psa_wait(): When MODE is zero, the function will return immediately with the current signal state, which can be zero if no signals are active. | [client/server]_test_psa_poll_behave() | 1. Client connects to a RoT service mutilpe times. 2. RoT service executes psa_wait(PSA_POLL) in a while loop and checks the API's polling behaviour. 3. Call psa_wait(PSA_POLL) when no request is made by client and checks the return value. Perform above steps from NSPE and SPE both. | Mandatory | Yes |
-| test_i003 | 1. The reverse handle for a connection is NULL until psa_set_rhandle() is used. psa_set_rhandle() can be used to associate some caller-provided private data with a specified client connection. And SPM must provide same rhandle for msg.rhandle with all subsequent messages delivered on this connection. On success the rhandle is retained by the implementation and provided in all future messages on that connection as part of the psa_msg_t structure. 2. Setting the rhandle for a connection during disconnection has no observable effect. | [client/server]_test_psa_set_rhandle() | 1. Client connects to RoT service and RoT service checks the value of msg.rhanlde value duing PSA_IPC_CONNECT2. Client send call msg to RoT service and RoT service checks the value of msg.rhanlde value duing PSA_IPC_CONNECT 3. ROT service sets the rhandle with known value. 4. Client send call msg to RoT service and RoT service now compare the value of msg.rhanndle with previously set value 5. ROT service sets the rhandle with known value other than previously set value 6. Client send call msg to RoT service and RoT service now compare the value of msg.rhanndle with last set value 7. The reverse handle for a connection is NULL until psa_set_rhandle() is used Perform above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. psa_call():The caller can optionally provide one or more buffers to receive a response (out_vec). 2. psa_get(): The array in_size provides the size of each client input vector in bytes. The array out_size provides the size of each client output vector in bytes. 3. psa_read(): parameter from the client input vector. Streams up to the next num_bytes bytes of client input vector invec_idx in the message identified by msg_handle to the Secure Partition buffer. Returns the number of bytes copied. 4. psa_read(): If num_bytes is less than or equal to the available data in the input vector then num_bytes are copied to buffer, and the remaining data in the input vector can be read by subsequent calls to psa_read() with the same msg_handle and invec_idx. 5. psa_read(): RoT Services can determine how much data is available to read from the message based on the in_size[] attribute of the psa_msg_t message returned from psa_get(). If an input vector has not been passed by the client then the corresponding in_size[] for that vector is zero. 6. psa_read(): If num_bytes is greater than the remaining data in the input vector then the remaining input bytes are copied to buffer and the call returns the number of bytes copied. Any space after this in buffer is not modified. Subsequent calls of psa_read() or psa_skip() with the same message input vector will report that there is no more data in the vector. 7. psa_skip(): Skip over part of a client input vector. Advances the current read offset by skipping up to num_bytes bytes for input vector invec_idx in the message identified by msg_handle. psa_skip(): When psa_skip returns, it returns with the number of bytes skipped 8. psa_skip(): If There was no remaining data in this input vector, return zero 9.psa_skip(): If num_bytes is greater than the remaining size of the input vector then the remaining size of the input vector is returned. Subsequent calls of psa_read() or psa_skip() with the same message input vector will report that there is no more data in the vector. | [client/server]_test_call_read_and_skip() | 1.Client connects to RoT service 2.Client sends four input vectors to RoT service using psa_call 3. RoT service checks following: - Reporting of input vectors size through msg.in_size - Input vectors content reading through psa_read -Inbound /Outbound offset reading -Inbound/Outbound offset skipping -Zero byte read and skip -out_len=0 check 4. Client recieves the status of RoT service checks and closes the connection Perform above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. psa_call(): The caller can optionally provide one or more buffers to receive a response (out_vec). On return from psa_call() the len value will have been updated to indicate the number of bytes of data written to the buffer by the RoT Service. 2. psa_write(): Appends num_bytes of data from buffer to the client output vector outvec_idx in the message identified by msg_handle. Sequential calls using the same msg_handle and outvec_idx will be concatenated in the output vector | [client/server]_test_call_and_write() | 1. Client connects to RoT service 2. Client sends four output vectors to RoT service using psa_call 3. RoT service checks following: - Reporting of output vectors size through msg.out_size - in_len=0 check - zero byte write - Out vector writes using psa_write - Vector write concatenation 4. Client recieves the status of RoT service checks, cross check the content of out vectors and closes the connection Perform above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. psa_call(): Any I/O vector of length zero is permitted and will be treated as an empty or non-existent vector by the framework. When less than four vectors are provided to psa_call() for either input or output, then the remaining vectors have zero length and the in_size and out_size elements for these vectors will be zero.A memory reference contains a start address and an associated length. A zero-length memory reference is one where the length is zero. The start address of a zero-length memory reference can safely take any value and must be ignored by the implementation. 2. psa_call(): If in_len is zero then in_vec is ignored 3. sa_call(): If out_len is zero then out_vec is ignored 4. psa_get(): If an input and output vector has not been passed by the client then the corresponding in_size[] and out_size[] for that vector is zero. | [client/server]_test_zero_length_invec()[client/server]_test_zero_length_outvec() | Test zero lenth input vector: 1. Client connects to RoT service 2. Client sends three input and one outvec vectors to RoT service using psa_call - invec 0 as zero length vector, invec 1 as NULL and invec 2 and outvec 0 as non-zero length vector 3. RoT service checks size of each vectors reported through msg.in_size and msg.out_size 4. Client recieves the status of checks and closes the connection Test zero lenth output vector: 1. Client connects to RoT service 2. Client sends one input and three outvec vectorsto RoT service using psa_call - outvec 0 as zero length vector, outvec 0 as NULL and invec 0 and outvec 2 as non-zero length vector 3. RoT service checks size of each vectors reported through msg.in_size and msg.out_size 4. Client recieves the status of checks and closes the connection Perform above steps from NSPE and SPE both. | Mandatory | Yes |
-| | 1. When client provides an input and output vectors which are referencing to same memory location, a psa_read after psa_write to the same memory location can return original or modified value. 2. When client provides an input and output vectors which are referencing to same memory location, a psa_write(s) to both memory vectors can return either the 1st or the 2nd value written. | [client/server]_test_overlapping_vectors | 1. Client provides one input and 2 output vectors which are pointing to same location. 2. RoT service performs read after write operation on to outvec-0 and expects return value either modified one or the original 3. RoT service performs write operation to outvec-1 and unblock the connection. The write performed is to mimic write after write operatio to the overlapping vector. 4. Client check the value of outvec. The value should be either the value written by first psa_write or the second psa_write. | Mandatory | Yes |
-| test_i004 | The call to psa_connect() is PROGRAMMER ERROR if RoT Service does not exist on platform | [client/server]_test_sid_does_not_exists() | Call psa_connect with SID which does not exist on a platform and expect PROGRAMMER ERROR behaviour. Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i005 | The call to psa_connect() is PROGRAMMER ERROR if Version policy is STRICT and requested version is HIGHER than minimum version | [client/server]_test_strict_policy_higher_minor_version() | call psa_connect with SID whose Version policy is STRICT and requested minor version is HIGHER than minimum version and expect PROGRAMMER ERROR behaviour. Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i006 | The call to psa_connect() is PROGRAMMER ERROR if Version policy is STRICT and requested version lower than minimum version | [client/server]_test_strict_policy_lower_minor_version() | call psa_connect with SID whose Version policy is STRICT and requested minor version is Lower than minimum version. Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i007 | The call to psa_connect() is PROGRAMMER ERROR if Version policy is RELAXED and requested version is bigger than minimum version | [client/server]_test_relax_policy_higher_minor_version() | call psa_connect with SID whose Version policy is RELAXED and requested minor version is HIGHER than minimum version and expect PROGRAMMER ERROR behaviour. Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i008 | 1. The call to psa_connect() is PROGRAMMER ERROR if service to non_secure_client is not available 2. Manifest parameter - The non_secure_clients field contains a boolean to indicate if it is accessible to NSPE clients. RoT Services are always accessible to SPE clients. | [client/server]_test_secure_access_only_connection() | Call psa_connect with SID which allow secure only connection and expect PROGRAMMER ERROR behaviour. Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i009 | 1. The call to psa_connect() is PROGRAMMER ERROR if SID is not mentioned in dependencies field. 2. Manifest parameter- dependencies (optional) If access between a Secure Partition (acting as client) and a RoT Service (acting as server) is not specified in the manifest, then the client is not permitted to connect to the RoT Service. | [client/server]_test_unextern_sid_connection() | Call psa_connect with SID which is not mentioned as external SID in manifest and expect PROGRAMMER ERROR behaviour. | Optional | Yes |
-| test_i010 | It is not required for the minor_version or minor_policy attributes to be specified. If they are not specified in the manifest, the RoT Service will have default attributes of minor_version=1 and minor_policy="STRICT". In this case, the call to psa_connect() is PROGRAMMER ERROR if requested version higher than minimum version. | [client/server]_test_unspecified_policy_with_higher_minor_ver() | Call psa_connect with SID whose Version policy is not mentioned and requested minor version is HIGHER than minimum version and expect PROGRAMMER ERROR behaviour. Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i011 | It is not required for the minor_version or minor_policy attributes to be specified. If they are not specified in the manifest, the RoT Service will have default attributes of minor_version=1 and minor_policy="STRICT". In this case, the call to psa_connect() is PROGRAMMER ERROR if requested version lower than minimum version | [client/server]_test_unspecified_policy_with_lower_minor_ver() | Call psa_connect with SID whose Version policy is not mentioned and requested minor version is lower than minimum version and expect PROGRAMMER ERROR behaviour. Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i012 | The call to psa_close() is PROGRAMMER ERROR if an invalid handle was provided that is not the null handle | [client/server]_test_psa_close_with_invalid_handle() | Call psa_close with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour. Perform above step from NSPE and SPE both. | Optional | Yes |
-| test_i013 | The call to psa_get() is PROGRAMMER ERROR if signal has more than a single bit set | [client/server]_test_psa_get_with_more_than_one_signal() | Call psa_get with a signal who has more than a single bit set and expect PROGRAMMER ERROR behaviour. | Optional | Yes |
-| test_i014 | After a RoT Service message is signaled, psa_get() function is used to retrieve the message details. Each message can only be retrieved once. | [client/server]_test_psa_get_called_twice() | Call psa_get with a valid signal back to back and expect PROGRAMMER ERROR behaviour. | Optional | Yes |
-| test_i015 | The call to psa_get() is PROGRAMMER ERROR if signal does not correspond to a RoT Service | [client/server]_test_psa_get_with_non_rot_signal() | Call psa_get with DOORBELL signal and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i016 | The call to psa_get() is PROGRAMMER ERROR if The RoT Service signal is not currently asserted | [client/server]_test_psa_get_with_unasserted_signal() | Call psa_get with singal which is currently not asserted and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i017 | Each RoT Service listed creates a dependency from the client Partition to a server Partition. Within the resulting network of dependencies, there must be no circular dependencies between Secure Partitions. This would result in deadlock because the Service requests are always synchronous.For the same reason, a Secure Partition must not use a RoT Service that is defined within itself. Direct function calls must be used instead of IPC where there is a dependency between RoT Services within a single Secure Partition. | [client/server]_test_partition_calling_its_own_rot_service() | Partition calling its own ROT service using psa_connect and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i018 | The call to psa_set_rhandle() is PROGRAMMER ERROR if an invalid message handle was provided | [client/server]_test_psa_set_rhandle_with_invalid_handle() | Call psa_set_rhanlde with an INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call | Optional | Yes |
-| test_i019 | The call to psa_set_rhandle() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_set_rhandle_with_null_handle() | Call psa_set_rhanlde with NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i020 | If messgae type if is PSA_IPC_CONNECT then use of status values in psa_reply() other than PSA_SUCCESS, PSA_ERROR_CONNECTION_BUSY and PSA_ERROR_CONNECTION_REFUSED is a PROGRAMMER ERROR. | [client/server]_test_psa_reply_with_invalid_connect_status_code() | Call to psa_reply during PSA_IPC_CONNECT with status code other than PSA_SUCCESS and PSA_CONNECTION_REFUSED and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i021 | 1. psa_wait() returns the Secure Partition interrupt signals that have been asserted from the subset of signals indicated in the bitmask provided. (psa_wait API to recieve interrupt signal) 2. psa_eoi():Informs the SPM that an interrupt has been handled (end of interrupt). This will re-enable the interrupt line. 3.psa_eoi(): A signal remains active until it is processed by psa_eoi 4. Manifest- irqs (optional, unique)This attribute is a list of IRQ lines which are assigned to the Secure Partition.A Secure Partition always has exclusive access to an assigned IRQ. Secure Partitions are not allowed to share IRQs with other Secure Partitions.Each IRQ specified must provide a signal field. This field contains a symbolic name for the signal, used by the SPM to indicate when the interrupt is asserted. Each IRQ line is declared as either of the following:¿ line_num: A valid IRQ number for the platform.¿ line_name: A named IRQ, represented by a string identifier. | | Generate interrupt for driver partition assigned irq number and checks that: - interrupt is routed to driver patition - psa_wait returns the required irq_signal value - end of interrupt using psa_eoi Test Limitation: 1. Rules around sharing of irq lines can't be tested as specifiying it can result into build error. 2. Test suite partition manifests are rely on only line_num for specifying irq line number as line_name is subject to resolved in Implementation defined manner. | Mandatory | Yes |
-| test_i022 | The call to psa_reply() is PROGRAMMER ERROR if the message handle is invalid | [client/server]_test_psa_reply_with_invalid_handle() | Call psa_reply with an INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i023 | The call to psa_reply() is PROGRAMMER ERROR if the message handle is Null handle | [client/server]_test_psa_reply_with_null_handle() | Call psa_reply with a NULL HANDLE | Optional | Yes |
-| test_i024 | The call to psa_call() is PROGRAMMER ERROR if an invalid handle was passed | [client/server]_test_psa_call_with_invalid_handle() | Call psa_call with an INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call.Perform this step from NSPE and SPE both. | Optional | Yes |
-| test_i025 | The call to psa_call() is PROGRAMMER ERROR if an null handle was passed | [client/server]_test_psa_call_with_null_handle() | Call psa_call with a NULL HANDLE and expect PROGRAMMER ERROR behaviour for API call. Perform this step from NSPE and SPE both. | Optional | Yes |
-| test_i026 | The call to psa_call() is PROGRAMMER ERROR if in_len + out_len > PSA_MAX_IOVEC | [client/server]_test_psa_call_with_iovec_more_than_max_limit() | Call psa_call with more than four IOVECs and expect PROGRAMMER ERROR behaviour for API call. Perform this step from NSPE and SPE both. | Optional | Yes |
-| test_i027 | If the message type is PSA_IPC_CALL and the client has made an invalid request, then the RoT Service can request for the connection to be terminated by calling psa_reply() with return value PSA_ERROR_PROGRAMMER_ERROR. After this, the RoT Service will receive no further PSA_IPC_CALL messages on that connection. The SPM will deliver a PSA_IPC_DISCONNECT to the RoT Service to release any resources associated with that connection. If the SPM does not restart the system in response to the above PROGRAMMER ERROR, then termination of the connection has the following effects: - No further PSA_IPC_CALL messages will be received by the RoT Service for the connection. - The RoT Service will receive a PSA_IPC_DISCONNECT message for the connection to release resources and reset state associated with the connection. - The failing call to psa_call() will return PSA_ERROR_PROGRAMMER_ERROR. - Subsequent calls to psa_call() on the same connection will immediately return PSA_ERROR_PROGRAMMER_ERROR. - The client must call psa_close() to close the connection. | [client/server]_test_psa_drop_connection() | RoT service executes psa_reply with status code equal to PSA_ERROR_PROGRAMMER_ERROR during PSA_IPC_CALL.Client expects either PSA_ERROR_PROGRAMMER_ERROR as returned status code for psa_call or system to get paniced Perform above steps from NSPE and SPE both. | Optional | Yes |
-| test_i028 | The call to psa_read() is PROGRAMMER ERROR if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_read_at_ipc_connect() | Call psa_read during PSA_IPC_CONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i029 | The call to psa_read() is PROGRAMMER ERROR if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_read_at_ipc_disconnect() | Call psa_read during PSA_IPC_DISCONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i030 | The call to psa_read() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_read_with_null_handle() | Call psa_read with NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i031 | The call to psa_read() is PROGRAMMER ERROR if Invalid handle was passed | [client/server]_test_psa_read_with_invalid_handle() | Calll psa_read with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i032 | The call to psa_read() is PROGRAMMER ERROR if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_read_with_invec_equal_to_max_iovec() | Call psa_read with invec_idx=PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i033 | The call to psa_read() is PROGRAMMER ERROR if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_read_with_invec_greater_than_max_iovec() | Call psa_read with invec_idx>PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i034 | The call to psa_skip() is PROGRAMMER ERROR if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_skip_at_ipc_connect() | Call psa_skip during PSA_IPC_CONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i035 | The call to psa_skip() is PROGRAMMER ERROR if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_skip_at_ipc_disconnect() | Call psa_skip during PSA_IPC_DISCONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i036 | The call to psa_skip() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_skip_with_null_handle() | Call psa_skipwith NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i037 | The call to psa_skip() is PROGRAMMER ERROR if Invalid handle was passed | [client/server]_test_psa_skip_with_invalid_handle() | Calll psa_skip with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i038 | The call to psa_skip() is PROGRAMMER ERROR if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_skip_with_invec_equal_to_max_iovec() | Call psa_skip with invec_idx=PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i039 | The call to psa_skip() is PROGRAMMER ERROR if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_skip_with_invec_greater_than_max_iovec() | Call psa_skip with invec_idx>PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i040 | The call to psa_write() is PROGRAMMER ERROR if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_write_at_ipc_connect() | Call psa_write during PSA_IPC_CONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i041 | The call to psa_write() is PROGRAMMER ERROR if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_write_at_ipc_disconnect() | Call psa_write during PSA_IPC_DISCONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i042 | The call to psa_write() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_write_with_null_handle() | Call psa_write with NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i043 | The call to psa_write() is PROGRAMMER ERROR if Invalid handle was passed | [client/server]_test_psa_write_with_invalid_handle() | Calll psa_write with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i044 | The call to psa_write() is PROGRAMMER ERROR if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_write_with_invec_equal_to_max_iovec() | Call psa_write with invec_idx=PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i045 | The call to psa_write() is PROGRAMMER ERROR if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_write_with_invec_greater_than_max_iovec() | Call psa_write with invec_idx>PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i046 | The call to psa_write() is PROGRAMMER ERROR if the call attempts to write data past the end of the client output vector | [client/server]_test_psa_write_with_size_overflow() | Call psa_write with a size input one byte bigger than allowed size and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i047 | The call to psa_get() is PROGRAMMER ERROR if The msg pointer provided is not a valid memory reference | [client/server]_test_psa_get_with_invalid_msg_pointer() | Call psa_get with invalid msg pointer and expect PROGRAMMER ERROR behaviour for API call. Selection of invalid pointer is as below: if (ISOLATION_LEVEL > 1) // PSA RoT Pointer psa_get(msg_pointer = driver_mmio_base); else psa_get(msg_pointer = NULL); | Optional | Yes |
-| test_i048 | The call to psa_call() is PROGRAMMER ERROR if address of in_vec is invalid for client | [client/server]_test_psa_call_with_invalid_invec_pointer | Call psa_call with invalid address for invec and expect PROGRAMMER ERROR behaviour for API call. Selection of invalid invec pointer is as below: if caller == NONSECURE // PSA RoT pointer invec_pointer = driver_mmio_base;
else
if (ISOLATION_LEVEL > 1) invec_pointer = driver_mmio_base; else invec_pointer = NULL; | Optional | Yes |
-| test_i049 | The call to psa_call() is PROGRAMMER ERROR if address of out_vec is invalid for client | [client/server]_test_psa_call_with_invalid_outvec_pointer() | Call psa_call with invalid address for outvec and expect PROGRAMMER ERROR behaviour for API call. Selection of invalid outvec pointer is as below: if caller == NONSECURE // PSA RoT pointer outvec_pointer = driver_mmio_base;
else
if (ISOLATION_LEVEL > 1) outvec_pointer = driver_mmio_base; else outvec_pointer = NULL; | Optional | Yes |
-| test_i050 | The call to psa_call() is PROGRAMMER ERROR if psa_invec.base address is invalid for client | [client/server]_test_psa_call_with_invalid_invec_base() | Call psa_call with invalid address for psa_invec.base and expect PROGRAMMER ERROR behaviour for API call. Selection of invalid base is as below: if caller == NONSECURE // PSA RoT pointer invalid_base = driver_mmio_base;
else
if (ISOLATION_LEVEL > 1) invalid_base = driver_mmio_base; else invalid_base = NULL; | Optional | Yes |
-| test_i051 | The call to psa_call() is PROGRAMMER ERROR if psa_outvec.base address is invalid for client | [client/server]_test_psa_call_with_invalid_outvec_base() | Call psa_call with invalid address for psa_outvec.base and expect PROGRAMMER ERROR behaviour for API call. Selection of invalid base is as below: if caller == NONSECURE // PSA RoT pointer invalid_base = driver_mmio_base;
else
if (ISOLATION_LEVEL > 1) invalid_base = driver_mmio_base; else invalid_base = NULL; | Optional | Yes |
-| test_i052 | The call to psa_call() is PROGRAMMER ERROR if psa_invec.base addr is valid but psa_invec.base+size address is invalid for client | [client/server]_test_psa_call_with_invalid_invec_end_addr() | Call psa_call with valid address for psa_invec.base but (psa_invec.base + psa_invec.size) pointing to invalid address and expect PROGRAMMER ERROR behaviour for API call. Selection of base and size are as below: if caller == NONSECURE valid_base = nspe_mmio_region_base; invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);
else
if (ISOLATION_LEVEL > 1) valid_base = server_mmio_region_base; invalid_size = (driver_mmio_region_base - server_mmio_region_base + 1); | Optional | Yes |
-| test_i053 | The call to psa_call() is PROGRAMMER ERROR if psa_outvec.base addr is valid but psa_invec.base+sizeaddress is invalid for client | [client/server]_test_psa_call_with_invalid_outvec_end_addr() | Call psa_call with valid address for psa_outvec.base but (psa_outvec.base + psa_outvec.size) pointing to invalid address and expect PROGRAMMER ERROR behaviour for API call. Selection of base and size are as below: if caller == NONSECURE valid_base = nspe_mmio_region_base; invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);
else
if (ISOLATION_LEVEL > 1) valid_base = server_mmio_region_base; invalid_size = (driver_mmio_region_base - server_mmio_region_base + 1); | Optional | Yes |
-| test_i054 | The call to psa_call() is PROGRAMMER ERROR if psa_outvec.base is not writable | [client/server]_test_psa_call_with_not_writable_outvec_base() | Call psa_call with not writable (code address) psa_outvec.base and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i055 | The call to psa_read() is PROGRAMMER ERROR if the memory reference for buffer is invalid | [client/server]_test_psa_read_with_invalid_buffer_addr() | Call psa_read with invalid buffer addr and expect PROGRAMMER ERROR behaviour for API call. Selection of buffer address is as below: if (ISOLATION_LEVEL > 1) buffer = driver_mmio_region_base; else buffer = NULL; | Optional | Yes |
-| test_i056 | The call to psa_read() is PROGRAMMER ERROR if the memory reference for buffer is not writable | [client/server]_test_psa_read_with_not_writable_buffer_addr() | Call psa_read with not writable address (function address- code memory) and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i057 | The call to psa_write() is PROGRAMMER ERROR if the memory reference for buffer is invalid | [client/server]_test_psa_write_with_invalid_buffer_addr() | Call psa_write with invalid buffer addr and expect PROGRAMMER ERROR behaviour for API call. Selection of buffer address is as below: if (ISOLATION_LEVEL > 1) buffer = driver_mmio_region_base; else buffer = NULL; | Optional | Yes |
-| test_i058 | 1. psa_notify() is used to asynchronously wake up another Secure Partition. The receiving partition uses psa_wait() to detect, or wait for, assertion of its PSA_DOORBELL signal. The value of partition_id must be greater than zero as the target of notification must be a Secure Partition. 2. psa_clear() clears the PSA_DOORBELL signal. 3. psa_clear(): The target Partition doorbell will remain asserted until it calls psa_clear(). | [client/server]_test_psa_doorbell_signal() | 1. Client connects to RoT service. 2. RoT services executes asserts PSA_DOORBELL singal back to client after accepting the connection. 3. Client checks the delivery of PSA_DOORBELL singal using psa_wait(). 4. Client clears the doorbell and closes the connection. 5. RoT service receives the closing connection request. | Mandatory | Yes |
-| test_i059 | The call to psa_notify() is PROGRAMMER ERROR if Partition ID does not correspond to a Secure Partition | [client/server]_test_psa_notify_with_neg_part_id() | Call psa_notify with negative partition id and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i060 | The call to psa_notify() is PROGRAMMER ERROR if Partition ID does not correspond to a Secure Partition | [client/server]_test_psa_notify_with_invalid_pos_part_id() | Call psa_notify with positive partition id which does not exist in the platform and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i061 | The call to psa_clear() is PROGRAMMER ERROR if The Secure Partition¿s doorbell signal is not currently asserted | [client/server]_test_psa_clear_at_unasserted_doorbell_sig() | Call psa_clear when doorbell signal is not asserted and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i062 | The call to psa_wait() is PROGRAMMER ERROR if signal_mask does not include any assigned signals. | [client/server_test_psa_wait_with_unassigned_signal() | Call psa_wait with signal mask that doesn't include any assigned signal and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
-| test_i063 | psa_wait() returns the Secure Partition interrupt signals that have been asserted from the subset of signals indicated in the bitmask provided. The mask must contain the set of signals the caller is interested in handling. Signals that are not in signal_mask should be ignored. | [client/server]_test_psa_wait_signal_mask() | 1. Select signal_mask = (SERVER_UNSPECIFED_MINOR_V_SIG | SERVER_RELAX_MINOR_VERSION_SIG); 2. Server partition requests the client partition to make connection using sid=SERVER_SECURE_CONNECT_ONLY_SID. This connection request act as irritator to psa_wait(signal_mask) call and it is used to cover the rule - Signals that are not in signal_mask should be ignored by psa_wait. 3. NSPE client connects to a server partition using SID whose signal are part of signal_mask 4. Server partition executes psa_wait with necessary signal_mask. RoT service checks that returned signal value is subset of signals indicated in the signal_mask 5. At the end, server partition completes the starved (irritator) connection request of SERVER_SECURE_CONNECT_ONLY_SID. | Mandatory | Yes |
-| test_i064 | The call to psa_eoi() is PROGRAMMER ERROR if irq_signal is not an interrupt signal | driver_test_psa_eoi_with_non_intr_signal() | Call to psa_eoi with non-interrupt signal(PSA_DOORBELL) and expect PROGRAMMER ERROR behaviour for API call. Note: The interrupt related test check is captured in driver_partition.c as this is the only partition in test suite that holds the interrupt line. | Optional | Yes |
-| test_i065 | The call to psa_eoi() is PROGRAMMER ERROR if irq_signal is not currently asserted | driver_test_psa_eoi_with_unasserted_signal() | Call to psa_eoi with interrupt signal which is currently not asserted and expect PROGRAMMER ERROR behaviour for API call. Note: The interrupt related test check is captured in driver_partition.c as this is the only partition in test suite that holds the interrupt line. | Optional | Yes |
-| test_i066 | The call to psa_eoi() is PROGRAMMER ERROR if irq_signal indicates more than one signal | driver_test_psa_eoi_with_multiple_signals() | Call to psa_eoi with irq_signal provided with multiple signals and expect PROGRAMMER ERROR behaviour for API call. Note: The interrupt related test check is captured in driver_partition.c as this is the only partition in test suite that holds the interrupt line. | Optional | Yes |
-| test_i067 | A Secure Partition is guaranteed to be able to read and write its private heap regions. Manifest Parameter- heap_size. Properties: Optional. This attribute indicates the Secure Partition¿s heap size in bytes.The size value is represented either as a positive integer or as a hexadecimal string.If this field is specified in the manifest then the value must be greater than 0. If this field is not specified in the manifest then the SPM can assume the size is 0. | [client/server]_test_dynamic_mem_alloc_fn() | Test dynamic memory service functions-malloc(), free() and realloc behaviour defined in the specification if these APIs are available to secure partition. Otherwise skip the test. | Mandatory | Yes |
-| test_i068 | Only Code is executable in secure partition. Writable region must not be executable. | client_test_instr_exec_from_writable_mem() | Execute set of instructions from writable memory and expect internal fault. | Optional | Yes |
-| test_i069 | Only Private data is writable in secure partition. Code space must not be writable. | client_test_write_to_code_space() | Write to code space from secure partition and expect internal fault | Optional | Yes |
-| test_i070 | Only Private data is writable in secure partition. Constant data space must not be writable. | client_test_write_to_const_data() | Write to constant data space and expect internal fault | Optional | Yes |
-| test_i071 | The following memory manipulation functions from must be implemented with standard C99 definitions: memcmp() memcpy() memmove() memset() | client_test_mem_manipulation_fn() | 1 .Set buffer content using memset(). Check that content is set as expected. 2. Copy one buffer to another buffer using memcpy() and check that buffer is copied correctly. 3. Compare two buffers two times, once with equal data and once with unequal data. 2. Copy one buffer to another buffer using memmove() and check that buffer is copied correctly. | Mandatory | Yes |
-| test_i072 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT variables- Global variable. | [client/server]_test_nspe_read_app_rot_variable() [client/server]_test_nspe_write_app_rot_variable() | Access Application RoT global variable address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i073 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT execution stack. | [client/server]_test_nspe_read_app_rot_stack() [client/server]_test_nspe_write_app_rot_stack() | Access Application RoT local variable(stack region) address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i074 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT heap memory. | [client/server]_test_nspe_read_app_rot_heap() [client/server]_test_nspe_write_app_rot_heap() | Access Application RoT heap memory address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i075 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT MMIO region. | [client/server]_test_nspe_read_app_rot_mmio() [client/server]_test_nspe_write_app_rot_mmio() | Access Application RoT MMIO address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i076 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT variables- Global variable. | client_test_nspe_read_psa_rot_variable() driver_test_isolation_psa_rot_data_rd() client_test_nspe_write_psa_rot_variable() driver_test_isolation_psa_rot_data_wr() | Access PSA RoT global variable address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i077 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT execution stack. | client_test_nspe_read_psa_rot_stack() driver_test_isolation_psa_rot_stack_rd() client_test_nspe_write_psa_stack_variable() driver_test_isolation_psa_rot_stack_wr() | Access PSA RoT local variable(stack region) address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i078 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT heap memory. | client_test_nspe_read_psa_rot_heap() driver_test_isolation_psa_rot_heap_rd() client_test_nspe_write_psa_rot_heap() driver_test_isolation_psa_rot_heap_wr() | Access PSA RoT partition heap memory address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i079 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT MMIO region. | client_test_nspe_read_psa_rot_mmio() driver_test_isolation_psa_rot_mmio_rd() client_test_nspe_write_psa_rot_mmio() driver_test_isolation_psa_rot_mmio_wr() | Access PSA RoT partition MMIO address from NSPE and expect internal fault behavior | Optional | Yes |
-| test_i080 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT variables- Global variable. | client_test_app_rot_read_psa_rot_variable() driver_test_isolation_psa_rot_data_rd() client_test_app_rot_write_psa_rot_variable() driver_test_isolation_psa_rot_data_wr() | Access PSA RoT global variable address from Application RoT and expect internal fault behavior | Optional | Yes |
-| test_i081 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT execution stack. | client_test_app_rot_read_psa_rot_stack() driver_test_isolation_psa_rot_stack_rd() client_test_app_rot_write_psa_stack_variable() driver_test_isolation_psa_rot_stack_wr() | Access PSA RoT local variable(stack region) address from Application RoT and expect internal fault behavior | Optional | Yes |
-| test_i082 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT heap memory. | client_test_app_rot_read_psa_rot_heap() driver_test_isolation_psa_rot_heap_rd() client_test_app_rot_write_psa_rot_heap() driver_test_isolation_psa_rot_heap_wr() | Access PSA RoT partition heap memory address from Application RoT and expect internal fault behavior | Optional | Yes |
-| test_i083 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT MMIO region. | client_test_app_rot_read_psa_rot_mmio() driver_test_isolation_psa_rot_mmio_rd() client_test_app_rot_write_psa_rot_mmio() driver_test_isolation_psa_rot_mmio_wr() | Access PSA RoT partition MMIO address from Application RoT and expect internal fault behavior | Optional | Yes |
-| test_i084 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition variables- Global variable. | [client/server]_test_sp_read_other_sp_variable() [client/server]_test_sp_write_other_sp_variable() | Access Application RoT global variable address from other RoT and expect internal fault behavior | Optional | Yes |
-| test_i085 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition execution stack. | [client/server]_test_sp_read_other_sp_stack() [client/server]_test_sp_write_other_sp_stack() | Access Application RoT local variable(stack region) address from other Application RoT and expect internal fault behavior | Optional | Yes |
-| test_i086 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition heap memory. | [client/server]_test_sp_read_other_sp_heap() [client/server]_test_sp_write_other_sp_heap() | Access Application RoT partition heap memory address from other Application RoT and expect internal fault behavior | Optional | Yes |
-| test_i087 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition MMIO region. | [client/server]_test_sp_read_other_sp_mmio() [client/server]_test_sp_write_other_sp_mmio() | Access Application RoT partition MMIO address from other Application RoT and expect internal fault behavior | Optional | Yes |
-| test_l088 | psa_rot_lifecycle_state() function retrieves the current PSA RoT lifecycle state. | server_test_psa_rot_lifecycle_state() | Call psa_rot_lifecycle_state() from secure side and check that return value is within the allowed range. | Mandatory | Yes |
-| | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. From B access below asserts of A: - Variables - Execution stacks - Allocation heap - Memory-mapped I/O regions
Where, A & B combination are: A=SPM & B=NSPE | N/A | Future release of test suite will be updated to cover this rule. | N/A | No |
-| | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. From B access below asserts of A: - Variables - Execution stacks - Allocation heap - Memory-mapped I/O regions
Where, A & B combination are: A=SPM & B=Application RoT partition | N/A | Future release of test suite will be updated to cover this rule. | N/A | No |
-| | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. From B access below asserts of A: - Variables - Execution stacks - Allocation heap - Memory-mapped I/O regions
Where, A & B combination are: A=SPM & B=PSA RoT partition | N/A | Future release of test suite will be updated to cover this rule. | N/A | No |
-| NO_EXPLICIT_TEST | A Secure Partition is guaranteed to be able to read and write its private stack. Manifest Parameter- stack_size (required) Partition's stack size in bytes. The size value must be represented either as a positive integer or as a hexadecimal string. | N/A | No explicit test written to cover this rule. PSA IPC tests manifests are provided with tests partition required stack_size. A successful execution of tests partition code without stack access related faults, indirectly verify this field. | N/A | Yes |
-| NO_EXPLICIT_TEST | mmio_regions (optional, unique): List of memory-mapped I/O region objects which the Secure Partition needs access to. A Secure Partition always has exclusive access to an MMIO region. Secure Partitions are not permitted to share MMIO regions with other Secure Partitions. An MMIO region can be defined either as a: numbered_region named_region A numbered region consists of a base address and a size. The size must be represented either as a positive integer or as a hexadecimal string. The base address must be represented as a hexadecimal string. MMIO regions must not overlap. An MMIO region must include a permission attribute. The following permissions are available: READ-ONLY READ-WRITE | N/A | Comments: 1. PSA IPC tests device driver partition manifests are provided with these fields. A successful compilation and run of device driver partition code indirectly verify this field. 2. Rules around sharing of MMIO regions is covered as part of isolation tests. 3. Rules around overlapping of MMIO regions can't be tested as specifying that into manifest results into compilation fail. 4. Test suite partition manifests are rely on numbered_region only as named_region is subject to resolved in Implementation defined manner. | N/A | Yes |
-| NO_EXPLICIT_TEST | Manifest Parameter- type (required) Whether the Partition is a part of the PSA Root of Trust Services or is part of the Application Root of Trust Services.Type must be assigned one of the following values:- APPLICATION-ROT- PSA-ROT | N/A | PSA IPC tests partition files are provided with these fields. Access permission behaviour related to these fields will be verified as part of tests covering isolation level rules. | N/A | Yes |
-| NO_EXPLICIT_TEST | Manifest Parameter - description (optional) This attribute contains a human-readable description and comments for the Secure Partition. | N/A | Test suite manifests are provided with these field with adhere to manifest rules. Manifest build tool parser must parse this field without any compilation fail. | N/A | Yes |
-| NO_EXPLICIT_TEST | Manifest Parameter -entry_point (required, unique) The Partition entry point in the form of an C function symbol. A single entry point must be provided and it must have the following signature: void entry_point(void); | N/A | No explicit test written to cover this rule. Test suite manifests are provided with tests partition entry_point. A successful launch and run of tests partition code indirectly verify this field. | N/A | Yes |
-| NO_EXPLICIT_TEST | The SPM must eventually deliver all signals and IPC messages. | N/A | No explicit test written to cover this rule. However all PSA IPC tests are written with the expectation that the SPM delivers all requested signals and IPC message in a timely fashion. Failure to provide this will result in simulation time out. This rule is unbounded and cannot have full coverage. It is good to that things are delivered in a timely manner, however failure will not break compliance. | N/A | Yes |
-| NO_EXPLICIT_TEST | A Secure Partition is guaranteed to be able to execute and read its own code regions and read its own read-only data regions. | N/A | No explicit test written to cover this rule. This is a minimum requirement to able to launch and run secure partition. Failing to provide this, will not be able to run IPC test suite. | N/A | Yes |
-| NOT_COVERED | psa_get returns PSA_ERROR_DOES_NOT_EXIST if the SPM cannot deliver a message to the Secure Partition following the assertion of the RoT Service signal. | N/A | This scenario cannot be simulated as test can't generate stimulus where psa_get() API returns PSA_ERROR_DOES_NOT_EXIST. However every instances of psa_get() API call in test suite checks the API return value and re-waits for signal delivery if return value is PSA_ERROR_DOES_NOT_EXIST. | N/A | No |
-| NOT_COVERED | The call to psa_call is PROGRAMMER ERROR if the connection is already handling a request. | N/A | This rule is not verified beacuse of following reasons: - There is no common infrastructure to test this rule as this needs two OS specific tasks where one task interrupted during execution of psa_call or psa_close and second task scheduled to execute psa_call using same handle. - It is hard to write test stimulus where this rule is always hit as it is highly dependent of platform software scheduling policy. | N/A | No |
-| NOT_COVERED | The call to psa_close is PROGRAMMER ERROR if the connection is already handling a request | N/A | This rule is not verified beacuse of following reasons: - There is no common infrastructure to test this rule as this needs two OS specific tasks where one task interrupted during execution of psa_call or psa_close and second task scheduled to execute psa_close using same handle. - It is hard to write test stimulus where this rule is always hit as it is highly dependent of platform software scheduling policy. | N/A | No |
-| NOT_COVERED | Manifest Parameter - priority (required) Partitions must be assigned one of the following priority groups:¿ HIGH¿ NORMAL¿ LOWLOW is the lowest priority. Priority is ignored by SPMs that do not implement any priority-based scheduling. | N/A | Use of these fields are highly dependent on type of SPM scheduling policy, hence can't test the behavious of this field. And test suite partition manifests are provided with priority field equal to LOW. | N/A | No |
-| NOT_COVERED | Secure Partition IDs must be fixed across updates | N/A | Checking for Partition IDs across SPM updates is out of scope for PSA IPC tests. | N/A | No |
+| Tests | Scenario Rules | Client- Server Test Functions Pair | Test Algorithm/Comments/Test Limitation | Rule optional for API compliance? | Is scenario implemented in this release? |
+|-------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------|------------------------------------------|
+| test_i001 | 1. psa_framework_version(): Retrieve the version of the PSA Framework API that is implemented. Manifest field- psa_framework_version: Version of the PSA Firmware Framework specification this manifest conforms to. | [client/server]_test_psa_framework_version() | Call the psa_framework_version() API from both SPE and NSPE side and compare the return value with PSA_FRAMEWORK_VERSION. | Mandatory | Yes |
+| | 1. psa_version() returns PSA_VERSION_NONE when the RoT Service is not implemented, or the caller is not permitted to access the service OR return > 0 with the version of the implemented RoT Service. | [client/server]_test_psa_version() | 1. Pass un-implemented SID and expects PSA_VERSION_NONE as return value. 2. Call to API from NSPE with a SID who doesn't provide service to NSPE and expects PSA_VERSION_NONE as return value. 3. Pass SID who is implemented and provides service to NSPE and expect version number(>0) of given RoT service as return value. Perform all above checks from SPE too. | Mandatory | Yes |
+| test_i002 | 1. psa_connect() returns the PSA_ERROR_CONNECTION_BUSY when RoT Service cannot make the connection at the moment (transient error). 2. psa_connect() returns the PSA_ERROR_CONNECTION_REFUSED when RoT Service has refused the connection 3. psa_wait() returns the Secure Partition interrupt signals that have been asserted from a subset of signals provided by the caller. Returns > 0 when at least one signal is asserted 4. psa_get():Get the message which corresponds to a given RoT Service signal and remove the message from the queue. 5. psa_get() returns PSA_SUCCESS when *msg will contain the delivered message. 6. The type member of the psa_msg_t object should return PSA_IPC_CONNECT for a new connection request following a psa_get() call to psa_connect() and msg.handle must be positive. 7. psa_reply(): If the message type is PSA_IPC_CONNECT then server can reject the connection by sending PSA_ERROR_CONNECTION_REFUSED (permanent error) or PSA_ERROR_CONNECTION_BUSY (transient error) status code. | [client/server]_test_connection_busy_and_reject() | 1. Client tries to connect to ROT service using psa_connect() 2. RoT service checks the delivery of PSA_IPC_CONNECT message type and positive handle value returned by psa_get() 3. RoT service rejects the connection by executing psa_reply(handle,PSA_ERROR_CONNECTION_BUSY) 4. Client tries to connect to same ROT service using psa_connect() again 5. This time, RoT service rejects the connection by executing psa_reply(handle,PSA_ERROR_CONNECTION_REFUSED) Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_connect(): When SID is implemented and client is permitted to access the service, SPM delivers a PSA_IPC_CONNECT message from the client to the Secure Partition that implements the RoT Service and positive handle is returned to client. 2. psa_get():Get the message which corresponds to a given RoT Service signal and remove the message from the queue. 3. psa_get() returns PSA_SUCCESS when *msg will contain the delivered message 4. psa_get():The type member of the psa_msg_t object should return PSA_IPC_CONNECT for a new connection request following a psa_get() call to psa_connect() and msg.handle must be positive. 5. psa_get(): The type member of the psa_msg_t object should return PSA_IPC_DISCONNECT for a new connection request following a psa_get() call to psa_close() and msg.handle must be positive. 6. psa_reply(): If the message type is PSA_IPC_CONNECT then server can accept the connection by sending PSA_SUCCESS status code. If the message type is PSA_IPC_DISCONNECT then the status code is ignored. 7. psa_close(): Closes a connection to a RoT Service. Sends the PSA_IPC_DISCONNECT message to the RoT Service. This function will have no effect if called with the null handle. | [client/server]_test_accept_and_close_connect() | 1.Client tries to connect to ROT service 2. RoT service checks the delivery of PSA_IPC_CONNECT message type and positive handle value return by psa_get() 3. RoT service accepts the connection by executing psa_reply(.., PSA_CONNECTION_ACCEPTED). 4. Client calls the psa_close with PSA_NULL_HANDLE and later it closes the connection using psa_close() with actual handle value 5. RoT service checks the delivery of PSA_IPC_DISCONNECT message type, checks handle value eqaul to NULL returned by psa_get() and completes the PSA_IPC_DISCONNECT by executing psa_reply() . Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
+| | Following are allowed version condition to psa_connect(): 1. Version policy is not mentioned and requested version is 1 which is default minimum version 2. Version policy is STRICT and requested version equals minimum version 3. Version policy is relaxed and requested version is smaller than the minimum version 4. Version policy is relaxed and requested version is euqal to the minimum version | [client/server]_test_connect_with_allowed_version_policy() | Client tries connecting ROT service of following properties and expects connection to establish: 1. Version policy is not mentioned and requested version is 1 which is default minimum version 2. Version policy is STRICT and requested version equals minimum version 3. Version policy is relaxed and requested version is smaller than the minimum version 4. Version policy is relaxed and requested version is equal to the minimum version Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_call(): The valid psa_call makes SPM to send type value(>=) to msg.type of RoT service partition and the successful call should return >=0 handle value. 2. psa_call() receives return value >= 0 for RoT-specific return code 3. psa_call() receive return value < 0 for RoT-specific error code 4. psa_reply(): If the message type is request message, all status codes other than PSA_ERROR_PROGRAMMER_ERROR must be reported to the client. | [client/server]_test_psa_call_with_allowed_status_code() | 1. Client connects to RoT service 2. Client sends message using psa_call() 3. RoT service checks the delivery of request message type and positive handle value return by psa_get() 4. RoT service ends the call using psa_reply(status_code) 5. Client checks the return value of psa_call() and Client closes the connectionRepeat (1) to (5) for different status code, SUCCESS, +ve, -ve.. Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_call(): The valid psa_call makes SPM to send type value(>=) to msg.type of RoT service partition | [client/server]_test_psa_call_with_allowed_type_values() | 1. Client connects to RoT service 2. Client sends message using psa_call() with different allowed type values one after another 3. RoT service checks the delivery of different request message type values. Perform all above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. A msg.client_id that has a positive value indicates that the client is in the SPE and this the Secure Partition ID of the client. A negative client_id indicates that the client is in the NSPE. 2. Client_id is valid during connection message, request message and disconnect message. 3. Manifest Parameter- name (required, unique) A Partition must have an alphanumeric name for source code to directly refer to a specific Partition. The format of the name must follow the rules of a C macro. | [client/server]_test_identity() | - Check the value returned by msg.client_id during various message types. For NSPE connection, client_id should be <0 and for SPE, it should be >0. Perform all above steps from NSPE and SPE both. - Access the Partition ID of client partition and compare the value with expected ID value. | Mandatory | Yes |
+| | 1. psa_connect() will return the PSA_ERROR_CONNECTION_REFUSED OR PSA_ERROR_CONNECTION_BUSY when the SPM has reached the limit of concurrent connections | [client/server]_test_spm_concurrent_connect_limit() | Execute psa_connect() API in a loop until it returns PSA_CONNECTION_REFUSED or PSA_CONNECTION_BUSY to indicate end of concurrent connections limit. Perform above step from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_wait(): When MODE(PSA_BLOCK) is one, the function will block the caller until one of the requested signals is asserted. 2. psa_wait(): Callers must set RES to zero, implementations must ignore the value of RES. | [client/server]_test_psa_block_behave() | 1. Client connects to a RoT service mutilpe times. 2. RoT service psa_wait(PSA_BLOCK|(Non-zero value for timeout[30:0])) API is executed without while(1) loop. 3. RoT service serves the connections by rejecting them. This is a sanity check, a successful handshaking between client and server for requested connection represents check pass. Perform above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_wait(): When MODE is zero, the function will return immediately with the current signal state, which can be zero if no signals are active. | [client/server]_test_psa_poll_behave() | 1. Client connects to a RoT service mutilpe times. 2. RoT service executes psa_wait(PSA_POLL) in a while loop and checks the API's polling behaviour. 3. Call psa_wait(PSA_POLL) when no request is made by client and checks the return value. Perform above steps from NSPE and SPE both. | Mandatory | Yes |
+| test_i003 | 1. The reverse handle for a connection is NULL until psa_set_rhandle() is used. psa_set_rhandle() can be used to associate some caller-provided private data with a specified client connection. And SPM must provide same rhandle for msg.rhandle with all subsequent messages delivered on this connection. On success the rhandle is retained by the implementation and provided in all future messages on that connection as part of the psa_msg_t structure. 2. Setting the rhandle for a connection during disconnection has no observable effect. | [client/server]_test_psa_set_rhandle() | 1. Client connects to RoT service and RoT service checks the value of msg.rhanlde value duing PSA_IPC_CONNECT2. Client send call msg to RoT service and RoT service checks the value of msg.rhanlde value duing PSA_IPC_CONNECT 3. ROT service sets the rhandle with known value. 4. Client send call msg to RoT service and RoT service now compare the value of msg.rhanndle with previously set value 5. ROT service sets the rhandle with known value other than previously set value 6. Client send call msg to RoT service and RoT service now compare the value of msg.rhanndle with last set value 7. The reverse handle for a connection is NULL until psa_set_rhandle() is used Perform above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_call():The caller can optionally provide one or more buffers to receive a response (out_vec). 2. psa_get(): The array in_size provides the size of each client input vector in bytes. The array out_size provides the size of each client output vector in bytes. 3. psa_read(): parameter from the client input vector. Streams up to the next num_bytes bytes of client input vector invec_idx in the message identified by msg_handle to the Secure Partition buffer. Returns the number of bytes copied. 4. psa_read(): If num_bytes is less than or equal to the available data in the input vector then num_bytes are copied to buffer, and the remaining data in the input vector can be read by subsequent calls to psa_read() with the same msg_handle and invec_idx. 5. psa_read(): RoT Services can determine how much data is available to read from the message based on the in_size[] attribute of the psa_msg_t message returned from psa_get(). If an input vector has not been passed by the client then the corresponding in_size[] for that vector is zero. 6. psa_read(): If num_bytes is greater than the remaining data in the input vector then the remaining input bytes are copied to buffer and the call returns the number of bytes copied. Any space after this in buffer is not modified. Subsequent calls of psa_read() or psa_skip() with the same message input vector will report that there is no more data in the vector. 7. psa_skip(): Skip over part of a client input vector. Advances the current read offset by skipping up to num_bytes bytes for input vector invec_idx in the message identified by msg_handle. psa_skip(): When psa_skip returns, it returns with the number of bytes skipped 8. psa_skip(): If There was no remaining data in this input vector, return zero 9.psa_skip(): If num_bytes is greater than the remaining size of the input vector then the remaining size of the input vector is returned. Subsequent calls of psa_read() or psa_skip() with the same message input vector will report that there is no more data in the vector. | [client/server]_test_call_read_and_skip() | 1.Client connects to RoT service 2.Client sends four input vectors to RoT service using psa_call 3. RoT service checks following: - Reporting of input vectors size through msg.in_size - Input vectors content reading through psa_read -Inbound /Outbound offset reading -Inbound/Outbound offset skipping -Zero byte read and skip -out_len=0 check 4. Client recieves the status of RoT service checks and closes the connection Perform above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_call(): The caller can optionally provide one or more buffers to receive a response (out_vec). On return from psa_call() the len value will have been updated to indicate the number of bytes of data written to the buffer by the RoT Service. 2. psa_write(): Appends num_bytes of data from buffer to the client output vector outvec_idx in the message identified by msg_handle. Sequential calls using the same msg_handle and outvec_idx will be concatenated in the output vector | [client/server]_test_call_and_write() | 1. Client connects to RoT service 2. Client sends four output vectors to RoT service using psa_call 3. RoT service checks following: - Reporting of output vectors size through msg.out_size - in_len=0 check - zero byte write - Out vector writes using psa_write - Vector write concatenation 4. Client recieves the status of RoT service checks, cross check the content of out vectors and closes the connection Perform above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. psa_call(): Any I/O vector of length zero is permitted and will be treated as an empty or non-existent vector by the framework. When less than four vectors are provided to psa_call() for either input or output, then the remaining vectors have zero length and the in_size and out_size elements for these vectors will be zero.A memory reference contains a start address and an associated length. A zero-length memory reference is one where the length is zero. The start address of a zero-length memory reference can safely take any value and must be ignored by the implementation. 2. psa_call(): If in_len is zero then in_vec is ignored 3. sa_call(): If out_len is zero then out_vec is ignored 4. psa_get(): If an input and output vector has not been passed by the client then the corresponding in_size[] and out_size[] for that vector is zero. | [client/server]_test_zero_length_invec()[client/server]_test_zero_length_outvec() | Test zero lenth input vector: 1. Client connects to RoT service 2. Client sends three input and one outvec vectors to RoT service using psa_call - invec 0 as zero length vector, invec 1 as NULL and invec 2 and outvec 0 as non-zero length vector 3. RoT service checks size of each vectors reported through msg.in_size and msg.out_size 4. Client recieves the status of checks and closes the connection Test zero lenth output vector: 1. Client connects to RoT service 2. Client sends one input and three outvec vectorsto RoT service using psa_call - outvec 0 as zero length vector, outvec 0 as NULL and invec 0 and outvec 2 as non-zero length vector 3. RoT service checks size of each vectors reported through msg.in_size and msg.out_size 4. Client recieves the status of checks and closes the connection Perform above steps from NSPE and SPE both. | Mandatory | Yes |
+| | 1. When client provides an input and output vectors which are referencing to same memory location, a psa_read after psa_write to the same memory location can return original or modified value. 2. When client provides an input and output vectors which are referencing to same memory location, a psa_write(s) to both memory vectors can return either the 1st or the 2nd value written. | [client/server]_test_overlapping_vectors | 1. Client provides one input and 2 output vectors which are pointing to same location. 2. RoT service performs read after write operation on to outvec-0 and expects return value either modified one or the original 3. RoT service performs write operation to outvec-1 and unblock the connection. The write performed is to mimic write after write operatio to the overlapping vector. 4. Client check the value of outvec. The value should be either the value written by first psa_write or the second psa_write. | Mandatory | Yes |
+| test_i004 | The call to psa_connect() is PROGRAMMER ERROR if RoT Service does not exist on platform | [client/server]_test_sid_does_not_exists() | Call psa_connect with SID which does not exist on a platform and expect PROGRAMMER ERROR behaviour. Perform above step from NSPE and SPE both. | Optional | Yes |
+| test_i005 | The call to psa_connect() is PROGRAMMER ERROR if Version policy is STRICT and requested version is HIGHER than minimum version | [client/server]_test_strict_policy_higher_version() | Call psa_connect with SID whose version policy is STRICT and requested version is HIGHER than minimum version and expect PROGRAMMER ERROR behaviour. Perform above step from NSPE and SPE both. | Optional | Yes |
+| test_i006 | The call to psa_connect() is PROGRAMMER ERROR if Version policy is STRICT and requested version lower than minimum version | [client/server]_test_strict_policy_lower_version() | Call psa_connect with SID whose version policy is STRICT and requested version is Lower than minimum version. Perform above step from NSPE and SPE both. | Optional | Yes |
+| test_i007 | The call to psa_connect() is PROGRAMMER ERROR if Version policy is RELAXED and requested version is bigger than minimum version | [client/server]_test_relax_policy_higher_version() | Call psa_connect with SID whose version policy is RELAXED and requested version is HIGHER than minimum version and expect PROGRAMMER ERROR behaviour. Perform above step from NSPE and SPE both. | Optional | Yes |
+| test_i008 | 1. The call to psa_connect() is PROGRAMMER ERROR if service to non_secure_client is not available 2. Manifest parameter - The non_secure_clients field contains a boolean to indicate if it is accessible to NSPE clients. RoT Services are always accessible to SPE clients. | [client/server]_test_secure_access_only_connection() | Call psa_connect with SID which allow secure only connection and expect PROGRAMMER ERROR behaviour. Perform above step from NSPE and SPE both. | Optional | Yes |
+| test_i009 | 1. The call to psa_connect() is PROGRAMMER ERROR if SID is not mentioned in dependencies field. 2. Manifest parameter- dependencies (optional) If access between a Secure Partition (acting as client) and a RoT Service (acting as server) is not specified in the manifest, then the client is not permitted to connect to the RoT Service. | [client/server]_test_unspecified_dependent_sid() | Call psa_connect with SID which is not mentioned in dependencies list in manifest and expect PROGRAMMER ERROR behaviour. | Optional | Yes |
+| test_i010 | It is not required for the version or version_policy attributes to be specified. If they are not specified in the manifest, the RoT Service will have default attributes of version=1 and version_policy="STRICT". In this case, the call to psa_connect() is PROGRAMMER ERROR if requested version higher than minimum version. | [client/server]_test_unspecified_policy_with_higher_version() | Call psa_connect with SID whose version policy is not mentioned in the manifest and requested SID version is HIGHER than minimum version and expect PROGRAMMER ERROR behaviour. Perform above step from NSPE and SPE both. | Optional | Yes |
+| test_i011 | 1. It is not required for the version or version_policy attributes to be specified. If they are not specified in the manifest, the RoT Service will have default attributes of version=1 and version_policy="STRICT"". In this case, the call to psa_connect() is PROGRAMMER ERROR if requested version lower than minimum version | | | | |
+| 2. RoT Service version must be non-zero positive integer.." | [client/server]_test_unspecified_policy_with_lower_version() | Call psa_connect with SID whose Version policy is not mentioned in the manifest and requested SID version is lower(0) than minimum version(1) and expect PROGRAMMER ERROR behaviour. Perform above step from NSPE and SPE both. | Optional | Yes | |
+| test_i012 | The call to psa_close() is PROGRAMMER ERROR if an invalid handle was provided that is not the null handle | [client/server]_test_psa_close_with_invalid_handle() | Call psa_close with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour. Perform above step from NSPE and SPE both. | Optional | Yes |
+| test_i013 | The call to psa_get() is PROGRAMMER ERROR if signal has more than a single bit set | [client/server]_test_psa_get_with_more_than_one_signal() | Call psa_get with a signal who has more than a single bit set and expect PROGRAMMER ERROR behaviour. | Optional | Yes |
+| test_i014 | After a RoT Service message is signaled, psa_get() function is used to retrieve the message details. Each message can only be retrieved once. | [client/server]_test_psa_get_called_twice() | Call psa_get with a valid signal back to back and expect PROGRAMMER ERROR behaviour. | Optional | Yes |
+| test_i015 | The call to psa_get() is PROGRAMMER ERROR if signal does not correspond to a RoT Service | [client/server]_test_psa_get_with_non_rot_signal() | Call psa_get with DOORBELL signal and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i016 | The call to psa_get() is PROGRAMMER ERROR if The RoT Service signal is not currently asserted | [client/server]_test_psa_get_with_unasserted_signal() | Call psa_get with singal which is currently not asserted and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i017 | Each RoT Service listed creates a dependency from the client Partition to a server Partition. Within the resulting network of dependencies, there must be no circular dependencies between Secure Partitions. This would result in deadlock because the Service requests are always synchronous.For the same reason, a Secure Partition must not use a RoT Service that is defined within itself. Direct function calls must be used instead of IPC where there is a dependency between RoT Services within a single Secure Partition. | [client/server]_test_partition_calling_its_own_rot_service() | Partition calling its own ROT service using psa_connect and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i018 | The call to psa_set_rhandle() is PROGRAMMER ERROR if an invalid message handle was provided | [client/server]_test_psa_set_rhandle_with_invalid_handle() | Call psa_set_rhanlde with an INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call | Optional | Yes |
+| test_i019 | The call to psa_set_rhandle() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_set_rhandle_with_null_handle() | Call psa_set_rhanlde with NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i020 | If messgae type if is PSA_IPC_CONNECT then use of status values in psa_reply() other than PSA_SUCCESS, PSA_ERROR_CONNECTION_BUSY and PSA_ERROR_CONNECTION_REFUSED is a PROGRAMMER ERROR. | [client/server]_test_psa_reply_with_invalid_connect_status_code() | Call to psa_reply during PSA_IPC_CONNECT with status code other than PSA_SUCCESS and PSA_CONNECTION_REFUSED and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i021 | 1. psa_wait() returns the Secure Partition interrupt signals that have been asserted from the subset of signals indicated in the bitmask provided. (psa_wait API to recieve interrupt signal) 2. psa_eoi():Informs the SPM that an interrupt has been handled (end of interrupt). This will re-enable the interrupt line. 3.psa_eoi(): A signal remains active until it is processed by psa_eoi 3. Manifest- irqs (optional, unique) This attribute is a list of IRQ lines which are assigned to the Secure Partition.A Secure Partition always has exclusive access to an assigned IRQ. Secure Partitions are not allowed to share IRQs with other Secure Partitions. Each IRQ specified must provide a signal field. This field contains a symbolic name for the signal, used by the SPM to indicate when the interrupt is asserted. Each IRQ source is declared using the source field. This is a string which identifies the interrupt source in an IMPLEMENTATION DEFINED manner. | | Generate interrupt for driver partition assigned irq source and checks that: - interrupt is routed to driver patition - psa_wait returns the required irq_signal value - end of interrupt using psa_eoi Test Limitation: Rules around sharing of irq lines can't be tested as specifiying it can result into build error. | Mandatory | Yes |
+| test_i022 | The call to psa_reply() is PROGRAMMER ERROR if the message handle is invalid | [client/server]_test_psa_reply_with_invalid_handle() | Call psa_reply with an INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i023 | The call to psa_reply() is PROGRAMMER ERROR if the message handle is null handle | [client/server]_test_psa_reply_with_null_handle() | Call psa_reply with a NULL HANDLE | Optional | Yes |
+| test_i024 | The call to psa_call() is PROGRAMMER ERROR if an invalid handle was passed | [client/server]_test_psa_call_with_invalid_handle() | Call psa_call with an INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call.Perform this step from NSPE and SPE both. | Optional | Yes |
+| test_i025 | The call to psa_call() is PROGRAMMER ERROR if an null handle was passed | [client/server]_test_psa_call_with_null_handle() | Call psa_call with a NULL HANDLE and expect PROGRAMMER ERROR behaviour for API call. Perform this step from NSPE and SPE both. | Optional | Yes |
+| test_i026 | The call to psa_call() is PROGRAMMER ERROR if in_len + out_len > PSA_MAX_IOVEC | [client/server]_test_psa_call_with_iovec_more_than_max_limit() | Call psa_call with more than four IOVECs and expect PROGRAMMER ERROR behaviour for API call. Perform this step from NSPE and SPE both. | Optional | Yes |
+| test_i027 | If the message type is request message and the client has made an invalid request, then the RoT Service can request for the connection to be terminated by calling psa_reply() with return value PSA_ERROR_PROGRAMMER_ERROR. After this, the RoT Service will receive no further request messages on that connection. The SPM will deliver a PSA_IPC_DISCONNECT to the RoT Service to release any resources associated with that connection. If the SPM does not restart the system in response to the above PROGRAMMER ERROR, then termination of the connection has the following effects: - No further request messages will be received by the RoT Service for the connection. - The RoT Service will receive a PSA_IPC_DISCONNECT message for the connection to release resources and reset state associated with the connection. - The failing call to psa_call() will return PSA_ERROR_PROGRAMMER_ERROR. - Subsequent calls to psa_call() on the same connection will immediately return PSA_ERROR_PROGRAMMER_ERROR. - The client must call psa_close() to close the connection. | [client/server]_test_psa_drop_connection() | RoT service executes psa_reply with status code equal to PSA_ERROR_PROGRAMMER_ERROR during request message.Client expects either PSA_ERROR_PROGRAMMER_ERROR as returned status code for psa_call or system to get paniced Perform above steps from NSPE and SPE both. | Optional | Yes |
+| test_i028 | The call to psa_read() is PROGRAMMER ERROR if msg_handle does not refer to a request message | [client/server]_test_psa_read_at_ipc_connect() | Call psa_read during PSA_IPC_CONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i029 | The call to psa_read() is PROGRAMMER ERROR if msg_handle does not refer to a request message | [client/server]_test_psa_read_at_ipc_disconnect() | Call psa_read during PSA_IPC_DISCONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i030 | The call to psa_read() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_read_with_null_handle() | Call psa_read with NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i031 | The call to psa_read() is PROGRAMMER ERROR if Invalid handle was passed | [client/server]_test_psa_read_with_invalid_handle() | Calll psa_read with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i032 | The call to psa_read() is PROGRAMMER ERROR if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_read_with_invec_equal_to_max_iovec() | Call psa_read with invec_idx=PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i033 | The call to psa_read() is PROGRAMMER ERROR if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_read_with_invec_greater_than_max_iovec() | Call psa_read with invec_idx>PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i034 | The call to psa_skip() is PROGRAMMER ERROR if msg_handle does not refer to a request message | [client/server]_test_psa_skip_at_ipc_connect() | Call psa_skip during PSA_IPC_CONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i035 | The call to psa_skip() is PROGRAMMER ERROR if msg_handle does not refer to a request message | [client/server]_test_psa_skip_at_ipc_disconnect() | Call psa_skip during PSA_IPC_DISCONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i036 | The call to psa_skip() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_skip_with_null_handle() | Call psa_skipwith NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i037 | The call to psa_skip() is PROGRAMMER ERROR if Invalid handle was passed | [client/server]_test_psa_skip_with_invalid_handle() | Calll psa_skip with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i038 | The call to psa_skip() is PROGRAMMER ERROR if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_skip_with_invec_equal_to_max_iovec() | Call psa_skip with invec_idx=PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i039 | The call to psa_skip() is PROGRAMMER ERROR if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_skip_with_invec_greater_than_max_iovec() | Call psa_skip with invec_idx>PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i040 | The call to psa_write() is PROGRAMMER ERROR if msg_handle does not refer to a request message | [client/server]_test_psa_write_at_ipc_connect() | Call psa_write during PSA_IPC_CONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i041 | The call to psa_write() is PROGRAMMER ERROR if msg_handle does not refer to a request message | [client/server]_test_psa_write_at_ipc_disconnect() | Call psa_write during PSA_IPC_DISCONNECT and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i042 | The call to psa_write() is PROGRAMMER ERROR if Null handle was passed | [client/server]_test_psa_write_with_null_handle() | Call psa_write with NULL handle and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i043 | The call to psa_write() is PROGRAMMER ERROR if Invalid handle was passed | [client/server]_test_psa_write_with_invalid_handle() | Calll psa_write with INVALID_HANDLE which is not NULL and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i044 | The call to psa_write() is PROGRAMMER ERROR if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_write_with_invec_equal_to_max_iovec() | Call psa_write with invec_idx=PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i045 | The call to psa_write() is PROGRAMMER ERROR if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_write_with_invec_greater_than_max_iovec() | Call psa_write with invec_idx>PSA_MAX_IOVEC and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i046 | The call to psa_write() is PROGRAMMER ERROR if the call attempts to write data past the end of the client output vector | [client/server]_test_psa_write_with_size_overflow() | Call psa_write with a size input one byte bigger than allowed size and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i047 | The call to psa_get() is PROGRAMMER ERROR if The msg pointer provided is not a valid memory reference | [client/server]_test_psa_get_with_invalid_msg_pointer() | Call psa_get with invalid msg pointer and expect PROGRAMMER ERROR behaviour for API call. Selection of invalid pointer is as below: if (ISOLATION_LEVEL > 1) // PSA RoT Pointer psa_get(msg_pointer = driver_mmio_base); else psa_get(msg_pointer = NULL); | Optional | Yes |
+| test_i048 | The call to psa_call() is PROGRAMMER ERROR if address of in_vec is invalid for client | [client/server]_test_psa_call_with_invalid_invec_pointer | Call psa_call with invalid address for invec and expect PROGRAMMER ERROR behaviour for API call. Selection of invalid invec pointer is as below: if caller == NONSECURE // PSA RoT pointer invec_pointer = driver_mmio_base;
else
if (ISOLATION_LEVEL > 1) invec_pointer = driver_mmio_base; else invec_pointer = NULL; | Optional | Yes |
+| test_i049 | The call to psa_call() is PROGRAMMER ERROR if address of out_vec is invalid for client | [client/server]_test_psa_call_with_invalid_outvec_pointer() | Call psa_call with invalid address for outvec and expect PROGRAMMER ERROR behaviour for API call. Selection of invalid outvec pointer is as below: if caller == NONSECURE // PSA RoT pointer outvec_pointer = driver_mmio_base;
else
if (ISOLATION_LEVEL > 1) outvec_pointer = driver_mmio_base; else outvec_pointer = NULL; | Optional | Yes |
+| test_i050 | The call to psa_call() is PROGRAMMER ERROR if psa_invec.base address is invalid for client | [client/server]_test_psa_call_with_invalid_invec_base() | Call psa_call with invalid address for psa_invec.base and expect PROGRAMMER ERROR behaviour for API call. Selection of invalid base is as below: if caller == NONSECURE // PSA RoT pointer invalid_base = driver_mmio_base;
else
if (ISOLATION_LEVEL > 1) invalid_base = driver_mmio_base; else invalid_base = NULL; | Optional | Yes |
+| test_i051 | The call to psa_call() is PROGRAMMER ERROR if psa_outvec.base address is invalid for client | [client/server]_test_psa_call_with_invalid_outvec_base() | Call psa_call with invalid address for psa_outvec.base and expect PROGRAMMER ERROR behaviour for API call. Selection of invalid base is as below: if caller == NONSECURE // PSA RoT pointer invalid_base = driver_mmio_base;
else
if (ISOLATION_LEVEL > 1) invalid_base = driver_mmio_base; else invalid_base = NULL; | Optional | Yes |
+| test_i052 | The call to psa_call() is PROGRAMMER ERROR if psa_invec.base addr is valid but psa_invec.base+size address is invalid for client | [client/server]_test_psa_call_with_invalid_invec_end_addr() | Call psa_call with valid address for psa_invec.base but (psa_invec.base + psa_invec.size) pointing to invalid address and expect PROGRAMMER ERROR behaviour for API call. Selection of base and size are as below: if caller == NONSECURE valid_base = nspe_mmio_region_base; invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);
else
if (ISOLATION_LEVEL > 1) valid_base = server_mmio_region_base; invalid_size = (driver_mmio_region_base - server_mmio_region_base + 1); | Optional | Yes |
+| test_i053 | The call to psa_call() is PROGRAMMER ERROR if psa_outvec.base addr is valid but psa_invec.base+sizeaddress is invalid for client | [client/server]_test_psa_call_with_invalid_outvec_end_addr() | Call psa_call with valid address for psa_outvec.base but (psa_outvec.base + psa_outvec.size) pointing to invalid address and expect PROGRAMMER ERROR behaviour for API call. Selection of base and size are as below: if caller == NONSECURE valid_base = nspe_mmio_region_base; invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);
else
if (ISOLATION_LEVEL > 1) valid_base = server_mmio_region_base; invalid_size = (driver_mmio_region_base - server_mmio_region_base + 1); | Optional | Yes |
+| test_i054 | The call to psa_call() is PROGRAMMER ERROR if psa_outvec.base is not writable | [client/server]_test_psa_call_with_not_writable_outvec_base() | Call psa_call with not writable (code address) psa_outvec.base and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i055 | The call to psa_read() is PROGRAMMER ERROR if the memory reference for buffer is invalid | [client/server]_test_psa_read_with_invalid_buffer_addr() | Call psa_read with invalid buffer addr and expect PROGRAMMER ERROR behaviour for API call. Selection of buffer address is as below: if (ISOLATION_LEVEL > 1) buffer = driver_mmio_region_base; else buffer = NULL; | Optional | Yes |
+| test_i056 | The call to psa_read() is PROGRAMMER ERROR if the memory reference for buffer is not writable | [client/server]_test_psa_read_with_not_writable_buffer_addr() | Call psa_read with not writable address (function address- code memory) and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i057 | The call to psa_write() is PROGRAMMER ERROR if the memory reference for buffer is invalid | [client/server]_test_psa_write_with_invalid_buffer_addr() | Call psa_write with invalid buffer addr and expect PROGRAMMER ERROR behaviour for API call. Selection of buffer address is as below: if (ISOLATION_LEVEL > 1) buffer = driver_mmio_region_base; else buffer = NULL; | Optional | Yes |
+| test_i058 | 1. psa_notify() is used to asynchronously wake up another Secure Partition. The receiving partition uses psa_wait() to detect, or wait for, assertion of its PSA_DOORBELL signal. The value of partition_id must be greater than zero as the target of notification must be a Secure Partition. 2. psa_clear() clears the PSA_DOORBELL signal. 3. psa_clear(): The target Partition doorbell will remain asserted until it calls psa_clear(). | [client/server]_test_psa_doorbell_signal() | 1. Client connects to RoT service. 2. RoT services executes asserts PSA_DOORBELL singal back to client after accepting the connection. 3. Client checks the delivery of PSA_DOORBELL singal using psa_wait(). 4. Client clears the doorbell and closes the connection. 5. RoT service receives the closing connection request. | Mandatory | Yes |
+| test_i059 | The call to psa_notify() is PROGRAMMER ERROR if Partition ID does not correspond to a Secure Partition | [client/server]_test_psa_notify_with_neg_part_id() | Call psa_notify with negative partition id and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i060 | The call to psa_notify() is PROGRAMMER ERROR if Partition ID does not correspond to a Secure Partition | [client/server]_test_psa_notify_with_invalid_pos_part_id() | Call psa_notify with positive partition id which does not exist in the platform and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i061 | The call to psa_clear() is PROGRAMMER ERROR if The Secure Partition¿s doorbell signal is not currently asserted | [client/server]_test_psa_clear_at_unasserted_doorbell_sig() | Call psa_clear when doorbell signal is not asserted and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i062 | The call to psa_wait() is PROGRAMMER ERROR if signal_mask does not include any assigned signals. | [client/server_test_psa_wait_with_unassigned_signal() | Call psa_wait with signal mask that doesn't include any assigned signal and expect PROGRAMMER ERROR behaviour for API call. | Optional | Yes |
+| test_i063 | psa_wait() returns the Secure Partition interrupt signals that have been asserted from the subset of signals indicated in the bitmask provided. The mask must contain the set of signals the caller is interested in handling. Signals that are not in signal_mask should be ignored. | [client/server]_test_psa_wait_signal_mask() | 1. Select signal_mask = (SERVER_UNSPECIFED_VERSION_SIG | SERVER_RELAX_VERSION_SIG); 2. Server partition requests the client partition to make connection using sid=SERVER_SECURE_CONNECT_ONLY_SID. This connection request act as irritator to psa_wait(signal_mask) call and it is used to cover the rule - Signals that are not in signal_mask should be ignored by psa_wait. 3. NSPE client connects to a server partition using SID whose signal are part of signal_mask 4. Server partition executes psa_wait with necessary signal_mask. RoT service checks that returned signal value is subset of signals indicated in the signal_mask 5. At the end, server partition completes the starved (irritator) connection request of SERVER_SECURE_CONNECT_ONLY_SID. | Mandatory | Yes |
+| test_i064 | The call to psa_eoi() is PROGRAMMER ERROR if irq_signal is not an interrupt signal | driver_test_psa_eoi_with_non_intr_signal() | Call to psa_eoi with non-interrupt signal(PSA_DOORBELL) and expect PROGRAMMER ERROR behaviour for API call. Note: The interrupt related test check is captured in driver_partition.c as this is the only partition in test suite that holds the interrupt source. | Optional | Yes |
+| test_i065 | The call to psa_eoi() is PROGRAMMER ERROR if irq_signal is not currently asserted | driver_test_psa_eoi_with_unasserted_signal() | Call to psa_eoi with interrupt signal which is currently not asserted and expect PROGRAMMER ERROR behaviour for API call. Note: The interrupt related test check is captured in driver_partition.c as this is the only partition in test suite that holds the interrupt source. | Optional | Yes |
+| test_i066 | The call to psa_eoi() is PROGRAMMER ERROR if irq_signal indicates more than one signal | driver_test_psa_eoi_with_multiple_signals() | Call to psa_eoi with irq_signal provided with multiple signals and expect PROGRAMMER ERROR behaviour for API call. Note: The interrupt related test check is captured in driver_partition.c as this is the only partition in test suite that holds the interrupt source. | Optional | Yes |
+| test_i067 | A Secure Partition is guaranteed to be able to read and write its private heap regions. Manifest Parameter- heap_size. Properties: Optional. This attribute indicates the Secure Partition¿s heap size in bytes.The size value is represented either as a positive integer or as a hexadecimal string.If this field is specified in the manifest then the value must be greater than 0. If this field is not specified in the manifest then the SPM can assume the size is 0. | [client/server]_test_dynamic_mem_alloc_fn() | Test dynamic memory service functions-malloc(), free() and realloc behaviour defined in the specification if these APIs are available to secure partition. Otherwise skip the test. | Mandatory | Yes |
+| test_i068 | Only Code is executable in secure partition. Writable region must not be executable. | client_test_instr_exec_from_writable_mem() | Execute set of instructions from writable memory and expect internal fault. | Optional | Yes |
+| test_i069 | Only Private data is writable in secure partition. Code space must not be writable. | client_test_write_to_code_space() | Write to code space from secure partition and expect internal fault | Optional | Yes |
+| test_i070 | Only Private data is writable in secure partition. Constant data space must not be writable. | client_test_write_to_const_data() | Write to constant data space and expect internal fault | Optional | Yes |
+| test_i071 | The following memory manipulation functions from must be implemented with standard C99 definitions: memcmp() memcpy() memmove() memset() | client_test_mem_manipulation_fn() | 1 .Set buffer content using memset(). Check that content is set as expected. 2. Copy one buffer to another buffer using memcpy() and check that buffer is copied correctly. 3. Compare two buffers two times, once with equal data and once with unequal data. 2. Copy one buffer to another buffer using memmove() and check that buffer is copied correctly. | Mandatory | Yes |
+| test_i072 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT variables- Global variable. | [client/server]_test_nspe_read_app_rot_variable() [client/server]_test_nspe_write_app_rot_variable() | Access Application RoT global variable address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i073 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT execution stack. | [client/server]_test_nspe_read_app_rot_stack() [client/server]_test_nspe_write_app_rot_stack() | Access Application RoT local variable(stack region) address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i074 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT heap memory. | [client/server]_test_nspe_read_app_rot_heap() [client/server]_test_nspe_write_app_rot_heap() | Access Application RoT heap memory address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i075 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT, B is NSPE and memory asset to be protected is Application RoT MMIO region. | [client/server]_test_nspe_read_app_rot_mmio() [client/server]_test_nspe_write_app_rot_mmio() | Access Application RoT MMIO address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i076 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT variables- Global variable. | client_test_nspe_read_psa_rot_variable() driver_test_isolation_psa_rot_data_rd() client_test_nspe_write_psa_rot_variable() driver_test_isolation_psa_rot_data_wr() | Access PSA RoT global variable address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i077 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT execution stack. | client_test_nspe_read_psa_rot_stack() driver_test_isolation_psa_rot_stack_rd() client_test_nspe_write_psa_stack_variable() driver_test_isolation_psa_rot_stack_wr() | Access PSA RoT local variable(stack region) address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i078 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT heap memory. | client_test_nspe_read_psa_rot_heap() driver_test_isolation_psa_rot_heap_rd() client_test_nspe_write_psa_rot_heap() driver_test_isolation_psa_rot_heap_wr() | Access PSA RoT partition heap memory address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i079 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is NSPE and memory asset to be protected is PSA RoT MMIO region. | client_test_nspe_read_psa_rot_mmio() driver_test_isolation_psa_rot_mmio_rd() client_test_nspe_write_psa_rot_mmio() driver_test_isolation_psa_rot_mmio_wr() | Access PSA RoT partition MMIO address from NSPE and expect internal fault behavior | Optional | Yes |
+| test_i080 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT variables- Global variable. | client_test_app_rot_read_psa_rot_variable() driver_test_isolation_psa_rot_data_rd() client_test_app_rot_write_psa_rot_variable() driver_test_isolation_psa_rot_data_wr() | Access PSA RoT global variable address from Application RoT and expect internal fault behavior | Optional | Yes |
+| test_i081 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT execution stack. | client_test_app_rot_read_psa_rot_stack() driver_test_isolation_psa_rot_stack_rd() client_test_app_rot_write_psa_stack_variable() driver_test_isolation_psa_rot_stack_wr() | Access PSA RoT local variable(stack region) address from Application RoT and expect internal fault behavior | Optional | Yes |
+| test_i082 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT heap memory. | client_test_app_rot_read_psa_rot_heap() driver_test_isolation_psa_rot_heap_rd() client_test_app_rot_write_psa_rot_heap() driver_test_isolation_psa_rot_heap_wr() | Access PSA RoT partition heap memory address from Application RoT and expect internal fault behavior | Optional | Yes |
+| test_i083 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is PSA RoT, B is Application RoT and memory asset to be protected is PSA RoT MMIO region. | client_test_app_rot_read_psa_rot_mmio() driver_test_isolation_psa_rot_mmio_rd() client_test_app_rot_write_psa_rot_mmio() driver_test_isolation_psa_rot_mmio_wr() | Access PSA RoT partition MMIO address from Application RoT and expect internal fault behavior | Optional | Yes |
+| test_i084 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition variables- Global variable. | [client/server]_test_sp_read_other_sp_variable() [client/server]_test_sp_write_other_sp_variable() | Access Application RoT global variable address from other RoT and expect internal fault behavior | Optional | Yes |
+| test_i085 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition execution stack. | [client/server]_test_sp_read_other_sp_stack() [client/server]_test_sp_write_other_sp_stack() | Access Application RoT local variable(stack region) address from other Application RoT and expect internal fault behavior | Optional | Yes |
+| test_i086 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition heap memory. | [client/server]_test_sp_read_other_sp_heap() [client/server]_test_sp_write_other_sp_heap() | Access Application RoT partition heap memory address from other Application RoT and expect internal fault behavior | Optional | Yes |
+| test_i087 | If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. Where A is Application RoT Partition, B is other Application RoT partition and memory asset to be protected is A- Application RoT partition MMIO region. | [client/server]_test_sp_read_other_sp_mmio() [client/server]_test_sp_write_other_sp_mmio() | Access Application RoT partition MMIO address from other Application RoT and expect internal fault behavior | Optional | Optional |
+| test_l088 | psa_rot_lifecycle_state() function retrieves the current PSA RoT lifecycle state. | server_test_psa_rot_lifecycle_state() | Call psa_rot_lifecycle_state() from secure side and check that return value is within the allowed range. | Mandatory | Yes |
+| test_i089 | psa_panic() will terminate execution within the calling Secure Partition and will not return. | server_test_psa_panic() | Call psa_panic() from the secure partition and expect PROGRAMMER ERROR behaviour for API call. | Optional | Optional |
+| test_i090 | The call to psa_call() is a PROGRAMMER ERROR if type < 0 | [client/server]_test_psa_call_with_neg_type | Call to psa_call with negative type value and expect PROGRAMMER ERROR behaviour for API call. | Optional | Optional |
+| NO_EXPLICIT_TEST | A Secure Partition is guaranteed to be able to read and write its private stack. Manifest Parameter- stack_size (required) Partition's stack size in bytes. The size value must be represented either as a positive integer or as a hexadecimal string. | N/A | No explicit test written to cover this rule. PSA IPC tests manifests are provided with tests partition required stack_size. A successful execution of tests partition code without stack access related faults, indirectly verify this field. | N/A | Yes |
+| NO_EXPLICIT_TEST | mmio_regions (optional, unique): List of memory-mapped I/O region objects which the Secure Partition needs access to. A Secure Partition always has exclusive access to an MMIO region. Secure Partitions are not permitted to share MMIO regions with other Secure Partitions. An MMIO region can be defined either as a: numbered_region named_region A numbered region consists of a base address and a size. The size must be represented either as a positive integer or as a hexadecimal string. The base address must be represented as a hexadecimal string. MMIO regions must not overlap. An MMIO region must include a permission attribute. The following permissions are available: READ-ONLY READ-WRITE | N/A | Comments: 1. PSA IPC tests device driver partition manifests are provided with these fields. A successful compilation and run of device driver partition code indirectly verify this field. 2. Rules around sharing of MMIO regions is covered as part of isolation tests. 3. Rules around overlapping of MMIO regions can't be tested as specifying that into manifest results into compilation fail. 4. Test suite partition manifests are rely on numbered_region only as named_region is subject to resolved in Implementation defined manner. | N/A | Yes |
+| NO_EXPLICIT_TEST | Manifest Parameter- type (required) Whether the Partition is a part of the PSA Root of Trust Services or is part of the Application Root of Trust Services.Type must be assigned one of the following values:- APPLICATION-ROT- PSA-ROT | N/A | PSA IPC tests partition files are provided with these fields. Access permission behaviour related to these fields will be verified as part of tests covering isolation level rules. | N/A | Yes |
+| NO_EXPLICIT_TEST | Manifest Parameter - description (optional) This attribute contains a human-readable description and comments for the Secure Partition. | N/A | Test suite manifests are provided with these field with adhere to manifest rules. Manifest build tool parser must parse this field without any compilation fail. | N/A | Yes |
+| NO_EXPLICIT_TEST | Manifest Parameter -entry_point (required, unique) The Partition entry point in the form of an C function symbol. A single entry point must be provided and it must have the following signature: void entry_point(void); | N/A | No explicit test written to cover this rule. Test suite manifests are provided with tests partition entry_point. A successful launch and run of tests partition code indirectly verify this field. | N/A | Yes |
+| NO_EXPLICIT_TEST | The SPM must eventually deliver all signals and IPC messages. | N/A | No explicit test written to cover this rule. However all PSA IPC tests are written with the expectation that the SPM delivers all requested signals and IPC message in a timely fashion. Failure to provide this will result in simulation time out. This rule is unbounded and cannot have full coverage. It is good to that things are delivered in a timely manner, however failure will not break compliance. | N/A | Yes |
+| NO_EXPLICIT_TEST | A Secure Partition is guaranteed to be able to execute and read its own code regions and read its own read-only data regions. | N/A | No explicit test written to cover this rule. This is a minimum requirement to able to launch and run secure partition. Failing to provide this, will not be able to run IPC test suite. | N/A | Yes |
+| NOT_COVERED | psa_get returns PSA_ERROR_DOES_NOT_EXIST if the SPM cannot deliver a message to the Secure Partition following the assertion of the RoT Service signal. | N/A | This scenario cannot be simulated as test can't generate stimulus where psa_get() API returns PSA_ERROR_DOES_NOT_EXIST. However every instances of psa_get() API call in test suite checks the API return value and re-waits for signal delivery if return value is PSA_ERROR_DOES_NOT_EXIST. | N/A | No |
+| NOT_COVERED | The call to psa_call is PROGRAMMER ERROR if the connection is already handling a request. | N/A | This rule is not verified beacuse of following reasons: - There is no common infrastructure to test this rule as this needs two OS specific tasks where one task interrupted during execution of psa_call or psa_close and second task scheduled to execute psa_call using same handle. - It is hard to write test stimulus where this rule is always hit as it is highly dependent of platform software scheduling policy. | N/A | No |
+| NOT_COVERED | The call to psa_close is PROGRAMMER ERROR if the connection is already handling a request | N/A | This rule is not verified beacuse of following reasons: - There is no common infrastructure to test this rule as this needs two OS specific tasks where one task interrupted during execution of psa_call or psa_close and second task scheduled to execute psa_close using same handle. - It is hard to write test stimulus where this rule is always hit as it is highly dependent of platform software scheduling policy. | N/A | No |
+| NOT_COVERED | Manifest Parameter - priority (required) Partitions must be assigned one of the following priority groups:¿ HIGH¿ NORMAL¿ LOWLOW is the lowest priority. Priority is ignored by SPMs that do not implement any priority-based scheduling. | N/A | Use of these fields are highly dependent on type of SPM scheduling policy, hence can't test the behavious of this field. And test suite partition manifests are provided with priority field equal to LOW. | N/A | No |
+| NOT_COVERED | Secure Partition IDs must be fixed across updates | N/A | Checking for Partition IDs across SPM updates is out of scope for PSA IPC tests. | N/A | No |
## License
Arm PSA test suite is distributed under Apache v2.0 License.
diff --git a/api-tests/docs/psa_its_testlist.md b/api-tests/docs/psa_its_testlist.md
index f169577a..5d0d8988 100644
--- a/api-tests/docs/psa_its_testlist.md
+++ b/api-tests/docs/psa_its_testlist.md
@@ -6,25 +6,25 @@ Following are the requirements of the Storage Test Suite.
1. Unless described in this document, any behaviour that is defined as IMPLEMENTATION_DEFINED in PSA Storage API document is not verified in this document.
2. Storage Test Cases use UID value starting from 1 onwards. These UID needs to be free for successfull test execution.
-3. UID values 1 and 2 are reserved as WRITE_ONCE UID.These UID can't be free from testcase. Make sure these are free.
+3. UID values 1 and 2 are reserved as WRITE_ONCE UID. These UID can't be free from testcase. Make sure these are free.
-| Test | Test Scenario | API Verified | Return Value | Test Algorithm | UID Usage |
-|-----------|--------------------------------------|-------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------|
-| test_s001 | Get,get_info and remove API's call for non-existent and removed assest | psa_its_get psa_its_get_info psa_its_remove | PSA_ITS_ERROR_UID_NOT_FOUND | 1. Call get API with UID for which no UID/Data pair is created 2. Call get_info API for which no UID/Data pair is created 3. Call remove API for which no UID/Data pair is created 4. Set valid UID/Data pair with uid1 5. Set one more set of UID/Data pair, with different uid, than previous 6. Remove the uid of step 4. 7. Call get API for removed UID/data pair 8. Call get_info API for removed UID/Data pair 9. Call remove API for removed UID/Data pair 10. Set valid UID/Data pair 11. Call get API for different uid , then created 12. Call get_info API for different uid, then created 13. Call remove API for different uid, then created 14. Remove the created UID/Data pair. 15. Remove the stray uid. | UID value used are 5,6,7 |
-| test_s002 | Overwriting data for asset created with WRITE_ONCE flag | psa_its_set psa_its_remove | PSA_ITS_ERROR_WRITE_ONCE | 1. Set valid UID/data value pair , with create flag value none. 2. Call get and get_info API to validate the data, attributes associated with data 3. Call set API again with same uid and create flag PSA_PS_WRITE_ONCE_FLAG 4. Call get and get_info API to validate the data, attributes associated with data is not changed after second set operation 5. try to remove the UID/data pair. 6. Create new UID/data value pair, with create flag PSA_PS_WRITE_ONCE_FLAG 7. Try to remove the created UID. 8. Call get and get_info API to validate the data, attributes associated with data 9. Again call SET with same UID , create flag PSA_PS_WRITE_ONCE_FLAG but different data length 10. Try to remove the UID, PSA_ITS_ERROR_WRITE_ONCE error should be returned 11. Call get and get_info API to validate the data, attributes associated with data | UID value used are 1 and 2 |
-| test_s003 | Exhaust storage space | psa_its_set |PSA_ITS_ERROR_INSUFFICIENT_SPACE | 1. Create UID/data pairs, with data_len 256 bytes. Do this with incrementing uid values till we have INSUFFICENT_SPACE. 2. Remove all the UID/data pairs created. 3. Repeat the steps once more, to check all previous uid are removed successfully | UID value starts from 5 and keep on incrementing till all space is exhausted |
-| test_s004 | Overwriting data for asset created without WRITE_ONCE flag | psa_its_set psa_its_get psa_its_get_info psa_its_remove | PSA_ITS_SUCCESS | 1. Set a valid uid/data pair 2. Validate the data using get api 3. Change the data length to half of previous. 4. Call GET api with original data length , error should be returned and also the return buffer should be empty 5. Call GET api with correct data_len and validate the data received. 6. Check old data cannot be accessed. 7. Call REMOVE api to delete the UID/data pair | UID value used is 5 |
-| test_s005 | Get, get_info and remove API call for valid assest | psa_its_set psa_its_get psa_its_get_info psa_its_remove | PSA_ITS_SUCCESS |1. Set valid UID/data pair with varying uid and data_len 2. Call GET api and validate the set data 3. Call GET info api and validate the data attributes 4. Call REMOVE api to delete the UID/data pair | UID value used are 4 |
-| test_s006 | Storage asset creation with unsupported create_flag value | psa_its_set | PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED | 1. Call the SET_INFO with minimum flag value to max flag value 2. Call GET_INFO api and validate the flag value 3. Remove the uid/data pair | UID value used is 5 |
-| test_s007 | Get API call with length different than asset data length | psa_its_set | PSA_ITS_ERROR_INCORRECT_SIZE | 1. Create valid uid/data pair. 2. Increase the length of storage. 3. Try to access the old length using get api. 4. Try to access with valid length less than stored size. 5. Decrease the length of storage. 6. Try to access the old length. 7. Remove the uid | UID value used is 5 |
-| test_s008 | Get API call with invalid offset | psa_its_get |PSA_ITS_ERROR_OFFSET_INVALID | 1. Set valid UID/data pair 2. Call GET api with valid offset and offset + data_len equal to stored data size. 3. Call GET api with valid offset and offset + data_len less than stored data size. 4. Call get api with invalid offset. 5. Call get api with zero offset , but data len greater than data size. 6. Remove the uid. | UID value used is 5 |
-| test_s009 | API call with NULL pointer and zero length | psa_its_get psa_its_set psa_its_get_info | PSA_ITS_SUCCESS | 1. Call the SET API with NULL pointer and data_len zero 2. Validate using get_info api storage should be present. 3. Call get API with NULL pointer. 4. Remove the UID. 5. Call get_info API to validate storage is removed. 6. Set storage entity with valid write_buffer , but length zero. 7. Call get_info API to validate storage attributes. 8. Call get_info api with NULL pointer and valid uid. 9. Remove the uid | UID value used is 5 |
-| test_s010 | Storage assest creation with UID value 0 | psa_its_set | PSA_ITS_ERROR_INVALID_ARGUMENTS | 1. Call the SET API with UID value 0. 2. Check that storage creation fails. | UID value used is 0
-| NA | Storage Failure | NA | PSA_ITS_ERROR_STORAGE_FAILURE | 1. The failure cause will depend on the underlying platform and vary for each implementation. It is skipped in current suite | NA |
+| Test | Test Scenario | API Verified | Return Value | Test Algorithm | UID Usage |
+|-----------|---------------------------------------|----------------|-------------------------|---------------------|------------------------|
+| test_s001 | Get,get_info and remove API's call for non-existent and removed assest | psa_its_get psa_its_get_info psa_its_remove | PSA_ERROR_DOES_NOT_EXIST | 1. Call get API with UID for which no UID/Data pair is created 2. Call get_info API for which no UID/Data pair is created 3. Call remove API for which no UID/Data pair is created 4. Set valid UID/Data pair with uid1 5. Set one more set of UID/Data pair, with different uid, than previous 6. Remove the uid of step 4. 7. Call get API for removed UID/data pair 8. Call get_info API for removed UID/Data pair 9. Call remove API for removed UID/Data pair 10. Set valid UID/Data pair 11. Call get API for different uid , then created 12. Call get_info API for different uid, then created 13. Call remove API for different uid, then created 14. Remove the created UID/Data pair. 15. Remove the stray uid. | UID value used are 5,6,7 |
+| test_s002 | Overwriting data for asset created with WRITE_ONCE flag | psa_its_set psa_its_remove | PSA_ERROR_NOT_PERMITTED | 1. Set valid UID/data value pair , with create flag value none. 2. Call get and get_info API to validate the data, attributes associated with data 3. Call set API again with same uid and create flag PSA_PS_WRITE_ONCE_FLAG 4. Call get and get_info API to validate the data, attributes associated with data is not changed after second set operation 5. try to remove the UID/data pair. 6. Create new UID/data value pair, with create flag PSA_PS_WRITE_ONCE_FLAG 7. Try to remove the created UID. 8. Call get and get_info API to validate the data, attributes associated with data 9. Again call SET with same UID , create flag PSA_PS_WRITE_ONCE_FLAG but different data length 10. Try to remove the UID, PSA_ITS_ERROR_WRITE_ONCE error should be returned 11. Call get and get_info API to validate the data, attributes associated with data | UID value used are 1 and 2 |
+| test_s003 | Exhaust storage space | psa_its_set | PSA_ERROR_INSUFFICIENT_STORAGE | 1. Create UID/data pairs, with data_len of PLATFORM_MAX_UID_SIZE bytes. Do this with incrementing uid values till we have INSUFFICENT_SPACE. 2. Remove all the UID/data pairs created. 3. Repeat the steps once more, to check all previous uid are removed successfully | UID value starts from 5 and keep on incrementing till all space is exhausted |
+| test_s004 | Overwriting data for asset created without WRITE_ONCE flag | psa_its_set psa_its_get psa_its_get_info psa_its_remove | PSA_SUCCESS | 1. Set a valid uid/data pair 2. Validate the data using get api 3. Change the data length to half of previous. 4. Call GET api with original data length , expect the success result and the read buffer to match for half of original length 5. Call REMOVE api to delete the UID/data pair | UID value used is 5 |
+| test_s005 | Get, get_info and remove API call for valid assest | psa_its_set psa_its_get psa_its_get_info psa_its_remove | PSA_SUCCESS | 1. Set valid UID/data pair with varying uid and data_len 2. Call GET api and validate the set data 3. Call GET info api and validate the data attributes 4. Call REMOVE api to delete the UID/data pair | UID value used are 4 |
+| test_s006 | Storage asset creation with supported create flag values | psa_its_set | PSA_ERROR_NOT_SUPPORTED | 1. Call the SET API with available create flag values 2. Call GET_INFO api and validate the flag value 3. Remove the uid/data pair | UID value used is 5 |
+| test_s007 | Get API call with length different than asset data length | psa_its_set psa_its_get | PSA_SUCCESS | 1. Create valid uid/data pair. 2. Increase the length of storage. 3. Try to access the old length using get api. 4. Try to access with valid length less than stored size. 5. Decrease the length of storage. 6. Try to access the old length. 7. Remove the uid | UID value used is 5 |
+| test_s008 | Get API call with invalid offset | psa_its_get | PSA_ERROR_INVALID_ARGUMENT | 1. Set valid UID/data pair 2. Call GET api with valid offset and offset + data_len equal to stored data size. 3. Call GET api with valid offset and offset + data_len less than stored data size. 4. Call get api with invalid offset. 5. Call get api with zero offset , but data len greater than data size. 6. Remove the uid. | UID value used is 5 |
+| test_s009 | API call with NULL pointer and zero length | psa_its_get psa_its_set psa_its_get_info | PSA_ERROR_DOES_NOT_EXIST | 1. Call the SET API with NULL pointer and data_len zero 2. Validate using get_info api storage should be present. 3. Call get API with NULL pointer. 4. Remove the UID. 5. Call get_info API to validate storage is removed. 6. Set storage entity with valid write_buffer , but length zero. 7. Call get_info API to validate storage attributes. 8. Call get_info api with NULL pointer and valid uid. 9. Remove the uid | UID value used is 5 |
+| test_s010 | Storage assest creation with UID value 0 | psa_its_set | PSA_ERROR_INVALID_ARGUMENT | 1. Call the SET API with UID value 0. 2. Check that storage creation fails. | UID value used is 0
+| NA | Storage Failure | NA | PSA_ERROR_STORAGE_FAILURE | 1. The failure cause will depend on the underlying platform and vary for each implementation. It is skipped in current suite | NA |
## License
Arm PSA test suite is distributed under Apache v2.0 License.
--------------
-*Copyright (c) 2019, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/docs/psa_ps_testlist.md b/api-tests/docs/psa_ps_testlist.md
index 2675c7fc..bf90b02f 100644
--- a/api-tests/docs/psa_ps_testlist.md
+++ b/api-tests/docs/psa_ps_testlist.md
@@ -4,36 +4,36 @@
Following are the requirements of the Storage Test Suite.
-1. Unless described in this document, any behaviour that is defined as IMPLEMENTATION_DEFINED in PSA Storage API document is not verified in this document.
+1. Unless described in this document, any behaviour that is defined as IMPLEMENTATION_DEFINED in PSA Storage API document is not verified in this document.
2. Storage Test Cases use UID value starting from 1 onwards. These UID needs to be free for successfull test execution.
-3. UID values 1 and 2 are reserved as WRITE_ONCE UID.These UID can't be free from testcase. Make sure these are free.
-
-
-| Test | Test Scenario | API Verified | Return Value | Test Algorithm | UID Usage |
-|-----------|--------------------------------------|------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------|
-| test_s001 | Get,get_info and remove API's call for non-existent and removed assest | psa_ps_get psa_ps_get_info psa_ps_remove |PSA_PS_ERROR_UID_NOT_FOUND | 1. Call get API with UID for which no UID/Data pair is created. 2. Call get_info API for which no UID/Data pair is created. 3. Call remove API for which no UID/Data pair is created. 4. Set valid UID/Data pair with uid1. 5. Set one more set of UID/Data pair, with different uid, than previous. 6. Remove the uid of step 4. 7. Call get API for removed UID/data pair. 8. Call get_info API for removed UID/Data pair. 9. Call remove API for removed UID/Data pair. 10. Set valid UID/Data pair. 11. Call get API for different uid , then created. 12. Call get_info API for different uid, then created. 13. Call remove API for different uid, then created. 14. Remove the created UID/Data pair. 15. Remove the stray uid. | UID value used are 5, 6, 7 |
-| test_s002 | Overwriting data for asset created with WRITE_ONCE flag | psa_ps_set psa_ps_remove | PSA_PS_ERROR_WRITE_ONCE | 1. Set valid UID/data value pair , with create flag value none. 2. Call get and get_info API to validate the data, attributes associated with data. 3. Call set API again with same uid and create flag PSA_PS_WRITE_ONCE_FLAG. 4. Call get and get_info API to validate the data, attributes associated with data is not changed after second set operation 5. Try to remove the UID/data pair. 6. Create new UID/data value pair, with create flag PSA_PS_WRITE_ONCE_FLAG. 7. Try to remove the created UID. 8. Call get and get_info API to validate the data, attributes associated with data. 9. Again call SET with same UID , create flag PSA_PS_WRITE_ONCE_FLAG but different data length. 10. Try to remove the UID, PSA_PS_ERROR_WRITE_ONCE error should be returned. 11. Call get and get_info API to validate the data, attributes associated with data. | UID value used are 1 and 2 |
-| test_s003 | Exhaust storage space | psa_ps_set | PSA_PS_ERROR_INSUFFICIENT_SPACE | 1. Create UID/data pairs, with data_len 256 bytes. Do this with incrementing uid values till we have INSUFFICENT_SPACE. 2. Remove all the UID/data pairs created. 3. Repeat the steps once more, to check all previous uid are removed successfully. | UID value starts from 5 and keep on incrementing till all space is exhausted |
-| test_s004 | Overwriting data for asset created without WRITE_ONCE flag | psa_ps_set psa_ps_get psa_ps_get_info psa_ps_remove | PSA_PS_SUCCESS | 1. Set a valid uid/data pair. 2. Validate the data using get api. 3. Change the data length to half of previous. 4. Call GET api with original data length , error should be returned and also the return buffer should be empty. 5. Call GET api with correct data_len and validate the data received. 6. Check old data cannot be accessed. 7. Call REMOVE api to delete the UID/data pair. | UID value used is 5 |
-| test_s005 | Get, get_info and remove API call for valid assest | psa_ps_set psa_ps_get psa_ps_get_info psa_ps_remove | PSA_PS_SUCCESS | 1. Set valid UID/data pair with varying uid and data_len. 2. Call GET api and validate the set data. 3. Call GET info api and validate the data attributes. 4. Call REMOVE api to delete the UID/data pair. | UID value used are 4 |
-| test_s006 | Storage asset creation with unsupported | psa_ps_set | PSA_PS_ERROR_FLAGS_NOT_SUPPORTED | 1. Call the SET_INFO with minimum flag value to max flag value. 2. Call GET_INFO api and validae the flag value. 3. Remove the uid/data pair. | UID value used is 5 |
-| test_s007 | Get API call with invalid length | psa_ps_get | PSA_PS_ERROR_INCORRECT_SIZE | 1. Create valid uid/data pair. 2. Increase the length of storage. 3. Try to access the old length using get api. 4. Try to access with valid length less than stored size. 5. Decrease the length of storage. 6. Try to access the old length. 7. Remove the uid. | UID value used is 5 |
-| test_s008 | Get API call with invalid offset | psa_ps_get | PSA_PS_ERROR_INCORRECT_SIZE | 1. Set valid UID/data pair. 2. Call GET api with valid offset and offset + data_len equal to stored data size. 3. Call GET api with valid offset and offset + data_len less than stored data size. 4. Call get api with invalid offset. 5. Call get api with zero offset , but data len greater than data size. 6. Remove the uid. | UID value used is 5 |
-| test_s009 | API call with NULL pointer and zero length | psa_ps_get psa_ps_set psa_ps_get_info | PSA_PS_SUCCESS | 1. Call the SET API with NULL pointer and data_len zero 2. Validate using get_info api storage should be present. 3. Call get API with NULL pointer. 4. Remove the UID. 5. Call get_info API to validate storage is removed. 6. Set storage entity with valid write_buffer , but length zero. 7. Call get_info API to validate storage attributes. 8. Call get_info api with NULL pointer and valid uid. 9. Remove the uid. | UID value used is 5 |
-| test_s010 | Storage assest creation with UID value 0 | psa_ps_set | PSA_PS_ERROR_INVALID_ARGUMENTS | 1. Call the SET API with UID value 0. 2. Check that storage creation fails. | UID value used is 0 |
-| test_p011 | Set_extended API's call for non-existent and removed assest | psa_ps_set_extended | PSA_PS_ERROR_UID_NOT_FOUND | 1. Call the SET Extended API when no uid present. 2. Create a valid storage using set. 3. Call create api with different length for existing uid. 4. Call create api to set WRITE_ONCE flag. 5. Validate data attributes are maintained. 6. Remove the uid. 7. Create valid storage using create api. 8. Try to change length using create api. 9. Validate storage is empty. 10. Again call create api with original parameters. 11. Remove the uid. 12. Check no duplicate entry present. | UID value used is 5 |
-| test_p012 | Set_extended API's call with invalid offset | psa_ps_set_extended | PSA_PS_ERROR_OFFSET_INVALID | 1. Create a valid storage using set. 2. Set data on first half of buffer. 3. Try to set data at incorrect offset +length. 4. Try to set data at incorrect offset. 5. Try to set at correct offset but zero length buffer. 6. Try to set data at incorrect length and valid offset. 7. Overwrite the storage using set api. 8. Validate data is correctly written. 9. Call set_extended with NULL write buffer. 10. Overwrite storage using set_extended api. 11. Remove the uid. | UID value used is 6
-| test_p013 | Create and set_extended API call for valid assest | psa_ps_set_extended psa_ps_create | PSA_PS_SUCCESS | 1. Create Storage of zero length using create. 2. Try to set some data in the storage created. 3. Validate the storage attributes. 4. Remove the storage. 5. Create a valid storage with non-zero length. 6. Set data in the buffer. 7. Validate the data attributes. 8. Overwrite data using set api. 9. Validate the data. 10. Call create api for existing uid with same parameters. 11. Remove the uid. 12. Check with set_extended no duplicate uid exists. | UID value used is 4
-| test_p014 | Create and set_extended API call when API's not supported | psa_ps_create psa_ps_set_extended | PSA_PS_ERROR_NOT_SUPPORTED | Below Steps will be run only if optional API are not supported. 1. Create API call should fail. 2. Check the UID should not exist. 3. Create storage using set API. 4. Try to partially write using set_extended API. 5. Validate data is not modified. 6. Remove the uid. | UID value used is 5
-| test_p015 | Create API call with WRITE_ONCE flag | psa_ps_create |PSA_PS_ERROR_FLAGS_NOT_SUPPORTED | Below Step will be run only if optional API are supported. 1. Create API call with WRITE_ONCE flag should fail. | UID value used is 5
-| NA | Storage Failure | NA | PSA_PS_ERROR_STORAGE_FAILURE | 1. The failure cause will depend on the underlying platform and vary for each implementation. It is skipped in current suite | NA |
-| NA | Operation Failure | NA | PSA_PS_ERROR_OPERATION_FAILED | 1. The failure cause will depend on the underlying platform and vary for each implementation. It is skipped in current suite | NA |
-| NA | Authentication Failure | NA | PSA_PS_ERROR_AUTH_FAILED | 1. The failure cause will depend on the underlying platform and vary for each implementation. It is skipped in current suite | NA |
-| NA | Data Corruption | NA | PSA_PS_ERROR_DATA_CORRUPT | 1. The failure cause will depend on the underlying platform and vary for each implementation. It is skipped in current suite | NA |
+3. UID values 1 and 2 are reserved as WRITE_ONCE UID. These UID can't be free from testcase. Make sure these are free.
+
+| Test | Test Scenario | API Verified | Return Value | Test Algorithm | UID Usage |
+|-----------|---------------------------------------|----------------|-------------------------|---------------------|------------------------|
+| test_s001 | Get,get_info and remove API's call for non-existent and removed assest | psa_ps_get psa_ps_get_info psa_ps_remove | PSA_ERROR_DOES_NOT_EXIST | 1. Call get API with UID for which no UID/Data pair is created 2. Call get_info API for which no UID/Data pair is created 3. Call remove API for which no UID/Data pair is created 4. Set valid UID/Data pair with uid1 5. Set one more set of UID/Data pair, with different uid, than previous 6. Remove the uid of step 4. 7. Call get API for removed UID/data pair 8. Call get_info API for removed UID/Data pair 9. Call remove API for removed UID/Data pair 10. Set valid UID/Data pair 11. Call get API for different uid , then created 12. Call get_info API for different uid, then created 13. Call remove API for different uid, then created 14. Remove the created UID/Data pair. 15. Remove the stray uid. | UID value used are 5,6,7 |
+| test_s002 | Overwriting data for asset created with WRITE_ONCE flag | psa_ps_set psa_ps_remove | PSA_ERROR_NOT_PERMITTED | 1. Set valid UID/data value pair , with create flag value none. 2. Call get and get_info API to validate the data, attributes associated with data 3. Call set API again with same uid and create flag PSA_PS_WRITE_ONCE_FLAG 4. Call get and get_info API to validate the data, attributes associated with data is not changed after second set operation 5. try to remove the UID/data pair. 6. Create new UID/data value pair, with create flag PSA_PS_WRITE_ONCE_FLAG 7. Try to remove the created UID. 8. Call get and get_info API to validate the data, attributes associated with data 9. Again call SET with same UID , create flag PSA_PS_WRITE_ONCE_FLAG but different data length 10. Try to remove the UID, PSA_ITS_ERROR_WRITE_ONCE error should be returned 11. Call get and get_info API to validate the data, attributes associated with data | UID value used are 1 and 2 |
+| test_s003 | Exhaust storage space | psa_ps_set | PSA_ERROR_INSUFFICIENT_STORAGE | 1. Create UID/data pairs, with data_len of PLATFORM_MAX_UID_SIZE bytes. Do this with incrementing uid values till we have INSUFFICENT_SPACE. 2. Remove all the UID/data pairs created. 3. Repeat the steps once more, to check all previous uid are removed successfully | UID value starts from 5 and keep on incrementing till all space is exhausted |
+| test_s004 | Overwriting data for asset created without WRITE_ONCE flag | psa_ps_set psa_ps_get psa_ps_get_info psa_ps_remove | PSA_SUCCESS | 1. Set a valid uid/data pair 2. Validate the data using get api 3. Change the data length to half of previous. 4. Call GET api with original data length , expect the success result and the read buffer to match for half of original length 5. Call REMOVE api to delete the UID/data pair | UID value used is 5 |
+| test_s005 | Get, get_info and remove API call for valid assest | psa_ps_set psa_ps_get psa_ps_get_info psa_ps_remove | PSA_SUCCESS | 1. Set valid UID/data pair with varying uid and data_len 2. Call GET api and validate the set data 3. Call GET info api and validate the data attributes 4. Call REMOVE api to delete the UID/data pair | UID value used are 4 |
+| test_s006 | Storage asset creation with supported create flag values | psa_ps_set | PSA_ERROR_NOT_SUPPORTED | 1. Call the SET API with available create flag values 2. Call GET_INFO api and validate the flag value 3. Remove the uid/data pair | UID value used is 5 |
+| test_s007 | Get API call with length different than asset data length | psa_ps_set psa_ps_get | PSA_SUCCESS | 1. Create valid uid/data pair. 2. Increase the length of storage. 3. Try to access the old length using get api. 4. Try to access with valid length less than stored size. 5. Decrease the length of storage. 6. Try to access the old length. 7. Remove the uid | UID value used is 5 |
+| test_s008 | Get API call with invalid offset | psa_ps_get | PSA_ERROR_INVALID_ARGUMENT | 1. Set valid UID/data pair 2. Call GET api with valid offset and offset + data_len equal to stored data size. 3. Call GET api with valid offset and offset + data_len less than stored data size. 4. Call get api with invalid offset. 5. Call get api with zero offset , but data len greater than data size. 6. Remove the uid. | UID value used is 5 |
+| test_s009 | API call with NULL pointer and zero length | psa_ps_get psa_ps_set psa_ps_get_info | PSA_ERROR_DOES_NOT_EXIST | 1. Call the SET API with NULL pointer and data_len zero 2. Validate using get_info api storage should be present. 3. Call get API with NULL pointer. 4. Remove the UID. 5. Call get_info API to validate storage is removed. 6. Set storage entity with valid write_buffer , but length zero. 7. Call get_info API to validate storage attributes. 8. Call get_info api with NULL pointer and valid uid. 9. Remove the uid | UID value used is 5 |
+| test_s010 | Storage assest creation with UID value 0 | psa_ps_set | PSA_ERROR_INVALID_ARGUMENT | 1. Call the SET API with UID value 0. 2. Check that storage creation fails. | UID value used is 0
+| test_p011 | Set_extended API's call for non-existent and removed assest | psa_ps_set_extended | PSA_ERROR_DOES_NOT_EXIST | Below Steps will be run only if optional API are not supported. 1. Call the SET Extended API when no uid present. 2. Create a valid storage using set. 3. Call create api with different length for existing uid. 4. Call create api to set WRITE_ONCE flag. 5. Validate data attributes are maintained. 6. Remove the uid. 7. Create valid storage using create api. 8. Try to change length using create api. 9. Validate storage is empty. 10. Again call create api with original parameters. 11. Remove the uid. 12. Check no duplicate entry present. | UID value used is 5 |
+| test_p012 | Set_extended API's call with invalid offset | psa_ps_set_extended | PSA_ERROR_INVALID_ARGUMENT | Below Steps will be run only if optional API are not supported. 1. Create a valid storage using set. 2. Set data on first half of buffer. 3. Try to set data at incorrect offset +length. 4. Try to set data at incorrect offset. 5. Try to set at correct offset but zero length buffer. 6. Try to set data at incorrect length and valid offset. 7. Overwrite the storage using set api. 8. Validate data is correctly written. 9. Call set_extended with NULL write buffer. 10. Overwrite storage using set_extended api. 11. Remove the uid. | UID value used is 6
+| test_p013 | Create and set_extended API call for valid assest | psa_ps_set_extended psa_ps_create | PSA_SUCCESS | Below Steps will be run only if optional API are not supported. 1. Create Storage of zero length using create. 2. Try to set some data in the storage created. 3. Validate the storage attributes. 4. Remove the storage. 5. Create a valid storage with non-zero length. 6. Set data in the buffer. 7. Validate the data attributes. 8. Overwrite data using set api. 9. Validate the data. 10. Call create api for existing uid with same parameters. 11. Remove the uid. 12. Check with set_extended no duplicate uid exists. | UID value used is 4
+| test_p014 | Create and set_extended API call when API's not supported | psa_ps_create psa_ps_set_extended | PSA_ERROR_NOT_SUPPORTED | Below Steps will be run only if optional API are not supported. 1. Create API call should fail. 2. Check the UID should not exist. 3. Create storage using set API. 4. Try to partially write using set_extended API. 5. Validate data is not modified. 6. Remove the uid. | UID value used is 5
+| test_p015 | Create API call with WRITE_ONCE flag | psa_ps_create | PSA_ERROR_NOT_SUPPORTED | Below Step will be run only if optional API are supported. 1. Create API call with WRITE_ONCE flag should fail. | UID value used is 5
+| test_p016 | Create API call for capacity check | psa_ps_create psa_ps_set psa_ps_get_info psa_ps_set_extended psa_ps_remove | PSA_ERROR_ALREADY_EXISTS PSA_ERROR_STORAGE_FAILURE | Below Steps will be run only if optional API are supported. 1. Create storage with valid UID and capacity using create 2. Check create for existing UID fails 3. Check the attributes of storage are unchanged 4. Override the storage using SET API 5. Check the attributes of storage are changed 6. Accessing old capacity with set_extended API fails 7. Remove the storage 8. Create new storage with valid UID/data pair using set API 9. Check create API for existing UID fails 10. Remove the storage | UID value used is 5
+| test_p017 | Partial write check with set extended API | psa_ps_create psa_ps_set_extended psa_ps_get_info psa_ps_remove | PSA_ERROR_STORAGE_FAILURE | Below Steps will be run only if optional API are supported. 1. Create storage with valid UID and capacity using create 2. Set partial data using set extended API 3. Check set extended API fails for data with gaps 4. Set full length data using set extended API 5. Check the valid attributes of storage 6. Remove the storage | UID value used is 5
+| NA | Fatal error | NA | PSA_ERROR_STORAGE_FAILURE | 1. The failure cause will depend on the underlying platform and vary for each implementation. It is skipped in current suite | NA |
+| NA | Data Corruption | NA | PSA_ERROR_DATA_CORRUPT | 1. The failure cause will depend on the underlying platform and vary for each implementation. It is skipped in current suite | NA |
+| NA | Invalid Signature | NA | PSA_ERROR_INVALID_SIGNATURE | 1. The failure cause will depend on the underlying platform and vary for each implementation. It is skipped in current suite | NA |
## License
Arm PSA test suite is distributed under Apache v2.0 License.
--------------
-*Copyright (c) 2019, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/docs/sw_requirements.md b/api-tests/docs/sw_requirements.md
index 7a747254..e05e2532 100644
--- a/api-tests/docs/sw_requirements.md
+++ b/api-tests/docs/sw_requirements.md
@@ -1,11 +1,13 @@
# Architecture Test Suite Software Requirements
-Before starting the test suite build, ensure that the following requirements are met:
+Current release has been tested againt the below tools versions:
-- Host Operating System : Ubuntu 16.04
-- Scripting tools : Perl 5.12.3, Python 3.1.7
-- Compiler toolchain : GNU Arm Embedded Toolchain 6.3.1, Arm Compiler v6.7
+- Host Operating System : Ubuntu 16.04, Windows 10
+- Scripting tools : Python 3.7.1
+- Host Compiler toolchain : GCC 5.4.0 32-Bit (Linux Host) or MinGW 6.3.0 32-Bit (Windows Host)
+- Cross Compiler toolchain : GNU Arm Embedded Toolchain 6.3.1, 7.3.1 or Arm Compiler 6.11
+- Build tools : CMake 3.10
**Note**: To compile the test suite code, at least one of the above supported compiler toolchains
must be available in the build environment.
@@ -32,30 +34,15 @@ git clone https://github.com/ARM-software/psa-arch-tests.git
## Cloning the external repository
To build Initial Attestation tests, the PSA APIs test suite clones the following
-git repository. The cloning is automated as part of the test suite
-build script **./setup.sh**:
+git repository. The cloning is automated as part of the test suite cmake build:
-~~~
-git clone https://github.com/laurencelundblade/QCBOR.git ./platform/targets//nspe/initial_attestation/ext
-cd ./platform/targets//nspe/initial_attestation/ext; git checkout da53227db1488dde0952bdff66c3d904dce270b3
-~~~
-
-## To build on Cygwin(32-bit)
-
-To build test suite on Cygwin ensure all the above prerequisite in place.
-
-**Note**: Downloading the test suite in Window platform can have extra
-newline chars than Unix. Therefore, it is recommended to execute the
-following command to change the newline char format before running
-any test suite command.
-
-~~~
-dos2unix ./tools/scripts/setup.sh
-~~~
+**Repo**
+Name : https://github.com/laurencelundblade/QCBOR.git
+Commit id : 42272e466a8472948bf8fca076d113b81b99f0e0
## License
Arm PSA test suite is distributed under Apache v2.0 License.
--------------
-*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2018-2020, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/docs/test_failure_analysis.md b/api-tests/docs/test_failure_analysis.md
new file mode 100644
index 00000000..ab03126d
--- /dev/null
+++ b/api-tests/docs/test_failure_analysis.md
@@ -0,0 +1,41 @@
+
+# Test failure analysis document
+
+This file contains list of failures identified when testing the release
+on tgt_dev_apis_tfm_an521, tgt_dev_apis_tfm_musca_a and tgt_dev_apis_tfm_musca_b1
+targets with TFM commit Hash - 6e7be077eabef00b4825e245604148d82b11f832.
+The reason for each failing test is listed here in this file.
+
+## Known Failures
+
+| Test | Fail description | Github issue |
+|------|---------------------------------------------------------------------------------| ------------ |
+|test_c006 | psa_hash_compute is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c007 | psa_hash_compare is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c009 | psa_key_derivation_input_bytes returns incorrect error code | https://github.com/ARMmbed/mbed-crypto/issues/175 |
+|test_c020 | psa_key_derivation_output_bytes returns incorrect error code | https://github.com/ARMmbed/mbed-crypto/issues/175 |
+|test_c021 | psa_key_derivation_output_key returns incorrect error code | https://github.com/ARMmbed/mbed-crypto/issues/175 |
+|test_c046 | psa_mac_compute is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c047 | psa_mac_verify is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c048 | psa_cipher_encrypt is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c049 | psa_cipher_decrypt is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c050 | Persistent key storage is unavailable in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/382 |
+|test_c051 | Persistent key storage is unavailable in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/382 |
+|test_c052 | psa_aead_encrypt_setup is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c053 | psa_aead_decrypt_setup is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c054 | psa_aead_generate_nonce is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c055 | psa_aead_set_nonce is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c056 | psa_aead_set_lengths is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c057 | psa_aead_update_ad is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c058 | psa_aead_update is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c059 | psa_aead_finish is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c060 | psa_aead_abort is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+|test_c061 | psa_aead_verify is unimplemented in TFM/mbed-crypto. So the test has not been verified. | https://github.com/ARMmbed/mbed-crypto/issues/381 |
+
+## License
+
+Arm PSA test suite is distributed under Apache v2.0 License.
+
+--------------
+
+*Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/ff/README.md b/api-tests/ff/README.md
index 8c820865..a3a90145 100644
--- a/api-tests/ff/README.md
+++ b/api-tests/ff/README.md
@@ -41,47 +41,62 @@ To build the test suite for your target platform, perform the following steps.
1. Execute `cd api-tests`.
-2. Using your Secure partition build tool, parse the following test suite partition manifest files and generate manifest output files. The manifest parsing tool must be compliant with the manifest rules defined in the PSA FF specification.
+2. Execute `python tools/scripts/manifest_update.py` to remove heap_size field from PSA test suite manifest files if your platform doesn't support the dynamic memory functions for the secure partition. Otherwise, skip this step.
+
+3. Using your Secure partition build tool, parse the following test suite partition manifest files and generate manifest output files. The manifest parsing tool must be compliant with the manifest rules defined in the PSA FF specification.
The test suite manifests to be parsed are:
- - **platform/targets//manifests/common/driver_partition_psa.json**
- - **platform/targets//manifests/ipc/client_partition_psa.json**
- - **platform/targets//manifests/ipc/server_partition_psa.json**
+ - **platform/manifests/driver_partition_psa.json**
+ - **platform/manifests/client_partition_psa.json**
+ - **platform/manifests/server_partition_psa.json**
-3. Compile the tests as shown below.
+4. Compile the tests as shown below.
```
- ./tools/scripts/setup.sh --target --cpu_arch --suite --build --include --archive_tests
+ cd api-tests
+ mkdir
+ cd
+ cmake ../ -G"" -DTARGET= -DCPU_ARCH= -DSUITE= -DPSA_INCLUDE_PATHS=";;...;"
+ cmake --build .
+```
+ Options information:
+
+- -G"" : "Unix Makefiles" to generate Makefiles for Linux and Cygwin. "MinGW Makefiles" to generate Makefiles for cmd.exe on Windows
+- -DTARGET= is the same as the name of the target-specific directory created in the **platform/targets/** directory. The current release has been tested on **tgt_dev_apis_tfm_an521**, **tgt_dev_apis_tfm_musca_b1** and **tgt_dev_apis_tfm_musca_a** platforms except for the tests written for PSA isolation level-3 and secure partition dynamic memory APIs as these features are unsupported by the mentioned platforms. However, it can still be possible to run them if the platform supports these features.
+- -DTOOLCHAIN= Compiler toolchain to be used for test suite compilation. Supported values are GNUARM (GNU Arm Embedded), ARMCLANG (ARM Compiler 6.x) and HOST_GCC. Default is GNUARM.
+- -DCPU_ARCH= is the Arm Architecture version name for which the tests should be compiled. Supported CPU arch are armv8m_ml, armv8m_bl and armv7m. Default is empty. This option is unused when TOOLCHAIN type is HOST_GCC.
+- -DSUITE= is the suite name which is the same as the suite name available in **ff/** directory.
+- -DVERBOSE=. Print verbosity level. Default is 3. Supported print levels are 1(INFO & above), 2(DEBUG & above), 3(TEST & above), 4(WARN & ERROR) and 5(ERROR).
+- -DBUILD= : To select the build directory to keep output files. Default is BUILD/ inside current directory.
+- -DINCLUDE_PANIC_TESTS=<0|1> : The default compilation flow includes the functional API tests to build the test suite. It does not include panic tests that check for the API's PROGRAMMER ERROR(Panic) conditions as defined in the PSA-FF specification. You can include the panic tests for building the test suite by setting this option to 1.
+- -DPLATFORM_PSA_ISOLATION_LEVEL=<1|2|3> : PSA Firmware Framwork isolation level supported by the platform. Default is highest level of isolation which is three.
+- -DSP_HEAP_MEM_SUPP=<0|1> : Are dynamic memory functions available to secure partition? 0 means no and 1 means yes. This skips the secure partition dynamic memory functions related tests if this is marked as zero.
+- -DWATCHDOG_AVAILABLE=<0|1>: Test harness may require to access watchdog timer to recover system hang. 0 means skip watchdog programming in the test suite and 1 means program the watchdog. Default is 1. Note, If the system under test doesn't support the reboot of the system when it encounters the panic situation, a watchdog must be available to the tests if INCLUDE_PANIC_TESTS set to 1.
+- -DPSA_INCLUDE_PATHS=";;...;" is an additional directory to be included into the compiler search path. To compile IPC tests, the include path must point to the path where **psa/client.h**, **psa/service.h**, **psa/lifecycle.h** and test partition manifest output files(**psa_manifest/sid.h**, **psa_manifest/pid.h** and **psa_manifest/.h**) are located in your build system. Bydefault, PSA_INCLUDE_PATHS accepts absolute path. However, relative path can be provided using below format:
+```
+ -DPSA_INCLUDE_PATHS=`readlink -f `
```
- where:
-
-- is the same as the name of the target specific directory created in the **platform/targets/** directory.
-- is the Arm Architecture version name for which the tests should be compiled. For example, Armv7M, Armv8M-Baseline and Armv8M-Mainline Architecture.
-- is the suite name which is the same as the suite name available in **ff/** directory.
-- is a directory to store the build output files.
-- is an additional directory to be included into the compiler search path.
-Note: To compile IPC tests, the include path must point to the path where **psa/client.h**, **psa/service.h**, **psa/lifecycle.h** and test partition manifest output files(**psa_manifest/sid.h**, **psa_manifest/pid.h** and **psa_manifest/.h**) are located in your build system.
-- Use **--archive_tests** option to create a combined test archive(test_combine.a) file by combining the available test objects files. Not using this option will create a combined test binary(test_elf_combine.bin) by combining the available test ELFs.
-
-For more information about options, refer to **./tools/scripts/setup.sh --help**.
-To compile IPC tests for **tgt_ff_mbedos_fvp_mps2_m4** platform, execute the following commands:
+To compile IPC tests for **tgt_ff_tfm_an521** platform, execute the following commands:
```
-cd api-tests
-./tools/scripts/setup.sh --target tgt_ff_mbedos_fvp_mps2_m4 --cpu_arch armv7m --suite ipc --build BUILD_IPC --include --include --archive_tests
+ cd api-tests
+ mkdir BUILD
+ cd BUILD
+ cmake ../ -G"Unix Makefiles" -DTARGET=tgt_ff_tfm_an521 -DCPU_ARCH=armv8m_ml -DSUITE=IPC -DPLATFORM_PSA_ISOLATION_LEVEL=2 -DSP_HEAP_MEM_SUPP=0 -DPSA_INCLUDE_PATHS=";;...;"
+ cmake --build .
```
-**Note**: The default compilation flow includes the functional API tests to build the test suite. It does not include panic tests that check for the API's PROGRAMMER ERROR conditions as defined in the PSA-FF specification. You can include the panic tests for building the test suite just by passing **--include_panic_tests** option to script.
+**Note**: The default compilation flow includes the functional API tests to build the test suite. It does not include panic tests that check for the API's PROGRAMMER ERROR conditions as defined in the PSA-FF specification. You can include the panic tests for building the test suite just by passing **-DINCLUDE_PANIC_TESTS=1** to CMake.
### Build output
The test suite build generates the following binaries:
NSPE libraries:
-1. **/BUILD/val/val_nspe.a**
-2. **/BUILD/platform/pal_nspe.a**
-3. **/BUILD/ff//test_combine.a**
+1. **/val/val_nspe.a**
+2. **/platform/pal_nspe.a**
+3. **/ff//test_combine.a**
SPE libraries explicitly for IPC test suite:
-1. **/BUILD/partition/driver_partition.a**
-2. **/BUILD/partition/client_partition.a**
-3. **/BUILD/partition/server_partition.a**
+1. **/partition/driver_partition.a**
+2. **/partition/client_partition.a**
+3. **/partition/server_partition.a**
### Integrating the libraries into your target platform
@@ -95,11 +110,15 @@ The following steps describe the execution flow before the test execution:
2. The *System Under Test* (SUT) boots to an environment that initializes the SPM and the test suite partitions are ready to accept requests.
-3. On the Non-secure side, the SUT boot software gives control to the test suite entry point **void val_entry(void);** as an application entry point.
+3. On the Non-secure side, the SUT boot software gives control to the test suite entry point **int32_t val_entry(void);** as an application entry point returning test status code.
4. The tests are executed sequentially in a loop in the test_dispatcher function.
For details on test suite integration, refer to the **Integrating the test suite with the SUT** section of [Validation Methodology](../docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf).
+## Security implication
+
+PSA FF test suite may run at higher privilege level. An attacker can utilize these tests as a means to elevate privilege which can potentially reveal the platform secure attests. To prevent such security vulnerabilities into the production system, it is strongly recommended that PSA FF test suite is run on development platforms. If it is run on production system, make sure system is scrubbed after running the test suite.
+
## License
Arm PSA test suite is distributed under Apache v2.0 License.
@@ -114,4 +133,4 @@ Arm PSA test suite is distributed under Apache v2.0 License.
--------------
-*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2018-2020, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/ff/ipc/suite.cmake b/api-tests/ff/ipc/suite.cmake
new file mode 100644
index 00000000..aaaa0f2c
--- /dev/null
+++ b/api-tests/ff/ipc/suite.cmake
@@ -0,0 +1,68 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+foreach(test ${PSA_TEST_LIST})
+ include(${PSA_SUITE_DIR}/${test}/test.cmake)
+ foreach(source_file ${CC_SOURCE})
+ list(APPEND SUITE_CC_SOURCE
+ ${PSA_SUITE_DIR}/${test}/${source_file}
+ )
+ endforeach()
+ foreach(asm_file ${AS_SOURCE})
+ list(APPEND SUITE_AS_SOURCE
+ ${PSA_SUITE_DIR}/${test}/${asm_file}
+ )
+ endforeach()
+ foreach(source_file ${CC_SOURCE_SPE})
+ list(APPEND SUITE_CC_SOURCE_SPE
+ ${PSA_SUITE_DIR}/${test}/${source_file}
+ )
+ endforeach()
+ foreach(asm_file ${AS_SOURCE_SPE})
+ list(APPEND SUITE_AS_SOURCE_SPE
+ ${PSA_SUITE_DIR}/${test}/${asm_file}
+ )
+ endforeach()
+ unset(CC_SOURCE)
+ unset(AS_SOURCE)
+ unset(CC_SOURCE_SPE)
+ unset(AS_SOURCE_SPE)
+endforeach()
+
+add_library(${PSA_TARGET_TEST_COMBINE_LIB} STATIC ${SUITE_CC_SOURCE} ${SUITE_AS_SOURCE})
+target_compile_definitions(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE CC_OPTIONS)
+target_compile_definitions(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE AS_OPTIONS)
+target_compile_definitions(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE NONSECURE_TEST_BUILD)
+
+# Test related Include directories
+foreach(test ${PSA_TEST_LIST})
+ target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE ${PSA_SUITE_DIR}/${test})
+endforeach()
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE ${psa_inc_path})
+endforeach()
+
+target_include_directories(${PSA_TARGET_TEST_COMBINE_LIB} PRIVATE
+ ${CMAKE_CURRENT_BINARY_DIR}
+ ${PSA_ROOT_DIR}/val/common
+ ${PSA_ROOT_DIR}/val/nspe
+ ${PSA_ROOT_DIR}/val/spe
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto
+)
diff --git a/api-tests/ff/ipc/test_i001/test.cmake b/api-tests/ff/ipc/test_i001/test.cmake
new file mode 100644
index 00000000..698a8ff1
--- /dev/null
+++ b/api-tests/ff/ipc/test_i001/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i001.c
+ test_i001.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i001.c
+ test_supp_i001.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i001/test_entry.c b/api-tests/ff/ipc/test_i001/test_entry_i001.c
similarity index 100%
rename from api-tests/ff/ipc/test_i001/test_entry.c
rename to api-tests/ff/ipc/test_i001/test_entry_i001.c
diff --git a/api-tests/ff/ipc/test_i001/test_i001.c b/api-tests/ff/ipc/test_i001/test_i001.c
index 80185ad5..be6961d8 100644
--- a/api-tests/ff/ipc/test_i001/test_i001.c
+++ b/api-tests/ff/ipc/test_i001/test_i001.c
@@ -32,7 +32,7 @@ client_test_t test_i001_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_framework_version(security_t caller)
+int32_t client_test_psa_framework_version(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
@@ -49,15 +49,19 @@ int32_t client_test_psa_framework_version(security_t caller)
return status;
}
-int32_t client_test_psa_version(security_t caller)
+int32_t client_test_psa_version(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
uint32_t version;
val->print(PRINT_TEST, "[Check 2] psa_version\n", 0);
- /*Return PSA_VERSION_NONE when the RoT Service is not implemented, or the caller is not permitted
- to access the service. Return minor version of the implemented and allowed RoT Service */
+ /*
+ * Return PSA_VERSION_NONE when the RoT Service is not implemented,
+ * or the caller is not permitted to access the service.
+ * Return version of the implemented and allowed RoT Service
+ */
+
/* psa_version() check for un-implemented SID */
if (psa->version(INVALID_SID) != PSA_VERSION_NONE)
{
@@ -71,8 +75,8 @@ int32_t client_test_psa_version(security_t caller)
/* psa_version() check for implemented SID but allows only secure connection */
version = psa->version(SERVER_SECURE_CONNECT_ONLY_SID);
- if (((caller == NONSECURE) && (version != PSA_VERSION_NONE))
- || ((caller == SECURE) && (version != 2)))
+ if (((caller == CALLER_NONSECURE) && (version != PSA_VERSION_NONE))
+ || ((caller == CALLER_SECURE) && (version != SERVER_SECURE_CONNECT_ONLY_VERSION)))
{
status = VAL_STATUS_VERSION_API_FAILED;
val->print(PRINT_ERROR,
@@ -84,8 +88,8 @@ int32_t client_test_psa_version(security_t caller)
return status;
}
- /* psa_version() returns minor version of the implemented and allowed RoT Service */
- if (psa->version(SERVER_TEST_DISPATCHER_SID) != 1)
+ /* psa_version() returns version of the implemented and allowed RoT Service */
+ if (psa->version(SERVER_TEST_DISPATCHER_SID) != SERVER_TEST_DISPATCHER_VERSION)
{
status = VAL_STATUS_VERSION_API_FAILED;
}
diff --git a/api-tests/ff/ipc/test_i001/test_i001.h b/api-tests/ff/ipc/test_i001/test_i001.h
index a42fd97e..191bb17c 100644
--- a/api-tests/ff/ipc/test_i001/test_i001.h
+++ b/api-tests/ff/ipc/test_i001/test_i001.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i001)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i001)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i001_client_tests_list[];
-int32_t client_test_psa_framework_version(security_t);
-int32_t client_test_psa_version(security_t);
+int32_t client_test_psa_framework_version(caller_security_t);
+int32_t client_test_psa_version(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i001/test_supp_i001.c b/api-tests/ff/ipc/test_i001/test_supp_i001.c
index 2a33cfaa..45ffd93b 100644
--- a/api-tests/ff/ipc/test_i001/test_supp_i001.c
+++ b/api-tests/ff/ipc/test_i001/test_supp_i001.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i002/source.mk b/api-tests/ff/ipc/test_i002/source.mk
deleted file mode 100644
index 4410eac9..00000000
--- a/api-tests/ff/ipc/test_i002/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i002.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i002.c test_supp_i002.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i048/source.mk b/api-tests/ff/ipc/test_i002/test.cmake
similarity index 70%
rename from api-tests/ff/ipc/test_i048/source.mk
rename to api-tests/ff/ipc/test_i002/test.cmake
index 6f4b483c..33679bd9 100644
--- a/api-tests/ff/ipc/test_i048/source.mk
+++ b/api-tests/ff/ipc/test_i002/test.cmake
@@ -1,3 +1,4 @@
+#/** @file
# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
@@ -14,12 +15,18 @@
# * limitations under the License.
#**/
-CC_SOURCE = test_entry.c test_i048.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
+list(APPEND CC_SOURCE
+ test_entry_i002.c
+ test_i002.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
-CC_SOURCE_SPE = test_i048.c test_supp_i048.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
+list(APPEND CC_SOURCE_SPE
+ test_i002.c
+ test_supp_i002.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i002/test_entry.c b/api-tests/ff/ipc/test_i002/test_entry_i002.c
similarity index 100%
rename from api-tests/ff/ipc/test_i002/test_entry.c
rename to api-tests/ff/ipc/test_i002/test_entry_i002.c
diff --git a/api-tests/ff/ipc/test_i002/test_i002.c b/api-tests/ff/ipc/test_i002/test_i002.c
index abd023f4..4177fe7d 100644
--- a/api-tests/ff/ipc/test_i002/test_i002.c
+++ b/api-tests/ff/ipc/test_i002/test_i002.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -29,8 +29,9 @@ client_test_t test_i002_client_tests_list[] = {
NULL,
client_test_connection_busy_and_reject,
client_test_accept_and_close_connect,
- client_test_connect_with_allowed_minor_version_policy,
+ client_test_connect_with_allowed_version_policy,
client_test_psa_call_with_allowed_status_code,
+ client_test_psa_call_with_allowed_type_values,
client_test_identity,
client_test_spm_concurrent_connect_limit,
client_test_psa_block_behave,
@@ -38,14 +39,14 @@ client_test_t test_i002_client_tests_list[] = {
NULL,
};
-int32_t client_test_connection_busy_and_reject(security_t caller)
+int32_t client_test_connection_busy_and_reject(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test busy and reject connect type\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/*
* The RoT Service can't make connection at this moment. It sends
@@ -58,7 +59,7 @@ int32_t client_test_connection_busy_and_reject(security_t caller)
return VAL_STATUS_INVALID_HANDLE;
}
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* The RoT Service rejected the client because of an application-specific case
* Expect PSA_ERROR_CONNECTION_REFUSED as return
@@ -73,15 +74,15 @@ int32_t client_test_connection_busy_and_reject(security_t caller)
return status;
}
-int32_t client_test_accept_and_close_connect(security_t caller)
+int32_t client_test_accept_and_close_connect(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 2] Accept and close connection\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* RoT service accepts the connection. Expecting positive handle */
- if (handle < 0)
+ if (!PSA_HANDLE_IS_VALID(handle))
{
return VAL_STATUS_INVALID_HANDLE;
}
@@ -94,19 +95,22 @@ int32_t client_test_accept_and_close_connect(security_t caller)
return VAL_STATUS_SUCCESS;
}
-int32_t client_test_connect_with_allowed_minor_version_policy(security_t caller)
+int32_t client_test_connect_with_allowed_version_policy(caller_security_t caller)
{
psa_handle_t handle = 0;
uint32_t i = 0;
- uint32_t sid[] = {SERVER_UNSPECIFED_MINOR_V_SID,
- SERVER_STRICT_MINOR_VERSION_SID,
- SERVER_RELAX_MINOR_VERSION_SID,
- SERVER_RELAX_MINOR_VERSION_SID};
- uint32_t minor_v[] = {1, 2, 1, 2};
-
- val->print(PRINT_TEST, "[Check 3] Test psa_connect with allowed minor version policy\n", 0);
-
- /* Connect RoT service with following minor version numbers and expect positive handle for
+ uint32_t sid[] = {SERVER_UNSPECIFED_VERSION_SID,
+ SERVER_STRICT_VERSION_SID,
+ SERVER_RELAX_VERSION_SID,
+ SERVER_RELAX_VERSION_SID};
+ uint32_t version[] = {SERVER_UNSPECIFED_VERSION_VERSION,
+ SERVER_STRICT_VERSION_VERSION,
+ SERVER_RELAX_VERSION_VERSION - 1,
+ SERVER_RELAX_VERSION_VERSION};
+
+ val->print(PRINT_TEST, "[Check 3] Test psa_connect with allowed version policy\n", 0);
+
+ /* Connect RoT service with following version numbers and expect positive handle for
* each connection:
* Case 1. Version policy is not mentioned and requested version is 1 (default minimum version)
* Case 2. Version policy is STRICT and requested version equals minimum version
@@ -116,11 +120,11 @@ int32_t client_test_connect_with_allowed_minor_version_policy(security_t caller)
for (i = 0; i < (sizeof(sid)/sizeof(sid[0])); i++)
{
- handle = psa->connect(sid[i], minor_v[i]);
- if (handle < 0)
+ handle = psa->connect(sid[i], version[i]);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR,
- "\tpsa_connect failed for minor_v policy. Iteration No=%d\n", i);
+ "\tpsa_connect failed for version policy. Iteration No=%d\n", i);
return VAL_STATUS_INVALID_HANDLE;
}
@@ -136,13 +140,14 @@ int32_t psa_call_with_null_msg(int32_t expected_status)
psa_handle_t handle = 0;
psa_status_t status_of_call;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
+
/* Compare status code returned with expected status code */
if (status_of_call != expected_status)
{
@@ -153,7 +158,7 @@ int32_t psa_call_with_null_msg(int32_t expected_status)
return status;
}
-int32_t client_test_psa_call_with_allowed_status_code(security_t caller)
+int32_t client_test_psa_call_with_allowed_status_code(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_status_t expected_status_code[] = {PSA_SUCCESS, 1, 2, INT32_MAX, -1, -2, INT32_MIN+128};
@@ -168,24 +173,53 @@ int32_t client_test_psa_call_with_allowed_status_code(security_t caller)
if (VAL_ERROR(status))
{
val->print(PRINT_ERROR,
- "psa_call failed for status code=0x%x\n", expected_status_code[i]);
+ "\tpsa_call failed for status code=0x%x\n", expected_status_code[i]);
return status;
}
}
return status;
}
-int32_t client_test_identity(security_t caller)
+int32_t client_test_psa_call_with_allowed_type_values(caller_security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ int32_t type[] = {PSA_IPC_CALL, 1, 2, INT32_MAX};
+ uint32_t i = 0;
+
+ val->print(PRINT_TEST, "[Check 5] Test psa_call with different type values\n", 0);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
+ {
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ for (i = 0; i < (sizeof(type)/sizeof(type[0])); i++)
+ {
+ /* Send type = type[i] */
+ if (psa->call(handle, type[i], NULL, 0, NULL, 0) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tCheck failed for type=%d\n", type[i]);
+ status = VAL_STATUS_CALL_FAILED;
+ break;
+ }
+ }
+
+ psa->close(handle);
+ return status;
+}
+
+int32_t client_test_identity(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
psa_status_t status_of_call;
int id_at_connect = 0, id_at_call = 0;
- val->print(PRINT_TEST, "[Check 5] Test client_id\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ val->print(PRINT_TEST, "[Check 6] Test client_id\n", 0);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
return(VAL_STATUS_INVALID_HANDLE);
}
@@ -193,7 +227,7 @@ int32_t client_test_identity(security_t caller)
psa_outvec resp[2] = {{&id_at_connect, sizeof(id_at_call)},
{&id_at_call, sizeof(id_at_call)}};
- status_of_call = psa->call(handle, NULL, 0, resp, 2);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, resp, 2);
if (status_of_call != PSA_SUCCESS)
@@ -201,13 +235,13 @@ int32_t client_test_identity(security_t caller)
status = VAL_STATUS_CALL_FAILED;
}
/* For NSPE access, identity should be < 0 */
- else if ((caller == NONSECURE) && ((id_at_connect != id_at_call)
+ else if ((caller == CALLER_NONSECURE) && ((id_at_connect != id_at_call)
|| (id_at_connect >=0) || (id_at_call >=0)))
{
status = VAL_STATUS_WRONG_IDENTITY;
}
/* For SPE access, identity should be > 0 */
- else if ((caller == SECURE) && ((id_at_connect != id_at_call)
+ else if ((caller == CALLER_SECURE) && ((id_at_connect != id_at_call)
|| (id_at_connect <=0) || (id_at_call <=0)))
{
status = VAL_STATUS_WRONG_IDENTITY;
@@ -217,20 +251,20 @@ int32_t client_test_identity(security_t caller)
return status;
}
-int32_t client_test_spm_concurrent_connect_limit(security_t caller)
+int32_t client_test_spm_concurrent_connect_limit(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle[CONNECT_LIMIT] = {0};
int i= 0, signture = 0;
- val->print(PRINT_TEST, "[Check 6] Test connect limit\n", 0);
+ val->print(PRINT_TEST, "[Check 7] Test connect limit\n", 0);
/* Execute psa_connect in a loop until it returns
* PSA_ERROR_CONNECTION_REFUSED OR PSA_ERROR_CONNECTION_BUSY
*/
while (i < CONNECT_LIMIT)
{
- handle[i] = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle[i] = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Compare handle value */
if ((handle[i] == PSA_ERROR_CONNECTION_REFUSED) || (handle[i] == PSA_ERROR_CONNECTION_BUSY))
{
@@ -266,7 +300,7 @@ int32_t client_test_psa_wait(void)
for (i = 0; i < CONNECT_NUM; i++)
{
- handle[i] = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle[i] = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
if (handle[i] != PSA_ERROR_CONNECTION_REFUSED)
{
return VAL_STATUS_INVALID_HANDLE;
@@ -276,14 +310,14 @@ int32_t client_test_psa_wait(void)
return VAL_STATUS_SUCCESS;
}
-int32_t client_test_psa_block_behave(security_t caller)
+int32_t client_test_psa_block_behave(caller_security_t caller)
{
- val->print(PRINT_TEST, "[Check 7] Test PSA_BLOCK\n", 0);
+ val->print(PRINT_TEST, "[Check 8] Test PSA_BLOCK\n", 0);
return (client_test_psa_wait());
}
-int32_t client_test_psa_poll_behave(security_t caller)
+int32_t client_test_psa_poll_behave(caller_security_t caller)
{
- val->print(PRINT_TEST, "[Check 8] Test PSA_POLL\n", 0);
+ val->print(PRINT_TEST, "[Check 9] Test PSA_POLL\n", 0);
return (client_test_psa_wait());
}
diff --git a/api-tests/ff/ipc/test_i002/test_i002.h b/api-tests/ff/ipc/test_i002/test_i002.h
index a0767873..9f36dca7 100644
--- a/api-tests/ff/ipc/test_i002/test_i002.h
+++ b/api-tests/ff/ipc/test_i002/test_i002.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i002)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i002)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
#define CONNECT_LIMIT 50
@@ -36,12 +36,13 @@ extern psa_api_t *psa;
extern client_test_t test_i002_client_tests_list[];
-int32_t client_test_connection_busy_and_reject(security_t);
-int32_t client_test_accept_and_close_connect(security_t);
-int32_t client_test_connect_with_allowed_minor_version_policy(security_t);
-int32_t client_test_psa_call_with_allowed_status_code(security_t);
-int32_t client_test_identity(security_t);
-int32_t client_test_spm_concurrent_connect_limit(security_t);
-int32_t client_test_psa_block_behave(security_t);
-int32_t client_test_psa_poll_behave(security_t);
+int32_t client_test_connection_busy_and_reject(caller_security_t);
+int32_t client_test_accept_and_close_connect(caller_security_t);
+int32_t client_test_connect_with_allowed_version_policy(caller_security_t);
+int32_t client_test_psa_call_with_allowed_status_code(caller_security_t);
+int32_t client_test_psa_call_with_allowed_type_values(caller_security_t);
+int32_t client_test_identity(caller_security_t);
+int32_t client_test_spm_concurrent_connect_limit(caller_security_t);
+int32_t client_test_psa_block_behave(caller_security_t);
+int32_t client_test_psa_poll_behave(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i002/test_supp_i002.c b/api-tests/ff/ipc/test_i002/test_supp_i002.c
index 274452b7..6e4ab00d 100644
--- a/api-tests/ff/ipc/test_i002/test_supp_i002.c
+++ b/api-tests/ff/ipc/test_i002/test_supp_i002.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -27,8 +27,9 @@ extern psa_api_t *psa;
int32_t server_test_connection_busy_and_reject(void);
int32_t server_test_accept_and_close_connect(void);
-int32_t server_test_connect_with_allowed_minor_version_policy(void);
+int32_t server_test_connect_with_allowed_version_policy(void);
int32_t server_test_psa_call_with_allowed_status_code(void);
+int32_t server_test_psa_call_with_allowed_type_values(void);
int32_t server_test_identity(void);
int32_t server_test_spm_concurrent_connect_limit(void);
int32_t server_test_psa_block_behave(void);
@@ -38,8 +39,9 @@ server_test_t test_i002_server_tests_list[] = {
NULL,
server_test_connection_busy_and_reject,
server_test_accept_and_close_connect,
- server_test_connect_with_allowed_minor_version_policy,
+ server_test_connect_with_allowed_version_policy,
server_test_psa_call_with_allowed_status_code,
+ server_test_psa_call_with_allowed_type_values,
server_test_identity,
server_test_spm_concurrent_connect_limit,
server_test_psa_block_behave,
@@ -58,16 +60,16 @@ int32_t server_test_connection_busy_and_reject(void)
* check delivery of PSA_IPC_CONNECT when psa_connect called.
* And msg.handle must be positive.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
return status;
}
- /* Rejecting connection to check behaviour of PSA_CONNECTION_BUSY */
- psa->reply(msg.handle, PSA_CONNECTION_BUSY);
+ /* Rejecting connection to check behaviour of PSA_ERROR_CONNECTION_BUSY */
+ psa->reply(msg.handle, PSA_ERROR_CONNECTION_BUSY);
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
return status;
@@ -83,7 +85,7 @@ int32_t server_test_accept_and_close_connect(void)
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
/* Reject the connection if processing of connect request has failed */
@@ -97,7 +99,7 @@ int32_t server_test_accept_and_close_connect(void)
/* Checking delivery of PSA_IPC_DISCONNECT when psa_close called
* msg.handle must be positive
*/
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
return status;
@@ -105,20 +107,21 @@ int32_t server_test_accept_and_close_connect(void)
/* Sanity check - if the message type is PSA_IPC_DISCONNECT then the status code is ignored.*/
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
+
/* Debug print for sanity check */
val->err_check_set(TEST_CHECKPOINT_NUM(205), status);
return status;
}
-int32_t server_test_connect_with_allowed_minor_version_policy(void)
+int32_t server_test_connect_with_allowed_version_policy(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
int i = 0;
- psa_signal_t signal[4] = {SERVER_UNSPECIFED_MINOR_V_SIG,
- SERVER_STRICT_MINOR_VERSION_SIG,
- SERVER_RELAX_MINOR_VERSION_SIG,
- SERVER_RELAX_MINOR_VERSION_SIG};
+ psa_signal_t signal[4] = {SERVER_UNSPECIFED_VERSION_SIGNAL,
+ SERVER_STRICT_VERSION_SIGNAL,
+ SERVER_RELAX_VERSION_SIGNAL,
+ SERVER_RELAX_VERSION_SIGNAL};
for (i = 0; i < 4; i++)
{
@@ -149,7 +152,7 @@ int32_t server_test_psa_call_with_allowed_status_code(void)
for (i = 0; i < (sizeof(status_code)/sizeof(status_code[0])); i++)
{
- status = ((val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
if (val->err_check_set(TEST_CHECKPOINT_NUM(208), status))
{
@@ -158,7 +161,7 @@ int32_t server_test_psa_call_with_allowed_status_code(void)
}
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(209), status))
{
/* Send status code other than status_code[] to indicate failure
@@ -172,7 +175,7 @@ int32_t server_test_psa_call_with_allowed_status_code(void)
psa->reply(msg.handle, status_code[i]);
}
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
val->err_check_set(TEST_CHECKPOINT_NUM(210), status);
@@ -180,15 +183,59 @@ int32_t server_test_psa_call_with_allowed_status_code(void)
return status;
}
+int32_t server_test_psa_call_with_allowed_type_values(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ int32_t type[] = {PSA_IPC_CALL, 1, 2, INT32_MAX};
+ uint32_t i = 0;
+
+ status = ((val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
+ ? VAL_STATUS_ERROR : status);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(211), status))
+ {
+ psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
+ return status;
+ }
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+ for (i = 0; i < (sizeof(type)/sizeof(type[0])); i++)
+ {
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(212), status))
+ {
+ psa->reply(msg.handle, -3);
+ break;
+ }
+ else
+ {
+ /* Check recieve of client provided message type */
+ if (msg.type != type[i])
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ psa->reply(msg.handle, -2);
+ break;
+ }
+ psa->reply(msg.handle, PSA_SUCCESS);
+ }
+ }
+
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa->reply(msg.handle, PSA_SUCCESS);
+ val->err_check_set(TEST_CHECKPOINT_NUM(213), status);
+ return status;
+}
+
int32_t server_test_identity(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
int id_at_connect = 0, id_at_call = 0;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
- if (val->err_check_set(TEST_CHECKPOINT_NUM(211), status))
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(214), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return status;
@@ -198,8 +245,8 @@ int32_t server_test_identity(void)
id_at_connect = msg.client_id;
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
- if (val->err_check_set(TEST_CHECKPOINT_NUM(212), status))
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(215), status))
{
psa->reply(msg.handle, -3);
}
@@ -212,8 +259,8 @@ int32_t server_test_identity(void)
psa->reply(msg.handle, PSA_SUCCESS);
}
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
- val->err_check_set(TEST_CHECKPOINT_NUM(213), status);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ val->err_check_set(TEST_CHECKPOINT_NUM(216), status);
/* Client ID during disconnect. It should be equal to id_at_call */
if (msg.client_id != id_at_call)
{
@@ -246,14 +293,14 @@ int32_t server_test_spm_concurrent_connect_limit(void)
while (1)
{
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if ((signals & SERVER_UNSPECIFED_MINOR_V_SIG) == 0)
+ if ((signals & SERVER_UNSPECIFED_VERSION_SIGNAL) == 0)
{
val->print(PRINT_ERROR,
- "psa_wait returned with invalid signal value = 0x%x\n", signals);
+ "\tpsa_wait returned with invalid signal value = 0x%x\n", signals);
return VAL_STATUS_ERROR;
}
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
continue;
switch(msg.type)
@@ -289,24 +336,24 @@ int32_t server_test_psa_block_behave(void)
*/
/* Debug print */
- val->err_check_set(TEST_CHECKPOINT_NUM(214), VAL_STATUS_SUCCESS);
+ val->err_check_set(TEST_CHECKPOINT_NUM(217), VAL_STATUS_SUCCESS);
for (i = 0; i < CONNECT_NUM; i++)
{
wait:
/* PSA_BLOCK ored with 0xFF to check timeout[30:0]=RES is ignored by implementation */
- signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
+ signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK | 0xff);
- /* When MODE is one(PSA_BLOCK), the psa_wait must return non-zero signal value */
- if ((signals & SERVER_UNSPECIFED_MINOR_V_SIG) == 0)
+ /* When MODE is PSA_BLOCK, the psa_wait must return non-zero signal value */
+ if ((signals & SERVER_UNSPECIFED_VERSION_SIGNAL) == 0)
{
val->print(PRINT_ERROR,
- "psa_wait returned with invalid signal value = 0x%x\n", signals);
+ "\tpsa_wait returned with invalid signal value = 0x%x\n", signals);
return VAL_STATUS_ERROR;
}
else
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -316,54 +363,55 @@ int32_t server_test_psa_block_behave(void)
}
/* Debug print */
- val->err_check_set(TEST_CHECKPOINT_NUM(215), VAL_STATUS_SUCCESS);
+ val->err_check_set(TEST_CHECKPOINT_NUM(218), VAL_STATUS_SUCCESS);
return VAL_STATUS_SUCCESS;
}
int32_t server_test_psa_poll_behave(void)
{
- psa_signal_t signals = 0, signals_temp = 0;
+ psa_signal_t signals_block = 0, signals_poll = 0;
psa_msg_t msg = {0};
int count = 0;
while (1)
{
/* Debug print */
- val->err_check_set(TEST_CHECKPOINT_NUM(216), VAL_STATUS_SUCCESS);
+ val->err_check_set(TEST_CHECKPOINT_NUM(219), VAL_STATUS_SUCCESS);
- /* Loop to receive client request */
- while (signals == 0)
- {
- signals = psa->wait(PSA_WAIT_ANY, PSA_POLL);
- }
+ /* Wait for client request */
+ signals_block = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
+
+ /* Debug print */
+ val->err_check_set(TEST_CHECKPOINT_NUM(220), VAL_STATUS_SUCCESS);
/*
- * When MODE is zero(PSA_POLL), the psa_wait will return immediately with the current
- * signal state, which can be zero if no signals are active. Exepecting following call to
- * return immediately as none of client is making request.
+ * When MODE is PSA_POLL, the psa_wait will return immediately with
+ * the current signal state. Expecting following call to return immediately
+ * with signal_poll = signal_block.
*/
- signals_temp = psa->wait(PSA_WAIT_ANY, PSA_POLL);
+ signals_poll = psa->wait(PSA_WAIT_ANY, PSA_POLL);
- if (signals_temp == 0)
+ if (signals_poll != signals_block)
{
- val->print(PRINT_ERROR,
- "psa_wait returned with invalid signals_temp = 0x%x\n", signals_temp);
+ val->print(PRINT_ERROR, "\tSignal value mismatch\n", 0);
+ val->print(PRINT_ERROR, "\tsignals_poll = 0x%x\n", signals_poll);
+ val->print(PRINT_ERROR, "\tsignals_block = 0x%x\n", signals_block);
return VAL_STATUS_ERROR;
}
- else if ((signals & SERVER_UNSPECIFED_MINOR_V_SIG) == 0)
+ else if ((signals_block & SERVER_UNSPECIFED_VERSION_SIGNAL) == 0)
{
val->print(PRINT_ERROR,
- "psa_wait returned with invalid signal value = 0x%x\n", signals);
+ "\tpsa_wait returned with invalid signal_block = 0x%x\n", signals_block);
return VAL_STATUS_ERROR;
}
else
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
continue;
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
count++;
- signals = 0;
+ signals_block = 0;
}
/* Come out of loop as we reached required connect limit*/
diff --git a/api-tests/ff/ipc/test_i003/source.mk b/api-tests/ff/ipc/test_i003/source.mk
deleted file mode 100644
index 1ae4cf6e..00000000
--- a/api-tests/ff/ipc/test_i003/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i003.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i003.c test_supp_i003.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i049/source.mk b/api-tests/ff/ipc/test_i003/test.cmake
similarity index 70%
rename from api-tests/ff/ipc/test_i049/source.mk
rename to api-tests/ff/ipc/test_i003/test.cmake
index 6d6a3f4a..aaa5d986 100644
--- a/api-tests/ff/ipc/test_i049/source.mk
+++ b/api-tests/ff/ipc/test_i003/test.cmake
@@ -1,3 +1,4 @@
+#/** @file
# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
@@ -14,12 +15,18 @@
# * limitations under the License.
#**/
-CC_SOURCE = test_entry.c test_i049.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
+list(APPEND CC_SOURCE
+ test_entry_i003.c
+ test_i003.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
-CC_SOURCE_SPE = test_i049.c test_supp_i049.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
+list(APPEND CC_SOURCE_SPE
+ test_i003.c
+ test_supp_i003.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i003/test_entry.c b/api-tests/ff/ipc/test_i003/test_entry_i003.c
similarity index 94%
rename from api-tests/ff/ipc/test_i003/test_entry.c
rename to api-tests/ff/ipc/test_i003/test_entry_i003.c
index e5131066..31b8aca6 100644
--- a/api-tests/ff/ipc/test_i003/test_entry.c
+++ b/api-tests/ff/ipc/test_i003/test_entry_i003.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -34,7 +34,7 @@ void test_entry(val_api_t *val_api, psa_api_t *psa_api)
psa = psa_api;
/* test init */
- val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/ff/ipc/test_i003/test_i003.c b/api-tests/ff/ipc/test_i003/test_i003.c
index a6ac294c..d151442b 100644
--- a/api-tests/ff/ipc/test_i003/test_i003.c
+++ b/api-tests/ff/ipc/test_i003/test_i003.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -37,7 +37,7 @@ client_test_t test_i003_client_tests_list[] = {
NULL,
};
-int32_t client_test_zero_length_invec(security_t caller)
+int32_t client_test_zero_length_invec(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -45,7 +45,9 @@ int32_t client_test_zero_length_invec(security_t caller)
val->print(PRINT_TEST, "[Check 1] Test zero length invec\n", 0);
- if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ if (val->ipc_connect(SERVER_UNSPECIFED_VERSION_SID,
+ SERVER_UNSPECIFED_VERSION_VERSION,
+ &handle))
{
return VAL_STATUS_CONNECTION_FAILED;
}
@@ -63,7 +65,7 @@ int32_t client_test_zero_length_invec(security_t caller)
*/
psa_outvec resp[1] = {{&data[2], sizeof(data[2])}};
- status = psa->call(handle, data1, 3, resp, 1);
+ status = psa->call(handle, PSA_IPC_CALL, data1, 3, resp, 1);
if (status < 0)
{
@@ -91,7 +93,7 @@ int32_t client_test_zero_length_invec(security_t caller)
return status;
}
-int32_t client_test_zero_length_outvec(security_t caller)
+int32_t client_test_zero_length_outvec(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -99,7 +101,9 @@ int32_t client_test_zero_length_outvec(security_t caller)
val->print(PRINT_TEST, "[Check 2] Test zero length outvec\n", 0);
- if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ if (val->ipc_connect(SERVER_UNSPECIFED_VERSION_SID,
+ SERVER_UNSPECIFED_VERSION_VERSION,
+ &handle))
{
return VAL_STATUS_CONNECTION_FAILED;
}
@@ -118,7 +122,7 @@ int32_t client_test_zero_length_outvec(security_t caller)
{NULL, 0},
{&data[2], sizeof(data[2])}};
- status = psa->call(handle, data1, 1, resp, 3);
+ status = psa->call(handle, PSA_IPC_CALL, data1, 1, resp, 3);
if (status < 0)
{
status = VAL_STATUS_CALL_FAILED;
@@ -147,7 +151,7 @@ int32_t client_test_zero_length_outvec(security_t caller)
return status;
}
-int32_t client_test_call_read_and_skip(security_t caller)
+int32_t client_test_call_read_and_skip(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
int data1[2] = {0xaa, 0xbb};
@@ -155,9 +159,11 @@ int32_t client_test_call_read_and_skip(security_t caller)
uint64_t data3 = 0x1020304050607080;
psa_handle_t handle = 0;
- val->print(PRINT_TEST, "[Check 3] Test psa_write, psa_read and psa_skip\n", 0);
+ val->print(PRINT_TEST, "[Check 3] Test psa_call, psa_read and psa_skip\n", 0);
- if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ if (val->ipc_connect(SERVER_UNSPECIFED_VERSION_SID,
+ SERVER_UNSPECIFED_VERSION_VERSION,
+ &handle))
{
return VAL_STATUS_CONNECTION_FAILED;
}
@@ -171,7 +177,7 @@ int32_t client_test_call_read_and_skip(security_t caller)
{&data2, sizeof(data2)},
{&data3, sizeof(data3)}};
- status = psa->call(handle, data, 4, NULL, 0);
+ status = psa->call(handle, PSA_IPC_CALL, data, 4, NULL, 0);
if (status < 0)
{
val->print(PRINT_ERROR, "\tpsa_call failed. status=%x\n",status);
@@ -182,7 +188,7 @@ int32_t client_test_call_read_and_skip(security_t caller)
return status;
}
-int32_t client_test_call_and_write(security_t caller)
+int32_t client_test_call_and_write(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
int data[4] = {0}, expected_data[4] = {0xaa, 0xbb, 0xcc, 0xeedd}, i;
@@ -194,7 +200,9 @@ int32_t client_test_call_and_write(security_t caller)
val->print(PRINT_TEST, "[Check 4] Test psa_call and psa_write\n", 0);
- if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ if (val->ipc_connect(SERVER_UNSPECIFED_VERSION_SID,
+ SERVER_UNSPECIFED_VERSION_VERSION,
+ &handle))
{
return VAL_STATUS_CONNECTION_FAILED;
}
@@ -208,7 +216,7 @@ int32_t client_test_call_and_write(security_t caller)
{&data[2], sizeof(data[2])},
{&data[3], sizeof(data[3])}};
- status = psa->call(handle, NULL, 0, resp, 4);
+ status = psa->call(handle, PSA_IPC_CALL, NULL, 0, resp, 4);
if (status < 0)
{
status = VAL_STATUS_CALL_FAILED;
@@ -242,7 +250,7 @@ int32_t client_test_call_and_write(security_t caller)
return status;
}
-int32_t client_test_psa_set_rhandle(security_t caller)
+int32_t client_test_psa_set_rhandle(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -250,18 +258,21 @@ int32_t client_test_psa_set_rhandle(security_t caller)
val->print(PRINT_TEST, "[Check 5] Test psa_set_rhandle API\n", 0);
- /*rhandle value check when PSA_IPC_CONNECT */
- if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ /* rhandle value check when PSA_IPC_CONNECT */
+ if (val->ipc_connect(SERVER_UNSPECIFED_VERSION_SID,
+ SERVER_UNSPECIFED_VERSION_VERSION,
+ &handle))
{
return VAL_STATUS_CONNECTION_FAILED;
}
for (i = 0; i < 3; i++)
{
- /*i=0: rhandle value check when PSA_IPC_CALL */
- /*i=1: rhandle value check after calling psa_set_rhandle() */
- /*i:2: rhandle value check after resetting rhandle to other value */
- status = psa->call(handle, NULL, 0, NULL, 0);
+ /* i=0: rhandle value check when PSA_IPC_CALL
+ * i=1: rhandle value check after calling psa_set_rhandle()
+ * i:2: rhandle value check after resetting rhandle to other value
+ */
+ status = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
if (status < 0)
{
val->print(PRINT_ERROR, "psa_call failed. status=%x\n", status);
@@ -275,7 +286,7 @@ int32_t client_test_psa_set_rhandle(security_t caller)
return status;
}
-int32_t client_test_overlapping_vectors(security_t caller)
+int32_t client_test_overlapping_vectors(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -283,7 +294,9 @@ int32_t client_test_overlapping_vectors(security_t caller)
val->print(PRINT_TEST, "[Check 6] Test overlapping vectors\n", 0);
- if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ if (val->ipc_connect(SERVER_UNSPECIFED_VERSION_SID,
+ SERVER_UNSPECIFED_VERSION_VERSION,
+ &handle))
{
return VAL_STATUS_CONNECTION_FAILED;
}
@@ -304,7 +317,7 @@ int32_t client_test_overlapping_vectors(security_t caller)
psa_outvec outvec[2] = {{&data, sizeof(data)},
{&data, sizeof(data)}};
- status = psa->call(handle, invec, 1, outvec, 2);
+ status = psa->call(handle, PSA_IPC_CALL, invec, 1, outvec, 2);
if (status < 0)
{
diff --git a/api-tests/ff/ipc/test_i003/test_i003.h b/api-tests/ff/ipc/test_i003/test_i003.h
index b83b219b..1d0971b1 100644
--- a/api-tests/ff/ipc/test_i003/test_i003.h
+++ b/api-tests/ff/ipc/test_i003/test_i003.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i003)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i003)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,10 +33,10 @@ extern psa_api_t *psa;
extern client_test_t test_i003_client_tests_list[];
-int32_t client_test_psa_set_rhandle(security_t);
-int32_t client_test_call_read_and_skip(security_t);
-int32_t client_test_call_and_write(security_t);
-int32_t client_test_zero_length_invec(security_t);
-int32_t client_test_zero_length_outvec(security_t);
-int32_t client_test_overlapping_vectors(security_t);
+int32_t client_test_psa_set_rhandle(caller_security_t);
+int32_t client_test_call_read_and_skip(caller_security_t);
+int32_t client_test_call_and_write(caller_security_t);
+int32_t client_test_zero_length_invec(caller_security_t);
+int32_t client_test_zero_length_outvec(caller_security_t);
+int32_t client_test_overlapping_vectors(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i003/test_supp_i003.c b/api-tests/ff/ipc/test_i003/test_supp_i003.c
index eddefced..1043aa70 100644
--- a/api-tests/ff/ipc/test_i003/test_supp_i003.c
+++ b/api-tests/ff/ipc/test_i003/test_supp_i003.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -56,7 +56,7 @@ static void exit_graceful(psa_handle_t msg_handle, int status_code,
*/
psa->reply(msg_handle, status_code);
- if (val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
val->print(PRINT_ERROR, "\tdisconnect failed in exit_graceful func\n", 0);
}
@@ -69,14 +69,14 @@ int32_t server_test_zero_length_invec(void)
psa_msg_t msg = {0};
int data[5] = {0}, actual_data = 0x22;
- if (val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return VAL_STATUS_CONNECTION_FAILED;
}
psa->reply(msg.handle, PSA_SUCCESS);
- if (val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
exit_graceful(msg.handle, -2, 0, 0, 0);
return VAL_STATUS_CALL_FAILED;
@@ -116,7 +116,7 @@ int32_t server_test_zero_length_invec(void)
psa->write(msg.handle, 0, &data[2], msg.out_size[0]);
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
@@ -127,14 +127,14 @@ int32_t server_test_zero_length_outvec(void)
psa_msg_t msg={0};
int data[5] ={0}, actual_data=0x11;
- if (val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return VAL_STATUS_CONNECTION_FAILED;
}
psa->reply(msg.handle, PSA_SUCCESS);
- if (val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
exit_graceful(msg.handle, -2, 0, 0, 0);
return VAL_STATUS_CALL_FAILED;
@@ -176,7 +176,7 @@ int32_t server_test_zero_length_outvec(void)
psa->write(msg.handle, 2, &data[0], msg.out_size[0]);
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
@@ -189,14 +189,14 @@ int32_t server_test_call_read_and_skip(void)
actual_data[4] = {0}, i;
psa_msg_t msg = {0};
- if (val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return VAL_STATUS_CONNECTION_FAILED;
}
psa->reply(msg.handle, PSA_SUCCESS);
- if (val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
exit_graceful(msg.handle, -2, 0, 0, 0);
return VAL_STATUS_CALL_FAILED;
@@ -332,7 +332,7 @@ int32_t server_test_call_read_and_skip(void)
}
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
@@ -343,14 +343,14 @@ int32_t server_test_call_and_write(void)
int data[5] = {0xaa, 0xbb, 0xcc, 0xdd, 0xee}, i;
psa_msg_t msg = {0};
- if (val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return VAL_STATUS_CONNECTION_FAILED;
}
psa->reply(msg.handle, PSA_SUCCESS);
- if (val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ if (val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
{
exit_graceful(msg.handle, -2, 0, 0, 0);
return VAL_STATUS_CALL_FAILED;
@@ -391,7 +391,7 @@ int32_t server_test_call_and_write(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
}
@@ -403,7 +403,7 @@ int32_t server_test_psa_set_rhandle(void)
int num;
/*rhandle value check when PSA_IPC_CONNECT */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (msg.rhandle != NULL)
{
status = VAL_STATUS_INVALID_HANDLE;
@@ -417,7 +417,7 @@ int32_t server_test_psa_set_rhandle(void)
/*rhandle value check when PSA_IPC_CALL */
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (msg.rhandle != NULL)
{
status = VAL_STATUS_INVALID_HANDLE;
@@ -433,7 +433,7 @@ int32_t server_test_psa_set_rhandle(void)
psa->set_rhandle(msg.handle, &num);
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (*(int *)(msg.rhandle) != num)
{
status = VAL_STATUS_INVALID_HANDLE;
@@ -452,7 +452,7 @@ int32_t server_test_psa_set_rhandle(void)
psa->set_rhandle(msg.handle, &num);
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (*(int *)(msg.rhandle) != num)
{
status = VAL_STATUS_INVALID_HANDLE;
@@ -465,7 +465,7 @@ int32_t server_test_psa_set_rhandle(void)
psa->reply(msg.handle, PSA_SUCCESS);
/* rhandle should retain the value at PSA_IPC_DISCONNECT too */
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (*(int *)(msg.rhandle) != num)
{
status = VAL_STATUS_INVALID_HANDLE;
@@ -490,7 +490,7 @@ int32_t server_test_overlapping_vectors(void)
rd_data[] = {0x0, 0x0},
expected_data[] = {0x11, 0x22};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(207), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -498,7 +498,7 @@ int32_t server_test_overlapping_vectors(void)
}
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(208), status))
{
exit_graceful(msg.handle, -1, 0, 0, 0);
@@ -521,7 +521,7 @@ int32_t server_test_overlapping_vectors(void)
psa->write(msg.handle, 1, &wr_data[1], 1);
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
val->err_check_set(TEST_CHECKPOINT_NUM(209), status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i004/source.mk b/api-tests/ff/ipc/test_i004/source.mk
deleted file mode 100644
index 5aa9dc65..00000000
--- a/api-tests/ff/ipc/test_i004/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i004.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i004.c test_supp_i004.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i050/source.mk b/api-tests/ff/ipc/test_i004/test.cmake
similarity index 70%
rename from api-tests/ff/ipc/test_i050/source.mk
rename to api-tests/ff/ipc/test_i004/test.cmake
index 790c1ccd..4ec996ed 100644
--- a/api-tests/ff/ipc/test_i050/source.mk
+++ b/api-tests/ff/ipc/test_i004/test.cmake
@@ -1,3 +1,4 @@
+#/** @file
# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
@@ -14,12 +15,18 @@
# * limitations under the License.
#**/
-CC_SOURCE = test_entry.c test_i050.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
+list(APPEND CC_SOURCE
+ test_entry_i004.c
+ test_i004.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
-CC_SOURCE_SPE = test_i050.c test_supp_i050.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
+list(APPEND CC_SOURCE_SPE
+ test_i004.c
+ test_supp_i004.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i004/test_entry.c b/api-tests/ff/ipc/test_i004/test_entry_i004.c
similarity index 100%
rename from api-tests/ff/ipc/test_i004/test_entry.c
rename to api-tests/ff/ipc/test_i004/test_entry_i004.c
diff --git a/api-tests/ff/ipc/test_i004/test_i004.c b/api-tests/ff/ipc/test_i004/test_i004.c
index 7f19bab2..4c003d8d 100644
--- a/api-tests/ff/ipc/test_i004/test_i004.c
+++ b/api-tests/ff/ipc/test_i004/test_i004.c
@@ -31,7 +31,7 @@ client_test_t test_i004_client_tests_list[] = {
NULL,
};
-int32_t client_test_sid_does_not_exists(security_t caller)
+int32_t client_test_sid_does_not_exists(caller_security_t caller)
{
psa_handle_t handle = 0;
boot_state_t boot_state;
@@ -61,7 +61,7 @@ int32_t client_test_sid_does_not_exists(security_t caller)
*/
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -76,7 +76,7 @@ int32_t client_test_sid_does_not_exists(security_t caller)
* a PROGRAMMER ERROR will panic or return PSA_ERROR_CONNECTION_REFUSED.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && handle == PSA_ERROR_CONNECTION_REFUSED)
+ if (caller == CALLER_NONSECURE && handle == PSA_ERROR_CONNECTION_REFUSED)
{
return VAL_STATUS_SUCCESS;
}
@@ -91,7 +91,7 @@ int32_t client_test_sid_does_not_exists(security_t caller)
return VAL_STATUS_ERROR;
}
- if (handle > 0)
+ if (PSA_HANDLE_IS_VALID(handle))
{
psa->close(handle);
}
diff --git a/api-tests/ff/ipc/test_i004/test_i004.h b/api-tests/ff/ipc/test_i004/test_i004.h
index fe07c10d..4edf8ea8 100644
--- a/api-tests/ff/ipc/test_i004/test_i004.h
+++ b/api-tests/ff/ipc/test_i004/test_i004.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i004)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i004)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i004_client_tests_list[];
-int32_t client_test_sid_does_not_exists(security_t);
+int32_t client_test_sid_does_not_exists(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i004/test_supp_i004.c b/api-tests/ff/ipc/test_i004/test_supp_i004.c
index c0f484a9..f769fc95 100644
--- a/api-tests/ff/ipc/test_i004/test_supp_i004.c
+++ b/api-tests/ff/ipc/test_i004/test_supp_i004.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i005/source.mk b/api-tests/ff/ipc/test_i005/source.mk
deleted file mode 100644
index df8fee02..00000000
--- a/api-tests/ff/ipc/test_i005/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i005.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i005.c test_supp_i005.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i005/test.cmake b/api-tests/ff/ipc/test_i005/test.cmake
new file mode 100644
index 00000000..68c51c56
--- /dev/null
+++ b/api-tests/ff/ipc/test_i005/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i005.c
+ test_i005.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i005.c
+ test_supp_i005.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i005/test_entry.c b/api-tests/ff/ipc/test_i005/test_entry_i005.c
similarity index 92%
rename from api-tests/ff/ipc/test_i005/test_entry.c
rename to api-tests/ff/ipc/test_i005/test_entry_i005.c
index e0e22955..099d5905 100644
--- a/api-tests/ff/ipc/test_i005/test_entry.c
+++ b/api-tests/ff/ipc/test_i005/test_entry_i005.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_i005.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 5)
-#define TEST_DESC "Testing STRICT policy with higher minor version\n"
+#define TEST_DESC "Testing STRICT policy with higher version\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/ff/ipc/test_i005/test_i005.c b/api-tests/ff/ipc/test_i005/test_i005.c
index 2b1d22f1..db596735 100644
--- a/api-tests/ff/ipc/test_i005/test_i005.c
+++ b/api-tests/ff/ipc/test_i005/test_i005.c
@@ -27,16 +27,16 @@
client_test_t test_i005_client_tests_list[] = {
NULL,
- client_test_strict_policy_higher_minor_version,
+ client_test_strict_policy_higher_version,
NULL,
};
-int32_t client_test_strict_policy_higher_minor_version(security_t caller)
+int32_t client_test_strict_policy_higher_version(caller_security_t caller)
{
psa_handle_t handle = 0;
boot_state_t boot_state;
- val->print(PRINT_TEST, "[Check 1] Test STRICT policy with higher minor version\n", 0);
+ val->print(PRINT_TEST, "[Check 1] Test STRICT policy with higher version\n", 0);
/*
* This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
@@ -61,7 +61,7 @@ int32_t client_test_strict_policy_higher_minor_version(security_t caller)
*/
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -71,21 +71,21 @@ int32_t client_test_strict_policy_higher_minor_version(security_t caller)
/* Test check- Version policy is strict and requested version is bigger than
* the minimum version.
*/
- handle = psa->connect(SERVER_STRICT_MINOR_VERSION_SID, 3);
+ handle = psa->connect(SERVER_STRICT_VERSION_SID, SERVER_STRICT_VERSION_VERSION + 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
* a PROGRAMMER ERROR will panic or return PSA_ERROR_CONNECTION_REFUSED.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && handle == PSA_ERROR_CONNECTION_REFUSED)
+ if (caller == CALLER_NONSECURE && handle == PSA_ERROR_CONNECTION_REFUSED)
{
return VAL_STATUS_SUCCESS;
}
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
val->print(PRINT_ERROR,
- "\tSTRICT policy with higher minor version should have failed but succeeded\n", 0);
+ "\tSTRICT policy with higher version should have failed but succeeded\n", 0);
/* Resetting boot.state to catch unwanted reboot */
if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
diff --git a/api-tests/ff/ipc/test_i005/test_i005.h b/api-tests/ff/ipc/test_i005/test_i005.h
index 59310490..2aca795e 100644
--- a/api-tests/ff/ipc/test_i005/test_i005.h
+++ b/api-tests/ff/ipc/test_i005/test_i005.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i005)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i005)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i005_client_tests_list[];
-int32_t client_test_strict_policy_higher_minor_version(security_t);
+int32_t client_test_strict_policy_higher_version(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i005/test_supp_i005.c b/api-tests/ff/ipc/test_i005/test_supp_i005.c
index 7e819f81..6c9526c3 100644
--- a/api-tests/ff/ipc/test_i005/test_supp_i005.c
+++ b/api-tests/ff/ipc/test_i005/test_supp_i005.c
@@ -18,26 +18,26 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
-int32_t server_test_strict_policy_higher_minor_version(void);
+int32_t server_test_strict_policy_higher_version(void);
server_test_t test_i005_server_tests_list[] = {
NULL,
- server_test_strict_policy_higher_minor_version,
+ server_test_strict_policy_higher_version,
NULL,
};
-int32_t server_test_strict_policy_higher_minor_version(void)
+int32_t server_test_strict_policy_higher_version(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
val->err_check_set(TEST_CHECKPOINT_NUM(201), status);
- status = val->process_connect_request(SERVER_STRICT_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_STRICT_VERSION_SIGNAL, &msg);
/* Shouldn't have reached here */
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
diff --git a/api-tests/ff/ipc/test_i006/source.mk b/api-tests/ff/ipc/test_i006/source.mk
deleted file mode 100644
index ab4daa67..00000000
--- a/api-tests/ff/ipc/test_i006/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i006.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i006.c test_supp_i006.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i006/test.cmake b/api-tests/ff/ipc/test_i006/test.cmake
new file mode 100644
index 00000000..96c034c3
--- /dev/null
+++ b/api-tests/ff/ipc/test_i006/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i006.c
+ test_i006.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i006.c
+ test_supp_i006.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i006/test_entry.c b/api-tests/ff/ipc/test_i006/test_entry_i006.c
similarity index 92%
rename from api-tests/ff/ipc/test_i006/test_entry.c
rename to api-tests/ff/ipc/test_i006/test_entry_i006.c
index 2c83556a..13f0b7d8 100644
--- a/api-tests/ff/ipc/test_i006/test_entry.c
+++ b/api-tests/ff/ipc/test_i006/test_entry_i006.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_i006.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 6)
-#define TEST_DESC "Testing STRICT policy with lower minor version\n"
+#define TEST_DESC "Testing STRICT policy with lower version\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/ff/ipc/test_i006/test_i006.c b/api-tests/ff/ipc/test_i006/test_i006.c
index 3f1f6eb8..7ee0832b 100644
--- a/api-tests/ff/ipc/test_i006/test_i006.c
+++ b/api-tests/ff/ipc/test_i006/test_i006.c
@@ -27,16 +27,16 @@
client_test_t test_i006_client_tests_list[] = {
NULL,
- client_test_strict_policy_lower_minor_version,
+ client_test_strict_policy_lower_version,
NULL,
};
-int32_t client_test_strict_policy_lower_minor_version(security_t caller)
+int32_t client_test_strict_policy_lower_version(caller_security_t caller)
{
psa_handle_t handle = 0;
boot_state_t boot_state;
- val->print(PRINT_TEST, "[Check 1] Test STRICT policy with lower minor version\n", 0);
+ val->print(PRINT_TEST, "[Check 1] Test STRICT policy with lower version\n", 0);
/*
* This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
@@ -61,7 +61,7 @@ int32_t client_test_strict_policy_lower_minor_version(security_t caller)
*/
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -69,21 +69,21 @@ int32_t client_test_strict_policy_lower_minor_version(security_t caller)
}
/* Version policy is strict and requested version is smaller than the minimum version */
- handle = psa->connect(SERVER_STRICT_MINOR_VERSION_SID, 1);
+ handle = psa->connect(SERVER_STRICT_VERSION_SID, SERVER_STRICT_VERSION_VERSION - 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
* a PROGRAMMER ERROR will panic or return PSA_ERROR_CONNECTION_REFUSED.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && handle == PSA_ERROR_CONNECTION_REFUSED)
+ if (caller == CALLER_NONSECURE && handle == PSA_ERROR_CONNECTION_REFUSED)
{
return VAL_STATUS_SUCCESS;
}
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
val->print(PRINT_ERROR,
- "\tSTRICT policy with lower minor version should have failed but succeeded\n", 0);
+ "\tSTRICT policy with lower version should have failed but succeeded\n", 0);
/* Resetting boot.state to catch unwanted reboot */
if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
diff --git a/api-tests/ff/ipc/test_i006/test_i006.h b/api-tests/ff/ipc/test_i006/test_i006.h
index 62d5a4cb..c3ba7c7e 100644
--- a/api-tests/ff/ipc/test_i006/test_i006.h
+++ b/api-tests/ff/ipc/test_i006/test_i006.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i006)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i006)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i006_client_tests_list[];
-int32_t client_test_strict_policy_lower_minor_version(security_t);
+int32_t client_test_strict_policy_lower_version(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i006/test_supp_i006.c b/api-tests/ff/ipc/test_i006/test_supp_i006.c
index 7831d065..23ced7e5 100644
--- a/api-tests/ff/ipc/test_i006/test_supp_i006.c
+++ b/api-tests/ff/ipc/test_i006/test_supp_i006.c
@@ -18,26 +18,26 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
-int32_t server_test_strict_policy_lower_minor_version(void);
+int32_t server_test_strict_policy_lower_version(void);
server_test_t test_i006_server_tests_list[] = {
NULL,
- server_test_strict_policy_lower_minor_version,
+ server_test_strict_policy_lower_version,
NULL,
};
-int32_t server_test_strict_policy_lower_minor_version(void)
+int32_t server_test_strict_policy_lower_version(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
val->err_check_set(TEST_CHECKPOINT_NUM(201), status);
- status = val->process_connect_request(SERVER_STRICT_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_STRICT_VERSION_SIGNAL, &msg);
/* Shouldn't have reached here */
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
diff --git a/api-tests/ff/ipc/test_i007/source.mk b/api-tests/ff/ipc/test_i007/source.mk
deleted file mode 100644
index 4a412049..00000000
--- a/api-tests/ff/ipc/test_i007/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i007.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i007.c test_supp_i007.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i007/test.cmake b/api-tests/ff/ipc/test_i007/test.cmake
new file mode 100644
index 00000000..f000d65d
--- /dev/null
+++ b/api-tests/ff/ipc/test_i007/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i007.c
+ test_i007.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i007.c
+ test_supp_i007.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i007/test_entry.c b/api-tests/ff/ipc/test_i007/test_entry_i007.c
similarity index 92%
rename from api-tests/ff/ipc/test_i007/test_entry.c
rename to api-tests/ff/ipc/test_i007/test_entry_i007.c
index ddfe3cdd..86ea3520 100644
--- a/api-tests/ff/ipc/test_i007/test_entry.c
+++ b/api-tests/ff/ipc/test_i007/test_entry_i007.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_i007.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 7)
-#define TEST_DESC "Testing RELAX policy with higher minor version\n"
+#define TEST_DESC "Testing RELAX policy with higher version\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/ff/ipc/test_i007/test_i007.c b/api-tests/ff/ipc/test_i007/test_i007.c
index c90dffca..cbbbee5b 100644
--- a/api-tests/ff/ipc/test_i007/test_i007.c
+++ b/api-tests/ff/ipc/test_i007/test_i007.c
@@ -27,16 +27,16 @@
client_test_t test_i007_client_tests_list[] = {
NULL,
- client_test_relax_policy_higher_minor_version,
+ client_test_relax_policy_higher_version,
NULL,
};
-int32_t client_test_relax_policy_higher_minor_version(security_t caller)
+int32_t client_test_relax_policy_higher_version(caller_security_t caller)
{
psa_handle_t handle = 0;
boot_state_t boot_state;
- val->print(PRINT_TEST, "[Check 1] Test RELAX policy with higher minor version\n", 0);
+ val->print(PRINT_TEST, "[Check 1] Test RELAX policy with higher version\n", 0);
/*
* This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
@@ -61,7 +61,7 @@ int32_t client_test_relax_policy_higher_minor_version(security_t caller)
*/
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -69,21 +69,21 @@ int32_t client_test_relax_policy_higher_minor_version(security_t caller)
}
/* Version policy is relaxed and requested version is higher than the minimum version */
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 3);
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION + 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
* a PROGRAMMER ERROR will panic or return PSA_ERROR_CONNECTION_REFUSED.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && handle == PSA_ERROR_CONNECTION_REFUSED)
+ if (caller == CALLER_NONSECURE && handle == PSA_ERROR_CONNECTION_REFUSED)
{
return VAL_STATUS_SUCCESS;
}
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
val->print(PRINT_ERROR,
- "\tRELAXED policy with higher minor version should have failed but succeeded\n", 0);
+ "\tRELAXED policy with higher version should have failed but succeeded\n", 0);
/* Resetting boot.state to catch unwanted reboot */
if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
diff --git a/api-tests/ff/ipc/test_i007/test_i007.h b/api-tests/ff/ipc/test_i007/test_i007.h
index 26908fb8..7929b3a5 100644
--- a/api-tests/ff/ipc/test_i007/test_i007.h
+++ b/api-tests/ff/ipc/test_i007/test_i007.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i007)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i007)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i007_client_tests_list[];
-int32_t client_test_relax_policy_higher_minor_version(security_t);
+int32_t client_test_relax_policy_higher_version(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i007/test_supp_i007.c b/api-tests/ff/ipc/test_i007/test_supp_i007.c
index e20d4254..96a200e9 100644
--- a/api-tests/ff/ipc/test_i007/test_supp_i007.c
+++ b/api-tests/ff/ipc/test_i007/test_supp_i007.c
@@ -18,26 +18,26 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
-int32_t server_test_relax_policy_higher_minor_version(void);
+int32_t server_test_relax_policy_higher_version(void);
server_test_t test_i007_server_tests_list[] = {
NULL,
- server_test_relax_policy_higher_minor_version,
+ server_test_relax_policy_higher_version,
NULL,
};
-int32_t server_test_relax_policy_higher_minor_version(void)
+int32_t server_test_relax_policy_higher_version(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
val->err_check_set(TEST_CHECKPOINT_NUM(201), status);
- status = val->process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
/* Shouldn't have reached here */
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
diff --git a/api-tests/ff/ipc/test_i008/source.mk b/api-tests/ff/ipc/test_i008/source.mk
deleted file mode 100644
index 776583bd..00000000
--- a/api-tests/ff/ipc/test_i008/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i008.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i008.c test_supp_i008.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i008/test.cmake b/api-tests/ff/ipc/test_i008/test.cmake
new file mode 100644
index 00000000..7ed1bf52
--- /dev/null
+++ b/api-tests/ff/ipc/test_i008/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i008.c
+ test_i008.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i008.c
+ test_supp_i008.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i008/test_entry.c b/api-tests/ff/ipc/test_i008/test_entry_i008.c
similarity index 100%
rename from api-tests/ff/ipc/test_i008/test_entry.c
rename to api-tests/ff/ipc/test_i008/test_entry_i008.c
diff --git a/api-tests/ff/ipc/test_i008/test_i008.c b/api-tests/ff/ipc/test_i008/test_i008.c
index 785026e7..d13a4b37 100644
--- a/api-tests/ff/ipc/test_i008/test_i008.c
+++ b/api-tests/ff/ipc/test_i008/test_i008.c
@@ -31,7 +31,7 @@ client_test_t test_i008_client_tests_list[] = {
NULL,
};
-int32_t client_test_secure_access_only_connection(security_t caller)
+int32_t client_test_secure_access_only_connection(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -61,7 +61,7 @@ int32_t client_test_secure_access_only_connection(security_t caller)
*/
/* Setting boot.state before test check for NS */
- if (caller == NONSECURE)
+ if (caller == CALLER_NONSECURE)
{
status = val->set_boot_flag(BOOT_EXPECTED_NS);
}
@@ -75,9 +75,9 @@ int32_t client_test_secure_access_only_connection(security_t caller)
* It is PROGRAMMER ERROR to connect to secure only access service from nspe.
* Whereas call should succeed if called from spe.
*/
- handle = psa->connect(SERVER_SECURE_CONNECT_ONLY_SID, 1);
+ handle = psa->connect(SERVER_SECURE_CONNECT_ONLY_SID, SERVER_SECURE_CONNECT_ONLY_VERSION);
- if (caller == NONSECURE)
+ if (caller == CALLER_NONSECURE)
{
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
@@ -101,7 +101,7 @@ int32_t client_test_secure_access_only_connection(security_t caller)
}
/* Should return positive handle for SPE connection */
- if (handle > 0)
+ if (PSA_HANDLE_IS_VALID(handle))
{
psa->close(handle);
}
diff --git a/api-tests/ff/ipc/test_i008/test_i008.h b/api-tests/ff/ipc/test_i008/test_i008.h
index be6cc9f7..ee762edc 100644
--- a/api-tests/ff/ipc/test_i008/test_i008.h
+++ b/api-tests/ff/ipc/test_i008/test_i008.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i008)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i008)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i008_client_tests_list[];
-int32_t client_test_secure_access_only_connection(security_t);
+int32_t client_test_secure_access_only_connection(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i008/test_supp_i008.c b/api-tests/ff/ipc/test_i008/test_supp_i008.c
index 22868d3e..df13c4c5 100644
--- a/api-tests/ff/ipc/test_i008/test_supp_i008.c
+++ b/api-tests/ff/ipc/test_i008/test_supp_i008.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@ int32_t server_test_secure_access_only_connection(void)
psa_msg_t msg = {0};
val->err_check_set(TEST_CHECKPOINT_NUM(201), status);
- status = val->process_connect_request(SERVER_SECURE_CONNECT_ONLY_SIG, &msg);
+ status = val->process_connect_request(SERVER_SECURE_CONNECT_ONLY_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -63,7 +63,7 @@ int32_t server_test_secure_access_only_connection(void)
psa->reply(msg.handle, PSA_SUCCESS);
}
- status = val->process_disconnect_request(SERVER_SECURE_CONNECT_ONLY_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_SECURE_CONNECT_ONLY_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
return status;
diff --git a/api-tests/ff/ipc/test_i009/source.mk b/api-tests/ff/ipc/test_i009/source.mk
deleted file mode 100644
index 49ce1873..00000000
--- a/api-tests/ff/ipc/test_i009/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i009.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i009.c test_supp_i009.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i009/test.cmake b/api-tests/ff/ipc/test_i009/test.cmake
new file mode 100644
index 00000000..bad159db
--- /dev/null
+++ b/api-tests/ff/ipc/test_i009/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i009.c
+ test_i009.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i009.c
+ test_supp_i009.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i009/test_entry.c b/api-tests/ff/ipc/test_i009/test_entry_i009.c
similarity index 90%
rename from api-tests/ff/ipc/test_i009/test_entry.c
rename to api-tests/ff/ipc/test_i009/test_entry_i009.c
index 992e9e23..8506ac1b 100644
--- a/api-tests/ff/ipc/test_i009/test_entry.c
+++ b/api-tests/ff/ipc/test_i009/test_entry_i009.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_i009.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 9)
-#define TEST_DESC "Testing unextern SID connection\n"
+#define TEST_DESC "Testing psa_connect with SID unspecified in dependencies\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/ff/ipc/test_i009/test_i009.c b/api-tests/ff/ipc/test_i009/test_i009.c
index 9bb7c5b7..cd530822 100644
--- a/api-tests/ff/ipc/test_i009/test_i009.c
+++ b/api-tests/ff/ipc/test_i009/test_i009.c
@@ -27,15 +27,15 @@
client_test_t test_i009_client_tests_list[] = {
NULL,
- client_test_unextern_sid_connection,
+ client_test_unspecified_dependent_sid,
NULL,
};
-int32_t client_test_unextern_sid_connection(security_t caller)
+int32_t client_test_unspecified_dependent_sid(caller_security_t caller)
{
psa_handle_t handle = 0;
- val->print(PRINT_TEST, "[Check 1] Test unextern SID connection\n", 0);
+ val->print(PRINT_TEST, "[Check 1] Test psa_connect with SID unspecified in dependencies\n", 0);
/*
* This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
@@ -70,7 +70,7 @@ int32_t client_test_unextern_sid_connection(security_t caller)
* If access between a client Secure Partition and an RoT Service is not specified in
* the manifest, then the client is not allowed to connect to the RoT Service.
*/
- handle = psa->connect(SERVER_UNEXTERN_SID, 2);
+ handle = psa->connect(SERVER_UNEXTERN_SID, SERVER_UNEXTERN_VERSION);
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
val->print(PRINT_ERROR, "\tunextern SID connection should have failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i009/test_i009.h b/api-tests/ff/ipc/test_i009/test_i009.h
index b8cbc538..35d7e152 100644
--- a/api-tests/ff/ipc/test_i009/test_i009.h
+++ b/api-tests/ff/ipc/test_i009/test_i009.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i009)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i009)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i009_client_tests_list[];
-int32_t client_test_unextern_sid_connection(security_t);
+int32_t client_test_unspecified_dependent_sid(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i009/test_supp_i009.c b/api-tests/ff/ipc/test_i009/test_supp_i009.c
index a0f1ccaa..c6711bc3 100644
--- a/api-tests/ff/ipc/test_i009/test_supp_i009.c
+++ b/api-tests/ff/ipc/test_i009/test_supp_i009.c
@@ -18,26 +18,26 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
-int32_t server_test_unextern_sid_connection(void);
+int32_t server_test_unspecified_dependent_sid(void);
server_test_t test_i009_server_tests_list[] = {
NULL,
- server_test_unextern_sid_connection,
+ server_test_unspecified_dependent_sid,
NULL,
};
-int32_t server_test_unextern_sid_connection(void)
+int32_t server_test_unspecified_dependent_sid(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
val->err_check_set(TEST_CHECKPOINT_NUM(201), status);
- status = val->process_connect_request(SERVER_UNEXTERN_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNEXTERN_SIGNAL, &msg);
/* Shouldn't have reached here */
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
diff --git a/api-tests/ff/ipc/test_i010/source.mk b/api-tests/ff/ipc/test_i010/source.mk
deleted file mode 100644
index 59040daa..00000000
--- a/api-tests/ff/ipc/test_i010/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i010.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i010.c test_supp_i010.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i010/test.cmake b/api-tests/ff/ipc/test_i010/test.cmake
new file mode 100644
index 00000000..6e57eba6
--- /dev/null
+++ b/api-tests/ff/ipc/test_i010/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i010.c
+ test_i010.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i010.c
+ test_supp_i010.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i010/test_entry.c b/api-tests/ff/ipc/test_i010/test_entry_i010.c
similarity index 91%
rename from api-tests/ff/ipc/test_i010/test_entry.c
rename to api-tests/ff/ipc/test_i010/test_entry_i010.c
index fa42b059..e0e72ef6 100644
--- a/api-tests/ff/ipc/test_i010/test_entry.c
+++ b/api-tests/ff/ipc/test_i010/test_entry_i010.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_i010.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 10)
-#define TEST_DESC "Testing un-specified minor_policy with higher minor version\n"
+#define TEST_DESC "Testing un-specified version_policy with higher version\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/ff/ipc/test_i010/test_i010.c b/api-tests/ff/ipc/test_i010/test_i010.c
index 65b06c10..77233b60 100644
--- a/api-tests/ff/ipc/test_i010/test_i010.c
+++ b/api-tests/ff/ipc/test_i010/test_i010.c
@@ -27,17 +27,17 @@
client_test_t test_i010_client_tests_list[] = {
NULL,
- client_test_unspecified_policy_with_higher_minor_ver,
+ client_test_unspecified_policy_with_higher_version,
NULL,
};
-int32_t client_test_unspecified_policy_with_higher_minor_ver(security_t caller)
+int32_t client_test_unspecified_policy_with_higher_version(caller_security_t caller)
{
psa_handle_t handle = 0;
boot_state_t boot_state;
val->print(PRINT_TEST,
- "[Check 1] Test un-specified minor_policy with higher minor version\n", 0);
+ "[Check 1] Test un-specified version_policy with higher version\n", 0);
/*
* This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
@@ -62,7 +62,7 @@ int32_t client_test_unspecified_policy_with_higher_minor_ver(security_t caller)
*/
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -70,25 +70,25 @@ int32_t client_test_unspecified_policy_with_higher_minor_ver(security_t caller)
}
/*
- * The minor_version and minor_policy attributes do not need to be specified.
+ * The SID version and version_policy attributes do not need to be specified.
* If they are not specified in the manifest, the RoT Service will have
- * default attributes of minor_version=1 and minor_policy="STRICT".
+ * default attributes of version=1 and version_policy="STRICT".
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 3);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION + 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
* a PROGRAMMER ERROR will panic or return PSA_ERROR_CONNECTION_REFUSED.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && handle == PSA_ERROR_CONNECTION_REFUSED)
+ if (caller == CALLER_NONSECURE && handle == PSA_ERROR_CONNECTION_REFUSED)
{
return VAL_STATUS_SUCCESS;
}
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
val->print(PRINT_ERROR,
- "\tun-specified policy with higher minor version should have failed but succeeded\n", 0);
+ "\tun-specified policy with higher version should have failed but succeeded\n", 0);
/* Resetting boot.state to catch unwanted reboot */
if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
diff --git a/api-tests/ff/ipc/test_i010/test_i010.h b/api-tests/ff/ipc/test_i010/test_i010.h
index 7e0eb020..e5dc30d6 100644
--- a/api-tests/ff/ipc/test_i010/test_i010.h
+++ b/api-tests/ff/ipc/test_i010/test_i010.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i010)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i010)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i010_client_tests_list[];
-int32_t client_test_unspecified_policy_with_higher_minor_ver(security_t);
+int32_t client_test_unspecified_policy_with_higher_version(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i010/test_supp_i010.c b/api-tests/ff/ipc/test_i010/test_supp_i010.c
index 6f8ffb8c..0429ea5a 100644
--- a/api-tests/ff/ipc/test_i010/test_supp_i010.c
+++ b/api-tests/ff/ipc/test_i010/test_supp_i010.c
@@ -18,26 +18,26 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
-int32_t server_test_unspecified_policy_with_higher_minor_ver(void);
+int32_t server_test_unspecified_policy_with_higher_version(void);
server_test_t test_i010_server_tests_list[] = {
NULL,
- server_test_unspecified_policy_with_higher_minor_ver,
+ server_test_unspecified_policy_with_higher_version,
NULL,
};
-int32_t server_test_unspecified_policy_with_higher_minor_ver(void)
+int32_t server_test_unspecified_policy_with_higher_version(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
val->err_check_set(TEST_CHECKPOINT_NUM(201), status);
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
/* Shouldn't have reached here */
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
diff --git a/api-tests/ff/ipc/test_i011/source.mk b/api-tests/ff/ipc/test_i011/source.mk
deleted file mode 100644
index 97bf396f..00000000
--- a/api-tests/ff/ipc/test_i011/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i011.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i011.c test_supp_i011.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i011/test.cmake b/api-tests/ff/ipc/test_i011/test.cmake
new file mode 100644
index 00000000..338cce28
--- /dev/null
+++ b/api-tests/ff/ipc/test_i011/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i011.c
+ test_i011.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i011.c
+ test_supp_i011.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i011/test_entry.c b/api-tests/ff/ipc/test_i011/test_entry_i011.c
similarity index 91%
rename from api-tests/ff/ipc/test_i011/test_entry.c
rename to api-tests/ff/ipc/test_i011/test_entry_i011.c
index ef4b6f5a..a1ca9c71 100644
--- a/api-tests/ff/ipc/test_i011/test_entry.c
+++ b/api-tests/ff/ipc/test_i011/test_entry_i011.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,7 +20,7 @@
#include "test_i011.h"
#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 11)
-#define TEST_DESC "Testing un-specified minor_policy with lower minor version\n"
+#define TEST_DESC "Testing un-specified version_policy with lower version\n"
TEST_PUBLISH(TEST_NUM, test_entry);
val_api_t *val = NULL;
psa_api_t *psa = NULL;
diff --git a/api-tests/ff/ipc/test_i011/test_i011.c b/api-tests/ff/ipc/test_i011/test_i011.c
index 82c5e09a..e0996aa9 100644
--- a/api-tests/ff/ipc/test_i011/test_i011.c
+++ b/api-tests/ff/ipc/test_i011/test_i011.c
@@ -27,17 +27,17 @@
client_test_t test_i011_client_tests_list[] = {
NULL,
- client_test_unspecified_policy_with_lower_minor_ver,
+ client_test_unspecified_policy_with_lower_version,
NULL,
};
-int32_t client_test_unspecified_policy_with_lower_minor_ver(security_t caller)
+int32_t client_test_unspecified_policy_with_lower_version(caller_security_t caller)
{
psa_handle_t handle = 0;
boot_state_t boot_state;
val->print(PRINT_TEST,
- "[Check 1] Test un-specified minor_policy with higher minor version\n", 0);
+ "[Check 1] Test un-specified version_policy with higher version\n", 0);
/*
* This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
@@ -62,7 +62,7 @@ int32_t client_test_unspecified_policy_with_lower_minor_ver(security_t caller)
*/
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -70,25 +70,27 @@ int32_t client_test_unspecified_policy_with_lower_minor_ver(security_t caller)
}
/*
- * The minor_version and minor_policy attributes do not need to be specified.
+ * 1. The SID version and version_policy attributes do not need to be specified.
* If they are not specified in the manifest, the RoT Service will have
- * default attributes of minor_version=1 and minor_policy="STRICT".
+ * default attributes of version=1 and version_policy="STRICT".
+ *
+ * 2. RoT Service version must be non-zero.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 0);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, 0);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
* a PROGRAMMER ERROR will panic or return PSA_ERROR_CONNECTION_REFUSED.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && handle == PSA_ERROR_CONNECTION_REFUSED)
+ if (caller == CALLER_NONSECURE && handle == PSA_ERROR_CONNECTION_REFUSED)
{
return VAL_STATUS_SUCCESS;
}
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
val->print(PRINT_ERROR,
- "\tun-specified policy with lower minor version should have failed but succeeded\n", 0);
+ "\tun-specified policy with lower version should have failed but succeeded\n", 0);
/* Resetting boot.state to catch unwanted reboot */
if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
diff --git a/api-tests/ff/ipc/test_i011/test_i011.h b/api-tests/ff/ipc/test_i011/test_i011.h
index 8b6f7327..db4436d5 100644
--- a/api-tests/ff/ipc/test_i011/test_i011.h
+++ b/api-tests/ff/ipc/test_i011/test_i011.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i011)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i011)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i011_client_tests_list[];
-int32_t client_test_unspecified_policy_with_lower_minor_ver(security_t);
+int32_t client_test_unspecified_policy_with_lower_version(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i011/test_supp_i011.c b/api-tests/ff/ipc/test_i011/test_supp_i011.c
index 87d4a4da..97e05dff 100644
--- a/api-tests/ff/ipc/test_i011/test_supp_i011.c
+++ b/api-tests/ff/ipc/test_i011/test_supp_i011.c
@@ -18,26 +18,26 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
-int32_t server_test_unspecified_policy_with_lower_minor_ver(void);
+int32_t server_test_unspecified_policy_with_lower_version(void);
server_test_t test_i011_server_tests_list[] = {
NULL,
- server_test_unspecified_policy_with_lower_minor_ver,
+ server_test_unspecified_policy_with_lower_version,
NULL,
};
-int32_t server_test_unspecified_policy_with_lower_minor_ver(void)
+int32_t server_test_unspecified_policy_with_lower_version(void)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
val->err_check_set(TEST_CHECKPOINT_NUM(201), status);
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
/* Shouldn't have reached here */
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
diff --git a/api-tests/ff/ipc/test_i012/source.mk b/api-tests/ff/ipc/test_i012/source.mk
deleted file mode 100644
index c0547255..00000000
--- a/api-tests/ff/ipc/test_i012/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i012.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i012.c test_supp_i012.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i012/test.cmake b/api-tests/ff/ipc/test_i012/test.cmake
new file mode 100644
index 00000000..299f8ee1
--- /dev/null
+++ b/api-tests/ff/ipc/test_i012/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i012.c
+ test_i012.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i012.c
+ test_supp_i012.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i012/test_entry.c b/api-tests/ff/ipc/test_i012/test_entry_i012.c
similarity index 100%
rename from api-tests/ff/ipc/test_i012/test_entry.c
rename to api-tests/ff/ipc/test_i012/test_entry_i012.c
diff --git a/api-tests/ff/ipc/test_i012/test_i012.c b/api-tests/ff/ipc/test_i012/test_i012.c
index 9ddb2fa0..0724cedb 100644
--- a/api-tests/ff/ipc/test_i012/test_i012.c
+++ b/api-tests/ff/ipc/test_i012/test_i012.c
@@ -31,7 +31,7 @@ client_test_t test_i012_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_close_with_invalid_handle(security_t caller)
+int32_t client_test_psa_close_with_invalid_handle(caller_security_t caller)
{
boot_state_t boot_state;
@@ -60,7 +60,7 @@ int32_t client_test_psa_close_with_invalid_handle(security_t caller)
*/
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -75,7 +75,7 @@ int32_t client_test_psa_close_with_invalid_handle(security_t caller)
* a PROGRAMMER ERROR will panic or return with no effect.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE)
+ if (caller == CALLER_NONSECURE)
{
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/ff/ipc/test_i012/test_i012.h b/api-tests/ff/ipc/test_i012/test_i012.h
index d7a2776c..c8b269f2 100644
--- a/api-tests/ff/ipc/test_i012/test_i012.h
+++ b/api-tests/ff/ipc/test_i012/test_i012.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i012)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i012)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i012_client_tests_list[];
-int32_t client_test_psa_close_with_invalid_handle(security_t);
+int32_t client_test_psa_close_with_invalid_handle(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i012/test_supp_i012.c b/api-tests/ff/ipc/test_i012/test_supp_i012.c
index f6d39b60..0de30cfb 100644
--- a/api-tests/ff/ipc/test_i012/test_supp_i012.c
+++ b/api-tests/ff/ipc/test_i012/test_supp_i012.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i013/source.mk b/api-tests/ff/ipc/test_i013/source.mk
deleted file mode 100644
index 44494988..00000000
--- a/api-tests/ff/ipc/test_i013/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i013.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i013.c test_supp_i013.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i013/test.cmake b/api-tests/ff/ipc/test_i013/test.cmake
new file mode 100644
index 00000000..724efacd
--- /dev/null
+++ b/api-tests/ff/ipc/test_i013/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i013.c
+ test_i013.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i013.c
+ test_supp_i013.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i013/test_entry.c b/api-tests/ff/ipc/test_i013/test_entry_i013.c
similarity index 100%
rename from api-tests/ff/ipc/test_i013/test_entry.c
rename to api-tests/ff/ipc/test_i013/test_entry_i013.c
diff --git a/api-tests/ff/ipc/test_i013/test_i013.c b/api-tests/ff/ipc/test_i013/test_i013.c
index 5666c16a..db112751 100644
--- a/api-tests/ff/ipc/test_i013/test_i013.c
+++ b/api-tests/ff/ipc/test_i013/test_i013.c
@@ -31,13 +31,13 @@ client_test_t test_i013_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_get_with_more_than_one_signal(security_t caller)
+int32_t client_test_psa_get_with_more_than_one_signal(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_get with multiple signals\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i013/test_i013.h b/api-tests/ff/ipc/test_i013/test_i013.h
index 8721594f..efcd9883 100644
--- a/api-tests/ff/ipc/test_i013/test_i013.h
+++ b/api-tests/ff/ipc/test_i013/test_i013.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i013)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i013)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i013_client_tests_list[];
-int32_t client_test_psa_get_with_more_than_one_signal(security_t);
+int32_t client_test_psa_get_with_more_than_one_signal(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i013/test_supp_i013.c b/api-tests/ff/ipc/test_i013/test_supp_i013.c
index fb54c3fe..640d71f5 100644
--- a/api-tests/ff/ipc/test_i013/test_supp_i013.c
+++ b/api-tests/ff/ipc/test_i013/test_supp_i013.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -57,23 +57,23 @@ int32_t server_test_psa_get_with_more_than_one_signal(void)
* VAL APIs to decide test status.
*/
- if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
/* Setting boot.state before test check */
if (val->set_boot_flag(BOOT_EXPECTED_NS))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
/* Unblock client */
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
- val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
}
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return VAL_STATUS_ERROR;
}
/* multiple signals check */
- psa->get((SERVER_UNSPECIFED_MINOR_V_SIG | SERVER_RELAX_MINOR_VERSION_SIG), &msg);
+ psa->get((SERVER_UNSPECIFED_VERSION_SIGNAL | SERVER_RELAX_VERSION_SIGNAL), &msg);
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
/* Resetting boot.state to catch unwanted reboot */
diff --git a/api-tests/ff/ipc/test_i014/source.mk b/api-tests/ff/ipc/test_i014/source.mk
deleted file mode 100644
index 5fd66f39..00000000
--- a/api-tests/ff/ipc/test_i014/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i014.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i014.c test_supp_i014.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i014/test.cmake b/api-tests/ff/ipc/test_i014/test.cmake
new file mode 100644
index 00000000..aabe4e22
--- /dev/null
+++ b/api-tests/ff/ipc/test_i014/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i014.c
+ test_i014.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i014.c
+ test_supp_i014.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i014/test_entry.c b/api-tests/ff/ipc/test_i014/test_entry_i014.c
similarity index 100%
rename from api-tests/ff/ipc/test_i014/test_entry.c
rename to api-tests/ff/ipc/test_i014/test_entry_i014.c
diff --git a/api-tests/ff/ipc/test_i014/test_i014.c b/api-tests/ff/ipc/test_i014/test_i014.c
index 1590dd48..b6c260a5 100644
--- a/api-tests/ff/ipc/test_i014/test_i014.c
+++ b/api-tests/ff/ipc/test_i014/test_i014.c
@@ -31,13 +31,13 @@ client_test_t test_i014_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_get_called_twice(security_t caller)
+int32_t client_test_psa_get_called_twice(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_get called twice\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i014/test_i014.h b/api-tests/ff/ipc/test_i014/test_i014.h
index 939dc4d5..0825f260 100644
--- a/api-tests/ff/ipc/test_i014/test_i014.h
+++ b/api-tests/ff/ipc/test_i014/test_i014.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i014)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i014)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i014_client_tests_list[];
-int32_t client_test_psa_get_called_twice(security_t);
+int32_t client_test_psa_get_called_twice(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i014/test_supp_i014.c b/api-tests/ff/ipc/test_i014/test_supp_i014.c
index fe062f4b..ab2e9383 100644
--- a/api-tests/ff/ipc/test_i014/test_supp_i014.c
+++ b/api-tests/ff/ipc/test_i014/test_supp_i014.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -59,10 +59,10 @@ int32_t server_test_psa_get_called_twice(void)
*/
wait:
- if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
/* First psa_get call */
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -80,7 +80,7 @@ int32_t server_test_psa_get_called_twice(void)
}
/* Second psa_get call. This should panic */
- psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
/* Resetting boot.state to catch unwanted reboot */
diff --git a/api-tests/ff/ipc/test_i015/source.mk b/api-tests/ff/ipc/test_i015/source.mk
deleted file mode 100644
index 287434ee..00000000
--- a/api-tests/ff/ipc/test_i015/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i015.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i015.c test_supp_i015.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i015/test.cmake b/api-tests/ff/ipc/test_i015/test.cmake
new file mode 100644
index 00000000..877f36b4
--- /dev/null
+++ b/api-tests/ff/ipc/test_i015/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i015.c
+ test_i015.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i015.c
+ test_supp_i015.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i015/test_entry.c b/api-tests/ff/ipc/test_i015/test_entry_i015.c
similarity index 100%
rename from api-tests/ff/ipc/test_i015/test_entry.c
rename to api-tests/ff/ipc/test_i015/test_entry_i015.c
diff --git a/api-tests/ff/ipc/test_i015/test_i015.c b/api-tests/ff/ipc/test_i015/test_i015.c
index f4868658..a23157cc 100644
--- a/api-tests/ff/ipc/test_i015/test_i015.c
+++ b/api-tests/ff/ipc/test_i015/test_i015.c
@@ -31,13 +31,13 @@ client_test_t test_i015_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_get_with_non_rot_signal(security_t caller)
+int32_t client_test_psa_get_with_non_rot_signal(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_get with non-RoT signal\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i015/test_i015.h b/api-tests/ff/ipc/test_i015/test_i015.h
index f1d4bfb6..b74f6c31 100644
--- a/api-tests/ff/ipc/test_i015/test_i015.h
+++ b/api-tests/ff/ipc/test_i015/test_i015.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i015)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i015)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i015_client_tests_list[];
-int32_t client_test_psa_get_with_non_rot_signal(security_t);
+int32_t client_test_psa_get_with_non_rot_signal(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i015/test_supp_i015.c b/api-tests/ff/ipc/test_i015/test_supp_i015.c
index a044796b..6b24b66a 100644
--- a/api-tests/ff/ipc/test_i015/test_supp_i015.c
+++ b/api-tests/ff/ipc/test_i015/test_supp_i015.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,14 +58,14 @@ int32_t server_test_psa_get_with_non_rot_signal(void)
* VAL APIs to decide test status.
*/
- if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
/* Setting boot.state before test check */
status = val->set_boot_flag(BOOT_EXPECTED_NS);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
- psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return status;
}
diff --git a/api-tests/ff/ipc/test_i016/source.mk b/api-tests/ff/ipc/test_i016/source.mk
deleted file mode 100644
index 70930bbe..00000000
--- a/api-tests/ff/ipc/test_i016/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i016.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i016.c test_supp_i016.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i016/test.cmake b/api-tests/ff/ipc/test_i016/test.cmake
new file mode 100644
index 00000000..c4e90e49
--- /dev/null
+++ b/api-tests/ff/ipc/test_i016/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i016.c
+ test_i016.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i016.c
+ test_supp_i016.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i016/test_entry.c b/api-tests/ff/ipc/test_i016/test_entry_i016.c
similarity index 100%
rename from api-tests/ff/ipc/test_i016/test_entry.c
rename to api-tests/ff/ipc/test_i016/test_entry_i016.c
diff --git a/api-tests/ff/ipc/test_i016/test_i016.c b/api-tests/ff/ipc/test_i016/test_i016.c
index 5cc7a362..cec06b97 100644
--- a/api-tests/ff/ipc/test_i016/test_i016.c
+++ b/api-tests/ff/ipc/test_i016/test_i016.c
@@ -31,13 +31,13 @@ client_test_t test_i016_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_get_with_unasserted_signal(security_t caller)
+int32_t client_test_psa_get_with_unasserted_signal(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_get with unasserted signal\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i016/test_i016.h b/api-tests/ff/ipc/test_i016/test_i016.h
index ffb78e1b..16c265d0 100644
--- a/api-tests/ff/ipc/test_i016/test_i016.h
+++ b/api-tests/ff/ipc/test_i016/test_i016.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i016)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i016)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i016_client_tests_list[];
-int32_t client_test_psa_get_with_unasserted_signal(security_t);
+int32_t client_test_psa_get_with_unasserted_signal(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i016/test_supp_i016.c b/api-tests/ff/ipc/test_i016/test_supp_i016.c
index 7b4d5e1b..5818ebdc 100644
--- a/api-tests/ff/ipc/test_i016/test_supp_i016.c
+++ b/api-tests/ff/ipc/test_i016/test_supp_i016.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,20 +58,20 @@ int32_t server_test_psa_get_with_unasserted_signal(void)
* VAL APIs to decide test status.
*/
- if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if ((psa->wait(PSA_WAIT_ANY, PSA_BLOCK)) & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
/* Setting boot.state before test check */
status = val->set_boot_flag(BOOT_EXPECTED_NS);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
- psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return status;
}
/* Unasserted signal check, call to psa_get should panic */
- psa->get(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ psa->get(SERVER_RELAX_VERSION_SIGNAL, &msg);
/* shouldn't have reached here */
/* Resetting boot.state to catch unwanted reboot */
diff --git a/api-tests/ff/ipc/test_i017/source.mk b/api-tests/ff/ipc/test_i017/source.mk
deleted file mode 100644
index 00ce2050..00000000
--- a/api-tests/ff/ipc/test_i017/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i017.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i017.c test_supp_i017.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i017/test.cmake b/api-tests/ff/ipc/test_i017/test.cmake
new file mode 100644
index 00000000..f8520cf8
--- /dev/null
+++ b/api-tests/ff/ipc/test_i017/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i017.c
+ test_i017.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i017.c
+ test_supp_i017.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i017/test_entry.c b/api-tests/ff/ipc/test_i017/test_entry_i017.c
similarity index 100%
rename from api-tests/ff/ipc/test_i017/test_entry.c
rename to api-tests/ff/ipc/test_i017/test_entry_i017.c
diff --git a/api-tests/ff/ipc/test_i017/test_i017.c b/api-tests/ff/ipc/test_i017/test_i017.c
index 2253d56d..4823c460 100644
--- a/api-tests/ff/ipc/test_i017/test_i017.c
+++ b/api-tests/ff/ipc/test_i017/test_i017.c
@@ -31,13 +31,13 @@ client_test_t test_i017_client_tests_list[] = {
NULL,
};
-int32_t client_test_partition_calling_its_own_rot_service(security_t caller)
+int32_t client_test_partition_calling_its_own_rot_service(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test partition calling its own RoT service\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i017/test_i017.h b/api-tests/ff/ipc/test_i017/test_i017.h
index 60e4e876..57697d87 100644
--- a/api-tests/ff/ipc/test_i017/test_i017.h
+++ b/api-tests/ff/ipc/test_i017/test_i017.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i017)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i017)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i017_client_tests_list[];
-int32_t client_test_partition_calling_its_own_rot_service(security_t);
+int32_t client_test_partition_calling_its_own_rot_service(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i017/test_supp_i017.c b/api-tests/ff/ipc/test_i017/test_supp_i017.c
index 6c729770..63057a50 100644
--- a/api-tests/ff/ipc/test_i017/test_supp_i017.c
+++ b/api-tests/ff/ipc/test_i017/test_supp_i017.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@ int32_t server_test_partition_calling_its_own_rot_service(void)
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -75,7 +75,7 @@ int32_t server_test_partition_calling_its_own_rot_service(void)
}
/* Calling server partition RoT service using IPC and call should panic */
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
/* shouldn't have reached here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i018/source.mk b/api-tests/ff/ipc/test_i018/source.mk
deleted file mode 100644
index 11caa7dd..00000000
--- a/api-tests/ff/ipc/test_i018/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i018.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i018.c test_supp_i018.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i018/test.cmake b/api-tests/ff/ipc/test_i018/test.cmake
new file mode 100644
index 00000000..3e495dda
--- /dev/null
+++ b/api-tests/ff/ipc/test_i018/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i018.c
+ test_i018.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i018.c
+ test_supp_i018.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i018/test_entry.c b/api-tests/ff/ipc/test_i018/test_entry_i018.c
similarity index 100%
rename from api-tests/ff/ipc/test_i018/test_entry.c
rename to api-tests/ff/ipc/test_i018/test_entry_i018.c
diff --git a/api-tests/ff/ipc/test_i018/test_i018.c b/api-tests/ff/ipc/test_i018/test_i018.c
index 43521492..fa40d5fa 100644
--- a/api-tests/ff/ipc/test_i018/test_i018.c
+++ b/api-tests/ff/ipc/test_i018/test_i018.c
@@ -31,13 +31,13 @@ client_test_t test_i018_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_set_rhandle_with_invalid_handle(security_t caller)
+int32_t client_test_psa_set_rhandle_with_invalid_handle(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_set_rhandle with invalid msg handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i018/test_i018.h b/api-tests/ff/ipc/test_i018/test_i018.h
index f8eed0d8..9bf6c7f4 100644
--- a/api-tests/ff/ipc/test_i018/test_i018.h
+++ b/api-tests/ff/ipc/test_i018/test_i018.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i018)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i018)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i018_client_tests_list[];
-int32_t client_test_psa_set_rhandle_with_invalid_handle(security_t);
+int32_t client_test_psa_set_rhandle_with_invalid_handle(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i018/test_supp_i018.c b/api-tests/ff/ipc/test_i018/test_supp_i018.c
index 5a67aba0..6a7afe41 100644
--- a/api-tests/ff/ipc/test_i018/test_supp_i018.c
+++ b/api-tests/ff/ipc/test_i018/test_supp_i018.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@ int32_t server_test_psa_set_rhandle_with_invalid_handle(void)
int32_t status = VAL_STATUS_SUCCESS;
int num;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i019/source.mk b/api-tests/ff/ipc/test_i019/source.mk
deleted file mode 100644
index d0542a70..00000000
--- a/api-tests/ff/ipc/test_i019/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i019.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i019.c test_supp_i019.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i019/test.cmake b/api-tests/ff/ipc/test_i019/test.cmake
new file mode 100644
index 00000000..3a3305fe
--- /dev/null
+++ b/api-tests/ff/ipc/test_i019/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i019.c
+ test_i019.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i019.c
+ test_supp_i019.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i019/test_entry.c b/api-tests/ff/ipc/test_i019/test_entry_i019.c
similarity index 100%
rename from api-tests/ff/ipc/test_i019/test_entry.c
rename to api-tests/ff/ipc/test_i019/test_entry_i019.c
diff --git a/api-tests/ff/ipc/test_i019/test_i019.c b/api-tests/ff/ipc/test_i019/test_i019.c
index 35ba8b93..941a82c8 100644
--- a/api-tests/ff/ipc/test_i019/test_i019.c
+++ b/api-tests/ff/ipc/test_i019/test_i019.c
@@ -31,13 +31,13 @@ client_test_t test_i019_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_set_rhandle_with_null_handle(security_t caller)
+int32_t client_test_psa_set_rhandle_with_null_handle(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_set_rhandle with null msg handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i019/test_i019.h b/api-tests/ff/ipc/test_i019/test_i019.h
index 39c00653..9e1f1466 100644
--- a/api-tests/ff/ipc/test_i019/test_i019.h
+++ b/api-tests/ff/ipc/test_i019/test_i019.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i019)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i019)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i019_client_tests_list[];
-int32_t client_test_psa_set_rhandle_with_null_handle(security_t);
+int32_t client_test_psa_set_rhandle_with_null_handle(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i019/test_supp_i019.c b/api-tests/ff/ipc/test_i019/test_supp_i019.c
index af063a61..5e4362ce 100644
--- a/api-tests/ff/ipc/test_i019/test_supp_i019.c
+++ b/api-tests/ff/ipc/test_i019/test_supp_i019.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -59,7 +59,7 @@ int32_t server_test_psa_set_rhandle_with_null_handle(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i020/source.mk b/api-tests/ff/ipc/test_i020/source.mk
deleted file mode 100644
index e87d8318..00000000
--- a/api-tests/ff/ipc/test_i020/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i020.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i020.c test_supp_i020.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i020/test.cmake b/api-tests/ff/ipc/test_i020/test.cmake
new file mode 100644
index 00000000..530cae1f
--- /dev/null
+++ b/api-tests/ff/ipc/test_i020/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i020.c
+ test_i020.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i020.c
+ test_supp_i020.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i020/test_entry.c b/api-tests/ff/ipc/test_i020/test_entry_i020.c
similarity index 100%
rename from api-tests/ff/ipc/test_i020/test_entry.c
rename to api-tests/ff/ipc/test_i020/test_entry_i020.c
diff --git a/api-tests/ff/ipc/test_i020/test_i020.c b/api-tests/ff/ipc/test_i020/test_i020.c
index c316e3d6..7f3dbb59 100644
--- a/api-tests/ff/ipc/test_i020/test_i020.c
+++ b/api-tests/ff/ipc/test_i020/test_i020.c
@@ -31,7 +31,7 @@ client_test_t test_i020_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_reply_with_invalid_connect_status_code(security_t caller)
+int32_t client_test_psa_reply_with_invalid_connect_status_code(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -39,7 +39,7 @@ int32_t client_test_psa_reply_with_invalid_connect_status_code(security_t caller
val->print(PRINT_TEST,
"[Check 1] Test psa_reply with invalid status code for PSA_IPC_CONNECT\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i020/test_i020.h b/api-tests/ff/ipc/test_i020/test_i020.h
index 7b9c1ebc..5c820fc6 100644
--- a/api-tests/ff/ipc/test_i020/test_i020.h
+++ b/api-tests/ff/ipc/test_i020/test_i020.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i020)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i020)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i020_client_tests_list[];
-int32_t client_test_psa_reply_with_invalid_connect_status_code(security_t);
+int32_t client_test_psa_reply_with_invalid_connect_status_code(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i020/test_supp_i020.c b/api-tests/ff/ipc/test_i020/test_supp_i020.c
index 816fd66b..4bbc184d 100644
--- a/api-tests/ff/ipc/test_i020/test_supp_i020.c
+++ b/api-tests/ff/ipc/test_i020/test_supp_i020.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@ int32_t server_test_psa_reply_with_invalid_connect_status_code(void)
psa_msg_t msg = {0};
psa_status_t invalid_status_code = PSA_ERROR_CONNECTION_REFUSED + 0x10;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i021/source.mk b/api-tests/ff/ipc/test_i021/source.mk
deleted file mode 100644
index 5bfe15b6..00000000
--- a/api-tests/ff/ipc/test_i021/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i021.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i021.c test_supp_i021.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i021/test.cmake b/api-tests/ff/ipc/test_i021/test.cmake
new file mode 100644
index 00000000..d9ecfedb
--- /dev/null
+++ b/api-tests/ff/ipc/test_i021/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i021.c
+ test_i021.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i021.c
+ test_supp_i021.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i021/test_entry.c b/api-tests/ff/ipc/test_i021/test_entry_i021.c
similarity index 100%
rename from api-tests/ff/ipc/test_i021/test_entry.c
rename to api-tests/ff/ipc/test_i021/test_entry_i021.c
diff --git a/api-tests/ff/ipc/test_i021/test_i021.c b/api-tests/ff/ipc/test_i021/test_i021.c
index 8927b140..cdb21074 100644
--- a/api-tests/ff/ipc/test_i021/test_i021.c
+++ b/api-tests/ff/ipc/test_i021/test_i021.c
@@ -31,14 +31,14 @@ client_test_t test_i021_client_tests_list[] = {
NULL,
};
-int32_t client_test_irq_routing(security_t caller)
+int32_t client_test_irq_routing(caller_security_t caller)
{
psa_handle_t handle;
driver_test_fn_id_t driver_test_fn_id = TEST_INTR_SERVICE;
/*
* The interrupt related test check is captured in driver_partition.c as this is the
- * only partition in test suite that holds the interrupt line. The interrupt test check
+ * only partition in test suite that holds the interrupt source. The interrupt test check
* is invoked by client by calling to DRIVER_TEST_SID RoT service of driver partition that
* hold the test check.
*/
@@ -46,8 +46,8 @@ int32_t client_test_irq_routing(security_t caller)
val->print(PRINT_TEST, "[Check 1] Test irq routing\n", 0);
/* Connect to DRIVER_TEST_SID */
- handle = psa->connect(DRIVER_TEST_SID, 1);
- if (handle < 0)
+ handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\t psa_connect failed. handle=0x%x\n", handle);
return VAL_STATUS_SPM_FAILED;
@@ -56,7 +56,7 @@ int32_t client_test_irq_routing(security_t caller)
/* Execute driver function related to TEST_INTR_SERVICE */
psa_invec invec = {&driver_test_fn_id, sizeof(driver_test_fn_id)};
- if (psa->call(handle, &invec, 1, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, &invec, 1, NULL, 0) != PSA_SUCCESS)
{
psa->close(handle);
return VAL_STATUS_SPM_FAILED;
diff --git a/api-tests/ff/ipc/test_i021/test_i021.h b/api-tests/ff/ipc/test_i021/test_i021.h
index cc76cafa..d99b1d7f 100644
--- a/api-tests/ff/ipc/test_i021/test_i021.h
+++ b/api-tests/ff/ipc/test_i021/test_i021.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i021)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i021)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i021_client_tests_list[];
-int32_t client_test_irq_routing(security_t);
+int32_t client_test_irq_routing(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i021/test_supp_i021.c b/api-tests/ff/ipc/test_i021/test_supp_i021.c
index 672f3408..1877450e 100644
--- a/api-tests/ff/ipc/test_i021/test_supp_i021.c
+++ b/api-tests/ff/ipc/test_i021/test_supp_i021.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i022/source.mk b/api-tests/ff/ipc/test_i022/source.mk
deleted file mode 100644
index 9d31ee6f..00000000
--- a/api-tests/ff/ipc/test_i022/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i022.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i022.c test_supp_i022.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i022/test.cmake b/api-tests/ff/ipc/test_i022/test.cmake
new file mode 100644
index 00000000..915cddd5
--- /dev/null
+++ b/api-tests/ff/ipc/test_i022/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i022.c
+ test_i022.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i022.c
+ test_supp_i022.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i022/test_entry.c b/api-tests/ff/ipc/test_i022/test_entry_i022.c
similarity index 100%
rename from api-tests/ff/ipc/test_i022/test_entry.c
rename to api-tests/ff/ipc/test_i022/test_entry_i022.c
diff --git a/api-tests/ff/ipc/test_i022/test_i022.c b/api-tests/ff/ipc/test_i022/test_i022.c
index 09548369..366d9444 100644
--- a/api-tests/ff/ipc/test_i022/test_i022.c
+++ b/api-tests/ff/ipc/test_i022/test_i022.c
@@ -31,13 +31,13 @@ client_test_t test_i022_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_reply_with_invalid_handle(security_t caller)
+int32_t client_test_psa_reply_with_invalid_handle(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Testing psa_reply with invalid handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i022/test_i022.h b/api-tests/ff/ipc/test_i022/test_i022.h
index b67081f0..ad0e5700 100644
--- a/api-tests/ff/ipc/test_i022/test_i022.h
+++ b/api-tests/ff/ipc/test_i022/test_i022.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i022)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i022)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i022_client_tests_list[];
-int32_t client_test_psa_reply_with_invalid_handle(security_t);
+int32_t client_test_psa_reply_with_invalid_handle(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i022/test_supp_i022.c b/api-tests/ff/ipc/test_i022/test_supp_i022.c
index e2ba3915..f952610a 100644
--- a/api-tests/ff/ipc/test_i022/test_supp_i022.c
+++ b/api-tests/ff/ipc/test_i022/test_supp_i022.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@ int32_t server_test_psa_reply_with_invalid_handle(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i023/source.mk b/api-tests/ff/ipc/test_i023/source.mk
deleted file mode 100644
index e323ac65..00000000
--- a/api-tests/ff/ipc/test_i023/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i023.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i023.c test_supp_i023.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i023/test.cmake b/api-tests/ff/ipc/test_i023/test.cmake
new file mode 100644
index 00000000..176cfc8e
--- /dev/null
+++ b/api-tests/ff/ipc/test_i023/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i023.c
+ test_i023.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i023.c
+ test_supp_i023.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i023/test_entry.c b/api-tests/ff/ipc/test_i023/test_entry_i023.c
similarity index 100%
rename from api-tests/ff/ipc/test_i023/test_entry.c
rename to api-tests/ff/ipc/test_i023/test_entry_i023.c
diff --git a/api-tests/ff/ipc/test_i023/test_i023.c b/api-tests/ff/ipc/test_i023/test_i023.c
index 6c85db25..6e0cff1c 100644
--- a/api-tests/ff/ipc/test_i023/test_i023.c
+++ b/api-tests/ff/ipc/test_i023/test_i023.c
@@ -31,13 +31,13 @@ client_test_t test_i023_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_reply_with_null_handle(security_t caller)
+int32_t client_test_psa_reply_with_null_handle(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Testing psa_reply with invalid handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tConnection should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i023/test_i023.h b/api-tests/ff/ipc/test_i023/test_i023.h
index b0394f1d..2bd6660e 100644
--- a/api-tests/ff/ipc/test_i023/test_i023.h
+++ b/api-tests/ff/ipc/test_i023/test_i023.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i023)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i023)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i023_client_tests_list[];
-int32_t client_test_psa_reply_with_null_handle(security_t);
+int32_t client_test_psa_reply_with_null_handle(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i023/test_supp_i023.c b/api-tests/ff/ipc/test_i023/test_supp_i023.c
index 4436e4ac..11d871ff 100644
--- a/api-tests/ff/ipc/test_i023/test_supp_i023.c
+++ b/api-tests/ff/ipc/test_i023/test_supp_i023.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@ int32_t server_test_psa_reply_with_null_handle(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i024/source.mk b/api-tests/ff/ipc/test_i024/source.mk
deleted file mode 100644
index 7ce5d51f..00000000
--- a/api-tests/ff/ipc/test_i024/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i024.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i024.c test_supp_i024.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i024/test.cmake b/api-tests/ff/ipc/test_i024/test.cmake
new file mode 100644
index 00000000..f0e02974
--- /dev/null
+++ b/api-tests/ff/ipc/test_i024/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i024.c
+ test_i024.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i024.c
+ test_supp_i024.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i024/test_entry.c b/api-tests/ff/ipc/test_i024/test_entry_i024.c
similarity index 100%
rename from api-tests/ff/ipc/test_i024/test_entry.c
rename to api-tests/ff/ipc/test_i024/test_entry_i024.c
diff --git a/api-tests/ff/ipc/test_i024/test_i024.c b/api-tests/ff/ipc/test_i024/test_i024.c
index d589c896..40de6815 100644
--- a/api-tests/ff/ipc/test_i024/test_i024.c
+++ b/api-tests/ff/ipc/test_i024/test_i024.c
@@ -31,7 +31,7 @@ client_test_t test_i024_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_call_with_invalid_handle(security_t caller)
+int32_t client_test_psa_call_with_invalid_handle(caller_security_t caller)
{
psa_status_t status_of_call;
boot_state_t boot_state;
@@ -62,7 +62,7 @@ int32_t client_test_psa_call_with_invalid_handle(security_t caller)
*/
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -70,14 +70,14 @@ int32_t client_test_psa_call_with_invalid_handle(security_t caller)
}
/* Test check- psa_call with INVALID_HANDLE */
- status_of_call = psa->call(INVALID_HANDLE, NULL, 0, NULL, 0);
+ status_of_call = psa->call(INVALID_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
* a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
{
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/ff/ipc/test_i024/test_i024.h b/api-tests/ff/ipc/test_i024/test_i024.h
index 109ba862..30159327 100644
--- a/api-tests/ff/ipc/test_i024/test_i024.h
+++ b/api-tests/ff/ipc/test_i024/test_i024.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i024)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i024)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i024_client_tests_list[];
-int32_t client_test_psa_call_with_invalid_handle(security_t);
+int32_t client_test_psa_call_with_invalid_handle(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i024/test_supp_i024.c b/api-tests/ff/ipc/test_i024/test_supp_i024.c
index 60d98953..67b4fc95 100644
--- a/api-tests/ff/ipc/test_i024/test_supp_i024.c
+++ b/api-tests/ff/ipc/test_i024/test_supp_i024.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i025/source.mk b/api-tests/ff/ipc/test_i025/source.mk
deleted file mode 100644
index e7d27c94..00000000
--- a/api-tests/ff/ipc/test_i025/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i025.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i025.c test_supp_i025.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i025/test.cmake b/api-tests/ff/ipc/test_i025/test.cmake
new file mode 100644
index 00000000..e861a9a6
--- /dev/null
+++ b/api-tests/ff/ipc/test_i025/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i025.c
+ test_i025.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i025.c
+ test_supp_i025.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i025/test_entry.c b/api-tests/ff/ipc/test_i025/test_entry_i025.c
similarity index 100%
rename from api-tests/ff/ipc/test_i025/test_entry.c
rename to api-tests/ff/ipc/test_i025/test_entry_i025.c
diff --git a/api-tests/ff/ipc/test_i025/test_i025.c b/api-tests/ff/ipc/test_i025/test_i025.c
index 66d69dd2..da203755 100644
--- a/api-tests/ff/ipc/test_i025/test_i025.c
+++ b/api-tests/ff/ipc/test_i025/test_i025.c
@@ -31,7 +31,7 @@ client_test_t test_i025_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_call_with_null_handle(security_t caller)
+int32_t client_test_psa_call_with_null_handle(caller_security_t caller)
{
psa_status_t status_of_call;
boot_state_t boot_state;
@@ -62,7 +62,7 @@ int32_t client_test_psa_call_with_null_handle(security_t caller)
*/
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -70,14 +70,14 @@ int32_t client_test_psa_call_with_null_handle(security_t caller)
}
/* Test check- psa_call with NULL HANDLE */
- status_of_call = psa->call(PSA_NULL_HANDLE, NULL, 0, NULL, 0);
+ status_of_call = psa->call(PSA_NULL_HANDLE, PSA_IPC_CALL, NULL, 0, NULL, 0);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
* a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
{
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/ff/ipc/test_i025/test_i025.h b/api-tests/ff/ipc/test_i025/test_i025.h
index 2cc58ee7..eaec5a13 100644
--- a/api-tests/ff/ipc/test_i025/test_i025.h
+++ b/api-tests/ff/ipc/test_i025/test_i025.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i025)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i025)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i025_client_tests_list[];
-int32_t client_test_psa_call_with_null_handle(security_t);
+int32_t client_test_psa_call_with_null_handle(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i025/test_supp_i025.c b/api-tests/ff/ipc/test_i025/test_supp_i025.c
index 20f15573..19d70e82 100644
--- a/api-tests/ff/ipc/test_i025/test_supp_i025.c
+++ b/api-tests/ff/ipc/test_i025/test_supp_i025.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i026/source.mk b/api-tests/ff/ipc/test_i026/source.mk
deleted file mode 100644
index e6271d7d..00000000
--- a/api-tests/ff/ipc/test_i026/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i026.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i026.c test_supp_i026.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i026/test.cmake b/api-tests/ff/ipc/test_i026/test.cmake
new file mode 100644
index 00000000..361dfbd4
--- /dev/null
+++ b/api-tests/ff/ipc/test_i026/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i026.c
+ test_i026.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i026.c
+ test_supp_i026.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i026/test_entry.c b/api-tests/ff/ipc/test_i026/test_entry_i026.c
similarity index 100%
rename from api-tests/ff/ipc/test_i026/test_entry.c
rename to api-tests/ff/ipc/test_i026/test_entry_i026.c
diff --git a/api-tests/ff/ipc/test_i026/test_i026.c b/api-tests/ff/ipc/test_i026/test_i026.c
index bafd8a91..0b186e99 100644
--- a/api-tests/ff/ipc/test_i026/test_i026.c
+++ b/api-tests/ff/ipc/test_i026/test_i026.c
@@ -31,7 +31,7 @@ client_test_t test_i026_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_call_with_iovec_more_than_max_limit(security_t caller)
+int32_t client_test_psa_call_with_iovec_more_than_max_limit(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -70,16 +70,15 @@ int32_t client_test_psa_call_with_iovec_more_than_max_limit(security_t caller)
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -87,14 +86,14 @@ int32_t client_test_psa_call_with_iovec_more_than_max_limit(security_t caller)
}
/* Test check- psa_call with IOVEC > PSA_MAX_IOVEC */
- status_of_call = psa->call(handle, invec, PSA_MAX_IOVEC, outvec, 1);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, invec, PSA_MAX_IOVEC, outvec, 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
* a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
{
psa->close(handle);
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/ff/ipc/test_i026/test_i026.h b/api-tests/ff/ipc/test_i026/test_i026.h
index 183a060e..98eb2fe5 100644
--- a/api-tests/ff/ipc/test_i026/test_i026.h
+++ b/api-tests/ff/ipc/test_i026/test_i026.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i026)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i026)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i026_client_tests_list[];
-int32_t client_test_psa_call_with_iovec_more_than_max_limit(security_t);
+int32_t client_test_psa_call_with_iovec_more_than_max_limit(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i026/test_supp_i026.c b/api-tests/ff/ipc/test_i026/test_supp_i026.c
index 4b1794b7..dc5b829c 100644
--- a/api-tests/ff/ipc/test_i026/test_supp_i026.c
+++ b/api-tests/ff/ipc/test_i026/test_supp_i026.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@ int32_t server_test_psa_call_with_iovec_more_than_max_limit()
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@ int32_t server_test_psa_call_with_iovec_more_than_max_limit()
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@ int32_t server_test_psa_call_with_iovec_more_than_max_limit()
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i027/source.mk b/api-tests/ff/ipc/test_i027/source.mk
deleted file mode 100644
index 6010eb14..00000000
--- a/api-tests/ff/ipc/test_i027/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i027.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i027.c test_supp_i027.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i027/test.cmake b/api-tests/ff/ipc/test_i027/test.cmake
new file mode 100644
index 00000000..27babcf7
--- /dev/null
+++ b/api-tests/ff/ipc/test_i027/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i027.c
+ test_i027.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i027.c
+ test_supp_i027.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i027/test_entry.c b/api-tests/ff/ipc/test_i027/test_entry_i027.c
similarity index 100%
rename from api-tests/ff/ipc/test_i027/test_entry.c
rename to api-tests/ff/ipc/test_i027/test_entry_i027.c
diff --git a/api-tests/ff/ipc/test_i027/test_i027.c b/api-tests/ff/ipc/test_i027/test_i027.c
index 1f20adc4..b346fa77 100644
--- a/api-tests/ff/ipc/test_i027/test_i027.c
+++ b/api-tests/ff/ipc/test_i027/test_i027.c
@@ -31,7 +31,7 @@ client_test_t test_i027_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_drop_connection(security_t caller)
+int32_t client_test_psa_drop_connection(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -63,29 +63,29 @@ int32_t client_test_psa_drop_connection(security_t caller)
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_CONNECTION_DROP_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_CONNECTION_DROP_SID, SERVER_CONNECTION_DROP_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
return VAL_STATUS_ERROR;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
* a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
{
/* Resetting boot.state to catch unwanted reboot */
if (val->set_boot_flag(BOOT_NOT_EXPECTED))
@@ -94,14 +94,14 @@ int32_t client_test_psa_drop_connection(security_t caller)
return VAL_STATUS_ERROR;
}
- val->print(PRINT_DEBUG, "\tRecieved PSA_ERROR_PROGRAMMER_ERROR\n", 0);
+ val->print(PRINT_DEBUG, "\tReceived PSA_ERROR_PROGRAMMER_ERROR\n", 0);
/* If this call returns PSA_ERROR_PROGRAMMER_ERROR,
* when a valid connection handle was provided, then
* all subsequent calls to psa_call() with the same connection
* handle will immediately return PSA_ERROR_PROGRAMMER_ERROR.
*/
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
if (status_of_call != PSA_ERROR_PROGRAMMER_ERROR)
{
status = VAL_STATUS_SPM_FAILED;
diff --git a/api-tests/ff/ipc/test_i027/test_i027.h b/api-tests/ff/ipc/test_i027/test_i027.h
index 2996167b..9a679ea5 100644
--- a/api-tests/ff/ipc/test_i027/test_i027.h
+++ b/api-tests/ff/ipc/test_i027/test_i027.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i027)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i027)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i027_client_tests_list[];
-int32_t client_test_psa_drop_connection(security_t);
+int32_t client_test_psa_drop_connection(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i027/test_supp_i027.c b/api-tests/ff/ipc/test_i027/test_supp_i027.c
index c2eb4d3c..fe5374b2 100644
--- a/api-tests/ff/ipc/test_i027/test_supp_i027.c
+++ b/api-tests/ff/ipc/test_i027/test_supp_i027.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -36,7 +36,7 @@ int32_t server_test_psa_drop_connection(void)
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_CONNECTION_DROP_SIG, &msg);
+ status = val->process_connect_request(SERVER_CONNECTION_DROP_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -45,7 +45,7 @@ int32_t server_test_psa_drop_connection(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_CONNECTION_DROP_SIG, &msg);
+ status = val->process_call_request(SERVER_CONNECTION_DROP_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -62,7 +62,7 @@ int32_t server_test_psa_drop_connection(void)
* directly after receipt of the PSA_ERROR_PROGRAMMER_ERROR completion to allow
* connection resources within the RoT Service to be released
*/
- status = val->process_disconnect_request(SERVER_CONNECTION_DROP_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_CONNECTION_DROP_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
val->print(PRINT_ERROR, "\tDisconnect request failed\n", 0);
diff --git a/api-tests/ff/ipc/test_i028/source.mk b/api-tests/ff/ipc/test_i028/source.mk
deleted file mode 100644
index 7998ba20..00000000
--- a/api-tests/ff/ipc/test_i028/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i028.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i028.c test_supp_i028.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i028/test.cmake b/api-tests/ff/ipc/test_i028/test.cmake
new file mode 100644
index 00000000..189e407e
--- /dev/null
+++ b/api-tests/ff/ipc/test_i028/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i028.c
+ test_i028.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i028.c
+ test_supp_i028.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i028/test_entry.c b/api-tests/ff/ipc/test_i028/test_entry_i028.c
similarity index 100%
rename from api-tests/ff/ipc/test_i028/test_entry.c
rename to api-tests/ff/ipc/test_i028/test_entry_i028.c
diff --git a/api-tests/ff/ipc/test_i028/test_i028.c b/api-tests/ff/ipc/test_i028/test_i028.c
index a5be9d35..7e2f1127 100644
--- a/api-tests/ff/ipc/test_i028/test_i028.c
+++ b/api-tests/ff/ipc/test_i028/test_i028.c
@@ -31,13 +31,13 @@ client_test_t test_i028_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_read_at_ipc_connect(security_t caller)
+int32_t client_test_psa_read_at_ipc_connect(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_read at PSA_IPC_CONNECT\n", 0);
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
/* Shouldn't have reached here */
val->print(PRINT_ERROR, "\tConnection should have failed but succeeded\n", 0);
diff --git a/api-tests/ff/ipc/test_i028/test_i028.h b/api-tests/ff/ipc/test_i028/test_i028.h
index 8368fa1b..f958ebb6 100644
--- a/api-tests/ff/ipc/test_i028/test_i028.h
+++ b/api-tests/ff/ipc/test_i028/test_i028.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i028)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i028)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i028_client_tests_list[];
-int32_t client_test_psa_read_at_ipc_connect(security_t);
+int32_t client_test_psa_read_at_ipc_connect(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i028/test_supp_i028.c b/api-tests/ff/ipc/test_i028/test_supp_i028.c
index 3c571e3c..02a0023e 100644
--- a/api-tests/ff/ipc/test_i028/test_supp_i028.c
+++ b/api-tests/ff/ipc/test_i028/test_supp_i028.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@ int32_t server_test_psa_read_at_ipc_connect()
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i029/source.mk b/api-tests/ff/ipc/test_i029/source.mk
deleted file mode 100644
index 8e6eff2b..00000000
--- a/api-tests/ff/ipc/test_i029/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i029.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i029.c test_supp_i029.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i029/test.cmake b/api-tests/ff/ipc/test_i029/test.cmake
new file mode 100644
index 00000000..b083caa8
--- /dev/null
+++ b/api-tests/ff/ipc/test_i029/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i029.c
+ test_i029.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i029.c
+ test_supp_i029.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i029/test_entry.c b/api-tests/ff/ipc/test_i029/test_entry_i029.c
similarity index 100%
rename from api-tests/ff/ipc/test_i029/test_entry.c
rename to api-tests/ff/ipc/test_i029/test_entry_i029.c
diff --git a/api-tests/ff/ipc/test_i029/test_i029.c b/api-tests/ff/ipc/test_i029/test_i029.c
index 51d199bd..d208bc83 100644
--- a/api-tests/ff/ipc/test_i029/test_i029.c
+++ b/api-tests/ff/ipc/test_i029/test_i029.c
@@ -31,14 +31,14 @@ client_test_t test_i029_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_read_at_ipc_disconnect(security_t caller)
+int32_t client_test_psa_read_at_ipc_disconnect(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_read at PSA_IPC_DISCONNECT\n", 0);
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
- if (handle > 0)
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
psa->close(handle);
}
diff --git a/api-tests/ff/ipc/test_i029/test_i029.h b/api-tests/ff/ipc/test_i029/test_i029.h
index 14119bc8..bc211840 100644
--- a/api-tests/ff/ipc/test_i029/test_i029.h
+++ b/api-tests/ff/ipc/test_i029/test_i029.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i029)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i029)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i029_client_tests_list[];
-int32_t client_test_psa_read_at_ipc_disconnect(security_t);
+int32_t client_test_psa_read_at_ipc_disconnect(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i029/test_supp_i029.c b/api-tests/ff/ipc/test_i029/test_supp_i029.c
index 0e7aac6b..ff9caf96 100644
--- a/api-tests/ff/ipc/test_i029/test_supp_i029.c
+++ b/api-tests/ff/ipc/test_i029/test_supp_i029.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@ int32_t server_test_psa_read_at_ipc_disconnect(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -69,7 +69,7 @@ int32_t server_test_psa_read_at_ipc_disconnect(void)
}
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_SUCCESS);
diff --git a/api-tests/ff/ipc/test_i030/source.mk b/api-tests/ff/ipc/test_i030/source.mk
deleted file mode 100644
index 36250e4f..00000000
--- a/api-tests/ff/ipc/test_i030/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i030.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i030.c test_supp_i030.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i030/test.cmake b/api-tests/ff/ipc/test_i030/test.cmake
new file mode 100644
index 00000000..877ec83c
--- /dev/null
+++ b/api-tests/ff/ipc/test_i030/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i030.c
+ test_i030.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i030.c
+ test_supp_i030.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i030/test_entry.c b/api-tests/ff/ipc/test_i030/test_entry_i030.c
similarity index 100%
rename from api-tests/ff/ipc/test_i030/test_entry.c
rename to api-tests/ff/ipc/test_i030/test_entry_i030.c
diff --git a/api-tests/ff/ipc/test_i030/test_i030.c b/api-tests/ff/ipc/test_i030/test_i030.c
index f6eef922..922f1317 100644
--- a/api-tests/ff/ipc/test_i030/test_i030.c
+++ b/api-tests/ff/ipc/test_i030/test_i030.c
@@ -31,7 +31,7 @@ client_test_t test_i030_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_read_with_null_handle(security_t caller)
+int32_t client_test_psa_read_with_null_handle(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -40,15 +40,14 @@ int32_t client_test_psa_read_with_null_handle(security_t caller)
val->print(PRINT_TEST,
"[Check 1] Test psa_read with NULL handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i030/test_i030.h b/api-tests/ff/ipc/test_i030/test_i030.h
index fafb2a8c..c5ec886a 100644
--- a/api-tests/ff/ipc/test_i030/test_i030.h
+++ b/api-tests/ff/ipc/test_i030/test_i030.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i030)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i030)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i030_client_tests_list[];
-int32_t client_test_psa_read_with_null_handle(security_t);
+int32_t client_test_psa_read_with_null_handle(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i030/test_supp_i030.c b/api-tests/ff/ipc/test_i030/test_supp_i030.c
index 6c67a002..1f46e698 100644
--- a/api-tests/ff/ipc/test_i030/test_supp_i030.c
+++ b/api-tests/ff/ipc/test_i030/test_supp_i030.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@ int32_t server_test_psa_read_with_null_handle(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@ int32_t server_test_psa_read_with_null_handle(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -105,7 +105,7 @@ int32_t server_test_psa_read_with_null_handle(void)
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i031/source.mk b/api-tests/ff/ipc/test_i031/source.mk
deleted file mode 100644
index 7195db9e..00000000
--- a/api-tests/ff/ipc/test_i031/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i031.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i031.c test_supp_i031.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i031/test.cmake b/api-tests/ff/ipc/test_i031/test.cmake
new file mode 100644
index 00000000..a9bbd097
--- /dev/null
+++ b/api-tests/ff/ipc/test_i031/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i031.c
+ test_i031.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i031.c
+ test_supp_i031.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i031/test_entry.c b/api-tests/ff/ipc/test_i031/test_entry_i031.c
similarity index 100%
rename from api-tests/ff/ipc/test_i031/test_entry.c
rename to api-tests/ff/ipc/test_i031/test_entry_i031.c
diff --git a/api-tests/ff/ipc/test_i031/test_i031.c b/api-tests/ff/ipc/test_i031/test_i031.c
index dc221519..25b69757 100644
--- a/api-tests/ff/ipc/test_i031/test_i031.c
+++ b/api-tests/ff/ipc/test_i031/test_i031.c
@@ -31,7 +31,7 @@ client_test_t test_i031_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_read_with_invalid_handle(security_t caller)
+int32_t client_test_psa_read_with_invalid_handle(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -40,14 +40,14 @@ int32_t client_test_psa_read_with_invalid_handle(security_t caller)
val->print(PRINT_TEST,
"[Check 1] Test psa_read with invalid handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i031/test_i031.h b/api-tests/ff/ipc/test_i031/test_i031.h
index ceb16f87..849197f3 100644
--- a/api-tests/ff/ipc/test_i031/test_i031.h
+++ b/api-tests/ff/ipc/test_i031/test_i031.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i031)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i031)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i031_client_tests_list[];
-int32_t client_test_psa_read_with_invalid_handle(security_t);
+int32_t client_test_psa_read_with_invalid_handle(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i031/test_supp_i031.c b/api-tests/ff/ipc/test_i031/test_supp_i031.c
index 9bac47af..94f7389d 100644
--- a/api-tests/ff/ipc/test_i031/test_supp_i031.c
+++ b/api-tests/ff/ipc/test_i031/test_supp_i031.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@ int32_t server_test_psa_read_with_invalid_handle(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@ int32_t server_test_psa_read_with_invalid_handle(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -105,7 +105,7 @@ int32_t server_test_psa_read_with_invalid_handle(void)
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i032/source.mk b/api-tests/ff/ipc/test_i032/source.mk
deleted file mode 100644
index 8070501f..00000000
--- a/api-tests/ff/ipc/test_i032/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i032.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i032.c test_supp_i032.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i032/test.cmake b/api-tests/ff/ipc/test_i032/test.cmake
new file mode 100644
index 00000000..413d8392
--- /dev/null
+++ b/api-tests/ff/ipc/test_i032/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i032.c
+ test_i032.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i032.c
+ test_supp_i032.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i032/test_entry.c b/api-tests/ff/ipc/test_i032/test_entry_i032.c
similarity index 100%
rename from api-tests/ff/ipc/test_i032/test_entry.c
rename to api-tests/ff/ipc/test_i032/test_entry_i032.c
diff --git a/api-tests/ff/ipc/test_i032/test_i032.c b/api-tests/ff/ipc/test_i032/test_i032.c
index f0527833..b7902712 100644
--- a/api-tests/ff/ipc/test_i032/test_i032.c
+++ b/api-tests/ff/ipc/test_i032/test_i032.c
@@ -31,7 +31,7 @@ client_test_t test_i032_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_read_with_invec_equal_to_max_iovec(security_t caller)
+int32_t client_test_psa_read_with_invec_equal_to_max_iovec(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -40,14 +40,14 @@ int32_t client_test_psa_read_with_invec_equal_to_max_iovec(security_t caller)
val->print(PRINT_TEST,
"[Check 1] Test psa_read with invec_idx=PSA_MAX_IOVEC\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i032/test_i032.h b/api-tests/ff/ipc/test_i032/test_i032.h
index 8ea8bd4d..327be5a3 100644
--- a/api-tests/ff/ipc/test_i032/test_i032.h
+++ b/api-tests/ff/ipc/test_i032/test_i032.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i032)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i032)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i032_client_tests_list[];
-int32_t client_test_psa_read_with_invec_equal_to_max_iovec(security_t);
+int32_t client_test_psa_read_with_invec_equal_to_max_iovec(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i032/test_supp_i032.c b/api-tests/ff/ipc/test_i032/test_supp_i032.c
index e45d47b9..20771337 100644
--- a/api-tests/ff/ipc/test_i032/test_supp_i032.c
+++ b/api-tests/ff/ipc/test_i032/test_supp_i032.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@ int32_t server_test_psa_read_with_invec_equal_to_max_iovec(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@ int32_t server_test_psa_read_with_invec_equal_to_max_iovec(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -105,7 +105,7 @@ int32_t server_test_psa_read_with_invec_equal_to_max_iovec(void)
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i033/source.mk b/api-tests/ff/ipc/test_i033/source.mk
deleted file mode 100644
index 47af032b..00000000
--- a/api-tests/ff/ipc/test_i033/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i033.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i033.c test_supp_i033.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i033/test.cmake b/api-tests/ff/ipc/test_i033/test.cmake
new file mode 100644
index 00000000..75a6dd6a
--- /dev/null
+++ b/api-tests/ff/ipc/test_i033/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i033.c
+ test_i033.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i033.c
+ test_supp_i033.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i033/test_entry.c b/api-tests/ff/ipc/test_i033/test_entry_i033.c
similarity index 100%
rename from api-tests/ff/ipc/test_i033/test_entry.c
rename to api-tests/ff/ipc/test_i033/test_entry_i033.c
diff --git a/api-tests/ff/ipc/test_i033/test_i033.c b/api-tests/ff/ipc/test_i033/test_i033.c
index 1792dfa7..79cad60c 100644
--- a/api-tests/ff/ipc/test_i033/test_i033.c
+++ b/api-tests/ff/ipc/test_i033/test_i033.c
@@ -31,7 +31,7 @@ client_test_t test_i033_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_read_with_invec_greater_than_max_iovec(security_t caller)
+int32_t client_test_psa_read_with_invec_greater_than_max_iovec(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -40,14 +40,14 @@ int32_t client_test_psa_read_with_invec_greater_than_max_iovec(security_t caller
val->print(PRINT_TEST,
"[Check 1] Test psa_read with invec_idx > PSA_MAX_IOVEC\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i033/test_i033.h b/api-tests/ff/ipc/test_i033/test_i033.h
index 2c65273c..3ee55580 100644
--- a/api-tests/ff/ipc/test_i033/test_i033.h
+++ b/api-tests/ff/ipc/test_i033/test_i033.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i033)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i033)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i033_client_tests_list[];
-int32_t client_test_psa_read_with_invec_greater_than_max_iovec(security_t);
+int32_t client_test_psa_read_with_invec_greater_than_max_iovec(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i033/test_supp_i033.c b/api-tests/ff/ipc/test_i033/test_supp_i033.c
index 425c255a..676c1cdc 100644
--- a/api-tests/ff/ipc/test_i033/test_supp_i033.c
+++ b/api-tests/ff/ipc/test_i033/test_supp_i033.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@ int32_t server_test_psa_read_with_invec_greater_than_max_iovec(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@ int32_t server_test_psa_read_with_invec_greater_than_max_iovec(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -105,7 +105,7 @@ int32_t server_test_psa_read_with_invec_greater_than_max_iovec(void)
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i034/source.mk b/api-tests/ff/ipc/test_i034/source.mk
deleted file mode 100644
index 3bb8d510..00000000
--- a/api-tests/ff/ipc/test_i034/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i034.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i034.c test_supp_i034.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i034/test.cmake b/api-tests/ff/ipc/test_i034/test.cmake
new file mode 100644
index 00000000..87f14918
--- /dev/null
+++ b/api-tests/ff/ipc/test_i034/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i034.c
+ test_i034.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i034.c
+ test_supp_i034.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i034/test_entry.c b/api-tests/ff/ipc/test_i034/test_entry_i034.c
similarity index 100%
rename from api-tests/ff/ipc/test_i034/test_entry.c
rename to api-tests/ff/ipc/test_i034/test_entry_i034.c
diff --git a/api-tests/ff/ipc/test_i034/test_i034.c b/api-tests/ff/ipc/test_i034/test_i034.c
index 742c1aa0..a5a18b83 100644
--- a/api-tests/ff/ipc/test_i034/test_i034.c
+++ b/api-tests/ff/ipc/test_i034/test_i034.c
@@ -31,13 +31,13 @@ client_test_t test_i034_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_skip_at_ipc_connect(security_t caller)
+int32_t client_test_psa_skip_at_ipc_connect(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_skip at PSA_IPC_CONNECT\n", 0);
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
/* Shouldn't have reached here */
val->print(PRINT_ERROR, "\tConnection should have failed but succeeded\n", 0);
diff --git a/api-tests/ff/ipc/test_i034/test_i034.h b/api-tests/ff/ipc/test_i034/test_i034.h
index 2a7be62a..0c0001f1 100644
--- a/api-tests/ff/ipc/test_i034/test_i034.h
+++ b/api-tests/ff/ipc/test_i034/test_i034.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i034)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i034)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i034_client_tests_list[];
-int32_t client_test_psa_skip_at_ipc_connect(security_t);
+int32_t client_test_psa_skip_at_ipc_connect(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i034/test_supp_i034.c b/api-tests/ff/ipc/test_i034/test_supp_i034.c
index 2580d99f..b455d232 100644
--- a/api-tests/ff/ipc/test_i034/test_supp_i034.c
+++ b/api-tests/ff/ipc/test_i034/test_supp_i034.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@ int32_t server_test_psa_skip_at_ipc_connect(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i035/source.mk b/api-tests/ff/ipc/test_i035/source.mk
deleted file mode 100644
index a854b9fc..00000000
--- a/api-tests/ff/ipc/test_i035/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i035.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i035.c test_supp_i035.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i035/test.cmake b/api-tests/ff/ipc/test_i035/test.cmake
new file mode 100644
index 00000000..571d48af
--- /dev/null
+++ b/api-tests/ff/ipc/test_i035/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i035.c
+ test_i035.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i035.c
+ test_supp_i035.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i035/test_entry.c b/api-tests/ff/ipc/test_i035/test_entry_i035.c
similarity index 100%
rename from api-tests/ff/ipc/test_i035/test_entry.c
rename to api-tests/ff/ipc/test_i035/test_entry_i035.c
diff --git a/api-tests/ff/ipc/test_i035/test_i035.c b/api-tests/ff/ipc/test_i035/test_i035.c
index ca89abef..aea9bd9c 100644
--- a/api-tests/ff/ipc/test_i035/test_i035.c
+++ b/api-tests/ff/ipc/test_i035/test_i035.c
@@ -31,14 +31,14 @@ client_test_t test_i035_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_skip_at_ipc_disconnect(security_t caller)
+int32_t client_test_psa_skip_at_ipc_disconnect(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_skip at PSA_IPC_DISCONNECT\n", 0);
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
- if (handle > 0)
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
psa->close(handle);
}
diff --git a/api-tests/ff/ipc/test_i035/test_i035.h b/api-tests/ff/ipc/test_i035/test_i035.h
index 48664634..8ebc1c33 100644
--- a/api-tests/ff/ipc/test_i035/test_i035.h
+++ b/api-tests/ff/ipc/test_i035/test_i035.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i035)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i035)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i035_client_tests_list[];
-int32_t client_test_psa_skip_at_ipc_disconnect(security_t);
+int32_t client_test_psa_skip_at_ipc_disconnect(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i035/test_supp_i035.c b/api-tests/ff/ipc/test_i035/test_supp_i035.c
index a3551488..c9caa9e1 100644
--- a/api-tests/ff/ipc/test_i035/test_supp_i035.c
+++ b/api-tests/ff/ipc/test_i035/test_supp_i035.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@ int32_t server_test_psa_skip_at_ipc_disconnect()
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -66,7 +66,7 @@ int32_t server_test_psa_skip_at_ipc_disconnect()
}
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_SUCCESS);
diff --git a/api-tests/ff/ipc/test_i036/source.mk b/api-tests/ff/ipc/test_i036/source.mk
deleted file mode 100644
index a24fddc5..00000000
--- a/api-tests/ff/ipc/test_i036/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i036.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i036.c test_supp_i036.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i036/test.cmake b/api-tests/ff/ipc/test_i036/test.cmake
new file mode 100644
index 00000000..4d89727c
--- /dev/null
+++ b/api-tests/ff/ipc/test_i036/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i036.c
+ test_i036.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i036.c
+ test_supp_i036.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i036/test_entry.c b/api-tests/ff/ipc/test_i036/test_entry_i036.c
similarity index 100%
rename from api-tests/ff/ipc/test_i036/test_entry.c
rename to api-tests/ff/ipc/test_i036/test_entry_i036.c
diff --git a/api-tests/ff/ipc/test_i036/test_i036.c b/api-tests/ff/ipc/test_i036/test_i036.c
index 75eea227..a54ab145 100644
--- a/api-tests/ff/ipc/test_i036/test_i036.c
+++ b/api-tests/ff/ipc/test_i036/test_i036.c
@@ -31,7 +31,7 @@ client_test_t test_i036_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_skip_with_null_handle(security_t caller)
+int32_t client_test_psa_skip_with_null_handle(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -40,14 +40,14 @@ int32_t client_test_psa_skip_with_null_handle(security_t caller)
val->print(PRINT_TEST,
"[Check 1] Test psa_skip with NULL handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i036/test_i036.h b/api-tests/ff/ipc/test_i036/test_i036.h
index 6c18e609..ebce979f 100644
--- a/api-tests/ff/ipc/test_i036/test_i036.h
+++ b/api-tests/ff/ipc/test_i036/test_i036.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i036)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i036)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i036_client_tests_list[];
-int32_t client_test_psa_skip_with_null_handle(security_t);
+int32_t client_test_psa_skip_with_null_handle(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i036/test_supp_i036.c b/api-tests/ff/ipc/test_i036/test_supp_i036.c
index b61bbfe7..1a47f3f8 100644
--- a/api-tests/ff/ipc/test_i036/test_supp_i036.c
+++ b/api-tests/ff/ipc/test_i036/test_supp_i036.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@ int32_t server_test_psa_skip_with_null_handle(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -67,7 +67,7 @@ int32_t server_test_psa_skip_with_null_handle(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -102,7 +102,7 @@ int32_t server_test_psa_skip_with_null_handle(void)
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i037/source.mk b/api-tests/ff/ipc/test_i037/source.mk
deleted file mode 100644
index 3f01cd8c..00000000
--- a/api-tests/ff/ipc/test_i037/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i037.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i037.c test_supp_i037.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i037/test.cmake b/api-tests/ff/ipc/test_i037/test.cmake
new file mode 100644
index 00000000..2e64af5e
--- /dev/null
+++ b/api-tests/ff/ipc/test_i037/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i037.c
+ test_i037.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i037.c
+ test_supp_i037.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i037/test_entry.c b/api-tests/ff/ipc/test_i037/test_entry_i037.c
similarity index 100%
rename from api-tests/ff/ipc/test_i037/test_entry.c
rename to api-tests/ff/ipc/test_i037/test_entry_i037.c
diff --git a/api-tests/ff/ipc/test_i037/test_i037.c b/api-tests/ff/ipc/test_i037/test_i037.c
index c6765a2a..c428c434 100644
--- a/api-tests/ff/ipc/test_i037/test_i037.c
+++ b/api-tests/ff/ipc/test_i037/test_i037.c
@@ -31,7 +31,7 @@ client_test_t test_i037_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_skip_with_invalid_handle(security_t caller)
+int32_t client_test_psa_skip_with_invalid_handle(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -40,14 +40,14 @@ int32_t client_test_psa_skip_with_invalid_handle(security_t caller)
val->print(PRINT_TEST,
"[Check 1] Test psa_skip with invalid handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i037/test_i037.h b/api-tests/ff/ipc/test_i037/test_i037.h
index 4dde872f..29d6346b 100644
--- a/api-tests/ff/ipc/test_i037/test_i037.h
+++ b/api-tests/ff/ipc/test_i037/test_i037.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i037)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i037)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i037_client_tests_list[];
-int32_t client_test_psa_skip_with_invalid_handle(security_t);
+int32_t client_test_psa_skip_with_invalid_handle(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i037/test_supp_i037.c b/api-tests/ff/ipc/test_i037/test_supp_i037.c
index 9ed99633..a4d0f6f6 100644
--- a/api-tests/ff/ipc/test_i037/test_supp_i037.c
+++ b/api-tests/ff/ipc/test_i037/test_supp_i037.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@ int32_t server_test_psa_skip_with_invalid_handle(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -67,7 +67,7 @@ int32_t server_test_psa_skip_with_invalid_handle(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -102,7 +102,7 @@ int32_t server_test_psa_skip_with_invalid_handle(void)
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i038/source.mk b/api-tests/ff/ipc/test_i038/source.mk
deleted file mode 100644
index 912cd2f6..00000000
--- a/api-tests/ff/ipc/test_i038/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i038.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i038.c test_supp_i038.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i038/test.cmake b/api-tests/ff/ipc/test_i038/test.cmake
new file mode 100644
index 00000000..b0d7a968
--- /dev/null
+++ b/api-tests/ff/ipc/test_i038/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i038.c
+ test_i038.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i038.c
+ test_supp_i038.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i038/test_entry.c b/api-tests/ff/ipc/test_i038/test_entry_i038.c
similarity index 100%
rename from api-tests/ff/ipc/test_i038/test_entry.c
rename to api-tests/ff/ipc/test_i038/test_entry_i038.c
diff --git a/api-tests/ff/ipc/test_i038/test_i038.c b/api-tests/ff/ipc/test_i038/test_i038.c
index a2cf2b8e..b75ed58a 100644
--- a/api-tests/ff/ipc/test_i038/test_i038.c
+++ b/api-tests/ff/ipc/test_i038/test_i038.c
@@ -31,7 +31,7 @@ client_test_t test_i038_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_skip_with_invec_equal_to_max_iovec(security_t caller)
+int32_t client_test_psa_skip_with_invec_equal_to_max_iovec(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -40,14 +40,14 @@ int32_t client_test_psa_skip_with_invec_equal_to_max_iovec(security_t caller)
val->print(PRINT_TEST,
"[Check 1] Test psa_skip with invec_idx=PSA_MAX_IOVEC\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i038/test_i038.h b/api-tests/ff/ipc/test_i038/test_i038.h
index 35798035..162466f0 100644
--- a/api-tests/ff/ipc/test_i038/test_i038.h
+++ b/api-tests/ff/ipc/test_i038/test_i038.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i038)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i038)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i038_client_tests_list[];
-int32_t client_test_psa_skip_with_invec_equal_to_max_iovec(security_t);
+int32_t client_test_psa_skip_with_invec_equal_to_max_iovec(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i038/test_supp_i038.c b/api-tests/ff/ipc/test_i038/test_supp_i038.c
index 540440d1..bcd8dbe5 100644
--- a/api-tests/ff/ipc/test_i038/test_supp_i038.c
+++ b/api-tests/ff/ipc/test_i038/test_supp_i038.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@ int32_t server_test_psa_skip_with_invec_equal_to_max_iovec(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -67,7 +67,7 @@ int32_t server_test_psa_skip_with_invec_equal_to_max_iovec(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -104,7 +104,7 @@ int32_t server_test_psa_skip_with_invec_equal_to_max_iovec(void)
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i039/source.mk b/api-tests/ff/ipc/test_i039/source.mk
deleted file mode 100644
index 938b6450..00000000
--- a/api-tests/ff/ipc/test_i039/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i039.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i039.c test_supp_i039.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i039/test.cmake b/api-tests/ff/ipc/test_i039/test.cmake
new file mode 100644
index 00000000..616c732e
--- /dev/null
+++ b/api-tests/ff/ipc/test_i039/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i039.c
+ test_i039.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i039.c
+ test_supp_i039.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i039/test_entry.c b/api-tests/ff/ipc/test_i039/test_entry_i039.c
similarity index 100%
rename from api-tests/ff/ipc/test_i039/test_entry.c
rename to api-tests/ff/ipc/test_i039/test_entry_i039.c
diff --git a/api-tests/ff/ipc/test_i039/test_i039.c b/api-tests/ff/ipc/test_i039/test_i039.c
index b028f365..c6cdd244 100644
--- a/api-tests/ff/ipc/test_i039/test_i039.c
+++ b/api-tests/ff/ipc/test_i039/test_i039.c
@@ -31,7 +31,7 @@ client_test_t test_i039_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_skip_with_invec_greater_than_max_iovec(security_t caller)
+int32_t client_test_psa_skip_with_invec_greater_than_max_iovec(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -40,14 +40,14 @@ int32_t client_test_psa_skip_with_invec_greater_than_max_iovec(security_t caller
val->print(PRINT_TEST,
"[Check 1] Test psa_skip with invec_idx > PSA_MAX_IOVEC\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i039/test_i039.h b/api-tests/ff/ipc/test_i039/test_i039.h
index 853a11a4..9d5ae477 100644
--- a/api-tests/ff/ipc/test_i039/test_i039.h
+++ b/api-tests/ff/ipc/test_i039/test_i039.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i039)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i039)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i039_client_tests_list[];
-int32_t client_test_psa_skip_with_invec_greater_than_max_iovec(security_t);
+int32_t client_test_psa_skip_with_invec_greater_than_max_iovec(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i039/test_supp_i039.c b/api-tests/ff/ipc/test_i039/test_supp_i039.c
index 9b4b3c6e..eb788b85 100644
--- a/api-tests/ff/ipc/test_i039/test_supp_i039.c
+++ b/api-tests/ff/ipc/test_i039/test_supp_i039.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -58,7 +58,7 @@ int32_t server_test_psa_skip_with_invec_greater_than_max_iovec(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -67,7 +67,7 @@ int32_t server_test_psa_skip_with_invec_greater_than_max_iovec(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -104,7 +104,7 @@ int32_t server_test_psa_skip_with_invec_greater_than_max_iovec(void)
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i040/source.mk b/api-tests/ff/ipc/test_i040/source.mk
deleted file mode 100644
index 31952876..00000000
--- a/api-tests/ff/ipc/test_i040/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i040.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i040.c test_supp_i040.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i040/test.cmake b/api-tests/ff/ipc/test_i040/test.cmake
new file mode 100644
index 00000000..336af6f7
--- /dev/null
+++ b/api-tests/ff/ipc/test_i040/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i040.c
+ test_i040.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i040.c
+ test_supp_i040.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i040/test_entry.c b/api-tests/ff/ipc/test_i040/test_entry_i040.c
similarity index 100%
rename from api-tests/ff/ipc/test_i040/test_entry.c
rename to api-tests/ff/ipc/test_i040/test_entry_i040.c
diff --git a/api-tests/ff/ipc/test_i040/test_i040.c b/api-tests/ff/ipc/test_i040/test_i040.c
index c0746b1e..18c95bfe 100644
--- a/api-tests/ff/ipc/test_i040/test_i040.c
+++ b/api-tests/ff/ipc/test_i040/test_i040.c
@@ -31,13 +31,13 @@ client_test_t test_i040_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_write_at_ipc_connect(security_t caller)
+int32_t client_test_psa_write_at_ipc_connect(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_write at PSA_IPC_CONNECT\n", 0);
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
/* Shouldn't have reached here */
val->print(PRINT_ERROR, "\tConnection should have failed but succeeded\n", 0);
diff --git a/api-tests/ff/ipc/test_i040/test_i040.h b/api-tests/ff/ipc/test_i040/test_i040.h
index 6a341a43..f865a10b 100644
--- a/api-tests/ff/ipc/test_i040/test_i040.h
+++ b/api-tests/ff/ipc/test_i040/test_i040.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i040)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i040)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i040_client_tests_list[];
-int32_t client_test_psa_write_at_ipc_connect(security_t);
+int32_t client_test_psa_write_at_ipc_connect(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i040/test_supp_i040.c b/api-tests/ff/ipc/test_i040/test_supp_i040.c
index 8ea608b1..2ba2015f 100644
--- a/api-tests/ff/ipc/test_i040/test_supp_i040.c
+++ b/api-tests/ff/ipc/test_i040/test_supp_i040.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@ int32_t server_test_psa_write_at_ipc_connect(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i041/source.mk b/api-tests/ff/ipc/test_i041/source.mk
deleted file mode 100644
index 233e0918..00000000
--- a/api-tests/ff/ipc/test_i041/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i041.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i041.c test_supp_i041.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i041/test.cmake b/api-tests/ff/ipc/test_i041/test.cmake
new file mode 100644
index 00000000..e501752d
--- /dev/null
+++ b/api-tests/ff/ipc/test_i041/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i041.c
+ test_i041.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i041.c
+ test_supp_i041.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i041/test_entry.c b/api-tests/ff/ipc/test_i041/test_entry_i041.c
similarity index 100%
rename from api-tests/ff/ipc/test_i041/test_entry.c
rename to api-tests/ff/ipc/test_i041/test_entry_i041.c
diff --git a/api-tests/ff/ipc/test_i041/test_i041.c b/api-tests/ff/ipc/test_i041/test_i041.c
index cead0f0f..2866b6c0 100644
--- a/api-tests/ff/ipc/test_i041/test_i041.c
+++ b/api-tests/ff/ipc/test_i041/test_i041.c
@@ -31,14 +31,14 @@ client_test_t test_i041_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_write_at_ipc_disconnect(security_t caller)
+int32_t client_test_psa_write_at_ipc_disconnect(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_write at PSA_IPC_DISCONNECT\n", 0);
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
- if (handle > 0)
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
psa->close(handle);
}
diff --git a/api-tests/ff/ipc/test_i041/test_i041.h b/api-tests/ff/ipc/test_i041/test_i041.h
index 2dbd15fc..c43d574b 100644
--- a/api-tests/ff/ipc/test_i041/test_i041.h
+++ b/api-tests/ff/ipc/test_i041/test_i041.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i041)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i041)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i041_client_tests_list[];
-int32_t client_test_psa_write_at_ipc_disconnect(security_t);
+int32_t client_test_psa_write_at_ipc_disconnect(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i041/test_supp_i041.c b/api-tests/ff/ipc/test_i041/test_supp_i041.c
index 8b3d2b31..d7365ac1 100644
--- a/api-tests/ff/ipc/test_i041/test_supp_i041.c
+++ b/api-tests/ff/ipc/test_i041/test_supp_i041.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@ int32_t server_test_psa_write_at_ipc_disconnect(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_connect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -69,7 +69,7 @@ int32_t server_test_psa_write_at_ipc_disconnect(void)
}
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_RELAX_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_SUCCESS);
diff --git a/api-tests/ff/ipc/test_i042/source.mk b/api-tests/ff/ipc/test_i042/source.mk
deleted file mode 100644
index 8f9e2a05..00000000
--- a/api-tests/ff/ipc/test_i042/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i042.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i042.c test_supp_i042.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i042/test.cmake b/api-tests/ff/ipc/test_i042/test.cmake
new file mode 100644
index 00000000..5f01de20
--- /dev/null
+++ b/api-tests/ff/ipc/test_i042/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i042.c
+ test_i042.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i042.c
+ test_supp_i042.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i042/test_entry.c b/api-tests/ff/ipc/test_i042/test_entry_i042.c
similarity index 100%
rename from api-tests/ff/ipc/test_i042/test_entry.c
rename to api-tests/ff/ipc/test_i042/test_entry_i042.c
diff --git a/api-tests/ff/ipc/test_i042/test_i042.c b/api-tests/ff/ipc/test_i042/test_i042.c
index 65dc1539..9977cb51 100644
--- a/api-tests/ff/ipc/test_i042/test_i042.c
+++ b/api-tests/ff/ipc/test_i042/test_i042.c
@@ -31,7 +31,7 @@ client_test_t test_i042_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_write_with_null_handle(security_t caller)
+int32_t client_test_psa_write_with_null_handle(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -40,14 +40,14 @@ int32_t client_test_psa_write_with_null_handle(security_t caller)
val->print(PRINT_TEST,
"[Check 1] Test psa_write with NULL handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i042/test_i042.h b/api-tests/ff/ipc/test_i042/test_i042.h
index cbbffc4b..42713dfd 100644
--- a/api-tests/ff/ipc/test_i042/test_i042.h
+++ b/api-tests/ff/ipc/test_i042/test_i042.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i042)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i042)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i042_client_tests_list[];
-int32_t client_test_psa_write_with_null_handle(security_t);
+int32_t client_test_psa_write_with_null_handle(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i042/test_supp_i042.c b/api-tests/ff/ipc/test_i042/test_supp_i042.c
index 1257cdfc..0ea1a9ac 100644
--- a/api-tests/ff/ipc/test_i042/test_supp_i042.c
+++ b/api-tests/ff/ipc/test_i042/test_supp_i042.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -59,7 +59,7 @@ int32_t server_test_psa_write_with_null_handle()
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -68,7 +68,7 @@ int32_t server_test_psa_write_with_null_handle()
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -101,7 +101,7 @@ int32_t server_test_psa_write_with_null_handle()
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i043/source.mk b/api-tests/ff/ipc/test_i043/source.mk
deleted file mode 100644
index 2785c3ea..00000000
--- a/api-tests/ff/ipc/test_i043/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i043.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i043.c test_supp_i043.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i043/test.cmake b/api-tests/ff/ipc/test_i043/test.cmake
new file mode 100644
index 00000000..5dfeb41f
--- /dev/null
+++ b/api-tests/ff/ipc/test_i043/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i043.c
+ test_i043.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i043.c
+ test_supp_i043.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i043/test_entry.c b/api-tests/ff/ipc/test_i043/test_entry_i043.c
similarity index 100%
rename from api-tests/ff/ipc/test_i043/test_entry.c
rename to api-tests/ff/ipc/test_i043/test_entry_i043.c
diff --git a/api-tests/ff/ipc/test_i043/test_i043.c b/api-tests/ff/ipc/test_i043/test_i043.c
index ea38f4c2..e0689104 100644
--- a/api-tests/ff/ipc/test_i043/test_i043.c
+++ b/api-tests/ff/ipc/test_i043/test_i043.c
@@ -31,7 +31,7 @@ client_test_t test_i043_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_write_with_invalid_handle(security_t caller)
+int32_t client_test_psa_write_with_invalid_handle(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -40,14 +40,14 @@ int32_t client_test_psa_write_with_invalid_handle(security_t caller)
val->print(PRINT_TEST,
"[Check 1] Test psa_write with invalid handle\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i043/test_i043.h b/api-tests/ff/ipc/test_i043/test_i043.h
index efa051e4..56250f9a 100644
--- a/api-tests/ff/ipc/test_i043/test_i043.h
+++ b/api-tests/ff/ipc/test_i043/test_i043.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i043)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i043)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i043_client_tests_list[];
-int32_t client_test_psa_write_with_invalid_handle(security_t);
+int32_t client_test_psa_write_with_invalid_handle(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i043/test_supp_i043.c b/api-tests/ff/ipc/test_i043/test_supp_i043.c
index 51237539..a5dcc9b3 100644
--- a/api-tests/ff/ipc/test_i043/test_supp_i043.c
+++ b/api-tests/ff/ipc/test_i043/test_supp_i043.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@ int32_t server_test_psa_write_with_invalid_handle(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@ int32_t server_test_psa_write_with_invalid_handle(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -106,7 +106,7 @@ int32_t server_test_psa_write_with_invalid_handle(void)
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i044/source.mk b/api-tests/ff/ipc/test_i044/source.mk
deleted file mode 100644
index 03510c47..00000000
--- a/api-tests/ff/ipc/test_i044/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i044.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i044.c test_supp_i044.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i044/test.cmake b/api-tests/ff/ipc/test_i044/test.cmake
new file mode 100644
index 00000000..f7486d74
--- /dev/null
+++ b/api-tests/ff/ipc/test_i044/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i044.c
+ test_i044.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i044.c
+ test_supp_i044.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i044/test_entry.c b/api-tests/ff/ipc/test_i044/test_entry_i044.c
similarity index 100%
rename from api-tests/ff/ipc/test_i044/test_entry.c
rename to api-tests/ff/ipc/test_i044/test_entry_i044.c
diff --git a/api-tests/ff/ipc/test_i044/test_i044.c b/api-tests/ff/ipc/test_i044/test_i044.c
index c22a18b8..f67150ae 100644
--- a/api-tests/ff/ipc/test_i044/test_i044.c
+++ b/api-tests/ff/ipc/test_i044/test_i044.c
@@ -31,7 +31,7 @@ client_test_t test_i044_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_write_with_invec_equal_to_max_iovec(security_t caller)
+int32_t client_test_psa_write_with_invec_equal_to_max_iovec(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -40,14 +40,14 @@ int32_t client_test_psa_write_with_invec_equal_to_max_iovec(security_t caller)
val->print(PRINT_TEST,
"[Check 1] Test psa_write with invec_idx=PSA_MAX_IOVEC\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i044/test_i044.h b/api-tests/ff/ipc/test_i044/test_i044.h
index af308529..19e32d38 100644
--- a/api-tests/ff/ipc/test_i044/test_i044.h
+++ b/api-tests/ff/ipc/test_i044/test_i044.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i044)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i044)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i044_client_tests_list[];
-int32_t client_test_psa_write_with_invec_equal_to_max_iovec(security_t);
+int32_t client_test_psa_write_with_invec_equal_to_max_iovec(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i044/test_supp_i044.c b/api-tests/ff/ipc/test_i044/test_supp_i044.c
index b4e4cae3..3b506969 100644
--- a/api-tests/ff/ipc/test_i044/test_supp_i044.c
+++ b/api-tests/ff/ipc/test_i044/test_supp_i044.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@ int32_t server_test_psa_write_with_invec_equal_to_max_iovec(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@ int32_t server_test_psa_write_with_invec_equal_to_max_iovec(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -106,7 +106,7 @@ int32_t server_test_psa_write_with_invec_equal_to_max_iovec(void)
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i045/source.mk b/api-tests/ff/ipc/test_i045/source.mk
deleted file mode 100644
index 88775e0f..00000000
--- a/api-tests/ff/ipc/test_i045/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i045.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i045.c test_supp_i045.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i045/test.cmake b/api-tests/ff/ipc/test_i045/test.cmake
new file mode 100644
index 00000000..c7fd5ba5
--- /dev/null
+++ b/api-tests/ff/ipc/test_i045/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i045.c
+ test_i045.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i045.c
+ test_supp_i045.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i045/test_entry.c b/api-tests/ff/ipc/test_i045/test_entry_i045.c
similarity index 100%
rename from api-tests/ff/ipc/test_i045/test_entry.c
rename to api-tests/ff/ipc/test_i045/test_entry_i045.c
diff --git a/api-tests/ff/ipc/test_i045/test_i045.c b/api-tests/ff/ipc/test_i045/test_i045.c
index 6448b6de..1b4c6b48 100644
--- a/api-tests/ff/ipc/test_i045/test_i045.c
+++ b/api-tests/ff/ipc/test_i045/test_i045.c
@@ -31,7 +31,7 @@ client_test_t test_i045_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_write_with_invec_greater_than_max_iovec(security_t caller)
+int32_t client_test_psa_write_with_invec_greater_than_max_iovec(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -40,14 +40,14 @@ int32_t client_test_psa_write_with_invec_greater_than_max_iovec(security_t calle
val->print(PRINT_TEST,
"[Check 1] Test psa_write with invec_idx > PSA_MAX_IOVEC\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
- status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i045/test_i045.h b/api-tests/ff/ipc/test_i045/test_i045.h
index 452ab200..04e11c00 100644
--- a/api-tests/ff/ipc/test_i045/test_i045.h
+++ b/api-tests/ff/ipc/test_i045/test_i045.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i045)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i045)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i045_client_tests_list[];
-int32_t client_test_psa_write_with_invec_greater_than_max_iovec(security_t);
+int32_t client_test_psa_write_with_invec_greater_than_max_iovec(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i045/test_supp_i045.c b/api-tests/ff/ipc/test_i045/test_supp_i045.c
index 260e6ff7..caeb823b 100644
--- a/api-tests/ff/ipc/test_i045/test_supp_i045.c
+++ b/api-tests/ff/ipc/test_i045/test_supp_i045.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@ int32_t server_test_psa_write_with_invec_greater_than_max_iovec(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@ int32_t server_test_psa_write_with_invec_greater_than_max_iovec(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -106,7 +106,7 @@ int32_t server_test_psa_write_with_invec_greater_than_max_iovec(void)
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i046/source.mk b/api-tests/ff/ipc/test_i046/source.mk
deleted file mode 100644
index 8dd528d8..00000000
--- a/api-tests/ff/ipc/test_i046/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i046.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i046.c test_supp_i046.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i046/test.cmake b/api-tests/ff/ipc/test_i046/test.cmake
new file mode 100644
index 00000000..c91735fc
--- /dev/null
+++ b/api-tests/ff/ipc/test_i046/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i046.c
+ test_i046.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i046.c
+ test_supp_i046.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i046/test_entry.c b/api-tests/ff/ipc/test_i046/test_entry_i046.c
similarity index 100%
rename from api-tests/ff/ipc/test_i046/test_entry.c
rename to api-tests/ff/ipc/test_i046/test_entry_i046.c
diff --git a/api-tests/ff/ipc/test_i046/test_i046.c b/api-tests/ff/ipc/test_i046/test_i046.c
index f6270239..f0efdf55 100644
--- a/api-tests/ff/ipc/test_i046/test_i046.c
+++ b/api-tests/ff/ipc/test_i046/test_i046.c
@@ -31,7 +31,7 @@ client_test_t test_i046_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_write_with_size_overflow(security_t caller)
+int32_t client_test_psa_write_with_size_overflow(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -41,8 +41,8 @@ int32_t client_test_psa_write_with_size_overflow(security_t caller)
val->print(PRINT_TEST,
"[Check 1] Test psa_write with size overflow\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -50,7 +50,7 @@ int32_t client_test_psa_write_with_size_overflow(security_t caller)
psa_outvec resp = {&data, sizeof(data)};
- status_of_call = psa->call(handle, NULL, 0, &resp, 1);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, &resp, 1);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i046/test_i046.h b/api-tests/ff/ipc/test_i046/test_i046.h
index 874be975..f2f7a7ef 100644
--- a/api-tests/ff/ipc/test_i046/test_i046.h
+++ b/api-tests/ff/ipc/test_i046/test_i046.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i046)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i046)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i046_client_tests_list[];
-int32_t client_test_psa_write_with_size_overflow(security_t);
+int32_t client_test_psa_write_with_size_overflow(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i046/test_supp_i046.c b/api-tests/ff/ipc/test_i046/test_supp_i046.c
index 8a4513a2..450d7126 100644
--- a/api-tests/ff/ipc/test_i046/test_supp_i046.c
+++ b/api-tests/ff/ipc/test_i046/test_supp_i046.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -61,7 +61,7 @@ int32_t server_test_psa_write_with_size_overflow(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -70,7 +70,7 @@ int32_t server_test_psa_write_with_size_overflow(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -106,7 +106,7 @@ int32_t server_test_psa_write_with_size_overflow(void)
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i047/test.cmake b/api-tests/ff/ipc/test_i047/test.cmake
new file mode 100644
index 00000000..72be9a4d
--- /dev/null
+++ b/api-tests/ff/ipc/test_i047/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i047.c
+ test_i047.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i047.c
+ test_supp_i047.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i047/test_entry.c b/api-tests/ff/ipc/test_i047/test_entry_i047.c
similarity index 100%
rename from api-tests/ff/ipc/test_i047/test_entry.c
rename to api-tests/ff/ipc/test_i047/test_entry_i047.c
diff --git a/api-tests/ff/ipc/test_i047/test_i047.c b/api-tests/ff/ipc/test_i047/test_i047.c
index ab98a951..d08096ba 100644
--- a/api-tests/ff/ipc/test_i047/test_i047.c
+++ b/api-tests/ff/ipc/test_i047/test_i047.c
@@ -31,15 +31,15 @@ client_test_t test_i047_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_get_with_invalid_msg_pointer(security_t caller)
+int32_t client_test_psa_get_with_invalid_msg_pointer(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST,
"[Check 1] Test psa_get with invalid msg pointer\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle > 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
psa->close(handle);
}
diff --git a/api-tests/ff/ipc/test_i047/test_i047.h b/api-tests/ff/ipc/test_i047/test_i047.h
index a062df41..c8f2d526 100644
--- a/api-tests/ff/ipc/test_i047/test_i047.h
+++ b/api-tests/ff/ipc/test_i047/test_i047.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i047)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i047)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i047_client_tests_list[];
-int32_t client_test_psa_get_with_invalid_msg_pointer(security_t);
+int32_t client_test_psa_get_with_invalid_msg_pointer(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i047/test_supp_i047.c b/api-tests/ff/ipc/test_i047/test_supp_i047.c
index 82e43df6..eeef0319 100644
--- a/api-tests/ff/ipc/test_i047/test_supp_i047.c
+++ b/api-tests/ff/ipc/test_i047/test_supp_i047.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,6 @@ int32_t server_test_psa_get_with_invalid_msg_pointer(void)
int32_t status = VAL_STATUS_SUCCESS;
psa_signal_t signals = 0;
psa_msg_t *invalid_msg = NULL;
- miscellaneous_desc_t *misc_desc;
memory_desc_t *memory_desc;
/*
@@ -62,8 +61,8 @@ int32_t server_test_psa_get_with_invalid_msg_pointer(void)
* VAL APIs to decide test status.
*/
- signals = psa->wait(SERVER_UNSPECIFED_MINOR_V_SIG, PSA_BLOCK);
- if ((signals & SERVER_UNSPECIFED_MINOR_V_SIG) == 0)
+ signals = psa->wait(SERVER_UNSPECIFED_VERSION_SIGNAL, PSA_BLOCK);
+ if ((signals & SERVER_UNSPECIFED_VERSION_SIGNAL) == 0)
{
val->print(PRINT_ERROR,
"psa_wait returned with invalid signal value = 0x%x\n", signals);
@@ -79,22 +78,13 @@ int32_t server_test_psa_get_with_invalid_msg_pointer(void)
* msg_pointer = NULL;
*/
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
- if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
- {
- return status;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
{
status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
MEMORY_DRIVER_PARTITION_MMIO, 0),
(uint8_t **)&memory_desc,
(uint32_t *)sizeof(memory_desc_t));
- if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
return status;
}
@@ -110,7 +100,7 @@ int32_t server_test_psa_get_with_invalid_msg_pointer(void)
}
/* psa_get with invalid msg pointer, call should panic */
- psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, invalid_msg);
+ psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, invalid_msg);
/* shouldn't have reached here */
val->print(PRINT_ERROR,
diff --git a/api-tests/ff/ipc/test_i048/test.cmake b/api-tests/ff/ipc/test_i048/test.cmake
new file mode 100644
index 00000000..a7f11bd1
--- /dev/null
+++ b/api-tests/ff/ipc/test_i048/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i048.c
+ test_i048.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i048.c
+ test_supp_i048.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i048/test_entry.c b/api-tests/ff/ipc/test_i048/test_entry_i048.c
similarity index 100%
rename from api-tests/ff/ipc/test_i048/test_entry.c
rename to api-tests/ff/ipc/test_i048/test_entry_i048.c
diff --git a/api-tests/ff/ipc/test_i048/test_i048.c b/api-tests/ff/ipc/test_i048/test_i048.c
index 7e8bb6dc..d55611ae 100644
--- a/api-tests/ff/ipc/test_i048/test_i048.c
+++ b/api-tests/ff/ipc/test_i048/test_i048.c
@@ -31,13 +31,12 @@ client_test_t test_i048_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_call_with_invalid_invec_pointer(security_t caller)
+int32_t client_test_psa_call_with_invalid_invec_pointer(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
psa_status_t status_of_call;
boot_state_t boot_state;
- miscellaneous_desc_t *misc_desc;
memory_desc_t *memory_desc;
psa_invec *invalid_invec = NULL;
@@ -66,9 +65,8 @@ int32_t client_test_psa_call_with_invalid_invec_pointer(security_t caller)
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -77,7 +75,7 @@ int32_t client_test_psa_call_with_invalid_invec_pointer(security_t caller)
/*
* Selection of invalid invec pointer:
*
- * if caller == NONSECURE
+ * if caller == CALLER_NONSECURE
* // PSA RoT pointer
* invec_pointer = driver_mmio_region_base;
* else
@@ -98,27 +96,16 @@ int32_t client_test_psa_call_with_invalid_invec_pointer(security_t caller)
return status;
}
- if (caller == NONSECURE)
+ if (caller == CALLER_NONSECURE)
invalid_invec = (psa_invec *) memory_desc->start;
else
{
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
-
- if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
- {
- psa->close(handle);
- return status;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
invalid_invec = (psa_invec *) memory_desc->start;
}
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -126,14 +113,14 @@ int32_t client_test_psa_call_with_invalid_invec_pointer(security_t caller)
}
/* Test check- psa_call with invalid address for in_vec */
- status_of_call = psa->call(handle, invalid_invec, 1, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, invalid_invec, 1, NULL, 0);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
* a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
{
psa->close(handle);
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/ff/ipc/test_i048/test_i048.h b/api-tests/ff/ipc/test_i048/test_i048.h
index ee38e798..b614ac5a 100644
--- a/api-tests/ff/ipc/test_i048/test_i048.h
+++ b/api-tests/ff/ipc/test_i048/test_i048.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i048)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i048)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i048_client_tests_list[];
-int32_t client_test_psa_call_with_invalid_invec_pointer(security_t);
+int32_t client_test_psa_call_with_invalid_invec_pointer(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i048/test_supp_i048.c b/api-tests/ff/ipc/test_i048/test_supp_i048.c
index 51b11da5..167f2c34 100644
--- a/api-tests/ff/ipc/test_i048/test_supp_i048.c
+++ b/api-tests/ff/ipc/test_i048/test_supp_i048.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@ int32_t server_test_psa_call_with_invalid_invec_pointer(void)
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@ int32_t server_test_psa_call_with_invalid_invec_pointer(void)
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@ int32_t server_test_psa_call_with_invalid_invec_pointer(void)
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i049/test.cmake b/api-tests/ff/ipc/test_i049/test.cmake
new file mode 100644
index 00000000..de1b322c
--- /dev/null
+++ b/api-tests/ff/ipc/test_i049/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i049.c
+ test_i049.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i049.c
+ test_supp_i049.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i049/test_entry.c b/api-tests/ff/ipc/test_i049/test_entry_i049.c
similarity index 100%
rename from api-tests/ff/ipc/test_i049/test_entry.c
rename to api-tests/ff/ipc/test_i049/test_entry_i049.c
diff --git a/api-tests/ff/ipc/test_i049/test_i049.c b/api-tests/ff/ipc/test_i049/test_i049.c
index f3f16646..590944de 100644
--- a/api-tests/ff/ipc/test_i049/test_i049.c
+++ b/api-tests/ff/ipc/test_i049/test_i049.c
@@ -31,13 +31,12 @@ client_test_t test_i049_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_call_with_invalid_outvec_pointer(security_t caller)
+int32_t client_test_psa_call_with_invalid_outvec_pointer(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
psa_status_t status_of_call;
boot_state_t boot_state;
- miscellaneous_desc_t *misc_desc;
memory_desc_t *memory_desc;
psa_outvec *invalid_outvec = NULL;
@@ -66,9 +65,8 @@ int32_t client_test_psa_call_with_invalid_outvec_pointer(security_t caller)
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -77,7 +75,7 @@ int32_t client_test_psa_call_with_invalid_outvec_pointer(security_t caller)
/*
* Selection of invalid outvec pointer:
*
- * if caller == NONSECURE
+ * if caller == CALLER_NONSECURE
* // PSA RoT pointer
* outvec_pointer = driver_mmio_region_base;
* else
@@ -98,27 +96,16 @@ int32_t client_test_psa_call_with_invalid_outvec_pointer(security_t caller)
return status;
}
- if (caller == NONSECURE)
+ if (caller == CALLER_NONSECURE)
invalid_outvec = (psa_outvec *) memory_desc->start;
else
{
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
-
- if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
- {
- psa->close(handle);
- return status;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
invalid_outvec = (psa_outvec *) memory_desc->start;
}
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -126,14 +113,14 @@ int32_t client_test_psa_call_with_invalid_outvec_pointer(security_t caller)
}
/* Test check- psa_call with invalid address for outvec */
- status_of_call = psa->call(handle, NULL, 0, invalid_outvec, 1);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, invalid_outvec, 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
* a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
{
psa->close(handle);
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/ff/ipc/test_i049/test_i049.h b/api-tests/ff/ipc/test_i049/test_i049.h
index 8a1e8d04..9dcdbaf7 100644
--- a/api-tests/ff/ipc/test_i049/test_i049.h
+++ b/api-tests/ff/ipc/test_i049/test_i049.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i049)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i049)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i049_client_tests_list[];
-int32_t client_test_psa_call_with_invalid_outvec_pointer(security_t);
+int32_t client_test_psa_call_with_invalid_outvec_pointer(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i049/test_supp_i049.c b/api-tests/ff/ipc/test_i049/test_supp_i049.c
index 23b52b8c..0d62b785 100644
--- a/api-tests/ff/ipc/test_i049/test_supp_i049.c
+++ b/api-tests/ff/ipc/test_i049/test_supp_i049.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@ int32_t server_test_psa_call_with_invalid_outvec_pointer(void)
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@ int32_t server_test_psa_call_with_invalid_outvec_pointer(void)
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@ int32_t server_test_psa_call_with_invalid_outvec_pointer(void)
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i050/test.cmake b/api-tests/ff/ipc/test_i050/test.cmake
new file mode 100644
index 00000000..b70d3ea9
--- /dev/null
+++ b/api-tests/ff/ipc/test_i050/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i050.c
+ test_i050.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i050.c
+ test_supp_i050.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i050/test_entry.c b/api-tests/ff/ipc/test_i050/test_entry_i050.c
similarity index 100%
rename from api-tests/ff/ipc/test_i050/test_entry.c
rename to api-tests/ff/ipc/test_i050/test_entry_i050.c
diff --git a/api-tests/ff/ipc/test_i050/test_i050.c b/api-tests/ff/ipc/test_i050/test_i050.c
index 9f616b16..6418b6ef 100644
--- a/api-tests/ff/ipc/test_i050/test_i050.c
+++ b/api-tests/ff/ipc/test_i050/test_i050.c
@@ -31,13 +31,12 @@ client_test_t test_i050_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_call_with_invalid_invec_base(security_t caller)
+int32_t client_test_psa_call_with_invalid_invec_base(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
psa_status_t status_of_call;
boot_state_t boot_state;
- miscellaneous_desc_t *misc_desc;
memory_desc_t *memory_desc;
addr_t *invalid_base = NULL;
@@ -66,9 +65,8 @@ int32_t client_test_psa_call_with_invalid_invec_base(security_t caller)
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -77,7 +75,7 @@ int32_t client_test_psa_call_with_invalid_invec_base(security_t caller)
/*
* Selection of invalid invec pointer:
*
- * if caller == NONSECURE
+ * if caller == CALLER_NONSECURE
* // PSA RoT pointer
* invalid_base = driver_mmio_region_base;
* else
@@ -98,27 +96,16 @@ int32_t client_test_psa_call_with_invalid_invec_base(security_t caller)
return status;
}
- if (caller == NONSECURE)
+ if (caller == CALLER_NONSECURE)
invalid_base = (addr_t *) memory_desc->start;
else
{
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
-
- if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
- {
- psa->close(handle);
- return status;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
invalid_base = (addr_t *) memory_desc->start;
}
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -128,14 +115,14 @@ int32_t client_test_psa_call_with_invalid_invec_base(security_t caller)
psa_invec invec[1] = {{invalid_base, sizeof(addr_t)}};
/* Test check- psa_call with invalid address for psa_invec.base */
- status_of_call = psa->call(handle, invec, 1, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, invec, 1, NULL, 0);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
* a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
{
psa->close(handle);
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/ff/ipc/test_i050/test_i050.h b/api-tests/ff/ipc/test_i050/test_i050.h
index c31a3491..c946db92 100644
--- a/api-tests/ff/ipc/test_i050/test_i050.h
+++ b/api-tests/ff/ipc/test_i050/test_i050.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i050)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i050)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i050_client_tests_list[];
-int32_t client_test_psa_call_with_invalid_invec_base(security_t);
+int32_t client_test_psa_call_with_invalid_invec_base(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i050/test_supp_i050.c b/api-tests/ff/ipc/test_i050/test_supp_i050.c
index 9c09445e..cf8fb794 100644
--- a/api-tests/ff/ipc/test_i050/test_supp_i050.c
+++ b/api-tests/ff/ipc/test_i050/test_supp_i050.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@ int32_t server_test_psa_call_with_invalid_invec_base(void)
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@ int32_t server_test_psa_call_with_invalid_invec_base(void)
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@ int32_t server_test_psa_call_with_invalid_invec_base(void)
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i051/source.mk b/api-tests/ff/ipc/test_i051/source.mk
deleted file mode 100644
index 70d114a2..00000000
--- a/api-tests/ff/ipc/test_i051/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i051.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i051.c test_supp_i051.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i051/test.cmake b/api-tests/ff/ipc/test_i051/test.cmake
new file mode 100644
index 00000000..ac938a96
--- /dev/null
+++ b/api-tests/ff/ipc/test_i051/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i051.c
+ test_i051.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i051.c
+ test_supp_i051.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i051/test_entry.c b/api-tests/ff/ipc/test_i051/test_entry_i051.c
similarity index 100%
rename from api-tests/ff/ipc/test_i051/test_entry.c
rename to api-tests/ff/ipc/test_i051/test_entry_i051.c
diff --git a/api-tests/ff/ipc/test_i051/test_i051.c b/api-tests/ff/ipc/test_i051/test_i051.c
index 6a1f875c..2c44181b 100644
--- a/api-tests/ff/ipc/test_i051/test_i051.c
+++ b/api-tests/ff/ipc/test_i051/test_i051.c
@@ -31,13 +31,12 @@ client_test_t test_i051_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_call_with_invalid_outvec_base(security_t caller)
+int32_t client_test_psa_call_with_invalid_outvec_base(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
psa_status_t status_of_call;
boot_state_t boot_state;
- miscellaneous_desc_t *misc_desc;
memory_desc_t *memory_desc;
addr_t *invalid_base = NULL;
@@ -66,9 +65,8 @@ int32_t client_test_psa_call_with_invalid_outvec_base(security_t caller)
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -77,7 +75,7 @@ int32_t client_test_psa_call_with_invalid_outvec_base(security_t caller)
/*
* Selection of invalid outvec pointer:
*
- * if caller == NONSECURE
+ * if caller == CALLER_NONSECURE
* // PSA RoT pointer
* invalid_base = driver_mmio_region_base;
* else
@@ -98,27 +96,16 @@ int32_t client_test_psa_call_with_invalid_outvec_base(security_t caller)
return status;
}
- if (caller == NONSECURE)
+ if (caller == CALLER_NONSECURE)
invalid_base = (addr_t *) memory_desc->start;
else
{
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
-
- if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
- {
- psa->close(handle);
- return status;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
invalid_base = (addr_t *) memory_desc->start;
}
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -128,14 +115,14 @@ int32_t client_test_psa_call_with_invalid_outvec_base(security_t caller)
psa_outvec outvec[1] = {{invalid_base, sizeof(addr_t)}};
/* Test check- psa_call with invalid address for psa_outvec.base */
- status_of_call = psa->call(handle, NULL, 0, outvec, 1);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
* a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
{
psa->close(handle);
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/ff/ipc/test_i051/test_i051.h b/api-tests/ff/ipc/test_i051/test_i051.h
index 38cbdd00..ecd1c22e 100644
--- a/api-tests/ff/ipc/test_i051/test_i051.h
+++ b/api-tests/ff/ipc/test_i051/test_i051.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i051)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i051)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i051_client_tests_list[];
-int32_t client_test_psa_call_with_invalid_outvec_base(security_t);
+int32_t client_test_psa_call_with_invalid_outvec_base(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i051/test_supp_i051.c b/api-tests/ff/ipc/test_i051/test_supp_i051.c
index 0d3be0b6..42cda891 100644
--- a/api-tests/ff/ipc/test_i051/test_supp_i051.c
+++ b/api-tests/ff/ipc/test_i051/test_supp_i051.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@ int32_t server_test_psa_call_with_invalid_outvec_base(void)
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@ int32_t server_test_psa_call_with_invalid_outvec_base(void)
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@ int32_t server_test_psa_call_with_invalid_outvec_base(void)
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i052/source.mk b/api-tests/ff/ipc/test_i052/source.mk
deleted file mode 100644
index 29268c6f..00000000
--- a/api-tests/ff/ipc/test_i052/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i052.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i052.c test_supp_i052.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i052/test.cmake b/api-tests/ff/ipc/test_i052/test.cmake
new file mode 100644
index 00000000..c5524a2d
--- /dev/null
+++ b/api-tests/ff/ipc/test_i052/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i052.c
+ test_i052.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i052.c
+ test_supp_i052.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i052/test_entry.c b/api-tests/ff/ipc/test_i052/test_entry_i052.c
similarity index 81%
rename from api-tests/ff/ipc/test_i052/test_entry.c
rename to api-tests/ff/ipc/test_i052/test_entry_i052.c
index ddbc149e..bf642a45 100644
--- a/api-tests/ff/ipc/test_i052/test_entry.c
+++ b/api-tests/ff/ipc/test_i052/test_entry_i052.c
@@ -28,7 +28,6 @@ psa_api_t *psa = NULL;
void test_entry(val_api_t *val_api, psa_api_t *psa_api)
{
int32_t status = VAL_STATUS_SUCCESS;
- miscellaneous_desc_t *misc_desc;
val = val_api;
psa = psa_api;
@@ -47,16 +46,7 @@ void test_entry(val_api_t *val_api, psa_api_t *psa_api)
goto test_exit;
}
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
- if (VAL_ERROR(status))
- {
- goto test_exit;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
{
/* Switch to secure side (client_partition.c) and execute list of tests available in
test[num]_client_tests_list from Secure side */
diff --git a/api-tests/ff/ipc/test_i052/test_i052.c b/api-tests/ff/ipc/test_i052/test_i052.c
index 5b14c373..724ecd3d 100644
--- a/api-tests/ff/ipc/test_i052/test_i052.c
+++ b/api-tests/ff/ipc/test_i052/test_i052.c
@@ -31,7 +31,7 @@ client_test_t test_i052_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_call_with_invalid_invec_end_addr(security_t caller)
+int32_t client_test_psa_call_with_invalid_invec_end_addr(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -67,9 +67,8 @@ int32_t client_test_psa_call_with_invalid_invec_end_addr(security_t caller)
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -78,7 +77,7 @@ int32_t client_test_psa_call_with_invalid_invec_end_addr(security_t caller)
/*
* Selection of invalid size for psa_invec:
*
- * if caller == NONSECURE
+ * if caller == CALLER_NONSECURE
* valid_base = nspe_mmio_region_base;
* invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);
* else
@@ -97,7 +96,7 @@ int32_t client_test_psa_call_with_invalid_invec_end_addr(security_t caller)
return status;
}
- if (caller == NONSECURE)
+ if (caller == CALLER_NONSECURE)
memory_cfg_id = MEMORY_NSPE_MMIO;
else
memory_cfg_id = MEMORY_SERVER_PARTITION_MMIO;
@@ -116,7 +115,7 @@ int32_t client_test_psa_call_with_invalid_invec_end_addr(security_t caller)
invalid_size = (memory_desc_driver->start - memory_desc->start + 1);
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -126,14 +125,14 @@ int32_t client_test_psa_call_with_invalid_invec_end_addr(security_t caller)
psa_invec invec[1] = {{valid_base, invalid_size}};
/* Test check- psa_call with invalid end_addr for psa_invec */
- status_of_call = psa->call(handle, invec, 1, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, invec, 1, NULL, 0);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
* a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
{
psa->close(handle);
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/ff/ipc/test_i052/test_i052.h b/api-tests/ff/ipc/test_i052/test_i052.h
index 62acbb83..4b533714 100644
--- a/api-tests/ff/ipc/test_i052/test_i052.h
+++ b/api-tests/ff/ipc/test_i052/test_i052.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i052)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i052)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i052_client_tests_list[];
-int32_t client_test_psa_call_with_invalid_invec_end_addr(security_t);
+int32_t client_test_psa_call_with_invalid_invec_end_addr(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i052/test_supp_i052.c b/api-tests/ff/ipc/test_i052/test_supp_i052.c
index 31bc32b4..760ec0cb 100644
--- a/api-tests/ff/ipc/test_i052/test_supp_i052.c
+++ b/api-tests/ff/ipc/test_i052/test_supp_i052.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@ int32_t server_test_psa_call_with_invalid_invec_end_addr(void)
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@ int32_t server_test_psa_call_with_invalid_invec_end_addr(void)
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@ int32_t server_test_psa_call_with_invalid_invec_end_addr(void)
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i053/source.mk b/api-tests/ff/ipc/test_i053/source.mk
deleted file mode 100644
index a34d622c..00000000
--- a/api-tests/ff/ipc/test_i053/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i053.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i053.c test_supp_i053.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i053/test.cmake b/api-tests/ff/ipc/test_i053/test.cmake
new file mode 100644
index 00000000..a9be727f
--- /dev/null
+++ b/api-tests/ff/ipc/test_i053/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i053.c
+ test_i053.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i053.c
+ test_supp_i053.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i053/test_entry.c b/api-tests/ff/ipc/test_i053/test_entry_i053.c
similarity index 81%
rename from api-tests/ff/ipc/test_i053/test_entry.c
rename to api-tests/ff/ipc/test_i053/test_entry_i053.c
index 014dfafa..0cfea2b1 100644
--- a/api-tests/ff/ipc/test_i053/test_entry.c
+++ b/api-tests/ff/ipc/test_i053/test_entry_i053.c
@@ -28,7 +28,6 @@ psa_api_t *psa = NULL;
void test_entry(val_api_t *val_api, psa_api_t *psa_api)
{
int32_t status = VAL_STATUS_SUCCESS;
- miscellaneous_desc_t *misc_desc;
val = val_api;
psa = psa_api;
@@ -47,16 +46,7 @@ void test_entry(val_api_t *val_api, psa_api_t *psa_api)
goto test_exit;
}
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
- if (VAL_ERROR(status))
- {
- goto test_exit;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
{
/* Switch to secure side (client_partition.c) and execute list of tests available in
test[num]_client_tests_list from Secure side */
diff --git a/api-tests/ff/ipc/test_i053/test_i053.c b/api-tests/ff/ipc/test_i053/test_i053.c
index 108c24b9..f08febcd 100644
--- a/api-tests/ff/ipc/test_i053/test_i053.c
+++ b/api-tests/ff/ipc/test_i053/test_i053.c
@@ -31,7 +31,7 @@ client_test_t test_i053_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_call_with_invalid_outvec_end_addr(security_t caller)
+int32_t client_test_psa_call_with_invalid_outvec_end_addr(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -67,9 +67,8 @@ int32_t client_test_psa_call_with_invalid_outvec_end_addr(security_t caller)
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -78,7 +77,7 @@ int32_t client_test_psa_call_with_invalid_outvec_end_addr(security_t caller)
/*
* Selection of invalid size for psa_outvec:
*
- * if caller == NONSECURE
+ * if caller == CALLER_NONSECURE
* valid_base = nspe_mmio_region_base;
* invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);
* else
@@ -97,7 +96,7 @@ int32_t client_test_psa_call_with_invalid_outvec_end_addr(security_t caller)
return status;
}
- if (caller == NONSECURE)
+ if (caller == CALLER_NONSECURE)
memory_cfg_id = MEMORY_NSPE_MMIO;
else
memory_cfg_id = MEMORY_SERVER_PARTITION_MMIO;
@@ -116,7 +115,7 @@ int32_t client_test_psa_call_with_invalid_outvec_end_addr(security_t caller)
invalid_size = (memory_desc_driver->start - memory_desc->start + 1);
/* Setting boot.state before test check */
- boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
if (val->set_boot_flag(boot_state))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
@@ -126,14 +125,14 @@ int32_t client_test_psa_call_with_invalid_outvec_end_addr(security_t caller)
psa_outvec outvec[1] = {{valid_base, invalid_size}};
/* Test check- psa_call with invalid end_addr for psa_outvec */
- status_of_call = psa->call(handle, NULL, 0, outvec, 1);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1);
/*
* If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
* a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
* For SPE caller, it must panic.
*/
- if (caller == NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
{
psa->close(handle);
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/ff/ipc/test_i053/test_i053.h b/api-tests/ff/ipc/test_i053/test_i053.h
index 25bfccca..8efc2ed5 100644
--- a/api-tests/ff/ipc/test_i053/test_i053.h
+++ b/api-tests/ff/ipc/test_i053/test_i053.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i053)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i053)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i053_client_tests_list[];
-int32_t client_test_psa_call_with_invalid_outvec_end_addr(security_t);
+int32_t client_test_psa_call_with_invalid_outvec_end_addr(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i053/test_supp_i053.c b/api-tests/ff/ipc/test_i053/test_supp_i053.c
index 649e3c25..984ef259 100644
--- a/api-tests/ff/ipc/test_i053/test_supp_i053.c
+++ b/api-tests/ff/ipc/test_i053/test_supp_i053.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@ int32_t server_test_psa_call_with_invalid_outvec_end_addr(void)
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@ int32_t server_test_psa_call_with_invalid_outvec_end_addr(void)
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@ int32_t server_test_psa_call_with_invalid_outvec_end_addr(void)
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i054/source.mk b/api-tests/ff/ipc/test_i054/source.mk
deleted file mode 100644
index bad2298f..00000000
--- a/api-tests/ff/ipc/test_i054/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i054.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i054.c test_supp_i054.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i054/test.cmake b/api-tests/ff/ipc/test_i054/test.cmake
new file mode 100644
index 00000000..49495a6b
--- /dev/null
+++ b/api-tests/ff/ipc/test_i054/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i054.c
+ test_i054.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i054.c
+ test_supp_i054.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i054/test_entry.c b/api-tests/ff/ipc/test_i054/test_entry_i054.c
similarity index 100%
rename from api-tests/ff/ipc/test_i054/test_entry.c
rename to api-tests/ff/ipc/test_i054/test_entry_i054.c
diff --git a/api-tests/ff/ipc/test_i054/test_i054.c b/api-tests/ff/ipc/test_i054/test_i054.c
index 80160cae..8c7caee4 100644
--- a/api-tests/ff/ipc/test_i054/test_i054.c
+++ b/api-tests/ff/ipc/test_i054/test_i054.c
@@ -31,7 +31,7 @@ client_test_t test_i054_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_call_with_not_writable_outvec_base(security_t caller)
+int32_t client_test_psa_call_with_not_writable_outvec_base(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -61,8 +61,8 @@ int32_t client_test_psa_call_with_not_writable_outvec_base(security_t caller)
* VAL APIs to decide test status.
*/
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -79,7 +79,7 @@ int32_t client_test_psa_call_with_not_writable_outvec_base(security_t caller)
psa_outvec outvec[1] = {{&client_test_psa_call_with_not_writable_outvec_base, sizeof(char)}};
/* Test check- psa_call with not writable psa_outvec.base, call should panic */
- psa->call(handle, NULL, 0, outvec, 1);
+ psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1);
/* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
val->print(PRINT_ERROR, "\tpsa_call should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i054/test_i054.h b/api-tests/ff/ipc/test_i054/test_i054.h
index a86d56aa..48507261 100644
--- a/api-tests/ff/ipc/test_i054/test_i054.h
+++ b/api-tests/ff/ipc/test_i054/test_i054.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i054)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i054)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i054_client_tests_list[];
-int32_t client_test_psa_call_with_not_writable_outvec_base(security_t);
+int32_t client_test_psa_call_with_not_writable_outvec_base(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i054/test_supp_i054.c b/api-tests/ff/ipc/test_i054/test_supp_i054.c
index 75442576..ca8f4cc5 100644
--- a/api-tests/ff/ipc/test_i054/test_supp_i054.c
+++ b/api-tests/ff/ipc/test_i054/test_supp_i054.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@ int32_t server_test_psa_call_with_not_writable_outvec_base(void)
psa_msg_t msg = {0};
psa_signal_t signals;
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -48,9 +48,9 @@ int32_t server_test_psa_call_with_not_writable_outvec_base(void)
wait:
signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
{
goto wait;
}
@@ -60,7 +60,7 @@ int32_t server_test_psa_call_with_not_writable_outvec_base(void)
/* Control shouldn't have come here */
val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
psa->reply(msg.handle, -2);
- val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
psa->reply(msg.handle, PSA_SUCCESS);
}
else if (msg.type == PSA_IPC_DISCONNECT)
diff --git a/api-tests/ff/ipc/test_i055/source.mk b/api-tests/ff/ipc/test_i055/source.mk
deleted file mode 100644
index 742d2ce0..00000000
--- a/api-tests/ff/ipc/test_i055/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i055.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i055.c test_supp_i055.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i055/test.cmake b/api-tests/ff/ipc/test_i055/test.cmake
new file mode 100644
index 00000000..dfe9de8b
--- /dev/null
+++ b/api-tests/ff/ipc/test_i055/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i055.c
+ test_i055.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i055.c
+ test_supp_i055.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i055/test_entry.c b/api-tests/ff/ipc/test_i055/test_entry_i055.c
similarity index 100%
rename from api-tests/ff/ipc/test_i055/test_entry.c
rename to api-tests/ff/ipc/test_i055/test_entry_i055.c
diff --git a/api-tests/ff/ipc/test_i055/test_i055.c b/api-tests/ff/ipc/test_i055/test_i055.c
index 033a99a2..16582f5f 100644
--- a/api-tests/ff/ipc/test_i055/test_i055.c
+++ b/api-tests/ff/ipc/test_i055/test_i055.c
@@ -31,7 +31,7 @@ client_test_t test_i055_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_read_with_invalid_buffer_addr(security_t caller)
+int32_t client_test_psa_read_with_invalid_buffer_addr(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
uint8_t data = 0x11;
@@ -41,15 +41,15 @@ int32_t client_test_psa_read_with_invalid_buffer_addr(security_t caller)
val->print(PRINT_TEST,
"[Check 1] Test psa_read with invalid buffer addr\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
psa_invec invec[1] = {{&data, sizeof(data)}};
- status_of_call = psa->call(handle, invec, 1, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, invec, 1, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i055/test_i055.h b/api-tests/ff/ipc/test_i055/test_i055.h
index 5d63951c..0f949a0c 100644
--- a/api-tests/ff/ipc/test_i055/test_i055.h
+++ b/api-tests/ff/ipc/test_i055/test_i055.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i055)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i055)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i055_client_tests_list[];
-int32_t client_test_psa_read_with_invalid_buffer_addr(security_t);
+int32_t client_test_psa_read_with_invalid_buffer_addr(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i055/test_supp_i055.c b/api-tests/ff/ipc/test_i055/test_supp_i055.c
index 24867959..12439d7f 100644
--- a/api-tests/ff/ipc/test_i055/test_supp_i055.c
+++ b/api-tests/ff/ipc/test_i055/test_supp_i055.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -36,7 +36,6 @@ int32_t server_test_psa_read_with_invalid_buffer_addr(void)
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
void *buffer = NULL;
- miscellaneous_desc_t *misc_desc;
memory_desc_t *memory_desc;
/*
@@ -61,14 +60,13 @@ int32_t server_test_psa_read_with_invalid_buffer_addr(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return status;
}
-
/*
* Selection of invalid buffer addr:
*
@@ -78,23 +76,13 @@ int32_t server_test_psa_read_with_invalid_buffer_addr(void)
* buffer = NULL;
*/
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
- if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
- {
- psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
- return status;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
{
status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
MEMORY_DRIVER_PARTITION_MMIO, 0),
(uint8_t **)&memory_desc,
(uint32_t *)sizeof(memory_desc_t));
- if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return status;
@@ -107,8 +95,8 @@ int32_t server_test_psa_read_with_invalid_buffer_addr(void)
psa->reply(msg.handle, PSA_SUCCESS);
/* Serve psa_call */
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
- if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
psa->reply(msg.handle, -2);
}
@@ -116,7 +104,7 @@ int32_t server_test_psa_read_with_invalid_buffer_addr(void)
{
/* Setting boot.state before test check */
status = val->set_boot_flag(BOOT_EXPECTED_NS);
- if (val->err_check_set(TEST_CHECKPOINT_NUM(205), status))
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
psa->reply(msg.handle, -3);
@@ -141,8 +129,8 @@ int32_t server_test_psa_read_with_invalid_buffer_addr(void)
}
}
- val->err_check_set(TEST_CHECKPOINT_NUM(206), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ val->err_check_set(TEST_CHECKPOINT_NUM(205), status);
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i056/source.mk b/api-tests/ff/ipc/test_i056/source.mk
deleted file mode 100644
index 1e4739de..00000000
--- a/api-tests/ff/ipc/test_i056/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i056.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i056.c test_supp_i056.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i056/test.cmake b/api-tests/ff/ipc/test_i056/test.cmake
new file mode 100644
index 00000000..553070a6
--- /dev/null
+++ b/api-tests/ff/ipc/test_i056/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i056.c
+ test_i056.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i056.c
+ test_supp_i056.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i056/test_entry.c b/api-tests/ff/ipc/test_i056/test_entry_i056.c
similarity index 100%
rename from api-tests/ff/ipc/test_i056/test_entry.c
rename to api-tests/ff/ipc/test_i056/test_entry_i056.c
diff --git a/api-tests/ff/ipc/test_i056/test_i056.c b/api-tests/ff/ipc/test_i056/test_i056.c
index 7547d33e..f0697bca 100644
--- a/api-tests/ff/ipc/test_i056/test_i056.c
+++ b/api-tests/ff/ipc/test_i056/test_i056.c
@@ -31,7 +31,7 @@ client_test_t test_i056_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_read_with_not_writable_buffer_addr(security_t caller)
+int32_t client_test_psa_read_with_not_writable_buffer_addr(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
uint8_t data = 0x11;
@@ -41,15 +41,15 @@ int32_t client_test_psa_read_with_not_writable_buffer_addr(security_t caller)
val->print(PRINT_TEST,
"[Check 1] Test psa_read with invalid buffer addr\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
psa_invec invec[1] = {{&data, sizeof(data)}};
- status_of_call = psa->call(handle, invec, 1, NULL, 0);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, invec, 1, NULL, 0);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i056/test_i056.h b/api-tests/ff/ipc/test_i056/test_i056.h
index 0cf6edc8..1c2dcfe5 100644
--- a/api-tests/ff/ipc/test_i056/test_i056.h
+++ b/api-tests/ff/ipc/test_i056/test_i056.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i056)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i056)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i056_client_tests_list[];
-int32_t client_test_psa_read_with_not_writable_buffer_addr(security_t);
+int32_t client_test_psa_read_with_not_writable_buffer_addr(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i056/test_supp_i056.c b/api-tests/ff/ipc/test_i056/test_supp_i056.c
index 3a863102..655d62a4 100644
--- a/api-tests/ff/ipc/test_i056/test_supp_i056.c
+++ b/api-tests/ff/ipc/test_i056/test_supp_i056.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -59,7 +59,7 @@ int32_t server_test_psa_read_with_not_writable_buffer_addr(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -73,7 +73,7 @@ int32_t server_test_psa_read_with_not_writable_buffer_addr(void)
buffer = (void *) &server_test_psa_read_with_not_writable_buffer_addr;
/* Serve psa_call */
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
@@ -109,7 +109,7 @@ int32_t server_test_psa_read_with_not_writable_buffer_addr(void)
}
val->err_check_set(TEST_CHECKPOINT_NUM(204), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i057/source.mk b/api-tests/ff/ipc/test_i057/source.mk
deleted file mode 100644
index f9f2e1be..00000000
--- a/api-tests/ff/ipc/test_i057/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i057.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i057.c test_supp_i057.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i057/test.cmake b/api-tests/ff/ipc/test_i057/test.cmake
new file mode 100644
index 00000000..97e5bef3
--- /dev/null
+++ b/api-tests/ff/ipc/test_i057/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i057.c
+ test_i057.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i057.c
+ test_supp_i057.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i057/test_entry.c b/api-tests/ff/ipc/test_i057/test_entry_i057.c
similarity index 100%
rename from api-tests/ff/ipc/test_i057/test_entry.c
rename to api-tests/ff/ipc/test_i057/test_entry_i057.c
diff --git a/api-tests/ff/ipc/test_i057/test_i057.c b/api-tests/ff/ipc/test_i057/test_i057.c
index 05967d4e..29953932 100644
--- a/api-tests/ff/ipc/test_i057/test_i057.c
+++ b/api-tests/ff/ipc/test_i057/test_i057.c
@@ -31,7 +31,7 @@ client_test_t test_i057_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_write_with_invalid_buffer_addr(security_t caller)
+int32_t client_test_psa_write_with_invalid_buffer_addr(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
uint8_t data = 0x11;
@@ -41,15 +41,15 @@ int32_t client_test_psa_write_with_invalid_buffer_addr(security_t caller)
val->print(PRINT_TEST,
"[Check 1] Test psa_write with invalid buffer addr\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
}
psa_outvec outvec[1] = {{&data, sizeof(data)}};
- status_of_call = psa->call(handle, NULL, 0, outvec, 1);
+ status_of_call = psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1);
/* Expectation is server test should hang and control shouldn't have come here */
val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
diff --git a/api-tests/ff/ipc/test_i057/test_i057.h b/api-tests/ff/ipc/test_i057/test_i057.h
index 8aba95eb..8fa8a1de 100644
--- a/api-tests/ff/ipc/test_i057/test_i057.h
+++ b/api-tests/ff/ipc/test_i057/test_i057.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i057)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i057)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i057_client_tests_list[];
-int32_t client_test_psa_write_with_invalid_buffer_addr(security_t);
+int32_t client_test_psa_write_with_invalid_buffer_addr(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i057/test_supp_i057.c b/api-tests/ff/ipc/test_i057/test_supp_i057.c
index 2b0510e4..e6ad3661 100644
--- a/api-tests/ff/ipc/test_i057/test_supp_i057.c
+++ b/api-tests/ff/ipc/test_i057/test_supp_i057.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -36,7 +36,6 @@ int32_t server_test_psa_write_with_invalid_buffer_addr(void)
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
void *buffer = NULL;
- miscellaneous_desc_t *misc_desc;
memory_desc_t *memory_desc;
/*
@@ -61,14 +60,13 @@ int32_t server_test_psa_write_with_invalid_buffer_addr(void)
* VAL APIs to decide test status.
*/
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return status;
}
-
/*
* Selection of invalid buffer addr:
*
@@ -78,23 +76,13 @@ int32_t server_test_psa_write_with_invalid_buffer_addr(void)
* buffer = NULL;
*/
- status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
- MISCELLANEOUS_DUT, 0),
- (uint8_t **)&misc_desc,
- (uint32_t *)sizeof(miscellaneous_desc_t));
- if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
- {
- psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
- return status;
- }
-
- if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ if (PLATFORM_PSA_ISOLATION_LEVEL > LEVEL1)
{
status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
MEMORY_DRIVER_PARTITION_MMIO, 0),
(uint8_t **)&memory_desc,
(uint32_t *)sizeof(memory_desc_t));
- if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
return status;
@@ -107,8 +95,8 @@ int32_t server_test_psa_write_with_invalid_buffer_addr(void)
psa->reply(msg.handle, PSA_SUCCESS);
/* Server psa_call */
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
- if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
psa->reply(msg.handle, -2);
}
@@ -116,7 +104,7 @@ int32_t server_test_psa_write_with_invalid_buffer_addr(void)
{
/* Setting boot.state before test check */
status = val->set_boot_flag(BOOT_EXPECTED_NS);
- if (val->err_check_set(TEST_CHECKPOINT_NUM(205), status))
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
psa->reply(msg.handle, -3);
@@ -141,8 +129,8 @@ int32_t server_test_psa_write_with_invalid_buffer_addr(void)
}
}
- val->err_check_set(TEST_CHECKPOINT_NUM(206), status);
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ val->err_check_set(TEST_CHECKPOINT_NUM(205), status);
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
psa->reply(msg.handle, PSA_SUCCESS);
return status;
diff --git a/api-tests/ff/ipc/test_i058/source.mk b/api-tests/ff/ipc/test_i058/source.mk
deleted file mode 100644
index 38cbf72e..00000000
--- a/api-tests/ff/ipc/test_i058/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i058.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i058.c test_supp_i058.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i058/test.cmake b/api-tests/ff/ipc/test_i058/test.cmake
new file mode 100644
index 00000000..19a8f188
--- /dev/null
+++ b/api-tests/ff/ipc/test_i058/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i058.c
+ test_i058.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i058.c
+ test_supp_i058.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i058/test_entry.c b/api-tests/ff/ipc/test_i058/test_entry_i058.c
similarity index 100%
rename from api-tests/ff/ipc/test_i058/test_entry.c
rename to api-tests/ff/ipc/test_i058/test_entry_i058.c
diff --git a/api-tests/ff/ipc/test_i058/test_i058.c b/api-tests/ff/ipc/test_i058/test_i058.c
index 6639cd07..c6e8a37d 100644
--- a/api-tests/ff/ipc/test_i058/test_i058.c
+++ b/api-tests/ff/ipc/test_i058/test_i058.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,7 +31,7 @@ client_test_t test_i058_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_doorbell_signal(security_t caller)
+int32_t client_test_psa_doorbell_signal(caller_security_t caller)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_handle_t handle = 0;
@@ -42,8 +42,8 @@ int32_t client_test_psa_doorbell_signal(security_t caller)
val->print(PRINT_TEST,
"[Check 1] Test PSA_DOORBELL signal\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -76,7 +76,7 @@ int32_t client_test_psa_doorbell_signal(security_t caller)
/* Clear the doorbell signal */
psa_clear();
- /* Is doorbell singal cleared? */
+ /* Is doorbell signal cleared? */
signals = psa_wait(PSA_DOORBELL, PSA_POLL);
if ((signals & PSA_DOORBELL) != 0)
{
diff --git a/api-tests/ff/ipc/test_i058/test_i058.h b/api-tests/ff/ipc/test_i058/test_i058.h
index 50ba73be..180a5ccb 100644
--- a/api-tests/ff/ipc/test_i058/test_i058.h
+++ b/api-tests/ff/ipc/test_i058/test_i058.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i058)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i058)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i058_client_tests_list[];
-int32_t client_test_psa_doorbell_signal(security_t);
+int32_t client_test_psa_doorbell_signal(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i058/test_supp_i058.c b/api-tests/ff/ipc/test_i058/test_supp_i058.c
index 9a01ef73..72b1bf95 100644
--- a/api-tests/ff/ipc/test_i058/test_supp_i058.c
+++ b/api-tests/ff/ipc/test_i058/test_supp_i058.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -37,7 +37,7 @@ int32_t server_test_psa_doorbell_signal(void)
psa_msg_t msg = {0};
/* Serve psa_connect */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -59,7 +59,7 @@ int32_t server_test_psa_doorbell_signal(void)
}
/* Serve psa_close */
- status = ((val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ status = ((val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg))
? VAL_STATUS_ERROR : status);
val->err_check_set(TEST_CHECKPOINT_NUM(202), status);
psa->reply(msg.handle, PSA_SUCCESS);
diff --git a/api-tests/ff/ipc/test_i059/source.mk b/api-tests/ff/ipc/test_i059/source.mk
deleted file mode 100644
index b649fa8f..00000000
--- a/api-tests/ff/ipc/test_i059/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i059.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i059.c test_supp_i059.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i059/test.cmake b/api-tests/ff/ipc/test_i059/test.cmake
new file mode 100644
index 00000000..92c44e53
--- /dev/null
+++ b/api-tests/ff/ipc/test_i059/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i059.c
+ test_i059.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i059.c
+ test_supp_i059.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i059/test_entry.c b/api-tests/ff/ipc/test_i059/test_entry_i059.c
similarity index 100%
rename from api-tests/ff/ipc/test_i059/test_entry.c
rename to api-tests/ff/ipc/test_i059/test_entry_i059.c
diff --git a/api-tests/ff/ipc/test_i059/test_i059.c b/api-tests/ff/ipc/test_i059/test_i059.c
index 0f4c3b78..8a4dc771 100644
--- a/api-tests/ff/ipc/test_i059/test_i059.c
+++ b/api-tests/ff/ipc/test_i059/test_i059.c
@@ -31,7 +31,7 @@ client_test_t test_i059_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_notify_with_neg_part_id(security_t caller)
+int32_t client_test_psa_notify_with_neg_part_id(caller_security_t caller)
{
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/ff/ipc/test_i059/test_i059.h b/api-tests/ff/ipc/test_i059/test_i059.h
index fd306c15..a56dd8ba 100644
--- a/api-tests/ff/ipc/test_i059/test_i059.h
+++ b/api-tests/ff/ipc/test_i059/test_i059.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i059)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i059)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i059_client_tests_list[];
-int32_t client_test_psa_notify_with_neg_part_id(security_t);
+int32_t client_test_psa_notify_with_neg_part_id(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i059/test_supp_i059.c b/api-tests/ff/ipc/test_i059/test_supp_i059.c
index ed08784c..ef0b67ab 100644
--- a/api-tests/ff/ipc/test_i059/test_supp_i059.c
+++ b/api-tests/ff/ipc/test_i059/test_supp_i059.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i060/source.mk b/api-tests/ff/ipc/test_i060/source.mk
deleted file mode 100644
index 2b3e1854..00000000
--- a/api-tests/ff/ipc/test_i060/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i060.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i060.c test_supp_i060.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i060/test.cmake b/api-tests/ff/ipc/test_i060/test.cmake
new file mode 100644
index 00000000..aa6cdd5e
--- /dev/null
+++ b/api-tests/ff/ipc/test_i060/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i060.c
+ test_i060.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i060.c
+ test_supp_i060.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i060/test_entry.c b/api-tests/ff/ipc/test_i060/test_entry_i060.c
similarity index 100%
rename from api-tests/ff/ipc/test_i060/test_entry.c
rename to api-tests/ff/ipc/test_i060/test_entry_i060.c
diff --git a/api-tests/ff/ipc/test_i060/test_i060.c b/api-tests/ff/ipc/test_i060/test_i060.c
index d2f17a41..d9521c42 100644
--- a/api-tests/ff/ipc/test_i060/test_i060.c
+++ b/api-tests/ff/ipc/test_i060/test_i060.c
@@ -31,7 +31,7 @@ client_test_t test_i060_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_notify_with_invalid_pos_part_id(security_t caller)
+int32_t client_test_psa_notify_with_invalid_pos_part_id(caller_security_t caller)
{
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/ff/ipc/test_i060/test_i060.h b/api-tests/ff/ipc/test_i060/test_i060.h
index 88d1b1b6..0cdc2bed 100644
--- a/api-tests/ff/ipc/test_i060/test_i060.h
+++ b/api-tests/ff/ipc/test_i060/test_i060.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i060)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i060)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i060_client_tests_list[];
-int32_t client_test_psa_notify_with_invalid_pos_part_id(security_t);
+int32_t client_test_psa_notify_with_invalid_pos_part_id(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i060/test_supp_i060.c b/api-tests/ff/ipc/test_i060/test_supp_i060.c
index 05b3b7fb..79d0a16f 100644
--- a/api-tests/ff/ipc/test_i060/test_supp_i060.c
+++ b/api-tests/ff/ipc/test_i060/test_supp_i060.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i061/source.mk b/api-tests/ff/ipc/test_i061/source.mk
deleted file mode 100644
index f5e49fcd..00000000
--- a/api-tests/ff/ipc/test_i061/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i061.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i061.c test_supp_i061.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i061/test.cmake b/api-tests/ff/ipc/test_i061/test.cmake
new file mode 100644
index 00000000..23f79e38
--- /dev/null
+++ b/api-tests/ff/ipc/test_i061/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i061.c
+ test_i061.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i061.c
+ test_supp_i061.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i061/test_entry.c b/api-tests/ff/ipc/test_i061/test_entry_i061.c
similarity index 100%
rename from api-tests/ff/ipc/test_i061/test_entry.c
rename to api-tests/ff/ipc/test_i061/test_entry_i061.c
diff --git a/api-tests/ff/ipc/test_i061/test_i061.c b/api-tests/ff/ipc/test_i061/test_i061.c
index 4be21a69..c21fe561 100644
--- a/api-tests/ff/ipc/test_i061/test_i061.c
+++ b/api-tests/ff/ipc/test_i061/test_i061.c
@@ -31,7 +31,7 @@ client_test_t test_i061_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_clear_at_unasserted_doorbell_sig(security_t caller)
+int32_t client_test_psa_clear_at_unasserted_doorbell_sig(caller_security_t caller)
{
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/ff/ipc/test_i061/test_i061.h b/api-tests/ff/ipc/test_i061/test_i061.h
index d7e50a64..3c3344c8 100644
--- a/api-tests/ff/ipc/test_i061/test_i061.h
+++ b/api-tests/ff/ipc/test_i061/test_i061.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i061)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i061)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i061_client_tests_list[];
-int32_t client_test_psa_clear_at_unasserted_doorbell_sig(security_t);
+int32_t client_test_psa_clear_at_unasserted_doorbell_sig(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i061/test_supp_i061.c b/api-tests/ff/ipc/test_i061/test_supp_i061.c
index 15421142..8e78916d 100644
--- a/api-tests/ff/ipc/test_i061/test_supp_i061.c
+++ b/api-tests/ff/ipc/test_i061/test_supp_i061.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i062/source.mk b/api-tests/ff/ipc/test_i062/source.mk
deleted file mode 100644
index 4dcf5d3e..00000000
--- a/api-tests/ff/ipc/test_i062/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i062.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i062.c test_supp_i062.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i062/test.cmake b/api-tests/ff/ipc/test_i062/test.cmake
new file mode 100644
index 00000000..b0ae70a7
--- /dev/null
+++ b/api-tests/ff/ipc/test_i062/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i062.c
+ test_i062.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i062.c
+ test_supp_i062.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i062/test_entry.c b/api-tests/ff/ipc/test_i062/test_entry_i062.c
similarity index 100%
rename from api-tests/ff/ipc/test_i062/test_entry.c
rename to api-tests/ff/ipc/test_i062/test_entry_i062.c
diff --git a/api-tests/ff/ipc/test_i062/test_i062.c b/api-tests/ff/ipc/test_i062/test_i062.c
index f9ff4cb4..ca87dc51 100644
--- a/api-tests/ff/ipc/test_i062/test_i062.c
+++ b/api-tests/ff/ipc/test_i062/test_i062.c
@@ -31,7 +31,7 @@ client_test_t test_i062_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_wait_with_unassigned_signal(security_t caller)
+int32_t client_test_psa_wait_with_unassigned_signal(caller_security_t caller)
{
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/ff/ipc/test_i062/test_i062.h b/api-tests/ff/ipc/test_i062/test_i062.h
index fdceda8c..ddd3cf39 100644
--- a/api-tests/ff/ipc/test_i062/test_i062.h
+++ b/api-tests/ff/ipc/test_i062/test_i062.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i062)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i062)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i062_client_tests_list[];
-int32_t client_test_psa_wait_with_unassigned_signal(security_t);
+int32_t client_test_psa_wait_with_unassigned_signal(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i062/test_supp_i062.c b/api-tests/ff/ipc/test_i062/test_supp_i062.c
index 30e2d5d0..6cec5372 100644
--- a/api-tests/ff/ipc/test_i062/test_supp_i062.c
+++ b/api-tests/ff/ipc/test_i062/test_supp_i062.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i063/source.mk b/api-tests/ff/ipc/test_i063/source.mk
deleted file mode 100644
index 29f0e49e..00000000
--- a/api-tests/ff/ipc/test_i063/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i063.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i063.c test_supp_i063.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i063/test.cmake b/api-tests/ff/ipc/test_i063/test.cmake
new file mode 100644
index 00000000..bdbf6e81
--- /dev/null
+++ b/api-tests/ff/ipc/test_i063/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i063.c
+ test_i063.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i063.c
+ test_supp_i063.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i063/test_entry.c b/api-tests/ff/ipc/test_i063/test_entry_i063.c
similarity index 100%
rename from api-tests/ff/ipc/test_i063/test_entry.c
rename to api-tests/ff/ipc/test_i063/test_entry_i063.c
diff --git a/api-tests/ff/ipc/test_i063/test_i063.c b/api-tests/ff/ipc/test_i063/test_i063.c
index 8853f3d0..579d5f6c 100644
--- a/api-tests/ff/ipc/test_i063/test_i063.c
+++ b/api-tests/ff/ipc/test_i063/test_i063.c
@@ -31,13 +31,13 @@ client_test_t test_i063_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_wait_signal_mask(security_t caller)
+int32_t client_test_psa_wait_signal_mask(caller_security_t caller)
{
psa_handle_t handle = 0;
val->print(PRINT_TEST, "[Check 1] Test psa_wait signal mask\n", 0);
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
if (handle != PSA_ERROR_CONNECTION_REFUSED)
{
@@ -45,7 +45,7 @@ int32_t client_test_psa_wait_signal_mask(security_t caller)
return VAL_STATUS_INVALID_HANDLE;
}
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+ handle = psa->connect(SERVER_RELAX_VERSION_SID, SERVER_RELAX_VERSION_VERSION);
if (handle != PSA_ERROR_CONNECTION_REFUSED)
{
diff --git a/api-tests/ff/ipc/test_i063/test_i063.h b/api-tests/ff/ipc/test_i063/test_i063.h
index 2afe6827..c5115a90 100644
--- a/api-tests/ff/ipc/test_i063/test_i063.h
+++ b/api-tests/ff/ipc/test_i063/test_i063.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i063)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i063)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i063_client_tests_list[];
-int32_t client_test_psa_wait_signal_mask(security_t);
+int32_t client_test_psa_wait_signal_mask(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i063/test_supp_i063.c b/api-tests/ff/ipc/test_i063/test_supp_i063.c
index d7555e97..ab7ccf37 100644
--- a/api-tests/ff/ipc/test_i063/test_supp_i063.c
+++ b/api-tests/ff/ipc/test_i063/test_supp_i063.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -36,7 +36,7 @@ int32_t server_test_psa_wait_signal_mask(void)
psa_signal_t signals = 0;
psa_msg_t msg = {0};
int loop_cnt = 2;
- psa_signal_t signal_mask = (SERVER_UNSPECIFED_MINOR_V_SIG | SERVER_RELAX_MINOR_VERSION_SIG);
+ psa_signal_t signal_mask = (SERVER_UNSPECIFED_VERSION_SIGNAL | SERVER_RELAX_VERSION_SIGNAL);
/* Debug print */
val->err_check_set(TEST_CHECKPOINT_NUM(211), VAL_STATUS_SUCCESS);
@@ -45,8 +45,8 @@ int32_t server_test_psa_wait_signal_mask(void)
* Notify client partition to make SERVER_SECURE_CONNECT_ONLY_SID connection request.
* This connection request act as irritator to psa->wait(signal_mask) call and it is used
* to cover the rule - Signals that are not in signal_mask should be ignored by psa_wait.
- * This means, during the following while loop, returned signal vaule should not be
- * SERVER_SECURE_CONNECT_ONLY_SIG as this signal is not part of signal_mask.
+ * This means, during the following while loop, returned signal value should not be
+ * SERVER_SECURE_CONNECT_ONLY_SIGNAL as this signal is not part of signal_mask.
*/
psa->notify(CLIENT_PARTITION);
@@ -56,8 +56,8 @@ int32_t server_test_psa_wait_signal_mask(void)
/*
* Rule - Returned signals value must be subset signals indicated in the signal_mask.
- * This mean signal value should be either SERVER_UNSPECIFED_MINOR_V_SIG
- * or SERVER_RELAX_MINOR_VERSION_SIG.
+ * This mean signal value should be either SERVER_UNSPECIFED_VERSION_SIGNAL
+ * or SERVER_RELAX_VERSION_SIGNAL.
*/
if (((signals & signal_mask) == 0) &&
((signals | signal_mask) != signal_mask))
@@ -66,17 +66,17 @@ int32_t server_test_psa_wait_signal_mask(void)
"psa_wait-1 returned with invalid signal value = 0x%x\n", signals);
return VAL_STATUS_ERROR;
}
- else if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ else if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
{
- if (psa->get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
continue;
loop_cnt--;
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
}
- else if (signals & SERVER_RELAX_MINOR_VERSION_SIG)
+ else if (signals & SERVER_RELAX_VERSION_SIGNAL)
{
- if (psa->get(SERVER_RELAX_MINOR_VERSION_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_RELAX_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
continue;
loop_cnt--;
@@ -92,15 +92,15 @@ int32_t server_test_psa_wait_signal_mask(void)
* At the end, completes the starved connection
* request of SERVER_SECURE_CONNECT_ONLY_SID.
*/
- signals = psa->wait(SERVER_SECURE_CONNECT_ONLY_SIG, PSA_BLOCK);
- if ((signals & SERVER_SECURE_CONNECT_ONLY_SIG) == 0)
+ signals = psa->wait(SERVER_SECURE_CONNECT_ONLY_SIGNAL, PSA_BLOCK);
+ if ((signals & SERVER_SECURE_CONNECT_ONLY_SIGNAL) == 0)
{
val->print(PRINT_ERROR,
"psa_wait-2 returned with invalid signal value = 0x%x\n", signals);
return VAL_STATUS_ERROR;
}
- if (psa->get(SERVER_SECURE_CONNECT_ONLY_SIG, &msg) != PSA_SUCCESS)
+ if (psa->get(SERVER_SECURE_CONNECT_ONLY_SIGNAL, &msg) != PSA_SUCCESS)
goto wait;
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i064/source.mk b/api-tests/ff/ipc/test_i064/source.mk
deleted file mode 100644
index 4f5a4869..00000000
--- a/api-tests/ff/ipc/test_i064/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i064.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i064.c test_supp_i064.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i064/test.cmake b/api-tests/ff/ipc/test_i064/test.cmake
new file mode 100644
index 00000000..4e2a2275
--- /dev/null
+++ b/api-tests/ff/ipc/test_i064/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i064.c
+ test_i064.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i064.c
+ test_supp_i064.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i064/test_entry.c b/api-tests/ff/ipc/test_i064/test_entry_i064.c
similarity index 100%
rename from api-tests/ff/ipc/test_i064/test_entry.c
rename to api-tests/ff/ipc/test_i064/test_entry_i064.c
diff --git a/api-tests/ff/ipc/test_i064/test_i064.c b/api-tests/ff/ipc/test_i064/test_i064.c
index f037cfa3..05c4f791 100644
--- a/api-tests/ff/ipc/test_i064/test_i064.c
+++ b/api-tests/ff/ipc/test_i064/test_i064.c
@@ -31,14 +31,14 @@ client_test_t test_i064_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_eoi_with_non_intr_signal(security_t caller)
+int32_t client_test_psa_eoi_with_non_intr_signal(caller_security_t caller)
{
psa_handle_t handle;
driver_test_fn_id_t driver_test_fn_id = TEST_PSA_EOI_WITH_NON_INTR_SIGNAL;
/*
* The interrupt related test check is captured in driver_partition.c as this is the
- * only partition in test suite that holds the interrupt line. The interrupt test check
+ * only partition in test suite that holds the interrupt source. The interrupt test check
* is invoked by client by calling to DRIVER_TEST_SID RoT service of driver partition that
* hold the test check.
*/
@@ -46,8 +46,8 @@ int32_t client_test_psa_eoi_with_non_intr_signal(security_t caller)
val->print(PRINT_TEST, "[Check 1] Test psa_eoi with non-interrupt signal\n", 0);
/* Connect to DRIVER_TEST_SID */
- handle = psa->connect(DRIVER_TEST_SID, 1);
- if (handle < 0)
+ handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\t psa_connect failed. handle=0x%x\n", handle);
return VAL_STATUS_SPM_FAILED;
@@ -55,7 +55,7 @@ int32_t client_test_psa_eoi_with_non_intr_signal(security_t caller)
/* Execute driver function related to TEST_PSA_EOI_WITH_NON_INTR_SIGNAL */
psa_invec invec = {&driver_test_fn_id, sizeof(driver_test_fn_id)};
- psa->call(handle, &invec, 1, NULL, 0);
+ psa->call(handle, PSA_IPC_CALL, &invec, 1, NULL, 0);
psa->close(handle);
diff --git a/api-tests/ff/ipc/test_i064/test_i064.h b/api-tests/ff/ipc/test_i064/test_i064.h
index 2f964f1e..d89997b1 100644
--- a/api-tests/ff/ipc/test_i064/test_i064.h
+++ b/api-tests/ff/ipc/test_i064/test_i064.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i064)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i064)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i064_client_tests_list[];
-int32_t client_test_psa_eoi_with_non_intr_signal(security_t);
+int32_t client_test_psa_eoi_with_non_intr_signal(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i064/test_supp_i064.c b/api-tests/ff/ipc/test_i064/test_supp_i064.c
index 5c486a74..58d96385 100644
--- a/api-tests/ff/ipc/test_i064/test_supp_i064.c
+++ b/api-tests/ff/ipc/test_i064/test_supp_i064.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i065/source.mk b/api-tests/ff/ipc/test_i065/source.mk
deleted file mode 100644
index 9be71cf9..00000000
--- a/api-tests/ff/ipc/test_i065/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i065.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i065.c test_supp_i065.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i065/test.cmake b/api-tests/ff/ipc/test_i065/test.cmake
new file mode 100644
index 00000000..567b71f4
--- /dev/null
+++ b/api-tests/ff/ipc/test_i065/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i065.c
+ test_i065.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i065.c
+ test_supp_i065.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i065/test_entry.c b/api-tests/ff/ipc/test_i065/test_entry_i065.c
similarity index 100%
rename from api-tests/ff/ipc/test_i065/test_entry.c
rename to api-tests/ff/ipc/test_i065/test_entry_i065.c
diff --git a/api-tests/ff/ipc/test_i065/test_i065.c b/api-tests/ff/ipc/test_i065/test_i065.c
index 15081fb2..9fe7e9f8 100644
--- a/api-tests/ff/ipc/test_i065/test_i065.c
+++ b/api-tests/ff/ipc/test_i065/test_i065.c
@@ -31,14 +31,14 @@ client_test_t test_i065_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_eoi_with_unasserted_signal(security_t caller)
+int32_t client_test_psa_eoi_with_unasserted_signal(caller_security_t caller)
{
psa_handle_t handle;
driver_test_fn_id_t driver_test_fn_id = TEST_PSA_EOI_WITH_UNASSERTED_SIGNAL;
/*
* The interrupt related test check is captured in driver_partition.c as this is the
- * only partition in test suite that holds the interrupt line. The interrupt test check
+ * only partition in test suite that holds the interrupt source. The interrupt test check
* is invoked by client by calling to DRIVER_TEST_SID RoT service of driver partition that
* hold the test check.
*/
@@ -46,8 +46,8 @@ int32_t client_test_psa_eoi_with_unasserted_signal(security_t caller)
val->print(PRINT_TEST, "[Check 1] Test psa_eoi with multiple signal\n", 0);
/* Connect to DRIVER_TEST_SID */
- handle = psa->connect(DRIVER_TEST_SID, 1);
- if (handle < 0)
+ handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\t psa_connect failed. handle=0x%x\n", handle);
return VAL_STATUS_SPM_FAILED;
@@ -55,7 +55,7 @@ int32_t client_test_psa_eoi_with_unasserted_signal(security_t caller)
/* Execute driver function related to TEST_PSA_EOI_WITH_UNASSERTED_SIGNAL */
psa_invec invec = {&driver_test_fn_id, sizeof(driver_test_fn_id)};
- psa->call(handle, &invec, 1, NULL, 0);
+ psa->call(handle, PSA_IPC_CALL, &invec, 1, NULL, 0);
psa->close(handle);
diff --git a/api-tests/ff/ipc/test_i065/test_i065.h b/api-tests/ff/ipc/test_i065/test_i065.h
index 74289aca..c1e1af95 100644
--- a/api-tests/ff/ipc/test_i065/test_i065.h
+++ b/api-tests/ff/ipc/test_i065/test_i065.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i065)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i065)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i065_client_tests_list[];
-int32_t client_test_psa_eoi_with_unasserted_signal(security_t);
+int32_t client_test_psa_eoi_with_unasserted_signal(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i065/test_supp_i065.c b/api-tests/ff/ipc/test_i065/test_supp_i065.c
index 5c1d8e03..1ae6f689 100644
--- a/api-tests/ff/ipc/test_i065/test_supp_i065.c
+++ b/api-tests/ff/ipc/test_i065/test_supp_i065.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i066/source.mk b/api-tests/ff/ipc/test_i066/source.mk
deleted file mode 100644
index 818fcc53..00000000
--- a/api-tests/ff/ipc/test_i066/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i066.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i066.c test_supp_i066.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i066/test.cmake b/api-tests/ff/ipc/test_i066/test.cmake
new file mode 100644
index 00000000..5de49651
--- /dev/null
+++ b/api-tests/ff/ipc/test_i066/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i066.c
+ test_i066.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i066.c
+ test_supp_i066.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i066/test_entry.c b/api-tests/ff/ipc/test_i066/test_entry_i066.c
similarity index 100%
rename from api-tests/ff/ipc/test_i066/test_entry.c
rename to api-tests/ff/ipc/test_i066/test_entry_i066.c
diff --git a/api-tests/ff/ipc/test_i066/test_i066.c b/api-tests/ff/ipc/test_i066/test_i066.c
index c452dc0d..af1797cc 100644
--- a/api-tests/ff/ipc/test_i066/test_i066.c
+++ b/api-tests/ff/ipc/test_i066/test_i066.c
@@ -31,14 +31,14 @@ client_test_t test_i066_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_eoi_with_multiple_signals(security_t caller)
+int32_t client_test_psa_eoi_with_multiple_signals(caller_security_t caller)
{
psa_handle_t handle;
driver_test_fn_id_t driver_test_fn_id = TEST_PSA_EOI_WITH_MULTIPLE_SIGNALS;
/*
* The interrupt related test check is captured in driver_partition.c as this is the
- * only partition in test suite that holds the interrupt line. The interrupt test check
+ * only partition in test suite that holds the interrupt source. The interrupt test check
* is invoked by client by calling to DRIVER_TEST_SID RoT service of driver partition that
* hold the test check.
*/
@@ -46,8 +46,8 @@ int32_t client_test_psa_eoi_with_multiple_signals(security_t caller)
val->print(PRINT_TEST, "[Check 1] Test psa_eoi with multiple signals\n", 0);
/* Connect to DRIVER_TEST_SID */
- handle = psa->connect(DRIVER_TEST_SID, 1);
- if (handle < 0)
+ handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\t psa_connect failed. handle=0x%x\n", handle);
return VAL_STATUS_SPM_FAILED;
@@ -55,7 +55,7 @@ int32_t client_test_psa_eoi_with_multiple_signals(security_t caller)
/* Execute driver function related to TEST_PSA_EOI_WITH_MULTIPLE_SIGNALS */
psa_invec invec = {&driver_test_fn_id, sizeof(driver_test_fn_id)};
- psa->call(handle, &invec, 1, NULL, 0);
+ psa->call(handle, PSA_IPC_CALL, &invec, 1, NULL, 0);
psa->close(handle);
diff --git a/api-tests/ff/ipc/test_i066/test_i066.h b/api-tests/ff/ipc/test_i066/test_i066.h
index bc3b9cfa..fe246a0a 100644
--- a/api-tests/ff/ipc/test_i066/test_i066.h
+++ b/api-tests/ff/ipc/test_i066/test_i066.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i066)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i066)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i066_client_tests_list[];
-int32_t client_test_psa_eoi_with_multiple_signals(security_t);
+int32_t client_test_psa_eoi_with_multiple_signals(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i066/test_supp_i066.c b/api-tests/ff/ipc/test_i066/test_supp_i066.c
index 9b64caa9..357883bc 100644
--- a/api-tests/ff/ipc/test_i066/test_supp_i066.c
+++ b/api-tests/ff/ipc/test_i066/test_supp_i066.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i067/source.mk b/api-tests/ff/ipc/test_i067/source.mk
deleted file mode 100644
index a3472640..00000000
--- a/api-tests/ff/ipc/test_i067/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i067.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i067.c test_supp_i067.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i067/test.cmake b/api-tests/ff/ipc/test_i067/test.cmake
new file mode 100644
index 00000000..66fabc80
--- /dev/null
+++ b/api-tests/ff/ipc/test_i067/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i067.c
+ test_i067.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i067.c
+ test_supp_i067.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i067/test_entry.c b/api-tests/ff/ipc/test_i067/test_entry_i067.c
similarity index 100%
rename from api-tests/ff/ipc/test_i067/test_entry.c
rename to api-tests/ff/ipc/test_i067/test_entry_i067.c
diff --git a/api-tests/ff/ipc/test_i067/test_i067.c b/api-tests/ff/ipc/test_i067/test_i067.c
index 6e6f27f8..55af02ef 100644
--- a/api-tests/ff/ipc/test_i067/test_i067.c
+++ b/api-tests/ff/ipc/test_i067/test_i067.c
@@ -19,13 +19,13 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_service_defs.h"
#endif
#include "test_i067.h"
-#if (SP_HEAP_MEM_SUPP == 1)
+#ifdef SP_HEAP_MEM_SUPP
void *malloc(size_t size);
void free(void *ptr);
#endif
@@ -36,10 +36,10 @@ client_test_t test_i067_client_tests_list[] = {
NULL,
};
-int32_t client_test_dynamic_mem_alloc_fn(security_t caller)
+int32_t client_test_dynamic_mem_alloc_fn(caller_security_t caller)
{
/* Check heap memory support available to secure partition */
-#if (SP_HEAP_MEM_SUPP == 1)
+#ifdef SP_HEAP_MEM_SUPP
uint8_t *buffer;
val->print(PRINT_TEST, "[Check 1] Test dynamic memory allocation\n", 0);
diff --git a/api-tests/ff/ipc/test_i067/test_i067.h b/api-tests/ff/ipc/test_i067/test_i067.h
index f84da6e4..11e0bb6e 100644
--- a/api-tests/ff/ipc/test_i067/test_i067.h
+++ b/api-tests/ff/ipc/test_i067/test_i067.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i067)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i067)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i067_client_tests_list[];
-int32_t client_test_dynamic_mem_alloc_fn(security_t);
+int32_t client_test_dynamic_mem_alloc_fn(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i067/test_supp_i067.c b/api-tests/ff/ipc/test_i067/test_supp_i067.c
index b6d0779b..42029441 100644
--- a/api-tests/ff/ipc/test_i067/test_supp_i067.c
+++ b/api-tests/ff/ipc/test_i067/test_supp_i067.c
@@ -18,14 +18,14 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
#define SERVER_HEAP_SIZE 0x100 /* The size is same as heap_size field in manifest */
-#if (SP_HEAP_MEM_SUPP == 1)
+#ifdef SP_HEAP_MEM_SUPP
void *malloc(size_t size);
void free(void *ptr);
void *realloc(void *ptr, size_t size);
@@ -42,7 +42,7 @@ server_test_t test_i067_server_tests_list[] = {
int32_t server_test_dynamic_mem_alloc_fn(void)
{
/* Perform checks only if heap memory support available to secure partition */
-#if (SP_HEAP_MEM_SUPP == 1)
+#ifdef SP_HEAP_MEM_SUPP
uint8_t *buffer, *buffer1;
uint8_t cmpbuff[SERVER_HEAP_SIZE] = {0};
diff --git a/api-tests/ff/ipc/test_i068/source.mk b/api-tests/ff/ipc/test_i068/source.mk
deleted file mode 100644
index d6cb0d7b..00000000
--- a/api-tests/ff/ipc/test_i068/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i068.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i068.c test_supp_i068.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i068/test.cmake b/api-tests/ff/ipc/test_i068/test.cmake
new file mode 100644
index 00000000..cefebf11
--- /dev/null
+++ b/api-tests/ff/ipc/test_i068/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i068.c
+ test_i068.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i068.c
+ test_supp_i068.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i068/test_entry.c b/api-tests/ff/ipc/test_i068/test_entry_i068.c
similarity index 100%
rename from api-tests/ff/ipc/test_i068/test_entry.c
rename to api-tests/ff/ipc/test_i068/test_entry_i068.c
diff --git a/api-tests/ff/ipc/test_i068/test_i068.c b/api-tests/ff/ipc/test_i068/test_i068.c
index 0ab92dc0..61a59f8b 100644
--- a/api-tests/ff/ipc/test_i068/test_i068.c
+++ b/api-tests/ff/ipc/test_i068/test_i068.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_service_defs.h"
#endif
#include "test_i068.h"
@@ -55,15 +55,16 @@ void test_i068_dummy_func(void)
{
}
-int32_t client_test_instr_exec_from_writable_mem(security_t caller)
+int32_t client_test_instr_exec_from_writable_mem(caller_security_t caller)
{
val->print(PRINT_TEST, "[Check 1] Test Instr execution from writable memory\n", 0);
/*
* Copy test_i068_dummy_func function code into data memory
- * Assuming function size to be 32 bytes max
+ * Assuming function size to be 16 bytes max.
+ * Remove thumb bit from address if exists.
*/
- copy_mem(&opcode, &test_i068_dummy_func, NO_OF_BYTES);
+ copy_mem(&opcode, (void *) ((uintptr_t)&test_i068_dummy_func & ~(uintptr_t)0x1), NO_OF_BYTES);
/* Point function pointer to data memory */
fptr = (fptr_t) opcode;
diff --git a/api-tests/ff/ipc/test_i068/test_i068.h b/api-tests/ff/ipc/test_i068/test_i068.h
index 4426f389..f7ed66b9 100644
--- a/api-tests/ff/ipc/test_i068/test_i068.h
+++ b/api-tests/ff/ipc/test_i068/test_i068.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i068)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i068)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i068_client_tests_list[];
-int32_t client_test_instr_exec_from_writable_mem(security_t);
+int32_t client_test_instr_exec_from_writable_mem(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i068/test_supp_i068.c b/api-tests/ff/ipc/test_i068/test_supp_i068.c
index 6fa87d37..ec586827 100644
--- a/api-tests/ff/ipc/test_i068/test_supp_i068.c
+++ b/api-tests/ff/ipc/test_i068/test_supp_i068.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i069/source.mk b/api-tests/ff/ipc/test_i069/source.mk
deleted file mode 100644
index 1a745a51..00000000
--- a/api-tests/ff/ipc/test_i069/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i069.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i069.c test_supp_i069.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i069/test.cmake b/api-tests/ff/ipc/test_i069/test.cmake
new file mode 100644
index 00000000..99eb8216
--- /dev/null
+++ b/api-tests/ff/ipc/test_i069/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i069.c
+ test_i069.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i069.c
+ test_supp_i069.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i069/test_entry.c b/api-tests/ff/ipc/test_i069/test_entry_i069.c
similarity index 100%
rename from api-tests/ff/ipc/test_i069/test_entry.c
rename to api-tests/ff/ipc/test_i069/test_entry_i069.c
diff --git a/api-tests/ff/ipc/test_i069/test_i069.c b/api-tests/ff/ipc/test_i069/test_i069.c
index 53afce3a..27706e6f 100644
--- a/api-tests/ff/ipc/test_i069/test_i069.c
+++ b/api-tests/ff/ipc/test_i069/test_i069.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_service_defs.h"
#endif
#include "test_i069.h"
@@ -31,7 +31,7 @@ client_test_t test_i069_client_tests_list[] = {
NULL,
};
-int32_t client_test_write_to_code_space(security_t caller)
+int32_t client_test_write_to_code_space(caller_security_t caller)
{
int32_t *p;
diff --git a/api-tests/ff/ipc/test_i069/test_i069.h b/api-tests/ff/ipc/test_i069/test_i069.h
index fbb3e50d..574f4d87 100644
--- a/api-tests/ff/ipc/test_i069/test_i069.h
+++ b/api-tests/ff/ipc/test_i069/test_i069.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i069)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i069)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i069_client_tests_list[];
-int32_t client_test_write_to_code_space(security_t);
+int32_t client_test_write_to_code_space(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i069/test_supp_i069.c b/api-tests/ff/ipc/test_i069/test_supp_i069.c
index 29a3ca1e..5dd572c2 100644
--- a/api-tests/ff/ipc/test_i069/test_supp_i069.c
+++ b/api-tests/ff/ipc/test_i069/test_supp_i069.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i070/source.mk b/api-tests/ff/ipc/test_i070/source.mk
deleted file mode 100644
index f399229b..00000000
--- a/api-tests/ff/ipc/test_i070/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i070.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i070.c test_supp_i070.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i070/test.cmake b/api-tests/ff/ipc/test_i070/test.cmake
new file mode 100644
index 00000000..82d9a914
--- /dev/null
+++ b/api-tests/ff/ipc/test_i070/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i070.c
+ test_i070.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i070.c
+ test_supp_i070.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i070/test_entry.c b/api-tests/ff/ipc/test_i070/test_entry_i070.c
similarity index 100%
rename from api-tests/ff/ipc/test_i070/test_entry.c
rename to api-tests/ff/ipc/test_i070/test_entry_i070.c
diff --git a/api-tests/ff/ipc/test_i070/test_i070.c b/api-tests/ff/ipc/test_i070/test_i070.c
index 45c5dc97..c5d9f94a 100644
--- a/api-tests/ff/ipc/test_i070/test_i070.c
+++ b/api-tests/ff/ipc/test_i070/test_i070.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_service_defs.h"
#endif
#include "test_i070.h"
@@ -31,7 +31,7 @@ client_test_t test_i070_client_tests_list[] = {
NULL,
};
-int32_t client_test_write_to_const_data(security_t caller)
+int32_t client_test_write_to_const_data(caller_security_t caller)
{
const char *string = "This text should be in RO space";
char *p;
diff --git a/api-tests/ff/ipc/test_i070/test_i070.h b/api-tests/ff/ipc/test_i070/test_i070.h
index 4189b898..9da1c680 100644
--- a/api-tests/ff/ipc/test_i070/test_i070.h
+++ b/api-tests/ff/ipc/test_i070/test_i070.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i070)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i070)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i070_client_tests_list[];
-int32_t client_test_write_to_const_data(security_t);
+int32_t client_test_write_to_const_data(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i070/test_supp_i070.c b/api-tests/ff/ipc/test_i070/test_supp_i070.c
index 51090fad..62f2e172 100644
--- a/api-tests/ff/ipc/test_i070/test_supp_i070.c
+++ b/api-tests/ff/ipc/test_i070/test_supp_i070.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i071/source.mk b/api-tests/ff/ipc/test_i071/source.mk
deleted file mode 100644
index c6eade09..00000000
--- a/api-tests/ff/ipc/test_i071/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i071.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i071.c test_supp_i071.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i071/test.cmake b/api-tests/ff/ipc/test_i071/test.cmake
new file mode 100644
index 00000000..a39ec155
--- /dev/null
+++ b/api-tests/ff/ipc/test_i071/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i071.c
+ test_i071.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i071.c
+ test_supp_i071.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i071/test_entry.c b/api-tests/ff/ipc/test_i071/test_entry_i071.c
similarity index 100%
rename from api-tests/ff/ipc/test_i071/test_entry.c
rename to api-tests/ff/ipc/test_i071/test_entry_i071.c
diff --git a/api-tests/ff/ipc/test_i071/test_i071.c b/api-tests/ff/ipc/test_i071/test_i071.c
index 1c56a022..130ebf04 100644
--- a/api-tests/ff/ipc/test_i071/test_i071.c
+++ b/api-tests/ff/ipc/test_i071/test_i071.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_service_defs.h"
#endif
#include "test_i071.h"
@@ -33,7 +33,7 @@ client_test_t test_i071_client_tests_list[] = {
NULL,
};
-int32_t client_test_mem_manipulation_fn(security_t caller)
+int32_t client_test_mem_manipulation_fn(caller_security_t caller)
{
uint8_t buffer[BUFF_SIZE] = {0};
uint8_t buffer1[BUFF_SIZE] = {0};
diff --git a/api-tests/ff/ipc/test_i071/test_i071.h b/api-tests/ff/ipc/test_i071/test_i071.h
index bf1bacf6..cb75dffd 100644
--- a/api-tests/ff/ipc/test_i071/test_i071.h
+++ b/api-tests/ff/ipc/test_i071/test_i071.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i071)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i071)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i071_client_tests_list[];
-int32_t client_test_mem_manipulation_fn(security_t);
+int32_t client_test_mem_manipulation_fn(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i071/test_supp_i071.c b/api-tests/ff/ipc/test_i071/test_supp_i071.c
index 7ce17d89..b96ac470 100644
--- a/api-tests/ff/ipc/test_i071/test_supp_i071.c
+++ b/api-tests/ff/ipc/test_i071/test_supp_i071.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i072/source.mk b/api-tests/ff/ipc/test_i072/source.mk
deleted file mode 100644
index 7d3e4953..00000000
--- a/api-tests/ff/ipc/test_i072/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i072.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i072.c test_supp_i072.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i072/test.cmake b/api-tests/ff/ipc/test_i072/test.cmake
new file mode 100644
index 00000000..c5fb69ef
--- /dev/null
+++ b/api-tests/ff/ipc/test_i072/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i072.c
+ test_i072.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i072.c
+ test_supp_i072.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i072/test_entry.c b/api-tests/ff/ipc/test_i072/test_entry_i072.c
similarity index 100%
rename from api-tests/ff/ipc/test_i072/test_entry.c
rename to api-tests/ff/ipc/test_i072/test_entry_i072.c
diff --git a/api-tests/ff/ipc/test_i072/test_i072.c b/api-tests/ff/ipc/test_i072/test_i072.c
index aa586e70..38fd78ab 100644
--- a/api-tests/ff/ipc/test_i072/test_i072.c
+++ b/api-tests/ff/ipc/test_i072/test_i072.c
@@ -36,8 +36,8 @@ static int32_t get_secure_partition_address(addr_t *addr)
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -45,17 +45,19 @@ static int32_t get_secure_partition_address(addr_t *addr)
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
-int32_t client_test_nspe_read_app_rot_variable(security_t caller)
+int32_t client_test_nspe_read_app_rot_variable(caller_security_t caller)
{
addr_t app_rot_addr;
uint32_t data = 0x1234;
@@ -93,7 +95,7 @@ int32_t client_test_nspe_read_app_rot_variable(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_nspe_write_app_rot_variable(security_t caller)
+int32_t client_test_nspe_write_app_rot_variable(caller_security_t caller)
{
addr_t app_rot_addr;
uint32_t data = 0x1234;
@@ -116,7 +118,7 @@ int32_t client_test_nspe_write_app_rot_variable(security_t caller)
*(uint32_t *)app_rot_addr = (uint32_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
diff --git a/api-tests/ff/ipc/test_i072/test_i072.h b/api-tests/ff/ipc/test_i072/test_i072.h
index 586f8e51..48eb9b7b 100644
--- a/api-tests/ff/ipc/test_i072/test_i072.h
+++ b/api-tests/ff/ipc/test_i072/test_i072.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i072)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i072)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i072_client_tests_list[];
-int32_t client_test_nspe_read_app_rot_variable(security_t);
-int32_t client_test_nspe_write_app_rot_variable(security_t);
+int32_t client_test_nspe_read_app_rot_variable(caller_security_t);
+int32_t client_test_nspe_write_app_rot_variable(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i072/test_supp_i072.c b/api-tests/ff/ipc/test_i072/test_supp_i072.c
index 05cf9181..704fb10f 100644
--- a/api-tests/ff/ipc/test_i072/test_supp_i072.c
+++ b/api-tests/ff/ipc/test_i072/test_supp_i072.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -40,10 +40,11 @@ server_test_t test_i072_server_tests_list[] = {
static int32_t send_secure_partition_address(void)
{
- int32_t status = VAL_STATUS_SUCCESS;
- psa_msg_t msg = {0};
+ int32_t status = VAL_STATUS_SUCCESS;
+ volatile uint32_t *addr = &g_test_i072;
+ psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -52,18 +53,20 @@ static int32_t send_secure_partition_address(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
return status;
}
+ val->print(PRINT_DEBUG, "\tAPP-ROT: Passing 0x%x to NSPE\n", (int)&g_test_i072);
+
/* Send Application RoT data address - global variable */
- psa->write(msg.handle, 0, (void *)&g_test_i072, sizeof(g_test_i072));
+ psa->write(msg.handle, 0, (void *)&addr, sizeof(addr));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
return status;
@@ -87,7 +90,7 @@ int32_t server_test_nspe_write_app_rot_variable(void)
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i073/source.mk b/api-tests/ff/ipc/test_i073/source.mk
deleted file mode 100644
index 2cea6c5f..00000000
--- a/api-tests/ff/ipc/test_i073/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i073.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i073.c test_supp_i073.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i073/test.cmake b/api-tests/ff/ipc/test_i073/test.cmake
new file mode 100644
index 00000000..8f3321c0
--- /dev/null
+++ b/api-tests/ff/ipc/test_i073/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i073.c
+ test_i073.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i073.c
+ test_supp_i073.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i073/test_entry.c b/api-tests/ff/ipc/test_i073/test_entry_i073.c
similarity index 100%
rename from api-tests/ff/ipc/test_i073/test_entry.c
rename to api-tests/ff/ipc/test_i073/test_entry_i073.c
diff --git a/api-tests/ff/ipc/test_i073/test_i073.c b/api-tests/ff/ipc/test_i073/test_i073.c
index 9172ec48..8b8d8b67 100644
--- a/api-tests/ff/ipc/test_i073/test_i073.c
+++ b/api-tests/ff/ipc/test_i073/test_i073.c
@@ -36,8 +36,8 @@ static int32_t get_secure_partition_address(addr_t *addr)
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -45,17 +45,19 @@ static int32_t get_secure_partition_address(addr_t *addr)
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
-int32_t client_test_nspe_read_app_rot_stack(security_t caller)
+int32_t client_test_nspe_read_app_rot_stack(caller_security_t caller)
{
addr_t app_rot_addr;
uint32_t data = 0x1234;
@@ -93,7 +95,7 @@ int32_t client_test_nspe_read_app_rot_stack(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_nspe_write_app_rot_stack(security_t caller)
+int32_t client_test_nspe_write_app_rot_stack(caller_security_t caller)
{
addr_t app_rot_addr;
uint32_t data = 0x1234;
@@ -116,7 +118,7 @@ int32_t client_test_nspe_write_app_rot_stack(security_t caller)
*(uint32_t *)app_rot_addr = (uint32_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, 1)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
diff --git a/api-tests/ff/ipc/test_i073/test_i073.h b/api-tests/ff/ipc/test_i073/test_i073.h
index 1badc212..a2a4bb99 100644
--- a/api-tests/ff/ipc/test_i073/test_i073.h
+++ b/api-tests/ff/ipc/test_i073/test_i073.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i073)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i073)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i073_client_tests_list[];
-int32_t client_test_nspe_read_app_rot_stack(security_t);
-int32_t client_test_nspe_write_app_rot_stack(security_t);
+int32_t client_test_nspe_read_app_rot_stack(caller_security_t);
+int32_t client_test_nspe_write_app_rot_stack(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i073/test_supp_i073.c b/api-tests/ff/ipc/test_i073/test_supp_i073.c
index 114b0a2a..a18ec3b0 100644
--- a/api-tests/ff/ipc/test_i073/test_supp_i073.c
+++ b/api-tests/ff/ipc/test_i073/test_supp_i073.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -40,7 +40,7 @@ static int32_t send_secure_partition_address(addr_t *stack)
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -49,18 +49,20 @@ static int32_t send_secure_partition_address(addr_t *stack)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
return status;
}
+ val->print(PRINT_DEBUG, "\tAPP-ROT: Passing 0x%x to NSPE\n", (int)stack);
+
/* Send Application RoT stack address */
- psa->write(msg.handle, 0, (void *)stack, sizeof(uint32_t));
+ psa->write(msg.handle, 0, (void *)&stack, sizeof(uint32_t));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
return status;
@@ -78,7 +80,7 @@ int32_t server_test_nspe_read_app_rot_stack(void)
status = send_secure_partition_address(&l_test_i073);
/* Dummy print to avoid compiler optimisation on local variable */
- val->print(PRINT_INFO, "\tData value 0x%x\n", l_test_i073);
+ val->print(PRINT_INFO, "\tStack data 0x%x\n", l_test_i073);
return status;
}
@@ -94,7 +96,7 @@ int32_t server_test_nspe_write_app_rot_stack(void)
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i074/source.mk b/api-tests/ff/ipc/test_i074/source.mk
deleted file mode 100644
index e82e890e..00000000
--- a/api-tests/ff/ipc/test_i074/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i074.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i074.c test_supp_i074.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i074/test.cmake b/api-tests/ff/ipc/test_i074/test.cmake
new file mode 100644
index 00000000..ce162f89
--- /dev/null
+++ b/api-tests/ff/ipc/test_i074/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i074.c
+ test_i074.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i074.c
+ test_supp_i074.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i074/test_entry.c b/api-tests/ff/ipc/test_i074/test_entry_i074.c
similarity index 100%
rename from api-tests/ff/ipc/test_i074/test_entry.c
rename to api-tests/ff/ipc/test_i074/test_entry_i074.c
diff --git a/api-tests/ff/ipc/test_i074/test_i074.c b/api-tests/ff/ipc/test_i074/test_i074.c
index 8c58ca99..ce91843e 100644
--- a/api-tests/ff/ipc/test_i074/test_i074.c
+++ b/api-tests/ff/ipc/test_i074/test_i074.c
@@ -36,13 +36,13 @@ client_test_t test_i074_client_tests_list[] = {
NULL,
};
-#if (SP_HEAP_MEM_SUPP == 1)
+#ifdef SP_HEAP_MEM_SUPP
static int32_t get_secure_partition_address(addr_t *addr)
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, 1);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -50,17 +50,19 @@ static int32_t get_secure_partition_address(addr_t *addr)
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, BUFFER_SIZE}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
-int32_t client_test_nspe_read_app_rot_heap(security_t caller)
+int32_t client_test_nspe_read_app_rot_heap(caller_security_t caller)
{
addr_t app_rot_addr;
uint8_t data = DATA_VALUE;
@@ -98,7 +100,7 @@ int32_t client_test_nspe_read_app_rot_heap(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_nspe_write_app_rot_heap(security_t caller)
+int32_t client_test_nspe_write_app_rot_heap(caller_security_t caller)
{
addr_t app_rot_addr;
uint8_t data = DATA_VALUE;
@@ -121,7 +123,7 @@ int32_t client_test_nspe_write_app_rot_heap(security_t caller)
*(uint8_t *)app_rot_addr = (uint8_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -129,14 +131,14 @@ int32_t client_test_nspe_write_app_rot_heap(security_t caller)
return VAL_STATUS_SUCCESS;
}
#else
-int32_t client_test_nspe_read_app_rot_heap(security_t caller)
+int32_t client_test_nspe_read_app_rot_heap(caller_security_t caller)
{
val->print(PRINT_TEST, "[Check 1] Test NSPE reading APP-RoT heap\n", 0);
val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
}
-int32_t client_test_nspe_write_app_rot_heap(security_t caller)
+int32_t client_test_nspe_write_app_rot_heap(caller_security_t caller)
{
val->print(PRINT_TEST, "[Check 2] Test NSPE writing APP-RoT heap\n", 0);
val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
diff --git a/api-tests/ff/ipc/test_i074/test_i074.h b/api-tests/ff/ipc/test_i074/test_i074.h
index f6d1d8d5..2b477427 100644
--- a/api-tests/ff/ipc/test_i074/test_i074.h
+++ b/api-tests/ff/ipc/test_i074/test_i074.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i074)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i074)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i074_client_tests_list[];
-int32_t client_test_nspe_read_app_rot_heap(security_t);
-int32_t client_test_nspe_write_app_rot_heap(security_t);
+int32_t client_test_nspe_read_app_rot_heap(caller_security_t);
+int32_t client_test_nspe_write_app_rot_heap(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i074/test_supp_i074.c b/api-tests/ff/ipc/test_i074/test_supp_i074.c
index cbc790e7..3b72f32f 100644
--- a/api-tests/ff/ipc/test_i074/test_supp_i074.c
+++ b/api-tests/ff/ipc/test_i074/test_supp_i074.c
@@ -18,15 +18,15 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
int32_t server_test_nspe_read_app_rot_heap(void);
int32_t server_test_nspe_write_app_rot_heap(void);
-#if (SP_HEAP_MEM_SUPP == 1)
+#ifdef SP_HEAP_MEM_SUPP
void *malloc(size_t size);
void free(void *ptr);
#endif
@@ -41,13 +41,13 @@ server_test_t test_i074_server_tests_list[] = {
NULL,
};
-#if (SP_HEAP_MEM_SUPP == 1)
+#ifdef SP_HEAP_MEM_SUPP
static int32_t send_secure_partition_address(uint8_t *heap)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -56,18 +56,20 @@ static int32_t send_secure_partition_address(uint8_t *heap)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
return status;
}
+ val->print(PRINT_DEBUG, "\tAPP-ROT: Passing 0x%x to NSPE\n", (int)heap);
+
/* Send Application RoT heap address */
- psa->write(msg.handle, 0, (void *)heap, sizeof(BUFFER_SIZE));
+ psa->write(msg.handle, 0, (void *)&heap, sizeof(BUFFER_SIZE));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
return status;
@@ -106,7 +108,7 @@ int32_t server_test_nspe_write_app_rot_heap(void)
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i075/source.mk b/api-tests/ff/ipc/test_i075/source.mk
deleted file mode 100644
index db83c871..00000000
--- a/api-tests/ff/ipc/test_i075/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i075.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i075.c test_supp_i075.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i075/test.cmake b/api-tests/ff/ipc/test_i075/test.cmake
new file mode 100644
index 00000000..a7583cf9
--- /dev/null
+++ b/api-tests/ff/ipc/test_i075/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i075.c
+ test_i075.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i075.c
+ test_supp_i075.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i075/test_entry.c b/api-tests/ff/ipc/test_i075/test_entry_i075.c
similarity index 100%
rename from api-tests/ff/ipc/test_i075/test_entry.c
rename to api-tests/ff/ipc/test_i075/test_entry_i075.c
diff --git a/api-tests/ff/ipc/test_i075/test_i075.c b/api-tests/ff/ipc/test_i075/test_i075.c
index 62c7b6ab..84c1c237 100644
--- a/api-tests/ff/ipc/test_i075/test_i075.c
+++ b/api-tests/ff/ipc/test_i075/test_i075.c
@@ -38,8 +38,8 @@ static int32_t get_secure_partition_address(addr_t *addr)
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -47,17 +47,19 @@ static int32_t get_secure_partition_address(addr_t *addr)
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tNSPE: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
-int32_t client_test_nspe_read_app_rot_mmio(security_t caller)
+int32_t client_test_nspe_read_app_rot_mmio(caller_security_t caller)
{
addr_t app_rot_addr;
uint32_t data = DATA_VALUE;
@@ -95,7 +97,7 @@ int32_t client_test_nspe_read_app_rot_mmio(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_nspe_write_app_rot_mmio(security_t caller)
+int32_t client_test_nspe_write_app_rot_mmio(caller_security_t caller)
{
addr_t app_rot_addr;
uint32_t data = DATA_VALUE;
@@ -118,7 +120,7 @@ int32_t client_test_nspe_write_app_rot_mmio(security_t caller)
*(uint32_t *)app_rot_addr = (uint32_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
diff --git a/api-tests/ff/ipc/test_i075/test_i075.h b/api-tests/ff/ipc/test_i075/test_i075.h
index 5cae303d..a5a81885 100644
--- a/api-tests/ff/ipc/test_i075/test_i075.h
+++ b/api-tests/ff/ipc/test_i075/test_i075.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i075)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i075)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i075_client_tests_list[];
-int32_t client_test_nspe_read_app_rot_mmio(security_t);
-int32_t client_test_nspe_write_app_rot_mmio(security_t);
+int32_t client_test_nspe_read_app_rot_mmio(caller_security_t);
+int32_t client_test_nspe_write_app_rot_mmio(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i075/test_supp_i075.c b/api-tests/ff/ipc/test_i075/test_supp_i075.c
index b98fffba..8c062a6e 100644
--- a/api-tests/ff/ipc/test_i075/test_supp_i075.c
+++ b/api-tests/ff/ipc/test_i075/test_supp_i075.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -54,12 +54,12 @@ static int32_t get_mmio_addr(addr_t *addr)
return VAL_STATUS_SUCCESS;
}
-static int32_t send_secure_partition_address(addr_t *stack)
+static int32_t send_secure_partition_address(addr_t *addr)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -68,18 +68,20 @@ static int32_t send_secure_partition_address(addr_t *stack)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
psa->reply(msg.handle, -2);
return status;
}
- /* Send Application RoT stack address */
- psa->write(msg.handle, 0, (void *)stack, sizeof(uint32_t));
+ val->print(PRINT_DEBUG, "\tAPP-ROT: Passing 0x%x to NSPE\n", (int)*addr);
+
+ /* Send Application RoT mmio address */
+ psa->write(msg.handle, 0, (void *)addr, sizeof(uint32_t));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
return status;
@@ -97,6 +99,9 @@ int32_t server_test_nspe_read_app_rot_mmio(void)
if (VAL_ERROR(status))
return status;
+ /* Initialise mmio address */
+ *(uint32_t *)app_rot_addr = (uint32_t)DATA_VALUE;
+
return send_secure_partition_address(&app_rot_addr);
}
@@ -117,7 +122,7 @@ int32_t server_test_nspe_write_app_rot_mmio(void)
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i076/source.mk b/api-tests/ff/ipc/test_i076/source.mk
deleted file mode 100644
index e98fc9db..00000000
--- a/api-tests/ff/ipc/test_i076/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i076.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i076.c test_supp_i076.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i076/test.cmake b/api-tests/ff/ipc/test_i076/test.cmake
new file mode 100644
index 00000000..6e1dd1bd
--- /dev/null
+++ b/api-tests/ff/ipc/test_i076/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i076.c
+ test_i076.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i076.c
+ test_supp_i076.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i076/test_entry.c b/api-tests/ff/ipc/test_i076/test_entry_i076.c
similarity index 100%
rename from api-tests/ff/ipc/test_i076/test_entry.c
rename to api-tests/ff/ipc/test_i076/test_entry_i076.c
diff --git a/api-tests/ff/ipc/test_i076/test_i076.c b/api-tests/ff/ipc/test_i076/test_i076.c
index 3fc077ba..94510de7 100644
--- a/api-tests/ff/ipc/test_i076/test_i076.c
+++ b/api-tests/ff/ipc/test_i076/test_i076.c
@@ -38,8 +38,8 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -48,7 +48,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_* */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -59,7 +59,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
@@ -71,7 +71,7 @@ static void close_driver_fn(psa_handle_t *handle)
psa->close(*handle);
}
-int32_t client_test_nspe_read_psa_rot_variable(security_t caller)
+int32_t client_test_nspe_read_psa_rot_variable(caller_security_t caller)
{
addr_t psa_rot_addr;
uint32_t data = DATA_VALUE1;
@@ -114,7 +114,7 @@ int32_t client_test_nspe_read_psa_rot_variable(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_nspe_write_psa_rot_variable(security_t caller)
+int32_t client_test_nspe_write_psa_rot_variable(caller_security_t caller)
{
addr_t psa_rot_addr;
uint32_t data = DATA_VALUE1;
diff --git a/api-tests/ff/ipc/test_i076/test_i076.h b/api-tests/ff/ipc/test_i076/test_i076.h
index 1e5e11f5..6ec51f99 100644
--- a/api-tests/ff/ipc/test_i076/test_i076.h
+++ b/api-tests/ff/ipc/test_i076/test_i076.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i076)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i076)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i076_client_tests_list[];
-int32_t client_test_nspe_read_psa_rot_variable(security_t);
-int32_t client_test_nspe_write_psa_rot_variable(security_t);
+int32_t client_test_nspe_read_psa_rot_variable(caller_security_t);
+int32_t client_test_nspe_write_psa_rot_variable(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i076/test_supp_i076.c b/api-tests/ff/ipc/test_i076/test_supp_i076.c
index c32ec2fb..eb87a0f4 100644
--- a/api-tests/ff/ipc/test_i076/test_supp_i076.c
+++ b/api-tests/ff/ipc/test_i076/test_supp_i076.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i077/source.mk b/api-tests/ff/ipc/test_i077/source.mk
deleted file mode 100644
index e1abcb0e..00000000
--- a/api-tests/ff/ipc/test_i077/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i077.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i077.c test_supp_i077.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i077/test.cmake b/api-tests/ff/ipc/test_i077/test.cmake
new file mode 100644
index 00000000..0a060bfc
--- /dev/null
+++ b/api-tests/ff/ipc/test_i077/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i077.c
+ test_i077.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i077.c
+ test_supp_i077.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i077/test_entry.c b/api-tests/ff/ipc/test_i077/test_entry_i077.c
similarity index 100%
rename from api-tests/ff/ipc/test_i077/test_entry.c
rename to api-tests/ff/ipc/test_i077/test_entry_i077.c
diff --git a/api-tests/ff/ipc/test_i077/test_i077.c b/api-tests/ff/ipc/test_i077/test_i077.c
index 5f4e4d74..e714e80d 100644
--- a/api-tests/ff/ipc/test_i077/test_i077.c
+++ b/api-tests/ff/ipc/test_i077/test_i077.c
@@ -38,8 +38,8 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -48,7 +48,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -59,7 +59,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
@@ -72,7 +72,7 @@ static void close_driver_fn(psa_handle_t *handle)
}
-int32_t client_test_nspe_read_psa_rot_stack(security_t caller)
+int32_t client_test_nspe_read_psa_rot_stack(caller_security_t caller)
{
addr_t psa_rot_addr;
uint32_t data = DATA_VALUE1;
@@ -115,7 +115,7 @@ int32_t client_test_nspe_read_psa_rot_stack(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_nspe_write_psa_rot_stack(security_t caller)
+int32_t client_test_nspe_write_psa_rot_stack(caller_security_t caller)
{
addr_t psa_rot_addr;
uint32_t data = DATA_VALUE1;
diff --git a/api-tests/ff/ipc/test_i077/test_i077.h b/api-tests/ff/ipc/test_i077/test_i077.h
index 57a36a86..eb88d392 100644
--- a/api-tests/ff/ipc/test_i077/test_i077.h
+++ b/api-tests/ff/ipc/test_i077/test_i077.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i077)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i077)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i077_client_tests_list[];
-int32_t client_test_nspe_read_psa_rot_stack(security_t);
-int32_t client_test_nspe_write_psa_rot_stack(security_t);
+int32_t client_test_nspe_read_psa_rot_stack(caller_security_t);
+int32_t client_test_nspe_write_psa_rot_stack(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i077/test_supp_i077.c b/api-tests/ff/ipc/test_i077/test_supp_i077.c
index 03a42175..112d7e4b 100644
--- a/api-tests/ff/ipc/test_i077/test_supp_i077.c
+++ b/api-tests/ff/ipc/test_i077/test_supp_i077.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i078/source.mk b/api-tests/ff/ipc/test_i078/source.mk
deleted file mode 100644
index 628a2821..00000000
--- a/api-tests/ff/ipc/test_i078/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i078.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i078.c test_supp_i078.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i078/test.cmake b/api-tests/ff/ipc/test_i078/test.cmake
new file mode 100644
index 00000000..c7273d9e
--- /dev/null
+++ b/api-tests/ff/ipc/test_i078/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i078.c
+ test_i078.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i078.c
+ test_supp_i078.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i078/test_entry.c b/api-tests/ff/ipc/test_i078/test_entry_i078.c
similarity index 100%
rename from api-tests/ff/ipc/test_i078/test_entry.c
rename to api-tests/ff/ipc/test_i078/test_entry_i078.c
diff --git a/api-tests/ff/ipc/test_i078/test_i078.c b/api-tests/ff/ipc/test_i078/test_i078.c
index 338b781a..a708eeb5 100644
--- a/api-tests/ff/ipc/test_i078/test_i078.c
+++ b/api-tests/ff/ipc/test_i078/test_i078.c
@@ -36,13 +36,13 @@ client_test_t test_i078_client_tests_list[] = {
NULL,
};
-#if (SP_HEAP_MEM_SUPP == 1)
+#ifdef SP_HEAP_MEM_SUPP
static int32_t get_secure_partition_address(psa_handle_t *handle,
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -51,7 +51,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -62,7 +62,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
@@ -74,7 +74,7 @@ static void close_driver_fn(psa_handle_t *handle)
psa->close(*handle);
}
-int32_t client_test_nspe_read_psa_rot_heap(security_t caller)
+int32_t client_test_nspe_read_psa_rot_heap(caller_security_t caller)
{
addr_t psa_rot_addr;
uint8_t data = DATA_VALUE;
@@ -117,7 +117,7 @@ int32_t client_test_nspe_read_psa_rot_heap(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_nspe_write_psa_rot_heap(security_t caller)
+int32_t client_test_nspe_write_psa_rot_heap(caller_security_t caller)
{
addr_t psa_rot_addr;
uint8_t data = DATA_VALUE;
@@ -146,14 +146,14 @@ int32_t client_test_nspe_write_psa_rot_heap(security_t caller)
return VAL_STATUS_SUCCESS;
}
#else
-int32_t client_test_nspe_read_psa_rot_heap(security_t caller)
+int32_t client_test_nspe_read_psa_rot_heap(caller_security_t caller)
{
val->print(PRINT_TEST, "[Check 1] Test NSPE reading PSA-RoT heap\n", 0);
val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
}
-int32_t client_test_nspe_write_psa_rot_heap(security_t caller)
+int32_t client_test_nspe_write_psa_rot_heap(caller_security_t caller)
{
val->print(PRINT_TEST, "[Check 2] Test NSPE writing PSA-RoT heap\n", 0);
val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
diff --git a/api-tests/ff/ipc/test_i078/test_i078.h b/api-tests/ff/ipc/test_i078/test_i078.h
index 207f8d35..0613f109 100644
--- a/api-tests/ff/ipc/test_i078/test_i078.h
+++ b/api-tests/ff/ipc/test_i078/test_i078.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i078)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i078)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i078_client_tests_list[];
-int32_t client_test_nspe_read_psa_rot_heap(security_t);
-int32_t client_test_nspe_write_psa_rot_heap(security_t);
+int32_t client_test_nspe_read_psa_rot_heap(caller_security_t);
+int32_t client_test_nspe_write_psa_rot_heap(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i078/test_supp_i078.c b/api-tests/ff/ipc/test_i078/test_supp_i078.c
index 0b5f67f2..59297e30 100644
--- a/api-tests/ff/ipc/test_i078/test_supp_i078.c
+++ b/api-tests/ff/ipc/test_i078/test_supp_i078.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i079/source.mk b/api-tests/ff/ipc/test_i079/source.mk
deleted file mode 100644
index 09026a8a..00000000
--- a/api-tests/ff/ipc/test_i079/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i079.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i079.c test_supp_i079.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i079/test.cmake b/api-tests/ff/ipc/test_i079/test.cmake
new file mode 100644
index 00000000..2cab6b3c
--- /dev/null
+++ b/api-tests/ff/ipc/test_i079/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i079.c
+ test_i079.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i079.c
+ test_supp_i079.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i079/test_entry.c b/api-tests/ff/ipc/test_i079/test_entry_i079.c
similarity index 100%
rename from api-tests/ff/ipc/test_i079/test_entry.c
rename to api-tests/ff/ipc/test_i079/test_entry_i079.c
diff --git a/api-tests/ff/ipc/test_i079/test_i079.c b/api-tests/ff/ipc/test_i079/test_i079.c
index 11c66f8f..9cbbd792 100644
--- a/api-tests/ff/ipc/test_i079/test_i079.c
+++ b/api-tests/ff/ipc/test_i079/test_i079.c
@@ -38,8 +38,8 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -48,7 +48,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -59,7 +59,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
@@ -71,7 +71,7 @@ static void close_driver_fn(psa_handle_t *handle)
psa->close(*handle);
}
-int32_t client_test_nspe_read_psa_rot_mmio(security_t caller)
+int32_t client_test_nspe_read_psa_rot_mmio(caller_security_t caller)
{
addr_t psa_rot_addr;
uint32_t data = DATA_VALUE;
@@ -114,7 +114,7 @@ int32_t client_test_nspe_read_psa_rot_mmio(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_nspe_write_psa_rot_mmio(security_t caller)
+int32_t client_test_nspe_write_psa_rot_mmio(caller_security_t caller)
{
addr_t psa_rot_addr;
uint32_t data = DATA_VALUE;
diff --git a/api-tests/ff/ipc/test_i079/test_i079.h b/api-tests/ff/ipc/test_i079/test_i079.h
index c5ab49cf..99e2855c 100644
--- a/api-tests/ff/ipc/test_i079/test_i079.h
+++ b/api-tests/ff/ipc/test_i079/test_i079.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i079)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i079)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i079_client_tests_list[];
-int32_t client_test_nspe_read_psa_rot_mmio(security_t);
-int32_t client_test_nspe_write_psa_rot_mmio(security_t);
+int32_t client_test_nspe_read_psa_rot_mmio(caller_security_t);
+int32_t client_test_nspe_write_psa_rot_mmio(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i079/test_supp_i079.c b/api-tests/ff/ipc/test_i079/test_supp_i079.c
index 24a0f89f..57e7057a 100644
--- a/api-tests/ff/ipc/test_i079/test_supp_i079.c
+++ b/api-tests/ff/ipc/test_i079/test_supp_i079.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i080/source.mk b/api-tests/ff/ipc/test_i080/source.mk
deleted file mode 100644
index 0b19b917..00000000
--- a/api-tests/ff/ipc/test_i080/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i080.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i080.c test_supp_i080.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i080/test.cmake b/api-tests/ff/ipc/test_i080/test.cmake
new file mode 100644
index 00000000..6495d40d
--- /dev/null
+++ b/api-tests/ff/ipc/test_i080/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i080.c
+ test_i080.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i080.c
+ test_supp_i080.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i080/test_entry.c b/api-tests/ff/ipc/test_i080/test_entry_i080.c
similarity index 100%
rename from api-tests/ff/ipc/test_i080/test_entry.c
rename to api-tests/ff/ipc/test_i080/test_entry_i080.c
diff --git a/api-tests/ff/ipc/test_i080/test_i080.c b/api-tests/ff/ipc/test_i080/test_i080.c
index bd1bd368..ccafd646 100644
--- a/api-tests/ff/ipc/test_i080/test_i080.c
+++ b/api-tests/ff/ipc/test_i080/test_i080.c
@@ -38,8 +38,8 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -48,7 +48,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_* */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -59,7 +59,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
@@ -71,7 +71,7 @@ static void close_driver_fn(psa_handle_t *handle)
psa->close(*handle);
}
-int32_t client_test_app_rot_read_psa_rot_variable(security_t caller)
+int32_t client_test_app_rot_read_psa_rot_variable(caller_security_t caller)
{
addr_t psa_rot_addr;
uint32_t data = DATA_VALUE1;
@@ -114,7 +114,7 @@ int32_t client_test_app_rot_read_psa_rot_variable(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_app_rot_write_psa_rot_variable(security_t caller)
+int32_t client_test_app_rot_write_psa_rot_variable(caller_security_t caller)
{
addr_t psa_rot_addr;
uint32_t data = DATA_VALUE1;
diff --git a/api-tests/ff/ipc/test_i080/test_i080.h b/api-tests/ff/ipc/test_i080/test_i080.h
index fdbe7e91..a78d6cb2 100644
--- a/api-tests/ff/ipc/test_i080/test_i080.h
+++ b/api-tests/ff/ipc/test_i080/test_i080.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i080)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i080)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i080_client_tests_list[];
-int32_t client_test_app_rot_read_psa_rot_variable(security_t);
-int32_t client_test_app_rot_write_psa_rot_variable(security_t);
+int32_t client_test_app_rot_read_psa_rot_variable(caller_security_t);
+int32_t client_test_app_rot_write_psa_rot_variable(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i080/test_supp_i080.c b/api-tests/ff/ipc/test_i080/test_supp_i080.c
index cd022639..0b00be4b 100644
--- a/api-tests/ff/ipc/test_i080/test_supp_i080.c
+++ b/api-tests/ff/ipc/test_i080/test_supp_i080.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i081/source.mk b/api-tests/ff/ipc/test_i081/source.mk
deleted file mode 100644
index f84c2cb6..00000000
--- a/api-tests/ff/ipc/test_i081/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i081.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i081.c test_supp_i081.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i081/test.cmake b/api-tests/ff/ipc/test_i081/test.cmake
new file mode 100644
index 00000000..da099b7e
--- /dev/null
+++ b/api-tests/ff/ipc/test_i081/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i081.c
+ test_i081.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i081.c
+ test_supp_i081.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i081/test_entry.c b/api-tests/ff/ipc/test_i081/test_entry_i081.c
similarity index 100%
rename from api-tests/ff/ipc/test_i081/test_entry.c
rename to api-tests/ff/ipc/test_i081/test_entry_i081.c
diff --git a/api-tests/ff/ipc/test_i081/test_i081.c b/api-tests/ff/ipc/test_i081/test_i081.c
index 42c07658..b1e4b9e8 100644
--- a/api-tests/ff/ipc/test_i081/test_i081.c
+++ b/api-tests/ff/ipc/test_i081/test_i081.c
@@ -38,8 +38,8 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -48,7 +48,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -59,7 +59,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
@@ -72,7 +72,7 @@ static void close_driver_fn(psa_handle_t *handle)
}
-int32_t client_test_app_rot_read_psa_rot_stack(security_t caller)
+int32_t client_test_app_rot_read_psa_rot_stack(caller_security_t caller)
{
addr_t psa_rot_addr;
uint32_t data = DATA_VALUE1;
@@ -115,7 +115,7 @@ int32_t client_test_app_rot_read_psa_rot_stack(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_app_rot_write_psa_rot_stack(security_t caller)
+int32_t client_test_app_rot_write_psa_rot_stack(caller_security_t caller)
{
addr_t psa_rot_addr;
uint32_t data = DATA_VALUE1;
diff --git a/api-tests/ff/ipc/test_i081/test_i081.h b/api-tests/ff/ipc/test_i081/test_i081.h
index c62a89bb..cafee8db 100644
--- a/api-tests/ff/ipc/test_i081/test_i081.h
+++ b/api-tests/ff/ipc/test_i081/test_i081.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i081)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i081)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i081_client_tests_list[];
-int32_t client_test_app_rot_read_psa_rot_stack(security_t);
-int32_t client_test_app_rot_write_psa_rot_stack(security_t);
+int32_t client_test_app_rot_read_psa_rot_stack(caller_security_t);
+int32_t client_test_app_rot_write_psa_rot_stack(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i081/test_supp_i081.c b/api-tests/ff/ipc/test_i081/test_supp_i081.c
index 0f844163..474230ad 100644
--- a/api-tests/ff/ipc/test_i081/test_supp_i081.c
+++ b/api-tests/ff/ipc/test_i081/test_supp_i081.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i082/source.mk b/api-tests/ff/ipc/test_i082/source.mk
deleted file mode 100644
index af85416d..00000000
--- a/api-tests/ff/ipc/test_i082/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i082.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i082.c test_supp_i082.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i082/test.cmake b/api-tests/ff/ipc/test_i082/test.cmake
new file mode 100644
index 00000000..e0c7581e
--- /dev/null
+++ b/api-tests/ff/ipc/test_i082/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i082.c
+ test_i082.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i082.c
+ test_supp_i082.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i082/test_entry.c b/api-tests/ff/ipc/test_i082/test_entry_i082.c
similarity index 100%
rename from api-tests/ff/ipc/test_i082/test_entry.c
rename to api-tests/ff/ipc/test_i082/test_entry_i082.c
diff --git a/api-tests/ff/ipc/test_i082/test_i082.c b/api-tests/ff/ipc/test_i082/test_i082.c
index 6ddd6a72..4180f941 100644
--- a/api-tests/ff/ipc/test_i082/test_i082.c
+++ b/api-tests/ff/ipc/test_i082/test_i082.c
@@ -36,13 +36,13 @@ client_test_t test_i082_client_tests_list[] = {
NULL,
};
-#if (SP_HEAP_MEM_SUPP == 1)
+#ifdef SP_HEAP_MEM_SUPP
static int32_t get_secure_partition_address(psa_handle_t *handle,
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -51,7 +51,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -62,7 +62,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
@@ -74,7 +74,7 @@ static void close_driver_fn(psa_handle_t *handle)
psa->close(*handle);
}
-int32_t client_test_app_rot_read_psa_rot_heap(security_t caller)
+int32_t client_test_app_rot_read_psa_rot_heap(caller_security_t caller)
{
addr_t psa_rot_addr;
uint8_t data = DATA_VALUE;
@@ -117,7 +117,7 @@ int32_t client_test_app_rot_read_psa_rot_heap(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_app_rot_write_psa_rot_heap(security_t caller)
+int32_t client_test_app_rot_write_psa_rot_heap(caller_security_t caller)
{
addr_t psa_rot_addr;
uint8_t data = DATA_VALUE;
@@ -146,14 +146,14 @@ int32_t client_test_app_rot_write_psa_rot_heap(security_t caller)
return VAL_STATUS_SUCCESS;
}
#else
-int32_t client_test_app_rot_read_psa_rot_heap(security_t caller)
+int32_t client_test_app_rot_read_psa_rot_heap(caller_security_t caller)
{
val->print(PRINT_TEST, "[Check 1] Test APP-RoT reading PSA-RoT heap\n", 0);
val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
}
-int32_t client_test_app_rot_write_psa_rot_heap(security_t caller)
+int32_t client_test_app_rot_write_psa_rot_heap(caller_security_t caller)
{
val->print(PRINT_TEST, "[Check 2] Test APP-RoT writing PSA-RoT heap\n", 0);
val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
diff --git a/api-tests/ff/ipc/test_i082/test_i082.h b/api-tests/ff/ipc/test_i082/test_i082.h
index accc73f5..37d1af5f 100644
--- a/api-tests/ff/ipc/test_i082/test_i082.h
+++ b/api-tests/ff/ipc/test_i082/test_i082.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i082)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i082)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i082_client_tests_list[];
-int32_t client_test_app_rot_read_psa_rot_heap(security_t);
-int32_t client_test_app_rot_write_psa_rot_heap(security_t);
+int32_t client_test_app_rot_read_psa_rot_heap(caller_security_t);
+int32_t client_test_app_rot_write_psa_rot_heap(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i082/test_supp_i082.c b/api-tests/ff/ipc/test_i082/test_supp_i082.c
index 20a5b7a3..1095b5c4 100644
--- a/api-tests/ff/ipc/test_i082/test_supp_i082.c
+++ b/api-tests/ff/ipc/test_i082/test_supp_i082.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i083/source.mk b/api-tests/ff/ipc/test_i083/source.mk
deleted file mode 100644
index a0354eb0..00000000
--- a/api-tests/ff/ipc/test_i083/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i083.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i083.c test_supp_i083.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i083/test.cmake b/api-tests/ff/ipc/test_i083/test.cmake
new file mode 100644
index 00000000..74e5fbe9
--- /dev/null
+++ b/api-tests/ff/ipc/test_i083/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i083.c
+ test_i083.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i083.c
+ test_supp_i083.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i083/test_entry.c b/api-tests/ff/ipc/test_i083/test_entry_i083.c
similarity index 100%
rename from api-tests/ff/ipc/test_i083/test_entry.c
rename to api-tests/ff/ipc/test_i083/test_entry_i083.c
diff --git a/api-tests/ff/ipc/test_i083/test_i083.c b/api-tests/ff/ipc/test_i083/test_i083.c
index 9899e3ee..3e95c8ef 100644
--- a/api-tests/ff/ipc/test_i083/test_i083.c
+++ b/api-tests/ff/ipc/test_i083/test_i083.c
@@ -38,8 +38,8 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
addr_t *addr,
driver_test_fn_id_t test_fn_id)
{
- *handle = psa->connect(DRIVER_TEST_SID, 1);
- if (*handle < 0)
+ *handle = psa->connect(DRIVER_TEST_SID, DRIVER_TEST_VERSION);
+ if (!PSA_HANDLE_IS_VALID(*handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -48,7 +48,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
/* Execute driver function related to TEST_ISOLATION_PSA_ROT_DATA_RD */
psa_invec invec[1] = {{&test_fn_id, sizeof(test_fn_id)}};
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(*handle, invec, 1, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, invec, 1, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
@@ -59,7 +59,7 @@ static int32_t get_secure_partition_address(psa_handle_t *handle,
static int32_t get_driver_status(psa_handle_t *handle)
{
- if (psa->call(*handle, NULL, 0, NULL, 0) != PSA_SUCCESS)
+ if (psa->call(*handle, PSA_IPC_CALL, NULL, 0, NULL, 0) != PSA_SUCCESS)
{
return VAL_STATUS_CALL_FAILED;
}
@@ -71,7 +71,7 @@ static void close_driver_fn(psa_handle_t *handle)
psa->close(*handle);
}
-int32_t client_test_app_rot_read_psa_rot_mmio(security_t caller)
+int32_t client_test_app_rot_read_psa_rot_mmio(caller_security_t caller)
{
addr_t psa_rot_addr;
uint32_t data = DATA_VALUE;
@@ -114,7 +114,7 @@ int32_t client_test_app_rot_read_psa_rot_mmio(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_app_rot_write_psa_rot_mmio(security_t caller)
+int32_t client_test_app_rot_write_psa_rot_mmio(caller_security_t caller)
{
addr_t psa_rot_addr;
uint32_t data = DATA_VALUE;
diff --git a/api-tests/ff/ipc/test_i083/test_i083.h b/api-tests/ff/ipc/test_i083/test_i083.h
index 99496a87..fffd86e3 100644
--- a/api-tests/ff/ipc/test_i083/test_i083.h
+++ b/api-tests/ff/ipc/test_i083/test_i083.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i083)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i083)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i083_client_tests_list[];
-int32_t client_test_app_rot_read_psa_rot_mmio(security_t);
-int32_t client_test_app_rot_write_psa_rot_mmio(security_t);
+int32_t client_test_app_rot_read_psa_rot_mmio(caller_security_t);
+int32_t client_test_app_rot_write_psa_rot_mmio(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i083/test_supp_i083.c b/api-tests/ff/ipc/test_i083/test_supp_i083.c
index e7bf8f51..893c291e 100644
--- a/api-tests/ff/ipc/test_i083/test_supp_i083.c
+++ b/api-tests/ff/ipc/test_i083/test_supp_i083.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/test_i084/source.mk b/api-tests/ff/ipc/test_i084/source.mk
deleted file mode 100644
index 5d162ed9..00000000
--- a/api-tests/ff/ipc/test_i084/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i084.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i084.c test_supp_i084.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i084/test.cmake b/api-tests/ff/ipc/test_i084/test.cmake
new file mode 100644
index 00000000..f6e9040b
--- /dev/null
+++ b/api-tests/ff/ipc/test_i084/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i084.c
+ test_i084.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i084.c
+ test_supp_i084.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i084/test_entry.c b/api-tests/ff/ipc/test_i084/test_entry_i084.c
similarity index 100%
rename from api-tests/ff/ipc/test_i084/test_entry.c
rename to api-tests/ff/ipc/test_i084/test_entry_i084.c
diff --git a/api-tests/ff/ipc/test_i084/test_i084.c b/api-tests/ff/ipc/test_i084/test_i084.c
index 933312aa..639a8ab3 100644
--- a/api-tests/ff/ipc/test_i084/test_i084.c
+++ b/api-tests/ff/ipc/test_i084/test_i084.c
@@ -36,8 +36,8 @@ static int32_t get_secure_partition_address(addr_t *addr)
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -45,17 +45,19 @@ static int32_t get_secure_partition_address(addr_t *addr)
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tClient SP: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
-int32_t client_test_sp_read_other_sp_variable(security_t caller)
+int32_t client_test_sp_read_other_sp_variable(caller_security_t caller)
{
addr_t app_rot_addr;
uint32_t data = 0x1234;
@@ -93,7 +95,7 @@ int32_t client_test_sp_read_other_sp_variable(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_sp_write_other_sp_variable(security_t caller)
+int32_t client_test_sp_write_other_sp_variable(caller_security_t caller)
{
addr_t app_rot_addr;
uint32_t data = 0x1234;
@@ -116,7 +118,7 @@ int32_t client_test_sp_write_other_sp_variable(security_t caller)
*(uint32_t *)app_rot_addr = (uint32_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
diff --git a/api-tests/ff/ipc/test_i084/test_i084.h b/api-tests/ff/ipc/test_i084/test_i084.h
index 0fa86afc..0465a4b5 100644
--- a/api-tests/ff/ipc/test_i084/test_i084.h
+++ b/api-tests/ff/ipc/test_i084/test_i084.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i084)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i084)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i084_client_tests_list[];
-int32_t client_test_sp_read_other_sp_variable(security_t);
-int32_t client_test_sp_write_other_sp_variable(security_t);
+int32_t client_test_sp_read_other_sp_variable(caller_security_t);
+int32_t client_test_sp_write_other_sp_variable(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i084/test_supp_i084.c b/api-tests/ff/ipc/test_i084/test_supp_i084.c
index 3c663d34..87aecf0b 100644
--- a/api-tests/ff/ipc/test_i084/test_supp_i084.c
+++ b/api-tests/ff/ipc/test_i084/test_supp_i084.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -40,10 +40,11 @@ server_test_t test_i084_server_tests_list[] = {
static int32_t send_secure_partition_address(void)
{
- int32_t status = VAL_STATUS_SUCCESS;
- psa_msg_t msg = {0};
+ int32_t status = VAL_STATUS_SUCCESS;
+ volatile uint32_t *addr = &g_test_i084;
+ psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -52,18 +53,20 @@ static int32_t send_secure_partition_address(void)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
return status;
}
+ val->print(PRINT_DEBUG, "\tServer SP: Passing 0x%x to Client SP\n", (int)&g_test_i084);
+
/* Send Application RoT data address - global variable */
- psa->write(msg.handle, 0, (void *)&g_test_i084, sizeof(g_test_i084));
+ psa->write(msg.handle, 0, (void *)&addr, sizeof(addr));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
return status;
@@ -87,7 +90,7 @@ int32_t server_test_sp_write_other_sp_variable(void)
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i085/source.mk b/api-tests/ff/ipc/test_i085/source.mk
deleted file mode 100644
index 2456cf49..00000000
--- a/api-tests/ff/ipc/test_i085/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i085.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i085.c test_supp_i085.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i085/test.cmake b/api-tests/ff/ipc/test_i085/test.cmake
new file mode 100644
index 00000000..cb4948ff
--- /dev/null
+++ b/api-tests/ff/ipc/test_i085/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i085.c
+ test_i085.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i085.c
+ test_supp_i085.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i085/test_entry.c b/api-tests/ff/ipc/test_i085/test_entry_i085.c
similarity index 100%
rename from api-tests/ff/ipc/test_i085/test_entry.c
rename to api-tests/ff/ipc/test_i085/test_entry_i085.c
diff --git a/api-tests/ff/ipc/test_i085/test_i085.c b/api-tests/ff/ipc/test_i085/test_i085.c
index da19a245..07eb2ec9 100644
--- a/api-tests/ff/ipc/test_i085/test_i085.c
+++ b/api-tests/ff/ipc/test_i085/test_i085.c
@@ -36,8 +36,8 @@ static int32_t get_secure_partition_address(addr_t *addr)
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -45,17 +45,19 @@ static int32_t get_secure_partition_address(addr_t *addr)
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tClient SP: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
-int32_t client_test_sp_read_other_sp_stack(security_t caller)
+int32_t client_test_sp_read_other_sp_stack(caller_security_t caller)
{
addr_t app_rot_addr;
uint32_t data = 0x1234;
@@ -93,7 +95,7 @@ int32_t client_test_sp_read_other_sp_stack(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_sp_write_other_sp_stack(security_t caller)
+int32_t client_test_sp_write_other_sp_stack(caller_security_t caller)
{
addr_t app_rot_addr;
uint32_t data = 0x1234;
@@ -116,7 +118,7 @@ int32_t client_test_sp_write_other_sp_stack(security_t caller)
*(uint32_t *)app_rot_addr = (uint32_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
diff --git a/api-tests/ff/ipc/test_i085/test_i085.h b/api-tests/ff/ipc/test_i085/test_i085.h
index 80d5bd6d..03d295b1 100644
--- a/api-tests/ff/ipc/test_i085/test_i085.h
+++ b/api-tests/ff/ipc/test_i085/test_i085.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i085)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i085)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i085_client_tests_list[];
-int32_t client_test_sp_read_other_sp_stack(security_t);
-int32_t client_test_sp_write_other_sp_stack(security_t);
+int32_t client_test_sp_read_other_sp_stack(caller_security_t);
+int32_t client_test_sp_write_other_sp_stack(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i085/test_supp_i085.c b/api-tests/ff/ipc/test_i085/test_supp_i085.c
index 9922716c..607a4158 100644
--- a/api-tests/ff/ipc/test_i085/test_supp_i085.c
+++ b/api-tests/ff/ipc/test_i085/test_supp_i085.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -40,7 +40,7 @@ static int32_t send_secure_partition_address(addr_t *stack)
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -49,18 +49,20 @@ static int32_t send_secure_partition_address(addr_t *stack)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
return status;
}
+ val->print(PRINT_DEBUG, "\tServer SP: Passing 0x%x to Client SP\n", (int)stack);
+
/* Send Application RoT stack address */
- psa->write(msg.handle, 0, (void *)stack, sizeof(uint32_t));
+ psa->write(msg.handle, 0, (void *)&stack, sizeof(addr_t));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
return status;
@@ -94,7 +96,7 @@ int32_t server_test_sp_write_other_sp_stack(void)
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i086/source.mk b/api-tests/ff/ipc/test_i086/source.mk
deleted file mode 100644
index c4127af3..00000000
--- a/api-tests/ff/ipc/test_i086/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i086.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i086.c test_supp_i086.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i086/test.cmake b/api-tests/ff/ipc/test_i086/test.cmake
new file mode 100644
index 00000000..d8d5f407
--- /dev/null
+++ b/api-tests/ff/ipc/test_i086/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i086.c
+ test_i086.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i086.c
+ test_supp_i086.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i086/test_entry.c b/api-tests/ff/ipc/test_i086/test_entry_i086.c
similarity index 100%
rename from api-tests/ff/ipc/test_i086/test_entry.c
rename to api-tests/ff/ipc/test_i086/test_entry_i086.c
diff --git a/api-tests/ff/ipc/test_i086/test_i086.c b/api-tests/ff/ipc/test_i086/test_i086.c
index 7f56cbe8..0be11bed 100644
--- a/api-tests/ff/ipc/test_i086/test_i086.c
+++ b/api-tests/ff/ipc/test_i086/test_i086.c
@@ -36,13 +36,13 @@ client_test_t test_i086_client_tests_list[] = {
NULL,
};
-#if (SP_HEAP_MEM_SUPP == 1)
+#ifdef SP_HEAP_MEM_SUPP
static int32_t get_secure_partition_address(addr_t *addr)
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -50,17 +50,19 @@ static int32_t get_secure_partition_address(addr_t *addr)
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, BUFFER_SIZE}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tClient SP: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
-int32_t client_test_sp_read_other_sp_heap(security_t caller)
+int32_t client_test_sp_read_other_sp_heap(caller_security_t caller)
{
addr_t app_rot_addr;
uint8_t data = DATA_VALUE;
@@ -98,7 +100,7 @@ int32_t client_test_sp_read_other_sp_heap(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_sp_write_other_sp_heap(security_t caller)
+int32_t client_test_sp_write_other_sp_heap(caller_security_t caller)
{
addr_t app_rot_addr;
uint8_t data = DATA_VALUE;
@@ -121,7 +123,7 @@ int32_t client_test_sp_write_other_sp_heap(security_t caller)
*(uint8_t *)app_rot_addr = (uint8_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -129,14 +131,14 @@ int32_t client_test_sp_write_other_sp_heap(security_t caller)
return VAL_STATUS_SUCCESS;
}
#else
-int32_t client_test_sp_read_other_sp_heap(security_t caller)
+int32_t client_test_sp_read_other_sp_heap(caller_security_t caller)
{
val->print(PRINT_TEST, "[Check 1] Test SP reading other SP heap\n", 0);
val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
return RESULT_SKIP(VAL_STATUS_HEAP_NOT_AVAILABLE);
}
-int32_t client_test_sp_write_other_sp_heap(security_t caller)
+int32_t client_test_sp_write_other_sp_heap(caller_security_t caller)
{
val->print(PRINT_TEST, "[Check 2] Test SP writing other SP heap\n", 0);
val->print(PRINT_ERROR, "\tSkipping test as heap memory not supported\n", 0);
diff --git a/api-tests/ff/ipc/test_i086/test_i086.h b/api-tests/ff/ipc/test_i086/test_i086.h
index eb64546d..794d5a1a 100644
--- a/api-tests/ff/ipc/test_i086/test_i086.h
+++ b/api-tests/ff/ipc/test_i086/test_i086.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i086)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i086)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i086_client_tests_list[];
-int32_t client_test_sp_read_other_sp_heap(security_t);
-int32_t client_test_sp_write_other_sp_heap(security_t);
+int32_t client_test_sp_read_other_sp_heap(caller_security_t);
+int32_t client_test_sp_write_other_sp_heap(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i086/test_supp_i086.c b/api-tests/ff/ipc/test_i086/test_supp_i086.c
index 52fef112..efff3ad8 100644
--- a/api-tests/ff/ipc/test_i086/test_supp_i086.c
+++ b/api-tests/ff/ipc/test_i086/test_supp_i086.c
@@ -18,15 +18,15 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
int32_t server_test_sp_read_other_sp_heap(void);
int32_t server_test_sp_write_other_sp_heap(void);
-#if (SP_HEAP_MEM_SUPP == 1)
+#ifdef SP_HEAP_MEM_SUPP
void *malloc(size_t size);
void free(void *ptr);
#endif
@@ -41,13 +41,13 @@ server_test_t test_i086_server_tests_list[] = {
NULL,
};
-#if (SP_HEAP_MEM_SUPP == 1)
+#ifdef SP_HEAP_MEM_SUPP
static int32_t send_secure_partition_address(uint8_t *heap)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -56,18 +56,20 @@ static int32_t send_secure_partition_address(uint8_t *heap)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, -2);
return status;
}
+ val->print(PRINT_DEBUG, "\tServer SP: Passing 0x%x to Client SP\n", (int)heap);
+
/* Send Application RoT heap address */
- psa->write(msg.handle, 0, (void *)heap, sizeof(BUFFER_SIZE));
+ psa->write(msg.handle, 0, (void *)&heap, sizeof(BUFFER_SIZE));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
return status;
@@ -106,7 +108,7 @@ int32_t server_test_sp_write_other_sp_heap(void)
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i087/source.mk b/api-tests/ff/ipc/test_i087/source.mk
deleted file mode 100644
index 492f7953..00000000
--- a/api-tests/ff/ipc/test_i087/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_i087.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_i087.c test_supp_i087.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_i087/test.cmake b/api-tests/ff/ipc/test_i087/test.cmake
new file mode 100644
index 00000000..4746ba62
--- /dev/null
+++ b/api-tests/ff/ipc/test_i087/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i087.c
+ test_i087.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i087.c
+ test_supp_i087.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i087/test_entry.c b/api-tests/ff/ipc/test_i087/test_entry_i087.c
similarity index 100%
rename from api-tests/ff/ipc/test_i087/test_entry.c
rename to api-tests/ff/ipc/test_i087/test_entry_i087.c
diff --git a/api-tests/ff/ipc/test_i087/test_i087.c b/api-tests/ff/ipc/test_i087/test_i087.c
index eb6cbf22..f5ce74c6 100644
--- a/api-tests/ff/ipc/test_i087/test_i087.c
+++ b/api-tests/ff/ipc/test_i087/test_i087.c
@@ -38,8 +38,8 @@ static int32_t get_secure_partition_address(addr_t *addr)
{
psa_handle_t handle = 0;
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
- if (handle < 0)
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
{
val->print(PRINT_ERROR, "\tConnection failed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
@@ -47,17 +47,19 @@ static int32_t get_secure_partition_address(addr_t *addr)
/* Get App-RoT address */
psa_outvec outvec[1] = {{addr, sizeof(addr_t)}};
- if (psa->call(handle, NULL, 0, outvec, 1) != PSA_SUCCESS)
+ if (psa->call(handle, PSA_IPC_CALL, NULL, 0, outvec, 1) != PSA_SUCCESS)
{
val->print(PRINT_ERROR, "\tmsg request failed\n", 0);
return VAL_STATUS_CALL_FAILED;
}
+ val->print(PRINT_DEBUG, "\tClient SP: Accessing address 0x%x\n", *addr);
+
psa->close(handle);
return VAL_STATUS_SUCCESS;
}
-int32_t client_test_sp_read_other_sp_mmio(security_t caller)
+int32_t client_test_sp_read_other_sp_mmio(caller_security_t caller)
{
addr_t app_rot_addr;
uint32_t data = DATA_VALUE;
@@ -95,7 +97,7 @@ int32_t client_test_sp_read_other_sp_mmio(security_t caller)
return VAL_STATUS_SPM_FAILED;
}
-int32_t client_test_sp_write_other_sp_mmio(security_t caller)
+int32_t client_test_sp_write_other_sp_mmio(caller_security_t caller)
{
addr_t app_rot_addr;
uint32_t data = DATA_VALUE;
@@ -118,7 +120,7 @@ int32_t client_test_sp_write_other_sp_mmio(security_t caller)
*(uint32_t *)app_rot_addr = (uint32_t)data;
/* Handshake with server to decide write status */
- if ((psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1)) > 0)
+ if ((psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION)) > 0)
{
val->print(PRINT_ERROR, "\tExpected connection to fail but succeed\n", 0);
return VAL_STATUS_INVALID_HANDLE;
diff --git a/api-tests/ff/ipc/test_i087/test_i087.h b/api-tests/ff/ipc/test_i087/test_i087.h
index 450427d2..abfd6dbc 100644
--- a/api-tests/ff/ipc/test_i087/test_i087.h
+++ b/api-tests/ff/ipc/test_i087/test_i087.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,i087)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, i087)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,6 +33,6 @@ extern psa_api_t *psa;
extern client_test_t test_i087_client_tests_list[];
-int32_t client_test_sp_read_other_sp_mmio(security_t);
-int32_t client_test_sp_write_other_sp_mmio(security_t);
+int32_t client_test_sp_read_other_sp_mmio(caller_security_t);
+int32_t client_test_sp_write_other_sp_mmio(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i087/test_supp_i087.c b/api-tests/ff/ipc/test_i087/test_supp_i087.c
index b59fb978..b1bee746 100644
--- a/api-tests/ff/ipc/test_i087/test_supp_i087.c
+++ b/api-tests/ff/ipc/test_i087/test_supp_i087.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
@@ -54,12 +54,12 @@ static int32_t get_mmio_addr(addr_t *addr)
return VAL_STATUS_SUCCESS;
}
-static int32_t send_secure_partition_address(addr_t *stack)
+static int32_t send_secure_partition_address(addr_t *addr)
{
int32_t status = VAL_STATUS_SUCCESS;
psa_msg_t msg = {0};
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
@@ -68,18 +68,20 @@ static int32_t send_secure_partition_address(addr_t *stack)
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_call_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(203), status))
{
psa->reply(msg.handle, -2);
return status;
}
- /* Send Application RoT stack address */
- psa->write(msg.handle, 0, (void *)stack, sizeof(uint32_t));
+ val->print(PRINT_DEBUG, "\tServer SP: Passing 0x%x to Client SP\n", (int)*addr);
+
+ /* Send Application RoT mmio address */
+ psa->write(msg.handle, 0, (void *)addr, sizeof(addr_t));
psa->reply(msg.handle, PSA_SUCCESS);
- status = val->process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
return status;
@@ -117,7 +119,7 @@ int32_t server_test_sp_write_other_sp_mmio(void)
return status;
/* Wait for write to get performed by client */
- status = val->process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
if (val->err_check_set(TEST_CHECKPOINT_NUM(204), status))
{
psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
diff --git a/api-tests/ff/ipc/test_i089/test.cmake b/api-tests/ff/ipc/test_i089/test.cmake
new file mode 100644
index 00000000..ef76d06c
--- /dev/null
+++ b/api-tests/ff/ipc/test_i089/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i089.c
+ test_i089.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i089.c
+ test_supp_i089.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i089/test_entry_i089.c b/api-tests/ff/ipc/test_i089/test_entry_i089.c
new file mode 100644
index 00000000..c50113bc
--- /dev/null
+++ b/api-tests/ff/ipc/test_i089/test_entry_i089.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i089.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 89)
+#define TEST_DESC "Testing psa_panic API\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i089_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i089/test_i089.c b/api-tests/ff/ipc/test_i089/test_i089.c
new file mode 100644
index 00000000..28987ef0
--- /dev/null
+++ b/api-tests/ff/ipc/test_i089/test_i089.c
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_service_defs.h"
+#endif
+
+#include "test_i089.h"
+
+client_test_t test_i089_client_tests_list[] = {
+ NULL,
+ client_test_psa_panic,
+ NULL,
+};
+
+int32_t client_test_psa_panic(caller_security_t caller)
+{
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/ff/ipc/test_i089/test_i089.h b/api-tests/ff/ipc/test_i089/test_i089.h
new file mode 100644
index 00000000..b0bbec33
--- /dev/null
+++ b/api-tests/ff/ipc/test_i089/test_i089.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I089_CLIENT_TESTS_H_
+#define _TEST_I089_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i089)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i089_client_tests_list[];
+
+int32_t client_test_psa_panic(caller_security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i089/test_supp_i089.c b/api-tests/ff/ipc/test_i089/test_supp_i089.c
new file mode 100644
index 00000000..189a736f
--- /dev/null
+++ b/api-tests/ff/ipc/test_i089/test_supp_i089.c
@@ -0,0 +1,82 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_client_defs.h"
+#include "val_service_defs.h"
+
+#define val CONCAT(val,_server_sp)
+#define psa CONCAT(psa,_server_sp)
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+int32_t server_test_psa_panic(void);
+
+server_test_t test_i089_server_tests_list[] = {
+ NULL,
+ server_test_psa_panic,
+ NULL,
+};
+
+int32_t server_test_psa_panic(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_TEST, "[Check 1] Test psa_panic API\n", 0);
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ /* Setting boot.state before test check */
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return status;
+ }
+
+ /* Call to psa_panic shouldn't return */
+ psa->panic();
+
+ /* Resetting boot.state to catch unwanted reboot */
+ status = val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ val->err_check_set(TEST_CHECKPOINT_NUM(203), status);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i090/test.cmake b/api-tests/ff/ipc/test_i090/test.cmake
new file mode 100644
index 00000000..7ea50b6c
--- /dev/null
+++ b/api-tests/ff/ipc/test_i090/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_i090.c
+ test_i090.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_i090.c
+ test_supp_i090.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_i090/test_entry_i090.c b/api-tests/ff/ipc/test_i090/test_entry_i090.c
new file mode 100644
index 00000000..4d456984
--- /dev/null
+++ b/api-tests/ff/ipc/test_i090/test_entry_i090.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i090.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 90)
+#define TEST_DESC "Testing psa_call with negative type\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i090_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i090/test_i090.c b/api-tests/ff/ipc/test_i090/test_i090.c
new file mode 100644
index 00000000..8d70be35
--- /dev/null
+++ b/api-tests/ff/ipc/test_i090/test_i090.c
@@ -0,0 +1,108 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_service_defs.h"
+#endif
+
+#include "test_i090.h"
+
+client_test_t test_i090_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_neg_type,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_neg_type(caller_security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+
+ val->print(PRINT_TEST,
+ "[Check 1] Test psa_call with negative type\n", 0);
+
+ /*
+ * This test checks for the PROGRAMMER ERROR condition for the PSA API. API's respond to
+ * PROGRAMMER ERROR could be either to return appropriate status code or panic the caller.
+ * When a Secure Partition panics, the SPE cannot continue normal execution, as defined
+ * in this specification. The behavior of the SPM following a Secure Partition panic is
+ * IMPLEMENTATION DEFINED- Arm recommends that the SPM causes the system to restart in
+ * this situation. Refer PSA-FF for more information on panic.
+ * For the cases where, SPM cannot capable to reboot the system (just hangs or power down),
+ * a watchdog timer set by val_test_init can reboot the system on timeout event. This will
+ * tests continuity and able to jump to next tests. Therefore, each test who checks for
+ * PROGRAMMER ERROR condition, expects system to get reset either by SPM or watchdog set by
+ * the test harness function.
+ *
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ *
+ * To decide, a reboot happened as intended by test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ */
+
+ handle = psa->connect(SERVER_UNSPECIFED_VERSION_SID, SERVER_UNSPECIFED_VERSION_VERSION);
+ if (!PSA_HANDLE_IS_VALID(handle))
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == CALLER_NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Test check- psa_call with negative type */
+ status_of_call = psa->call(handle, -1, NULL, 0, NULL, 0);
+
+ /*
+ * If the caller is in the NSPE, it is IMPLEMENTATION DEFINED whether
+ * a PROGRAMMER ERROR will panic or return PSA_ERROR_PROGRAMMER_ERROR.
+ * For SPE caller, it must panic.
+ */
+ if (caller == CALLER_NONSECURE && status_of_call == PSA_ERROR_PROGRAMMER_ERROR)
+ {
+ psa->close(handle);
+ return VAL_STATUS_SUCCESS;
+ }
+
+ /* If PROGRAMMER ERROR results into panic then control shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tCall should failed but succeed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->close(handle);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i090/test_i090.h b/api-tests/ff/ipc/test_i090/test_i090.h
new file mode 100644
index 00000000..8ba91472
--- /dev/null
+++ b/api-tests/ff/ipc/test_i090/test_i090.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I090_CLIENT_TESTS_H_
+#define _TEST_I090_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i090)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i090_client_tests_list[];
+
+int32_t client_test_psa_call_with_neg_type(caller_security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i090/test_supp_i090.c b/api-tests/ff/ipc/test_i090/test_supp_i090.c
new file mode 100644
index 00000000..438bfee8
--- /dev/null
+++ b/api-tests/ff/ipc/test_i090/test_supp_i090.c
@@ -0,0 +1,79 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_client_defs.h"
+#include "val_service_defs.h"
+
+#define val CONCAT(val,_server_sp)
+#define psa CONCAT(psa,_server_sp)
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+int32_t server_test_psa_call_with_neg_type();
+
+server_test_t test_i090_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_neg_type,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_neg_type()
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ psa_signal_t signals;
+
+ status = val->process_connect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa->reply(msg.handle, PSA_ERROR_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa->reply(msg.handle, PSA_SUCCESS);
+
+wait:
+ signals = psa->wait(PSA_WAIT_ANY, PSA_BLOCK);
+ if (signals & SERVER_UNSPECIFED_VERSION_SIGNAL)
+ {
+ if (psa->get(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg) != PSA_SUCCESS)
+ {
+ goto wait;
+ }
+
+ if (msg.type == PSA_IPC_DISCONNECT)
+ {
+ psa->reply(msg.handle, PSA_SUCCESS);
+ return VAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ /* Control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa->reply(msg.handle, -2);
+ val->process_disconnect_request(SERVER_UNSPECIFED_VERSION_SIGNAL, &msg);
+ psa->reply(msg.handle, PSA_SUCCESS);
+ }
+ }
+ else
+ {
+ val->print(PRINT_ERROR, "\tpsa_wait returned with invalid signal value = 0x%x\n", signals);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_ERROR;
+}
diff --git a/api-tests/ff/ipc/test_l088/source.mk b/api-tests/ff/ipc/test_l088/source.mk
deleted file mode 100644
index c2004628..00000000
--- a/api-tests/ff/ipc/test_l088/source.mk
+++ /dev/null
@@ -1,25 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-CC_SOURCE = test_entry.c test_l088.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
-
-CC_SOURCE_SPE = test_l088.c test_supp_l088.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
diff --git a/api-tests/ff/ipc/test_l088/test.cmake b/api-tests/ff/ipc/test_l088/test.cmake
new file mode 100644
index 00000000..16026f9a
--- /dev/null
+++ b/api-tests/ff/ipc/test_l088/test.cmake
@@ -0,0 +1,32 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+list(APPEND CC_SOURCE
+ test_entry_l088.c
+ test_l088.c
+)
+list(APPEND CC_OPTIONS )
+list(APPEND AS_SOURCE )
+list(APPEND AS_OPTIONS )
+
+list(APPEND CC_SOURCE_SPE
+ test_l088.c
+ test_supp_l088.c
+)
+list(APPEND CC_OPTIONS_SPE )
+list(APPEND AS_SOURCE_SPE )
+list(APPEND AS_OPTIONS_SPE )
diff --git a/api-tests/ff/ipc/test_l088/test_entry.c b/api-tests/ff/ipc/test_l088/test_entry_l088.c
similarity index 100%
rename from api-tests/ff/ipc/test_l088/test_entry.c
rename to api-tests/ff/ipc/test_l088/test_entry_l088.c
diff --git a/api-tests/ff/ipc/test_l088/test_l088.c b/api-tests/ff/ipc/test_l088/test_l088.c
index 612c9278..e4c1785a 100644
--- a/api-tests/ff/ipc/test_l088/test_l088.c
+++ b/api-tests/ff/ipc/test_l088/test_l088.c
@@ -31,7 +31,7 @@ client_test_t test_l088_client_tests_list[] = {
NULL,
};
-int32_t client_test_psa_rot_lifecycle_state(security_t caller)
+int32_t client_test_psa_rot_lifecycle_state(caller_security_t caller)
{
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/ff/ipc/test_l088/test_l088.h b/api-tests/ff/ipc/test_l088/test_l088.h
index e27f8acf..fe916aa1 100644
--- a/api-tests/ff/ipc/test_l088/test_l088.h
+++ b/api-tests/ff/ipc/test_l088/test_l088.h
@@ -20,12 +20,12 @@
#include "val_client_defs.h"
#ifdef NONSECURE_TEST_BUILD
-#define test_entry CONCAT(test_entry_,l088)
-#define val CONCAT(val,test_entry)
-#define psa CONCAT(psa,test_entry)
+#define test_entry CONCAT(test_entry_, l088)
+#define val CONCAT(val, test_entry)
+#define psa CONCAT(psa, test_entry)
#else
-#define val CONCAT(val,_client_sp)
-#define psa CONCAT(psa,_client_sp)
+#define val CONCAT(val, _client_sp)
+#define psa CONCAT(psa, _client_sp)
#endif
extern val_api_t *val;
@@ -33,5 +33,5 @@ extern psa_api_t *psa;
extern client_test_t test_i088_client_tests_list[];
-int32_t client_test_psa_rot_lifecycle_state(security_t);
+int32_t client_test_psa_rot_lifecycle_state(caller_security_t);
#endif
diff --git a/api-tests/ff/ipc/test_l088/test_supp_l088.c b/api-tests/ff/ipc/test_l088/test_supp_l088.c
index 1ca9fe6d..7510003c 100644
--- a/api-tests/ff/ipc/test_l088/test_supp_l088.c
+++ b/api-tests/ff/ipc/test_l088/test_supp_l088.c
@@ -18,8 +18,8 @@
#include "val_client_defs.h"
#include "val_service_defs.h"
-#define val CONCAT(val,_server_sp)
-#define psa CONCAT(psa,_server_sp)
+#define val CONCAT(val, _server_sp)
+#define psa CONCAT(psa, _server_sp)
extern val_api_t *val;
extern psa_api_t *psa;
diff --git a/api-tests/ff/ipc/testsuite.db b/api-tests/ff/ipc/testsuite.db
index f8a30133..72216ed9 100644
--- a/api-tests/ff/ipc/testsuite.db
+++ b/api-tests/ff/ipc/testsuite.db
@@ -108,5 +108,7 @@ test_i085, panic_test
test_i086, panic_test
test_i087, panic_test
test_l088
+test_i089, panic_test
+test_i090, panic_test
(END)
diff --git a/api-tests/ff/partition/ipc/client_partition.c b/api-tests/ff/partition/client_partition.c
similarity index 94%
rename from api-tests/ff/partition/ipc/client_partition.c
rename to api-tests/ff/partition/client_partition.c
index 7be5a6cb..7ecea528 100644
--- a/api-tests/ff/partition/ipc/client_partition.c
+++ b/api-tests/ff/partition/client_partition.c
@@ -32,9 +32,9 @@ void client_main(void)
status = VAL_STATUS_SUCCESS;
signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & CLIENT_TEST_DISPATCHER_SIG)
+ if (signals & CLIENT_TEST_DISPATCHER_SIGNAL)
{
- psa_get(CLIENT_TEST_DISPATCHER_SIG, &msg);
+ psa_get(CLIENT_TEST_DISPATCHER_SIGNAL, &msg);
switch (msg.type)
{
case PSA_IPC_CONNECT:
@@ -97,7 +97,8 @@ void client_main(void)
/* Server_partition requests client to connect to SERVER_SECURE_CONNECT_ONLY_SID */
else if (signals & PSA_DOORBELL)
{
- if (psa_connect(SERVER_SECURE_CONNECT_ONLY_SID, 2) != PSA_ERROR_CONNECTION_REFUSED)
+ if (psa_connect(SERVER_SECURE_CONNECT_ONLY_SID, SERVER_SECURE_CONNECT_ONLY_VERSION)
+ != PSA_ERROR_CONNECTION_REFUSED)
{
val_print(PRINT_ERROR, "psa_connect failed \n", 0);
}
diff --git a/api-tests/ff/partition/ipc/client_partition.h b/api-tests/ff/partition/client_partition.h
similarity index 100%
rename from api-tests/ff/partition/ipc/client_partition.h
rename to api-tests/ff/partition/client_partition.h
diff --git a/api-tests/ff/partition/common/driver_partition.c b/api-tests/ff/partition/driver_partition.c
similarity index 93%
rename from api-tests/ff/partition/common/driver_partition.c
rename to api-tests/ff/partition/driver_partition.c
index 53a6004b..549b5c47 100644
--- a/api-tests/ff/partition/common/driver_partition.c
+++ b/api-tests/ff/partition/driver_partition.c
@@ -15,7 +15,7 @@
* limitations under the License.
**/
-#include "val/spe/val_driver_service_apis.h"
+#include "val_driver_service_apis.h"
#define DATA_VALUE 0x1111
#define BUFFER_SIZE 4
@@ -58,9 +58,9 @@ void driver_main(void)
signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
/* Service Print functionality */
- if (signals & DRIVER_UART_SIG)
+ if (signals & DRIVER_UART_SIGNAL)
{
- psa_get(DRIVER_UART_SIG, &msg);
+ psa_get(DRIVER_UART_SIGNAL, &msg);
switch (msg.type)
{
case PSA_IPC_CONNECT:
@@ -109,9 +109,9 @@ void driver_main(void)
}
/* Service Watchdog functionality */
- else if (signals & DRIVER_WATCHDOG_SIG)
+ else if (signals & DRIVER_WATCHDOG_SIGNAL)
{
- psa_get(DRIVER_WATCHDOG_SIG, &msg);
+ psa_get(DRIVER_WATCHDOG_SIGNAL, &msg);
switch (msg.type)
{
case PSA_IPC_CALL:
@@ -162,9 +162,9 @@ void driver_main(void)
}
/* Service NVMEM functionality */
- else if (signals & DRIVER_NVMEM_SIG)
+ else if (signals & DRIVER_NVMEM_SIGNAL)
{
- psa_get(DRIVER_NVMEM_SIG, &msg);
+ psa_get(DRIVER_NVMEM_SIGNAL, &msg);
switch (msg.type)
{
case PSA_IPC_CALL:
@@ -221,9 +221,9 @@ void driver_main(void)
}
}
/* SID reserved for Driver test functions */
- else if (signals & DRIVER_TEST_SIG)
+ else if (signals & DRIVER_TEST_SIGNAL)
{
- psa_get(DRIVER_TEST_SIG, &msg);
+ psa_get(DRIVER_TEST_SIGNAL, &msg);
switch (msg.type)
{
case PSA_IPC_CALL:
@@ -381,7 +381,7 @@ int32_t driver_test_psa_eoi_with_multiple_signals(void)
}
/* psa_eoi should panic as irq_signal is provided with multiple signals */
- psa_eoi(DRIVER_UART_INTR_SIG|DRIVER_TEST_SIG);
+ psa_eoi(DRIVER_UART_INTR_SIG|DRIVER_TEST_SIGNAL);
/* Control shouldn't have reached here */
val_print_sf("\tCheck for psa_eoi(multiple_signals) failed\n", 0);
@@ -404,7 +404,7 @@ int32_t driver_test_irq_routing(void)
val_generate_interrupt();
/* Wait for DRIVER_UART_INTR_SIG signal */
- signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
+ signals = psa_wait(DRIVER_UART_INTR_SIG, PSA_BLOCK);
if (signals & DRIVER_UART_INTR_SIG)
{
@@ -453,9 +453,9 @@ static int32_t process_call_request(psa_signal_t sig, psa_msg_t *msg)
goto wait;
}
- if ((msg->type != PSA_IPC_CALL) || (msg->handle <= 0))
+ if ((msg->type < PSA_IPC_CALL) || (msg->handle <= 0))
{
- val_print_sf("\tpsa_get failed for PSA_IPC_CALL\n", 0);
+ val_print_sf("\tpsa_get failed for request message\n", 0);
res = VAL_STATUS_ERROR;
}
else
@@ -473,15 +473,19 @@ static int32_t process_call_request(psa_signal_t sig, psa_msg_t *msg)
void driver_test_isolation_psa_rot_data_rd(psa_msg_t *msg)
{
+ uint32_t *addr = &g_psa_rot_data;
+
/* Send PSA RoT data address - global variable */
- psa_write(msg->handle, 0, (void *) &g_psa_rot_data, sizeof(addr_t));
+ psa_write(msg->handle, 0, (void *) &addr, sizeof(addr_t));
psa_reply(msg->handle, PSA_SUCCESS);
}
void driver_test_isolation_psa_rot_data_wr(psa_msg_t *msg)
{
+ uint32_t *addr = &g_psa_rot_data;
+
/* Send PSA RoT data address - global variable */
- psa_write(msg->handle, 0, (void *) &g_psa_rot_data, sizeof(addr_t));
+ psa_write(msg->handle, 0, (void *) &addr, sizeof(addr_t));
/* Setting boot.state before test check */
if (val_driver_private_set_boot_flag_fn(BOOT_EXPECTED_S))
@@ -492,7 +496,7 @@ void driver_test_isolation_psa_rot_data_wr(psa_msg_t *msg)
psa_reply(msg->handle, PSA_SUCCESS);
/* Process second call request */
- if (VAL_ERROR(process_call_request(DRIVER_TEST_SIG, msg)))
+ if (VAL_ERROR(process_call_request(DRIVER_TEST_SIGNAL, msg)))
{
psa_reply(msg->handle, -2);
return;
@@ -521,21 +525,23 @@ void driver_test_isolation_psa_rot_data_wr(psa_msg_t *msg)
void driver_test_isolation_psa_rot_stack_rd(psa_msg_t *msg)
{
uint32_t l_psa_rot_data = DATA_VALUE;
+ uint32_t *addr = &l_psa_rot_data;
/* Send PSA RoT stack address - local variable */
- psa_write(msg->handle, 0, (void *) &l_psa_rot_data, sizeof(addr_t));
+ psa_write(msg->handle, 0, (void *) &addr, sizeof(addr_t));
psa_reply(msg->handle, PSA_SUCCESS);
/* Dummy print to avoid compiler optimisation on local variable */
- val_print_sf("\tl_psa_rot_data value 0x%x\n", l_psa_rot_data);
+ val_print_sf("\tStack data 0x%x\n", (int)l_psa_rot_data);
}
void driver_test_isolation_psa_rot_stack_wr(psa_msg_t *msg)
{
uint32_t l_psa_rot_data = DATA_VALUE;
+ uint32_t *addr = &l_psa_rot_data;
/* Send PSA RoT stack address - local variable */
- psa_write(msg->handle, 0, (void *) &l_psa_rot_data, sizeof(addr_t));
+ psa_write(msg->handle, 0, (void *) &addr, sizeof(addr_t));
/* Setting boot.state before test check */
if (val_driver_private_set_boot_flag_fn(BOOT_EXPECTED_S))
@@ -546,7 +552,7 @@ void driver_test_isolation_psa_rot_stack_wr(psa_msg_t *msg)
psa_reply(msg->handle, PSA_SUCCESS);
/* Process second call request */
- if (VAL_ERROR(process_call_request(DRIVER_TEST_SIG, msg)))
+ if (VAL_ERROR(process_call_request(DRIVER_TEST_SIGNAL, msg)))
{
psa_reply(msg->handle, -2);
return;
@@ -574,14 +580,14 @@ void driver_test_isolation_psa_rot_stack_wr(psa_msg_t *msg)
void driver_test_isolation_psa_rot_heap_rd(psa_msg_t *msg)
{
-#if (SP_HEAP_MEM_SUPP == 1)
+#ifdef SP_HEAP_MEM_SUPP
uint8_t *buffer;
buffer = (uint8_t *)malloc(sizeof(uint8_t) * BUFFER_SIZE);
memset((uint8_t *)buffer, (uint8_t)DATA_VALUE, BUFFER_SIZE);
/* Send PSA RoT heap address */
- psa_write(msg->handle, 0, (void *) buffer, BUFFER_SIZE);
+ psa_write(msg->handle, 0, (void *) &buffer, BUFFER_SIZE);
psa_reply(msg->handle, PSA_SUCCESS);
free(buffer);
#endif
@@ -589,14 +595,14 @@ void driver_test_isolation_psa_rot_heap_rd(psa_msg_t *msg)
void driver_test_isolation_psa_rot_heap_wr(psa_msg_t *msg)
{
-#if (SP_HEAP_MEM_SUPP == 1)
+#ifdef SP_HEAP_MEM_SUPP
uint8_t *buffer;
buffer = (uint8_t *)malloc(sizeof(uint8_t) * BUFFER_SIZE);
memset((uint8_t *)buffer, (uint8_t)DATA_VALUE, BUFFER_SIZE);
/* Send PSA RoT heap address */
- psa_write(msg->handle, 0, (void *) buffer, BUFFER_SIZE);
+ psa_write(msg->handle, 0, (void *) &buffer, BUFFER_SIZE);
psa_reply(msg->handle, PSA_SUCCESS);
/* Setting boot.state before test check */
@@ -607,7 +613,7 @@ void driver_test_isolation_psa_rot_heap_wr(psa_msg_t *msg)
}
/* Process second call request */
- if (VAL_ERROR(process_call_request(DRIVER_TEST_SIG, msg)))
+ if (VAL_ERROR(process_call_request(DRIVER_TEST_SIGNAL, msg)))
{
psa_reply(msg->handle, -2);
return;
@@ -662,8 +668,8 @@ void driver_test_isolation_psa_rot_mmio_wr(psa_msg_t *msg)
}
/* Send PSA RoT mmio address */
- memset((uint8_t *)&psa_rot_mmio_addr, (uint8_t)DATA_VALUE, sizeof(uint32_t));
- psa_write(msg->handle, 0, (void *) &psa_rot_mmio_addr, sizeof(uint32_t));
+ memset((uint8_t *)&psa_rot_mmio_addr, (uint8_t)DATA_VALUE, sizeof(addr_t));
+ psa_write(msg->handle, 0, (void *) &psa_rot_mmio_addr, sizeof(addr_t));
psa_reply(msg->handle, PSA_SUCCESS);
/* Setting boot.state before test check */
@@ -674,7 +680,7 @@ void driver_test_isolation_psa_rot_mmio_wr(psa_msg_t *msg)
}
/* Process second call request */
- if (VAL_ERROR(process_call_request(DRIVER_TEST_SIG, msg)))
+ if (VAL_ERROR(process_call_request(DRIVER_TEST_SIGNAL, msg)))
{
psa_reply(msg->handle, -2);
return;
diff --git a/api-tests/ff/partition/ipc/server_partition.c b/api-tests/ff/partition/server_partition.c
similarity index 97%
rename from api-tests/ff/partition/ipc/server_partition.c
rename to api-tests/ff/partition/server_partition.c
index de0e7a42..94d55049 100644
--- a/api-tests/ff/partition/ipc/server_partition.c
+++ b/api-tests/ff/partition/server_partition.c
@@ -34,9 +34,9 @@ void server_main(void)
status = VAL_STATUS_SUCCESS;
signals = psa_wait(PSA_WAIT_ANY, PSA_BLOCK);
- if (signals & SERVER_TEST_DISPATCHER_SIG)
+ if (signals & SERVER_TEST_DISPATCHER_SIGNAL)
{
- psa_get(SERVER_TEST_DISPATCHER_SIG, &msg);
+ psa_get(SERVER_TEST_DISPATCHER_SIGNAL, &msg);
switch (msg.type)
{
case PSA_IPC_CONNECT:
diff --git a/api-tests/ff/partition/ipc/server_partition.h b/api-tests/ff/partition/server_partition.h
similarity index 100%
rename from api-tests/ff/partition/ipc/server_partition.h
rename to api-tests/ff/partition/server_partition.h
diff --git a/api-tests/platform/drivers/uart/cmsdk/pal_uart.c b/api-tests/platform/drivers/uart/cmsdk/pal_uart.c
index e55a4115..d31ffa3e 100644
--- a/api-tests/platform/drivers/uart/cmsdk/pal_uart.c
+++ b/api-tests/platform/drivers/uart/cmsdk/pal_uart.c
@@ -68,7 +68,7 @@ static void pal_uart_cmsdk_putc(uint8_t c)
void pal_cmsdk_print(char *str, int32_t data)
{
int8_t j, buffer[16];
- int8_t i = 0, is_neg = 0;
+ int8_t i = 0, is_neg = 0, k = 2 * sizeof(data);
for (; *str != '\0'; ++str)
{
@@ -96,7 +96,7 @@ void pal_cmsdk_print(char *str, int32_t data)
}
else if (*str == 'x' || *str == 'X')
{
- while (data != 0)
+ while (k--)
{
j = data & 0xf;
data >>= 4;
diff --git a/api-tests/platform/drivers/uart/pl011/pal_uart.c b/api-tests/platform/drivers/uart/pl011/pal_uart.c
index 9a1095b5..04de0ccd 100644
--- a/api-tests/platform/drivers/uart/pl011/pal_uart.c
+++ b/api-tests/platform/drivers/uart/pl011/pal_uart.c
@@ -69,7 +69,7 @@ void pal_uart_putc(uint8_t c)
void pal_uart_pl011_print(char *str, int32_t data)
{
uint8_t j, buffer[16];
- int8_t i = 0, is_neg = 0;
+ int8_t i = 0, is_neg = 0, k = 2 * sizeof(data);
for (; *str != '\0'; ++str)
{
@@ -97,7 +97,7 @@ void pal_uart_pl011_print(char *str, int32_t data)
}
else if (*str == 'x' || *str == 'X')
{
- while (data != 0)
+ while (k--)
{
j = data & 0xf;
data >>= 4;
diff --git a/api-tests/platform/manifests/client_partition_psa.json b/api-tests/platform/manifests/client_partition_psa.json
new file mode 100644
index 00000000..c0fb05bc
--- /dev/null
+++ b/api-tests/platform/manifests/client_partition_psa.json
@@ -0,0 +1,28 @@
+{
+ "psa_framework_version": 1.0,
+ "name": "CLIENT_PARTITION",
+ "type": "APPLICATION-ROT",
+ "priority": "NORMAL",
+ "description": "Client partition executing client test func from SPE",
+ "entry_point": "client_main",
+ "stack_size": "0x400",
+ "services": [{
+ "name": "CLIENT_TEST_DISPATCHER",
+ "sid": "0x0000FA01",
+ "non_secure_clients": true,
+ "version": 1,
+ "version_policy": "RELAXED"
+ }
+ ],
+ "dependencies": [
+ "DRIVER_UART",
+ "DRIVER_NVMEM",
+ "DRIVER_TEST",
+ "SERVER_TEST_DISPATCHER",
+ "SERVER_UNSPECIFED_VERSION",
+ "SERVER_STRICT_VERSION",
+ "SERVER_RELAX_VERSION",
+ "SERVER_SECURE_CONNECT_ONLY",
+ "SERVER_CONNECTION_DROP"
+ ]
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/common/driver_partition_psa.json b/api-tests/platform/manifests/driver_partition_psa.json
similarity index 51%
rename from api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/common/driver_partition_psa.json
rename to api-tests/platform/manifests/driver_partition_psa.json
index 7010c9b5..2b8c70c0 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/common/driver_partition_psa.json
+++ b/api-tests/platform/manifests/driver_partition_psa.json
@@ -6,62 +6,51 @@
"description": "Implements device services such print, flash read/write,. etc.",
"entry_point": "driver_main",
"stack_size": "0x400",
+ "heap_size": "0x100",
"services": [{
- "name": "DRIVER_UART_SID",
+ "name": "DRIVER_UART",
"sid": "0x0000FC01",
- "signal": "DRIVER_UART_SIG",
"non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
+ "version": 1,
+ "version_policy": "RELAXED"
},
{
- "name": "DRIVER_WATCHDOG_SID",
+ "name": "DRIVER_WATCHDOG",
"sid": "0x0000FC02",
- "signal": "DRIVER_WATCHDOG_SIG",
"non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
+ "version": 1,
+ "version_policy": "RELAXED"
},
{
- "name": "DRIVER_NVMEM_SID",
+ "name": "DRIVER_NVMEM",
"sid": "0x0000FC03",
- "signal": "DRIVER_NVMEM_SIG",
"non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
+ "version": 1,
+ "version_policy": "RELAXED"
},
{
- "name": "DRIVER_TEST_SID",
+ "name": "DRIVER_TEST",
"sid": "0x0000FC04",
- "signal": "DRIVER_TEST_SIG",
"non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
+ "version": 1,
+ "version_policy": "RELAXED"
}
],
"mmio_regions" : [
{
- "name": "UART_REGION",
- "base": "0x40004000",
- "size": "0x1000",
+ "name": "FF_TEST_UART_REGION",
"permission": "READ-WRITE"
},
{
- "name": "WATCHDOG_REGION",
- "base": "0x40008000",
- "size": "0x1000",
+ "name": "FF_TEST_WATCHDOG_REGION",
"permission": "READ-WRITE"
},
{
- "name": "NVMEM_REGION",
- "base": "0x2002F000",
- "size": "0x400",
+ "name": "FF_TEST_NVMEM_REGION",
"permission": "READ-WRITE"
},
{
- "name": "DRIVER_PARTITION_MMIO",
- "base": "0x200AF040",
- "size": "0x20",
+ "name": "FF_TEST_DRIVER_PARTITION_MMIO",
"permission": "READ-WRITE"
}
],
@@ -69,7 +58,7 @@
{
"description": "Using UART TX interrupt to test psa_wait and psa_eoi for irq_signal",
"signal": "DRIVER_UART_INTR_SIG",
- "line_num": 46
+ "source": "FF_TEST_UART_IRQ"
}
]
}
diff --git a/api-tests/platform/manifests/server_partition_psa.json b/api-tests/platform/manifests/server_partition_psa.json
new file mode 100644
index 00000000..5acbd735
--- /dev/null
+++ b/api-tests/platform/manifests/server_partition_psa.json
@@ -0,0 +1,68 @@
+{
+ "psa_framework_version": 1.0,
+ "name": "SERVER_PARTITION",
+ "type": "APPLICATION-ROT",
+ "priority": "NORMAL",
+ "description": "Server partition executing server test func",
+ "entry_point": "server_main",
+ "stack_size": "0x400",
+ "heap_size": "0x100",
+ "services": [{
+ "name": "SERVER_TEST_DISPATCHER",
+ "sid": "0x0000FB01",
+ "non_secure_clients": true,
+ "version": 1,
+ "version_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_SECURE_CONNECT_ONLY",
+ "sid": "0x0000FB02",
+ "non_secure_clients": false,
+ "version": 2,
+ "version_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_STRICT_VERSION",
+ "sid": "0x0000FB03",
+ "non_secure_clients": true,
+ "version": 2,
+ "version_policy": "STRICT"
+ },
+ {
+ "name": "SERVER_UNSPECIFED_VERSION",
+ "sid": "0x0000FB04",
+ "non_secure_clients": true
+ },
+ {
+ "name": "SERVER_RELAX_VERSION",
+ "sid": "0x0000FB05",
+ "non_secure_clients": true,
+ "version": 2,
+ "version_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_UNEXTERN",
+ "sid": "0x0000FB06",
+ "non_secure_clients": true,
+ "version": 2,
+ "version_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_CONNECTION_DROP",
+ "sid": "0x0000FB07",
+ "non_secure_clients": true,
+ "version": 2,
+ "version_policy": "RELAXED"
+ }
+ ],
+ "dependencies": [
+ "DRIVER_UART",
+ "DRIVER_NVMEM"
+ ],
+ "mmio_regions" : [
+ {
+ "name": "FF_TEST_SERVER_PARTITION_MMIO",
+ "permission": "READ-WRITE"
+ }
+ ]
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/Makefile b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/Makefile
deleted file mode 100644
index f757e4b9..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/Makefile
+++ /dev/null
@@ -1,160 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-include $(SOURCE)/tools/makefiles/toolchain.mk
-
-# Make variables to select correct instances of PAL files
-
-## PSA_IPC_IMPLEMENTED must be true for IPC SUITE
-PSA_IPC_IMPLEMENTED:=0
-
-## PSA_CRYPTO_IMPLEMENTED must be true for CRYPTO SUITE
-PSA_CRYPTO_IMPLEMENTED:=1
-
-## PSA_PROTECTED_STORAGE_IMPLEMENTED must be true for PROTECTED_STORAGE SUITE
-PSA_PROTECTED_STORAGE_IMPLEMENTED:=0
-
-## PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED must be true for INTERNAL_TRUSTED_STORAGE SUITE
-PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED:=1
-
-## PSA_INITIAL_ATTESTATION_IMPLEMENTED must be true for INITIAL_ATTESTATION SUITE
-PSA_INITIAL_ATTESTATION_IMPLEMENTED:=0
-
-# Make variables holding NSPE/SPE source files
-
-## PAL C source files part of NSPE library
-SRC_C_NSPE=
-
-## PAL ASM source files part of NSPE library
-SRC_ASM_NSPE=
-
-## PAL C source files part of SPE library - driver partition
-SRC_C_DRIVER_SP=
-
-## PAL ASM source files part of SPE library - driver partition
-SRC_ASM_DRIVER_SP=
-
-ifeq (${PSA_IPC_IMPLEMENTED},1)
-# When PSA_IPC_IMPLEMENTED=1, driver functionalities are implemented as RoT-services
-# and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
-SRC_C_NSPE += pal_client_api_intf.c
-SRC_C_NSPE += pal_driver_ipc_intf.c
-
-# Driver files will be compiled as part of driver partition
-SRC_C_DRIVER_SP += pal_driver_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
-else
-
-# When PSA_IPC_IMPLEMENTED=0, driver files will be compiled as part of NSPE
-SRC_C_NSPE += pal_client_api_empty_intf.c
-SRC_C_NSPE += pal_driver_ns_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
-endif
-
-ifeq (${PSA_CRYPTO_IMPLEMENTED},1)
-SRC_C_NSPE += pal_crypto_intf.c
-else
-SRC_C_NSPE += pal_crypto_empty_intf.c
-endif
-
-ifeq (${PSA_PROTECTED_STORAGE_IMPLEMENTED},1)
-SRC_C_NSPE += pal_protected_storage_intf.c
-else
-SRC_C_NSPE += pal_protected_storage_empty_intf.c
-endif
-
-ifeq (${PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED},1)
-SRC_C_NSPE += pal_internal_trusted_storage_intf.c
-else
-SRC_C_NSPE += pal_internal_trusted_storage_empty_intf.c
-endif
-
-ifeq (${PSA_INITIAL_ATTESTATION_IMPLEMENTED},1)
-SRC_C_NSPE += pal_attestation_intf.c
-SRC_C_NSPE += pal_attestation_eat.c
-SRC_C_NSPE += pal_attestation_crypto.c
-else
-SRC_C_NSPE += pal_attestation_empty_intf.c
-endif
-
-INCLUDE= -I$(SOURCE)/platform/targets/$(TARGET)/nspe \
- -I$(SOURCE)/platform/targets/$(TARGET)/spe \
- -I$(BUILD)/platform/$(TARGET)/ \
- -I$(SOURCE)/platform/drivers/uart/cmsdk \
- -I$(SOURCE)/platform/drivers/nvmem/ \
- -I$(SOURCE)/platform/drivers/watchdog/cmsdk \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/common \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/crypto \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation/ext/inc \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/internal_trusted_storage \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/protected_storage \
-
-VPATH=$(SOURCE)/platform/targets/$(TARGET)/: \
- $(SOURCE)/platform/targets/$(TARGET)/spe: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe: \
- $(SOURCE)/platform/drivers/uart/cmsdk: \
- $(SOURCE)/platform/drivers/nvmem: \
- $(SOURCE)/platform/drivers/watchdog/cmsdk: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/common: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/crypto: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation/ext/src: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/internal_trusted_storage: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/protected_storage: \
-
-all: build
-
-ifeq (${PSA_IPC_IMPLEMENTED},1)
-build: mkdir build_nspe_pal build_spe_pal
-else
-build: mkdir build_nspe_pal
-endif
-
-mkdir:
- @mkdir -p $(BUILD)/platform/nspe/
- @mkdir -p $(BUILD)/platform/spe/
-
-# BUILD NSPE PAL
-build_nspe_pal: build_c_nspe build_asm_nspe pal_nspe.a
-
-build_c_nspe: $(SRC_C_NSPE:%.c=$(BUILD)/platform/nspe/%.o)
-build_asm_nspe: $(SRC_ASM_NSPE:%.s=$(BUILD)/platform/nspe/%.o)
-
-$(BUILD)/platform/nspe/%.o : %.c
- $(CC) $(PAL_CDEFS) $(INCLUDE) -o $@ -c $<
-
-$(BUILD)/platform/nspe/%.o : %.s
- $(AS) $(INCLUDE) -o $@ $<
-
-pal_nspe.a:
- $(AR) $(AR_OPTIONS) $(BUILD)/platform/pal_nspe.a $(BUILD)/platform/nspe/*.o
-
-# BUILD SPE PAL
-build_spe_pal: build_driver_sp
-
-build_driver_sp: build_c_driver_sp build_asm_driver_sp
-
-build_c_driver_sp: $(SRC_C_DRIVER_SP:%.c=$(BUILD)/platform/spe/%_driver_sp.o)
-build_asm_driver_sp: $(SRC_ASM_DRIVER_SP:%.s=$(BUILD)/platform/spe/%_driver_sp.o)
-
-# Generated %_driver_sp.o(s) are used in spbuild.mk to create final driver_partition.a
-$(BUILD)/platform/spe/%_driver_sp.o : %.c
- $(CC) $(INCLUDE) -DSPE_BUILD -o $@ -c $<
-
-$(BUILD)/platform/spe/%_driver_sp.o : %.s
- $(AS) $(INCLUDE) -o $@ $<
-
-clean:
- @rm -rf $(BUILD)/platform/nspe/* $(BUILD)/platform/spe/*.a
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/common/driver_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/common/driver_partition_psa.json
deleted file mode 100644
index 3e2ec674..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/common/driver_partition_psa.json
+++ /dev/null
@@ -1,75 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "DRIVER_PARTITION",
- "type": "PSA-ROT",
- "priority": "NORMAL",
- "description": "Implements device services such print, flash read/write,. etc.",
- "entry_point": "driver_main",
- "stack_size": "0x400",
- "services": [{
- "name": "DRIVER_UART_SID",
- "sid": "0x0000FC01",
- "signal": "DRIVER_UART_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_WATCHDOG_SID",
- "sid": "0x0000FC02",
- "signal": "DRIVER_WATCHDOG_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_NVMEM_SID",
- "sid": "0x0000FC03",
- "signal": "DRIVER_NVMEM_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_TEST_SID",
- "sid": "0x0000FC04",
- "signal": "DRIVER_TEST_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "mmio_regions" : [
- {
- "name": "UART_REGION",
- "base": "0x40004000",
- "size": "0x1000",
- "permission": "READ-WRITE"
- },
- {
- "name": "WATCHDOG_REGION",
- "base": "0x40008000",
- "size": "0x1000",
- "permission": "READ-WRITE"
- },
- {
- "name": "NVMEM_REGION",
- "base": "0x2002F000",
- "size": "0x400",
- "permission": "READ-WRITE"
- },
- {
- "name": "DRIVER_PARTITION_MMIO",
- "base": "0x200AF040",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ],
- "irqs": [
- {
- "description": "Using UART TX interrupt to test psa_wait and psa_eoi for irq_signal",
- "signal": "DRIVER_UART_INTR_SIG",
- "line_num": 17
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/ipc/client_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/ipc/client_partition_psa.json
deleted file mode 100644
index b93377bd..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/ipc/client_partition_psa.json
+++ /dev/null
@@ -1,37 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "CLIENT_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Client partition executing client test func from SPE",
- "entry_point": "client_main",
- "stack_size": "0x400",
- "services": [{
- "name": "CLIENT_TEST_DISPATCHER_SID",
- "sid": "0x0000FA01",
- "signal": "CLIENT_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID",
- "DRIVER_TEST_SID",
- "SERVER_TEST_DISPATCHER_SID",
- "SERVER_UNSPECIFED_MINOR_V_SID",
- "SERVER_STRICT_MINOR_VERSION_SID",
- "SERVER_RELAX_MINOR_VERSION_SID",
- "SERVER_SECURE_CONNECT_ONLY_SID",
- "SERVER_CONNECTION_DROP_SID"
- ],
- "mmio_regions" : [
- {
- "name": "CLIENT_PARTITION_MMIO",
- "base": "0x200AF000",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/ipc/server_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/ipc/server_partition_psa.json
deleted file mode 100644
index 146b8fbc..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/ipc/server_partition_psa.json
+++ /dev/null
@@ -1,69 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "SERVER_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Server partition executing server test func",
- "entry_point": "server_main",
- "stack_size": "0x400",
- "heap_size": "0x100",
- "services": [{
- "name": "SERVER_TEST_DISPATCHER_SID",
- "sid": "0x0000FB01",
- "signal": "SERVER_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_SECURE_CONNECT_ONLY_SID",
- "sid": "0x0000FB02",
- "signal": "SERVER_SECURE_CONNECT_ONLY_SIG",
- "non_secure_clients": false,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_STRICT_MINOR_VERSION_SID",
- "sid": "0x0000FB03",
- "signal": "SERVER_STRICT_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "STRICT"
- },
- {
- "name": "SERVER_UNSPECIFED_MINOR_V_SID",
- "sid": "0x0000FB04",
- "signal": "SERVER_UNSPECIFED_MINOR_V_SIG",
- "non_secure_clients": true
- },
- {
- "name": "SERVER_RELAX_MINOR_VERSION_SID",
- "sid": "0x0000FB05",
- "signal": "SERVER_RELAX_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_UNEXTERN_SID",
- "sid": "0x0000FB06",
- "signal": "SERVER_UNEXTERN_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_CONNECTION_DROP_SID",
- "sid": "0x0000FB07",
- "signal": "SERVER_CONNECTION_DROP_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID"
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_intf.c
deleted file mode 100644
index 3df6aa8d..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_intf.c
+++ /dev/null
@@ -1,340 +0,0 @@
-/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-
-#include "pal_crypto_intf.h"
-
-#define PAL_KEY_SLOT_COUNT 32
-
-/**
- @brief - This API will call the requested crypto function
- @param - type : function code
- valist : variable argument list
- @return - error status
-**/
-int32_t pal_crypto_function(int type, va_list valist)
-{
- int i;
- size_t size, *length, salt_length, label_length, ciphertext_size;
- uint8_t *buffer, *ciphertext;
- const uint8_t *salt, *label, *nonce, *additional_data;
- uint8_t *plaintext;
- uint32_t status;
- const void *extra;
- size_t extra_size, capacity, *gen_cap, nonce_length, additional_data_length;
- psa_key_handle_t handle, *key_handle, target_handle;
- psa_key_type_t key_type, *key_type_out;
- psa_key_policy_t *policy;
- psa_key_usage_t usage, *usage_out;
- psa_key_lifetime_t *lifetime_out;
- psa_algorithm_t alg, *alg_out;
- psa_hash_operation_t *hash_operation;
- psa_mac_operation_t *mac_operation;
- psa_cipher_operation_t *cipher_operation;
- psa_crypto_generator_t *generator;
-
- switch (type)
- {
- case PAL_CRYPTO_INIT:
- return psa_crypto_init();
- case PAL_CRYPTO_GENERATE_RANDOM:
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, int);
- return psa_generate_random(buffer, size);
- case PAL_CRYPTO_IMPORT_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type = va_arg(valist, psa_key_type_t);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, int);
- status = psa_import_key(handle, key_type, buffer, size);
- return status;
- case PAL_CRYPTO_EXPORT_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- buffer = (uint8_t *)(va_arg(valist, uint8_t*));
- size = va_arg(valist, int);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_export_key(handle, buffer, size, length);
- return status;
- case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- buffer = (uint8_t *)(va_arg(valist, uint8_t*));
- size = va_arg(valist, int);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_export_public_key(handle, buffer, size, length);
- return status;
- case PAL_CRYPTO_KEY_POLICY_INIT:
- policy = va_arg(valist, psa_key_policy_t*);
- memset(policy, 0, sizeof(psa_key_policy_t));
- return 0;
- case PAL_CRYPTO_KEY_POLICY_SET_USAGE:
- policy = va_arg(valist, psa_key_policy_t*);
- usage = va_arg(valist, psa_key_usage_t);
- alg = va_arg(valist, psa_algorithm_t);
- psa_key_policy_set_usage(policy, usage, alg);
- return 0;
- case PAL_CRYPTO_SET_KEY_POLICY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_set_key_policy(handle, policy);
- case PAL_CRYPTO_DESTROY_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- status = psa_destroy_key(handle);
- return status;
- case PAL_CRYPTO_GET_KEY_INFORMATION:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type_out = va_arg(valist, psa_key_type_t*);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_get_key_information(handle, key_type_out, length);
- return status;
- case PAL_CRYPTO_GET_KEY_POLICY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_get_key_policy(handle, policy);
- case PAL_CRYPTO_KEY_POLICY_GET_USAGE:
- policy = va_arg(valist, psa_key_policy_t*);
- usage_out = va_arg(valist, psa_key_usage_t*);
- *usage_out = psa_key_policy_get_usage(policy);
- return 0;
- case PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM:
- policy = va_arg(valist, psa_key_policy_t*);
- alg_out = va_arg(valist, psa_algorithm_t*);
- *alg_out = psa_key_policy_get_algorithm(policy);
- return 0;
- case PAL_CRYPTO_GET_KEY_LIFETIME:
- handle = (psa_key_handle_t)va_arg(valist, int);
- lifetime_out = va_arg(valist, psa_key_lifetime_t*);
- return psa_get_key_lifetime(handle, lifetime_out);
- case PAL_CRYPTO_HASH_SETUP:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_hash_setup(hash_operation, alg);
- case PAL_CRYPTO_HASH_UPDATE:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_hash_update(hash_operation, buffer, size);
- case PAL_CRYPTO_HASH_VERIFY:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_hash_verify(hash_operation, buffer, size);
- case PAL_CRYPTO_HASH_FINISH:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_hash_finish(hash_operation, buffer, size, length);
- case PAL_CRYPTO_HASH_ABORT:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- return psa_hash_abort(hash_operation);
- case PAL_CRYPTO_GENERATE_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type = va_arg(valist, psa_key_type_t);
- size = va_arg(valist, size_t);
- extra = va_arg(valist, const void*);
- extra_size = va_arg(valist, size_t);
- return psa_generate_key(handle, key_type, size, extra, extra_size);
- case PAL_CRYPTO_GENERATOR_READ:
- generator = va_arg(valist, psa_crypto_generator_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, int);
- return psa_generator_read(generator, buffer, size);
- case PAL_CRYPTO_KEY_DERIVATION:
- generator = va_arg(valist, psa_crypto_generator_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- salt = va_arg(valist, const uint8_t *);
- salt_length = va_arg(valist, size_t);
- label = va_arg(valist, const uint8_t *);
- label_length = va_arg(valist, size_t);
- capacity = va_arg(valist, size_t);
- return psa_key_derivation(generator, handle, alg, salt, salt_length, label,
- label_length, capacity);
- case PAL_CRYPTO_GET_GENERATOR_CAPACITY:
- generator = va_arg(valist, psa_crypto_generator_t*);
- gen_cap = va_arg(valist, size_t*);
- return psa_get_generator_capacity(generator, gen_cap);
- case PAL_CRYPTO_GENERATOR_IMPORT_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type = va_arg(valist, psa_key_type_t);
- size = va_arg(valist, size_t);
- generator = va_arg(valist, psa_crypto_generator_t*);
- return psa_generator_import_key(handle, key_type, size, generator);
- case PAL_CRYPTO_GENERATOR_ABORT:
- generator = va_arg(valist, psa_crypto_generator_t*);
- return psa_generator_abort(generator);
- case PAL_CRYPTO_AEAD_ENCRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- nonce = va_arg(valist, const uint8_t *);
- nonce_length = va_arg(valist, size_t);
- additional_data = va_arg(valist, const uint8_t *);
- additional_data_length = va_arg(valist, size_t);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_aead_encrypt(handle, alg, nonce, nonce_length, additional_data,
- additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
- case PAL_CRYPTO_AEAD_DECRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- nonce = va_arg(valist, const uint8_t *);
- nonce_length = va_arg(valist, size_t);
- additional_data = va_arg(valist, const uint8_t *);
- additional_data_length = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_aead_decrypt(handle, alg, nonce, nonce_length, additional_data,
- additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
- case PAL_CRYPTO_MAC_SIGN_SETUP:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_mac_sign_setup(mac_operation, handle, alg);
- case PAL_CRYPTO_MAC_UPDATE:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_mac_update(mac_operation, buffer, size);
- case PAL_CRYPTO_MAC_SIGN_FINISH:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- length = (size_t *)va_arg(valist, size_t*);
- return psa_mac_sign_finish(mac_operation, buffer, size, length);
- case PAL_CRYPTO_MAC_VERIFY_SETUP:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_mac_verify_setup(mac_operation, handle, alg);
- case PAL_CRYPTO_MAC_VERIFY_FINISH:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_mac_verify_finish(mac_operation, buffer, size);
- case PAL_CRYPTO_MAC_ABORT:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- return psa_mac_abort(mac_operation);
- case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- salt = va_arg(valist, const uint8_t *);
- salt_length = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_asymmetric_encrypt(handle, alg, plaintext, size, salt, salt_length,
- ciphertext, ciphertext_size, length);
- case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- salt = va_arg(valist, const uint8_t *);
- salt_length = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_asymmetric_decrypt(handle, alg, plaintext, size, salt, salt_length,
- ciphertext, ciphertext_size, length);
- case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_cipher_encrypt_setup(cipher_operation, handle, alg);
- case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_cipher_decrypt_setup(cipher_operation, handle, alg);
- case PAL_CRYPTO_CIPHER_GENERATE_IV:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_cipher_generate_iv(cipher_operation, buffer, size, length);
- case PAL_CRYPTO_CIPHER_SET_IV:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_cipher_set_iv(cipher_operation, buffer, size);
- case PAL_CRYPTO_CIPHER_UPDATE:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
- length);
- case PAL_CRYPTO_CIPHER_FINISH:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_cipher_finish(cipher_operation, ciphertext, ciphertext_size, length);
- case PAL_CRYPTO_CIPHER_ABORT:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- return psa_cipher_abort(cipher_operation);
- case PAL_CRYPTO_ASYMMTERIC_SIGN:
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_asymmetric_sign(handle, alg, buffer, size, ciphertext, ciphertext_size,
- length);
- case PAL_CRYPTO_ASYMMTERIC_VERIFY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- return psa_asymmetric_verify(handle, alg, buffer, size, ciphertext, ciphertext_size);
- case PAL_CRYPTO_KEY_AGREEMENT:
- generator = va_arg(valist, psa_crypto_generator_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_key_agreement(generator, handle, buffer, size, alg);
- case PAL_CRYPTO_ALLOCATE_KEY:
- key_handle = (psa_key_handle_t *)va_arg(valist, int*);
- return psa_allocate_key(key_handle);
- case PAL_CRYPTO_COPY_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- target_handle = (psa_key_handle_t)va_arg(valist, int);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_copy_key(handle, target_handle, policy);
- case PAL_CRYPTO_FREE:
- for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
- psa_destroy_key(i);
- return 0;
- default:
- return PAL_STATUS_UNSUPPORTED_FUNC;
- }
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_intf.h b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_intf.h
deleted file mode 100644
index d1dabfa4..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_intf.h
+++ /dev/null
@@ -1,76 +0,0 @@
-/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-#ifndef _PAL_CRYPTO_H_
-#define _PAL_CRYPTO_H_
-
-#include "pal_common.h"
-
-enum crypto_function_code {
- PAL_CRYPTO_INIT = 0x1,
- PAL_CRYPTO_GENERATE_RANDOM = 0x2,
- PAL_CRYPTO_IMPORT_KEY = 0x3,
- PAL_CRYPTO_EXPORT_KEY = 0x4,
- PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
- PAL_CRYPTO_DESTROY_KEY = 0x6,
- PAL_CRYPTO_GET_KEY_INFO = 0x7,
- PAL_CRYPTO_KEY_POLICY_INIT = 0x8,
- PAL_CRYPTO_KEY_POLICY_SET_USAGE = 0x9,
- PAL_CRYPTO_KEY_POLICY_GET_USAGE = 0xA,
- PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM = 0xB,
- PAL_CRYPTO_SET_KEY_POLICY = 0xC,
- PAL_CRYPTO_GET_KEY_POLICY = 0xD,
- PAL_CRYPTO_GET_KEY_INFORMATION = 0xE,
- PAL_CRYPTO_GET_KEY_LIFETIME = 0xF,
- PAL_CRYPTO_HASH_SETUP = 0x11,
- PAL_CRYPTO_HASH_UPDATE = 0x12,
- PAL_CRYPTO_HASH_VERIFY = 0x13,
- PAL_CRYPTO_HASH_FINISH = 0x14,
- PAL_CRYPTO_HASH_ABORT = 0x15,
- PAL_CRYPTO_GENERATE_KEY = 0x16,
- PAL_CRYPTO_GENERATOR_READ = 0x17,
- PAL_CRYPTO_KEY_DERIVATION = 0x18,
- PAL_CRYPTO_GET_GENERATOR_CAPACITY = 0x19,
- PAL_CRYPTO_GENERATOR_IMPORT_KEY = 0x1A,
- PAL_CRYPTO_GENERATOR_ABORT = 0x1B,
- PAL_CRYPTO_AEAD_ENCRYPT = 0x1C,
- PAL_CRYPTO_AEAD_DECRYPT = 0x1D,
- PAL_CRYPTO_MAC_SIGN_SETUP = 0x1E,
- PAL_CRYPTO_MAC_UPDATE = 0x1F,
- PAL_CRYPTO_MAC_SIGN_FINISH = 0x20,
- PAL_CRYPTO_MAC_VERIFY_SETUP = 0x21,
- PAL_CRYPTO_MAC_VERIFY_FINISH = 0x22,
- PAL_CRYPTO_MAC_ABORT = 0x23,
- PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x24,
- PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x25,
- PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x26,
- PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x2A,
- PAL_CRYPTO_CIPHER_GENERATE_IV = 0x2B,
- PAL_CRYPTO_CIPHER_SET_IV = 0x2C,
- PAL_CRYPTO_CIPHER_UPDATE = 0x2D,
- PAL_CRYPTO_CIPHER_FINISH = 0x2E,
- PAL_CRYPTO_CIPHER_ABORT = 0x2F,
- PAL_CRYPTO_ASYMMTERIC_SIGN = 0x30,
- PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x31,
- PAL_CRYPTO_KEY_AGREEMENT = 0x32,
- PAL_CRYPTO_ALLOCATE_KEY = 0x33,
- PAL_CRYPTO_COPY_KEY = 0x34,
- PAL_CRYPTO_FREE = 0xFE,
-};
-
-int32_t pal_crypto_function(int type, va_list valist);
-#endif /* _PAL_CRYPTO_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_crypto.c
deleted file mode 100644
index ae2bdba4..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_crypto.c
+++ /dev/null
@@ -1,346 +0,0 @@
-/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-#include "pal_attestation_crypto.h"
-
-static uint32_t public_key_registered = 0;
-
-static inline struct q_useful_buf_c useful_buf_head(struct q_useful_buf_c buf,
- size_t amount)
-{
- return UsefulBuf_Head(buf, amount);
-}
-
-static uint32_t check_hash_sizes(void)
-{
- if (T_COSE_CRYPTO_SHA256_SIZE != PSA_HASH_SIZE(PSA_ALG_SHA_256))
- {
- return PAL_ATTEST_HASH_FAIL;
- }
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static psa_ecc_curve_t attest_map_elliptic_curve_type(int32_t cose_curve)
-{
- psa_ecc_curve_t psa_curve;
-
- /*FixMe: Mapping is not complete, missing ones: P384, P521, ED25519, ED448 */
- switch (cose_curve)
- {
- case P_256:
- psa_curve = PSA_ECC_CURVE_SECP256R1;
- break;
- default:
- psa_curve = USHRT_MAX;
- }
-
- return psa_curve;
-}
-
-static psa_algorithm_t cose_hash_alg_id_to_psa(int32_t cose_hash_alg_id)
-{
- psa_algorithm_t status;
-
- switch (cose_hash_alg_id)
- {
- case COSE_ALG_SHA256_PROPRIETARY:
- status = PSA_ALG_SHA_256;
- break;
- default:
- status = PSA_ALG_MD4;
- break;
- }
-
- return status;
-}
-
-static int32_t hash_alg_id_from_sig_alg_id(int32_t cose_sig_alg_id)
-{
- switch (cose_sig_alg_id)
- {
- case COSE_ALGORITHM_ES256:
- return COSE_ALG_SHA256_PROPRIETARY;
- default:
- return INT32_MAX;
- }
-}
-
-int32_t pal_cose_crypto_hash_start(struct pal_cose_crypto_hash *hash_ctx, int32_t cose_hash_alg_id)
-{
- int32_t cose_ret = PAL_ATTEST_SUCCESS;
- psa_status_t psa_ret;
- struct pal_cose_psa_crypto_hash *psa_hash_ctx;
-
- cose_ret = check_hash_sizes();
- if (cose_ret)
- {
- goto error;
- }
-
- if (sizeof(struct pal_cose_crypto_hash) < sizeof(struct pal_cose_psa_crypto_hash))
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- goto error;
- }
-
- psa_hash_ctx = (struct pal_cose_psa_crypto_hash *)hash_ctx;
- psa_ret = psa_hash_setup(&psa_hash_ctx->operation, cose_hash_alg_id_to_psa(cose_hash_alg_id));
-
- if (psa_ret == PAL_ATTEST_SUCCESS)
- {
- psa_hash_ctx->status = PAL_ATTEST_SUCCESS;
- cose_ret = PAL_ATTEST_SUCCESS;
- }
- else if (psa_ret == PSA_ERROR_NOT_SUPPORTED)
- {
- cose_ret = PAL_ATTEST_HASH_UNSUPPORTED;
- }
- else
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- }
-
-error:
- return cose_ret;
-}
-
-void pal_cose_crypto_hash_update(struct pal_cose_crypto_hash *hash_ctx,
- struct q_useful_buf_c data_to_hash)
-{
- struct pal_cose_psa_crypto_hash *psa_hash_ctx;
-
- if (sizeof(struct pal_cose_crypto_hash) < sizeof(struct pal_cose_psa_crypto_hash))
- {
- return;
- }
-
- psa_hash_ctx = (struct pal_cose_psa_crypto_hash *)hash_ctx;
-
- if (psa_hash_ctx->status == PAL_ATTEST_SUCCESS)
- {
- if (data_to_hash.ptr != NULL)
- {
- psa_hash_ctx->status = psa_hash_update(&psa_hash_ctx->operation,
- data_to_hash.ptr,
- data_to_hash.len);
- }
- else
- {
- /* Intentionally do nothing, just computing the size of the token */
- }
- }
-}
-
-int32_t pal_cose_crypto_hash_finish(struct pal_cose_crypto_hash *hash_ctx,
- struct q_useful_buf buffer_to_hold_result,
- struct q_useful_buf_c *hash_result)
-{
- uint32_t cose_ret = PAL_ATTEST_SUCCESS;
- psa_status_t psa_ret;
- struct pal_cose_psa_crypto_hash *psa_hash_ctx;
-
- if (sizeof(struct pal_cose_crypto_hash) < sizeof(struct pal_cose_psa_crypto_hash))
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- goto error;
- }
-
- psa_hash_ctx = (struct pal_cose_psa_crypto_hash *)hash_ctx;
-
- if (psa_hash_ctx->status == PAL_ATTEST_SUCCESS)
- {
- psa_ret = psa_hash_finish(&psa_hash_ctx->operation,
- buffer_to_hold_result.ptr,
- buffer_to_hold_result.len,
- &(hash_result->len));
-
- if (psa_ret == PAL_ATTEST_SUCCESS)
- {
- hash_result->ptr = buffer_to_hold_result.ptr;
- cose_ret = 0;
- }
- else if (psa_ret == PSA_ERROR_BUFFER_TOO_SMALL)
- {
- cose_ret = PAL_ATTEST_HASH_BUFFER_SIZE;
- }
- else
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- }
- }
- else
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- }
-
-error:
- return cose_ret;
-}
-
-int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
- struct q_useful_buf_c *hash)
-{
- uint32_t status = PAL_ATTEST_SUCCESS;
- struct pal_cose_crypto_hash hash_ctx;
-
- status = pal_cose_crypto_hash_start(&hash_ctx, COSE_ALG_SHA256_PROPRIETARY);
- if (status)
- return status;
-
- pal_cose_crypto_hash_update(&hash_ctx, bytes_to_hash);
- status = pal_cose_crypto_hash_finish(&hash_ctx, buffer_for_hash, hash);
-
- return status;
-}
-
-uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
- struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
- struct q_useful_buf_c payload)
-{
- uint32_t status;
- QCBOREncodeContext cbor_encode_ctx;
- struct q_useful_buf_c tbs_first_part;
- QCBORError qcbor_result;
- struct pal_cose_crypto_hash hash_ctx = {{0}};
- int32_t hash_alg_id;
- UsefulBuf_MAKE_STACK_UB (buffer_for_TBS_first_part, T_COSE_SIZE_OF_TBS);
-
- /* This builds the CBOR-format to-be-signed bytes */
- QCBOREncode_Init(&cbor_encode_ctx, buffer_for_TBS_first_part);
- QCBOREncode_OpenArray(&cbor_encode_ctx);
- /* context */
- QCBOREncode_AddSZString(&cbor_encode_ctx,
- COSE_SIG_CONTEXT_STRING_SIGNATURE1);
- /* body_protected */
- QCBOREncode_AddBytes(&cbor_encode_ctx,
- protected_headers);
- /* sign_protected */
- QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
- /* external_aad */
- QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
- /* fake payload */
- QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
- QCBOREncode_CloseArray(&cbor_encode_ctx);
-
- /* Get the result and convert it to struct q_useful_buf_c representation */
- qcbor_result = QCBOREncode_Finish(&cbor_encode_ctx, &tbs_first_part);
- if (qcbor_result)
- {
- /* Mainly means that the protected_headers were too big
- (which should never happen) */
- status = PAL_ATTEST_ERR_SIGN_STRUCT;
- goto Done;
- }
-
- /* Start the hashing */
- hash_alg_id = hash_alg_id_from_sig_alg_id(cose_alg_id);
-
- /* Don't check hash_alg_id for failure. pal_cose_crypto_hash_start()
- * will handle it properly
- */
- status = pal_cose_crypto_hash_start(&hash_ctx, hash_alg_id);
- if (status)
- goto Done;
-
- /* Hash the first part of the TBS. Take all but the last two
- * bytes. The last two bytes are the fake payload from above. It
- * is replaced by the real payload which is hashed next. The fake
- * payload is needed so the array count is right. This is one of
- * the main things that make it possible to implement with one
- * buffer for the whole cose sign1.
- */
- pal_cose_crypto_hash_update(&hash_ctx, useful_buf_head(tbs_first_part,
- tbs_first_part.len - 2));
-
- /* Hash the payload */
- pal_cose_crypto_hash_update(&hash_ctx, payload);
-
- /* Finish the hash and set up to return it */
- status = pal_cose_crypto_hash_finish(&hash_ctx,
- buffer_for_hash,
- hash);
-
-Done:
- return status;
-}
-
-uint32_t pal_import_attest_key(int32_t alg)
-{
- psa_key_type_t attest_key_type;
- size_t public_key_size;
- psa_status_t status = PSA_SUCCESS;
- psa_key_policy_t policy;
- psa_ecc_curve_t psa_curve;
- psa_key_handle_t public_key_handle;
-
- /* Mapping of COSE curve type to PSA curve types */
- psa_curve = attest_map_elliptic_curve_type(P_256);
- if (psa_curve == USHRT_MAX)
- return PAL_ATTEST_ERROR;
-
- /* Setup the key policy for public key */
- policy = psa_key_policy_init();
- psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_VERIFY, alg);
-
- status = psa_allocate_key(&public_key_handle);
- if (status != PSA_SUCCESS)
- return status;
-
- status = psa_set_key_policy(public_key_handle, &policy);
- if (status != PSA_SUCCESS)
- return status;
-
- attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(psa_curve);
-
- /* Register public key to crypto service */
- public_key_size = attest_key.pubx_key_size + attest_key.puby_key_size;
-
- status = psa_import_key(public_key_handle,
- attest_key_type,
- (const uint8_t *)&attest_public_key,
- public_key_size + 1);
-
- return status;
-}
-
-
-uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id,
- struct q_useful_buf_c token_hash,
- struct q_useful_buf_c signature)
-{
- uint32_t status = PAL_ATTEST_SUCCESS;
-
- if (!public_key_registered)
- {
- status = pal_import_attest_key(cose_algorithm_id);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- public_key_registered = 1;
- }
-
-/*
- * Enable the verify function when Trusted Firmare - M Supports
-
- * Verify the signature a hash or short message using a public key.
- status = psa_asymmetric_verify(public_key_handle,
- cose_algorithm_id, token_hash.ptr, token_hash.len,
- signature.ptr, signature.len);
-*/
- return status;
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_eat.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_eat.c
deleted file mode 100644
index 178fdc9c..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_eat.c
+++ /dev/null
@@ -1,491 +0,0 @@
-/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-#include "pal_attestation_crypto.h"
-
-uint32_t mandatory_claims = 0;
-uint32_t mandaroty_sw_components = 0;
-bool_t sw_component_present = 0;
-
-static int pal_encode_cose_key(struct q_useful_buf_c *cose_key,
- struct q_useful_buf buffer_for_cose_key,
- struct q_useful_buf_c x_cord, struct q_useful_buf_c y_cord)
-{
- uint32_t return_value;
- QCBORError qcbor_result;
- QCBOREncodeContext cbor_encode_ctx;
- int32_t cose_curve_id = P_256;
- struct q_useful_buf_c encoded_key_id;
-
- /* Get the public key x and y */
- /* Encode it into a COSE_Key structure */
- QCBOREncode_Init(&cbor_encode_ctx, buffer_for_cose_key);
- QCBOREncode_OpenMap(&cbor_encode_ctx);
- QCBOREncode_AddInt64ToMapN(&cbor_encode_ctx,
- COSE_KEY_COMMON_KTY,
- COSE_KEY_TYPE_EC2);
- QCBOREncode_AddInt64ToMapN(&cbor_encode_ctx,
- COSE_KEY_PARAM_CRV,
- cose_curve_id);
- QCBOREncode_AddBytesToMapN(&cbor_encode_ctx,
- COSE_KEY_PARAM_X_COORDINATE,
- x_cord);
- QCBOREncode_AddBytesToMapN(&cbor_encode_ctx,
- COSE_KEY_PARAM_Y_COORDINATE,
- y_cord);
- QCBOREncode_CloseMap(&cbor_encode_ctx);
-
- qcbor_result = QCBOREncode_Finish(&cbor_encode_ctx, &encoded_key_id);
- if (qcbor_result != QCBOR_SUCCESS)
- {
- /* Mainly means that the COSE_Key was too big for buffer_for_cose_key */
- return_value = PAL_ATTEST_ERR_PROTECTED_HEADERS;
- goto Done;
- }
-
- /* Finish up and return */
- *cose_key = encoded_key_id;
- return_value = PAL_ATTEST_SUCCESS;
-
-Done:
- return return_value;
-}
-
-
-static int get_items_in_map(QCBORDecodeContext *decode_context,
- struct items_to_get_t *item_list)
-{
- int item_index;
- QCBORItem item;
- struct items_to_get_t *item_ptr = item_list;
-
- /* initialize the data type of all items in the list */
- while (item_ptr->label != 0)
- {
- item_ptr->item.uDataType = QCBOR_TYPE_NONE;
- item_ptr++;
- }
-
- QCBORDecode_GetNext(decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_MAP)
- {
- return PAL_ATTEST_ERROR;
- }
-
- for (item_index = item.val.uCount; item_index != 0; item_index--)
- {
- if (QCBORDecode_GetNext(decode_context, &item) != QCBOR_SUCCESS)
- {
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- if (item.uLabelType != QCBOR_TYPE_INT64)
- {
- continue;
- }
-
- item_ptr = item_list;
- while (item_ptr->label != 0)
- {
- if (item.label.int64 == item_ptr->label)
- {
- item_ptr->item = item;
- }
- item_ptr++;
- }
- }
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static int get_item_in_map(QCBORDecodeContext *decode_context,
- int32_t label,
- QCBORItem *item)
-{
- struct items_to_get_t item_list[2];
-
- item_list[0].label = label;
- item_list[1].label = 0;
-
- if (get_items_in_map(decode_context, item_list))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if (item_list[0].item.uDataType == QCBOR_TYPE_NONE)
- {
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
-
- *item = item_list[0].item;
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static int parse_unprotected_headers(QCBORDecodeContext *decode_context,
- struct q_useful_buf_c *child,
- bool *loop_back)
-{
- struct items_to_get_t item_list[3];
-
- item_list[0].label = COSE_HEADER_PARAM_KID;
- item_list[1].label = T_COSE_SHORT_CIRCUIT_LABEL;
- item_list[2].label = 0;
- *loop_back = false;
-
- if (get_items_in_map(decode_context, item_list))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if (item_list[1].item.uDataType == QCBOR_TYPE_TRUE)
- {
- *loop_back = true;
- }
-
- if (item_list[0].item.uDataType != QCBOR_TYPE_BYTE_STRING)
- {
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
-
- *child = item_list[0].item.val.string;
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static int parse_protected_headers(struct q_useful_buf_c protected_headers,
- int32_t *alg_id)
-{
- QCBORDecodeContext decode_context;
- QCBORItem item;
-
- QCBORDecode_Init(&decode_context, protected_headers, 0);
-
- if (get_item_in_map(&decode_context, COSE_HEADER_PARAM_ALG, &item))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if (QCBORDecode_Finish(&decode_context))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if ((item.uDataType != QCBOR_TYPE_INT64) || (item.val.int64 > INT32_MAX))
- {
- return PAL_ATTEST_ERROR;
- }
-
- *alg_id = (int32_t)item.val.int64;
-
- return PAL_ATTEST_SUCCESS;
-}
-
-/**
- @brief - This API will verify the claims
- @param - decode_context : The buffer containing the challenge
- item : context for decoding the data items
- completed_challenge : Buffer containing the challenge
- @return - error status
-**/
-static int parse_claims(QCBORDecodeContext *decode_context, QCBORItem item,
- struct q_useful_buf_c completed_challenge)
-{
- int i, count = 0;
- int status = PAL_ATTEST_SUCCESS;
-
- /* Parse each claim and validate their data type */
- while (status == PAL_ATTEST_SUCCESS)
- {
- status = QCBORDecode_GetNext(decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- break;
-
- mandatory_claims |= 1 << (EAT_CBOR_ARM_RANGE_BASE - item.label.int64);
- if (item.uLabelType == QCBOR_TYPE_INT64)
- {
- if (item.label.int64 == EAT_CBOR_ARM_LABEL_NONCE)
- {
- if (item.uDataType == QCBOR_TYPE_BYTE_STRING)
- {
- /* Given challenge vs challenge in token */
- if (UsefulBuf_Compare(item.val.string, completed_challenge))
- return PAL_ATTEST_TOKEN_CHALLENGE_MISMATCH;
- }
- else
- return PAL_ATTEST_TOKEN_NOT_SUPPORTED;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_BOOT_SEED ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_UEID)
- {
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_ORIGINATION ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_PROFILE_DEFINITION ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_HW_VERSION)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_CLIENT_ID ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE)
- {
- if (item.uDataType != QCBOR_TYPE_INT64)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_SW_COMPONENTS)
- {
- if (item.uDataType != QCBOR_TYPE_ARRAY)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- sw_component_present = 1;
- status = QCBORDecode_GetNext(decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- continue;
-
- count = item.val.uCount;
- for (i = 0; i <= count; i++)
- {
- mandaroty_sw_components |= 1 << item.label.int64;
-
- if (item.label.int64 == EAT_CBOR_SW_COMPONENT_MEASUREMENT)
- {
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_MEASUREMENT_DESC)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_VERSION)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_SIGNER_ID)
- {
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_EPOCH)
- {
- if (item.uDataType != QCBOR_TYPE_INT64)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_TYPE)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
-
- if (i < count)
- {
- status = QCBORDecode_GetNext(decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- }
-
- }
- }
- else
- {
- /* ToDo: Add other claim types */
- }
- }
-
- if (status == QCBOR_ERR_HIT_END)
- return PAL_ATTEST_SUCCESS;
- else
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-}
-
-/**
- @brief - This API will verify the attestation token
- @param - challenge : The buffer containing the challenge
- challenge_size : Size of the challenge buffer
- token : The buffer containing the attestation token
- token_size : Size of the token buffer
- @return - error status
-**/
-int32_t pal_initial_attest_verify_token(uint8_t *challenge, uint32_t challenge_size,
- uint8_t *token, uint32_t token_size)
-{
- int32_t status = PAL_ATTEST_SUCCESS;
- bool short_circuit;
- int32_t cose_algorithm_id;
- QCBORItem item;
- QCBORDecodeContext decode_context;
- struct q_useful_buf_c completed_challenge;
- struct q_useful_buf_c completed_token;
- struct q_useful_buf_c payload;
- struct q_useful_buf_c signature;
- struct q_useful_buf_c protected_headers;
- struct q_useful_buf_c kid;
- struct q_useful_buf_c x_cord;
- struct q_useful_buf_c y_cord;
- struct q_useful_buf_c cose_key_to_hash;
- struct q_useful_buf_c key_hash;
- struct q_useful_buf_c token_hash;
- USEFUL_BUF_MAKE_STACK_UB(buf_to_hold_x_coord, T_COSE_CRYPTO_EC_P256_COORD_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buf_to_hold_y_coord, T_COSE_CRYPTO_EC_P256_COORD_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_kid, T_COSE_CRYPTO_SHA256_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_cose_key, MAX_ENCODED_COSE_KEY_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_encoded_key, MAX_ENCODED_COSE_KEY_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_token_hash, T_COSE_CRYPTO_SHA256_SIZE);
-
- kid.ptr = buffer_for_encoded_key.ptr;
-
- memcpy(buf_to_hold_x_coord.ptr, (const void *)attest_key.pubx_key, attest_key.pubx_key_size);
- memcpy(buf_to_hold_y_coord.ptr, (const void *)attest_key.puby_key, attest_key.puby_key_size);
-
- /* Update size */
- buf_to_hold_x_coord.len = attest_key.pubx_key_size;
- buf_to_hold_y_coord.len = attest_key.puby_key_size;
-
- x_cord.ptr = buf_to_hold_x_coord.ptr;
- x_cord.len = buf_to_hold_x_coord.len;
- y_cord.ptr = buf_to_hold_y_coord.ptr;
- y_cord.len = buf_to_hold_y_coord.len;
-
- /* Construct the token buffer for validation */
- completed_token.ptr = token;
- completed_token.len = token_size;
-
- /* Construct the challenge buffer for validation */
- completed_challenge.ptr = challenge;
- completed_challenge.len = challenge_size;
-
-/*
- -------------------------
- | CBOR Array Type |
- -------------------------
- | Protected Headers |
- -------------------------
- | Unprotected Headers |
- -------------------------
- | Payload |
- -------------------------
- | Signature |
- -------------------------
-*/
-
- /* Initialize the decorder */
- QCBORDecode_Init(&decode_context, completed_token, QCBOR_DECODE_MODE_NORMAL);
-
- /* Get the Header */
- QCBORDecode_GetNext(&decode_context, &item);
-
- /* Check the CBOR Array type. Check if the count is 4.
- * Only COSE_SIGN1 is supported now.
- */
- if (item.uDataType != QCBOR_TYPE_ARRAY || item.val.uCount != 4 ||
- !QCBORDecode_IsTagged(&decode_context, &item, CBOR_TAG_COSE_SIGN1))
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- /* Get the next headers */
- QCBORDecode_GetNext(&decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- protected_headers = item.val.string;
-
- /* Parse the protected headers and check the data type and value*/
- status = parse_protected_headers(protected_headers, &cose_algorithm_id);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Parse the unprotected headers and check the data type and value */
- short_circuit = false;
- status = parse_unprotected_headers(&decode_context, &kid, &short_circuit);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Encode the given public key */
- status = pal_encode_cose_key(&cose_key_to_hash, buffer_for_cose_key, x_cord, y_cord);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Create hash of the given public key */
- status = pal_create_sha256(cose_key_to_hash, buffer_for_kid, &key_hash);
- if (status != PSA_SUCCESS)
- return status;
-
- /* Compare the hash of the public key in token and hash of the given public key */
- if (kid.len != key_hash.len)
- {
- return PAL_ATTEST_HASH_LENGTH_MISMATCH;
- }
-
- if (memcmp(kid.ptr, key_hash.ptr, kid.len) != 0)
- {
- return PAL_ATTEST_HASH_MISMATCH;
- }
-
- /* Get the payload */
- QCBORDecode_GetNext(&decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- payload = item.val.string;
-
- /* Get the digital signature */
- QCBORDecode_GetNext(&decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- signature = item.val.string;
-
- /* Compute the hash from the token */
- status = pal_compute_hash(cose_algorithm_id, buffer_for_token_hash, &token_hash,
- protected_headers, payload);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Verify the signature */
- status = pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Initialize the Decoder and validate the payload format */
- QCBORDecode_Init(&decode_context, payload, QCBOR_DECODE_MODE_NORMAL);
- status = QCBORDecode_GetNext(&decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- if (item.uDataType != QCBOR_TYPE_MAP)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- /* Parse the payload and check the data type of each claim */
- status = parse_claims(&decode_context, item, completed_challenge);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- if ((mandatory_claims & MANDATORY_CLAIM_WITH_SW_COMP) == MANDATORY_CLAIM_WITH_SW_COMP)
- {
- if ((mandaroty_sw_components & MANDATORY_SW_COMP) != MANDATORY_SW_COMP)
- return PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS;
- }
- else if ((mandatory_claims & MANDATORY_CLAIM_NO_SW_COMP) != MANDATORY_CLAIM_NO_SW_COMP)
- {
- return PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS;
- }
-
- return PAL_ATTEST_SUCCESS;
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_eat.h b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_eat.h
deleted file mode 100644
index 8a0c5455..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_eat.h
+++ /dev/null
@@ -1,170 +0,0 @@
-/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-#include "qcbor.h"
-#include "pal_common.h"
-#include "psa/crypto.h"
-
-#define PAL_ATTEST_MIN_ERROR 30
-
-/* NIST P-256 also known as secp256r1 */
-#define P_256 1
-
-#define COSE_HEADER_PARAM_ALG 1
-#define COSE_HEADER_PARAM_KID 4
-
-#define COSE_KEY_COMMON_KTY 1
-#define COSE_KEY_TYPE_EC2 2
-#define COSE_KEY_PARAM_CRV -1
-#define COSE_KEY_PARAM_X_COORDINATE -2
-#define COSE_KEY_PARAM_Y_COORDINATE -3
-#define COSE_ALGORITHM_ES256 -7
-#define COSE_ALG_SHA256_PROPRIETARY -72000
-
-/**
- * The size of X and Y coordinate in 2 parameter style EC public
- * key. Format is as defined in [COSE (RFC 8152)]
- * (https://tools.ietf.org/html/rfc8152) and [SEC 1: Elliptic Curve
- * Cryptography](http://www.secg.org/sec1-v2.pdf).
- *
- * This size is well-known and documented in public standards.
- */
-#define T_COSE_CRYPTO_EC_P256_COORD_SIZE 32
-#define T_COSE_CRYPTO_SHA256_SIZE 32
-
-#define MAX_ENCODED_COSE_KEY_SIZE \
- 1 + /* 1 byte to encode map */ \
- 2 + /* 2 bytes to encode key type */ \
- 2 + /* 2 bytes to encode curve */ \
- 2 * /* the X and Y coordinates at 32 bytes each */ \
- (T_COSE_CRYPTO_EC_P256_COORD_SIZE + 1 + 2)
-#define USEFUL_BUF_MAKE_STACK_UB UsefulBuf_MAKE_STACK_UB
-
-#define COSE_SIG_CONTEXT_STRING_SIGNATURE1 "Signature1"
-
-/* Private value. Intentionally not documented for Doxygen.
- * This is the size allocated for the encoded protected headers. It
- * needs to be big enough for make_protected_header() to succeed. It
- * currently sized for one header with an algorithm ID up to 32 bits
- * long -- one byte for the wrapping map, one byte for the label, 5
- * bytes for the ID. If this is made accidentially too small, QCBOR will
- * only return an error, and not overrun any buffers.
- *
- * 9 extra bytes are added, rounding it up to 16 total, in case some
- * other protected header is to be added.
- */
-#define T_COSE_SIGN1_MAX_PROT_HEADER (1+1+5+9)
-
-/**
- * This is the size of the first part of the CBOR encoded TBS
- * bytes. It is around 20 bytes. See create_tbs_hash().
- */
-#define T_COSE_SIZE_OF_TBS \
- 1 + /* For opening the array */ \
- sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \
- 2 + /* Overhead for encoding string */ \
- T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \
- 3 * ( /* 3 NULL bstrs for fields not used */ \
- 1 /* size of a NULL bstr */ \
- )
-
-/*
- CBOR Label for proprietary header indicating short-circuit
- signing was used. Just a random number in the proprietary
- label space */
-#define T_COSE_SHORT_CIRCUIT_LABEL (-8675309)
-
-#define EAT_CBOR_ARM_RANGE_BASE (-75000)
-#define EAT_CBOR_ARM_LABEL_PROFILE_DEFINITION (EAT_CBOR_ARM_RANGE_BASE - 0)
-#define EAT_CBOR_ARM_LABEL_CLIENT_ID (EAT_CBOR_ARM_RANGE_BASE - 1)
-#define EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE (EAT_CBOR_ARM_RANGE_BASE - 2)
-#define EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID (EAT_CBOR_ARM_RANGE_BASE - 3)
-#define EAT_CBOR_ARM_LABEL_BOOT_SEED (EAT_CBOR_ARM_RANGE_BASE - 4)
-#define EAT_CBOR_ARM_LABEL_HW_VERSION (EAT_CBOR_ARM_RANGE_BASE - 5)
-#define EAT_CBOR_ARM_LABEL_SW_COMPONENTS (EAT_CBOR_ARM_RANGE_BASE - 6)
-#define EAT_CBOR_ARM_LABEL_NO_SW_COMPONENTS (EAT_CBOR_ARM_RANGE_BASE - 7)
-#define EAT_CBOR_ARM_LABEL_NONCE (EAT_CBOR_ARM_RANGE_BASE - 8)
-#define EAT_CBOR_ARM_LABEL_UEID (EAT_CBOR_ARM_RANGE_BASE - 9)
-#define EAT_CBOR_ARM_LABEL_ORIGINATION (EAT_CBOR_ARM_RANGE_BASE - 10)
-
-#define CBOR_ARM_TOTAL_CLAIM_INSTANCE 10
-
-#define EAT_CBOR_SW_COMPONENT_TYPE (1u)
-#define EAT_CBOR_SW_COMPONENT_MEASUREMENT (2u)
-#define EAT_CBOR_SW_COMPONENT_EPOCH (3u)
-#define EAT_CBOR_SW_COMPONENT_VERSION (4u)
-#define EAT_CBOR_SW_COMPONENT_SIGNER_ID (5u)
-#define EAT_CBOR_SW_COMPONENT_MEASUREMENT_DESC (6u)
-
-#define MANDATORY_CLAIM_WITH_SW_COMP (1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_NONCE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_UEID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_CLIENT_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_BOOT_SEED) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_SW_COMPONENTS))
-
-#define MANDATORY_CLAIM_NO_SW_COMP (1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_NONCE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_UEID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_CLIENT_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_BOOT_SEED) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_NO_SW_COMPONENTS))
-
-#define MANDATORY_SW_COMP (1 << EAT_CBOR_SW_COMPONENT_MEASUREMENT | \
- 1 << EAT_CBOR_SW_COMPONENT_SIGNER_ID)
-
-#define NULL_USEFUL_BUF_C NULLUsefulBufC
-
-enum attestation_error_code {
- PAL_ATTEST_SUCCESS = 0,
- PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING = PAL_ATTEST_MIN_ERROR,
- PAL_ATTEST_TOKEN_CHALLENGE_MISMATCH,
- PAL_ATTEST_TOKEN_NOT_SUPPORTED,
- PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS,
- PAL_ATTEST_HASH_LENGTH_MISMATCH,
- PAL_ATTEST_HASH_MISMATCH,
- PAL_ATTEST_HASH_FAIL,
- PAL_ATTEST_HASH_UNSUPPORTED,
- PAL_ATTEST_HASH_BUFFER_SIZE,
- PAL_ATTEST_ERR_PROTECTED_HEADERS,
- PAL_ATTEST_ERR_SIGN_STRUCT,
- PAL_ATTEST_ERROR,
-};
-
-struct items_to_get_t {
- int64_t label;
- QCBORItem item;
-};
-
-int32_t pal_initial_attest_verify_token(uint8_t *challenge, uint32_t challenge_size,
- uint8_t *token, uint32_t token_size);
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_intf.c
deleted file mode 100644
index 2d99f74d..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_intf.c
+++ /dev/null
@@ -1,54 +0,0 @@
-/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-
-#include "pal_attestation_intf.h"
-
-/**
- @brief - This API will call the requested attestation function
- @param - type : function code
- valist : variable argument list
- @return - error status
-**/
-int32_t pal_attestation_function(int type, va_list valist)
-{
- uint8_t *challenge, *token;
- uint32_t challenge_size, *token_size, verify_token_size;
-
- switch (type)
- {
- case PAL_INITIAL_ATTEST_GET_TOKEN:
- challenge = va_arg(valist, uint8_t*);
- challenge_size = va_arg(valist, uint32_t);
- token = va_arg(valist, uint8_t*);
- token_size = va_arg(valist, uint32_t*);
- return psa_initial_attest_get_token(challenge, challenge_size, token, token_size);
- case PAL_INITIAL_ATTEST_GET_TOKEN_SIZE:
- challenge_size = va_arg(valist, uint32_t);
- token_size = va_arg(valist, uint32_t*);
- return psa_initial_attest_get_token_size(challenge_size, token_size);
- case PAL_INITIAL_ATTEST_VERIFY_TOKEN:
- challenge = va_arg(valist, uint8_t*);
- challenge_size = va_arg(valist, uint32_t);
- token = va_arg(valist, uint8_t*);
- verify_token_size = va_arg(valist, uint32_t);
- return pal_initial_attest_verify_token(challenge, challenge_size,
- token, verify_token_size);
- default:
- return PAL_STATUS_UNSUPPORTED_FUNC;
- }
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/README.md b/api-tests/platform/targets/tgt_dev_apis_stdc/README.md
new file mode 100644
index 00000000..df272d83
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/README.md
@@ -0,0 +1,15 @@
+# Linux Host Target
+
+There are a couple of limitations to this target when it comes to a test which involves system reset or test process due to Watch Dog Timer (WDT) and NVMEM implementation.
+
+- **WDT**: Lacks functionality to recover after a hang as they just return failure or success.
+
+- **NVMEM**: Stores data in an array in memory, which means NVMEM would be lost as it isn't a non-volatile implementation.
+
+## License
+
+Arm PSA test suite is distributed under Apache v2.0 License.
+
+--------------
+
+*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/main.c b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/main.c
new file mode 100644
index 00000000..34c28e17
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/main.c
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include
+
+int32_t val_entry(void);
+
+/**
+ @brief - PSA C main function, used for generating tgt_dev_apis_stdc test binaries.
+ @param - argc : the number of command line arguments.
+ argv : array containing command line arguments.
+ @return - error status
+**/
+int main(int argc, char **argv)
+{
+ return val_entry();
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_client_api_empty_intf.c
similarity index 100%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_empty_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_client_api_empty_intf.c
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_intf.h b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_client_api_intf.h
similarity index 100%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_intf.h
rename to api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_client_api_intf.h
diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_common.h b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_common.h
new file mode 100644
index 00000000..8a8f0642
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_common.h
@@ -0,0 +1,115 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_COMMON_H_
+#define _PAL_COMMON_H_
+
+#include
+#include
+#include
+#include
+#include
+
+#include "pal_config.h"
+#include "pal_crypto_config.h"
+
+/* typedef's */
+typedef uint8_t bool_t;
+typedef uintptr_t addr_t;
+typedef uint32_t test_id_t;
+typedef uint32_t block_id_t;
+typedef char char8_t;
+typedef uint32_t cfg_id_t;
+
+#define PAL_STATUS_UNSUPPORTED_FUNC 0xFF
+
+typedef enum {
+ PAL_STATUS_SUCCESS = 0x0,
+ PAL_STATUS_ERROR = 0x80
+} pal_status_t;
+
+typedef enum {
+ NVMEM_READ = 0x1,
+ NVMEM_WRITE = 0x2,
+} nvmem_fn_type_t;
+
+typedef struct {
+ nvmem_fn_type_t nvmem_fn_type;
+ addr_t base;
+ uint32_t offset;
+ int size;
+} nvmem_param_t;
+
+typedef enum {
+ WD_INIT_SEQ = 0x1,
+ WD_ENABLE_SEQ = 0x2,
+ WD_DISABLE_SEQ = 0x3,
+ WD_STATUS_SEQ = 0x4,
+} wd_fn_type_t;
+
+typedef enum {
+ WD_LOW_TIMEOUT = 0x1,
+ WD_MEDIUM_TIMEOUT = 0x2,
+ WD_HIGH_TIMEOUT = 0x3,
+ WD_CRYPTO_TIMEOUT = 0x4,
+} wd_timeout_type_t;
+
+typedef struct {
+ wd_fn_type_t wd_fn_type;
+ addr_t wd_base_addr;
+ uint32_t wd_time_us;
+ uint32_t wd_timer_tick_us;
+} wd_param_t;
+
+typedef enum {
+ UART_INIT = 0x1,
+ UART_PRINT = 0x2,
+} uart_fn_type_t;
+
+/*
+ * Redefining some of the client.h elements for compilation to go through
+ * when PSA IPC APIs are not implemented.
+ */
+#ifndef IPC
+
+#ifndef PSA_VERSION_NONE
+#define PSA_VERSION_NONE (0)
+#endif
+
+#ifndef PSA_SUCCESS
+#define PSA_SUCCESS (0)
+typedef int32_t psa_status_t;
+#endif
+typedef int32_t psa_handle_t;
+
+#ifndef PSA_NULL_HANDLE
+#define PSA_NULL_HANDLE ((psa_handle_t)0)
+#endif
+
+typedef struct psa_invec {
+ const void *base;
+ size_t len;
+} psa_invec;
+
+typedef struct psa_outvec {
+ void *base;
+ size_t len;
+} psa_outvec;
+
+#endif /* IPC */
+
+#endif /* _PAL_COMMON_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_config.h
similarity index 51%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_config.h
rename to api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_config.h
index e3f70ad7..68d6739b 100644
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,66 +18,44 @@
#ifndef _PAL_CONFIG_H_
#define _PAL_CONFIG_H_
-/*
- * List of macros used by test suite
- */
-#if !defined(PSA_IPC_IMPLEMENTED)
-#define PSA_IPC_IMPLEMENTED 0
-#endif
-
-#if !defined(PSA_CRYPTO_IMPLEMENTED)
-#define PSA_CRYPTO_IMPLEMENTED 0
-#endif
+/* Define PSA test suite dependent macros for non-cmake build */
+#if !defined(PSA_CMAKE_BUILD)
-#if !defined(PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED)
-#define PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED 0
-#endif
+/* Print verbosity = TEST */
+#define VERBOSE 3
-#if !defined(PSA_PROTECTED_STORAGE_IMPLEMENTED)
-#define PSA_PROTECTED_STORAGE_IMPLEMENTED 0
-#endif
+/* NSPE or SPE VAL build? */
+#define VAL_NSPE_BUILD
-#if !defined(PSA_INITIAL_ATTESTATION_IMPLEMENTED)
-#define PSA_INITIAL_ATTESTATION_IMPLEMENTED 0
-#endif
+/* NSPE or SPE TEST build? */
+#define NONSECURE_TEST_BUILD
-#if (PSA_IPC_IMPLEMENTED == 0) && \
- (PSA_CRYPTO_IMPLEMENTED == 0) && \
- (PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED == 0) && \
- (PSA_PROTECTED_STORAGE_IMPLEMENTED == 0) && \
- (PSA_INITIAL_ATTESTATION_IMPLEMENTED == 0)
-#error "You must define at least one of these macros to run test suite"
-#endif
+/* Combine test archive or binary? */
+#define TEST_COMBINE_ARCHIVE
-#if !defined(VERBOSE)
-#define VERBOSE 3 /* Print verbosity = TEST */
-#endif
+/* If not defined, skip watchdog programming */
+#define WATCHDOG_AVAILABLE
-#if (!defined(VAL_NSPE_BUILD) && !defined(SPE_BUILD))
-#define VAL_NSPE_BUILD 1
-#endif
+/* Are Dynamic memory APIs available to secure partition? */
+#define SP_HEAP_MEM_SUPP
-#if (!defined(NONSECURE_TEST_BUILD) && !defined(SPE_BUILD))
-#define NONSECURE_TEST_BUILD 1
-#endif
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
+#endif /* PSA_CMAKE_BUILD */
-#if !defined(TEST_COMBINE_ARCHIVE)
-#define TEST_COMBINE_ARCHIVE 0 /* Combine test archive or binary? */
-#endif
+/* Version of crypto spec used in attestation */
+#define CRYPTO_VERSION_BETA2
-#if !defined(WATCHDOG_AVAILABLE)
-#define WATCHDOG_AVAILABLE 0 /* If zero, skip watchdog programming */
-#endif
+/* Use hardcoded public key */
+//#define PLATFORM_OVERRIDE_ATTEST_PK
-#if !defined(SP_HEAP_MEM_SUPP)
-#define SP_HEAP_MEM_SUPP 0 /* Are Dynamic funcs available to secure partition? */
-#endif
+/* Platform specific max UID's size */
+#define PLATFORM_MAX_UID_SIZE 512
/*
* Include of PSA defined Header files
*/
-
-#if PSA_IPC_IMPLEMENTED
+#ifdef IPC
/* psa/client.h: Contains the PSA Client API elements */
#include "psa/client.h"
@@ -96,22 +74,22 @@
#include "psa_manifest/pid.h"
#endif
-#if PSA_CRYPTO_IMPLEMENTED
+#ifdef CRYPTO
/* psa/crypto.h: Contains the PSA Crypto API elements */
#include "psa/crypto.h"
#endif
-#if PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED
+#ifdef INTERNAL_TRUSTED_STORAGE
/* psa/internal_trusted_storage.h: Contains the PSA ITS API elements */
#include "psa/internal_trusted_storage.h"
#endif
-#if PSA_PROTECTED_STORAGE_IMPLEMENTED
+#ifdef PROTECTED_STORAGE
/* psa/protected_storage.h: Contains the PSA PS API elements */
#include "psa/protected_storage.h"
#endif
-#if PSA_INITIAL_ATTESTATION_IMPLEMENTED
+#ifdef INITIAL_ATTESTATION
/* psa/initial_attestation.h: Contains the PSA Initial Attestation API elements */
#include "psa/initial_attestation.h"
#endif
diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_driver_ns_intf.c b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_driver_ns_intf.c
new file mode 100644
index 00000000..2bbaad7d
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/common/pal_driver_ns_intf.c
@@ -0,0 +1,209 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include
+#include
+#include
+#include
+#include
+#include
+
+#include "pal_common.h"
+
+/* This stdc implementation doesn't support tests that involve resets of the
+ * test process or the system, so we don't actually need non-volatile memory.
+ * Just implement the "nvmem" as an array in memory.
+ */
+
+/* Using zero as NVMEM_BASE is a bit arbitrary - we don't actually need callers
+ * to specify a base address but the nvmem function signatures have "base" params.
+ * Zero is the value used in our target.cfg file so that's what we should receive.
+ */
+#define NVMEM_BASE 0
+
+#define NVMEM_SIZE (1024)
+static uint8_t g_nvmem[NVMEM_SIZE];
+
+/**
+ @brief - Check that an nvmem access is within the bounds of the nvmem
+ @param - base : Base address of nvmem (must be zero)
+ offset : Offset into nvmem
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+static int nvmem_check_bounds(addr_t base, uint32_t offset, int size)
+{
+ if (base != NVMEM_BASE)
+ {
+ return PAL_STATUS_ERROR;
+ }
+ if (offset > NVMEM_SIZE)
+ {
+ return PAL_STATUS_ERROR;
+ }
+ if (size < 0)
+ {
+ return PAL_STATUS_ERROR;
+ }
+ if (offset > INT_MAX - size)
+ {
+ return PAL_STATUS_ERROR;
+ }
+ if (offset + size > NVMEM_SIZE)
+ {
+ return PAL_STATUS_ERROR;
+ }
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Reads from given non-volatile address.
+ @param - base : Base address of nvmem (must be zero)
+ offset : Offset
+ buffer : Pointer to dest address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ if (nvmem_check_bounds(base, offset, size) != PAL_STATUS_SUCCESS)
+ {
+ return PAL_STATUS_ERROR;
+ }
+ memcpy(buffer, g_nvmem + offset, size);
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Writes into given non-volatile address.
+ @param - base : Base address of nvmem (must be zero)
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ if (nvmem_check_bounds(base, offset, size) != PAL_STATUS_SUCCESS)
+ {
+ return PAL_STATUS_ERROR;
+ }
+ memcpy(g_nvmem + offset, buffer, size);
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - This function initializes the UART
+
+ This implementation doesn't actually use a UART to print test output, we
+ just send it to stdout. No init necessary.
+
+ @param - uart base addr (ignored)
+ @return - SUCCESS/FAILURE
+**/
+int pal_uart_init_ns(uint32_t uart_base_addr)
+{
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - This function parses the input string and writes bytes into UART TX FIFO
+
+ This implementation doesn't actually use a UART to print test output, we
+ just send it to stdout.
+
+ @param - str : Input String
+ - data : Value for format specifier
+ @return - SUCCESS/FAILURE
+**/
+int pal_print_ns(char *str, int32_t data)
+{
+ if (printf(str, data) < 0)
+ {
+ return PAL_STATUS_ERROR;
+ }
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Initializes an hardware watchdog timer
+
+ This implementation doesn't support watchdogs so this is a noop.
+
+ @param - base_addr : Base address of the watchdog module
+ - time_us : Time in micro seconds
+ - timer_tick_us : Number of ticks per micro second
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
+{
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Enables a hardware watchdog timer
+
+ This implementation doesn't support watchdogs so this is a noop.
+
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_enable_ns(addr_t base_addr)
+{
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Disables a hardware watchdog timer
+
+ This implementation doesn't support watchdogs so this is a noop.
+
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_disable_ns(addr_t base_addr)
+{
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - This function will read peripherals using SPI commands
+
+ This implementation doesn't support SPI so this is a noop.
+
+ @param - addr : address of the peripheral
+ data : read buffer
+ len : length of the read buffer in bytes
+ @return - error status
+**/
+int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len)
+{
+ return PAL_STATUS_ERROR;
+}
+
+/**
+ @brief - Terminates the simulation at the end of all tests completion.
+
+ This implementation just calls exit.
+
+ @param - void
+ @return - void
+**/
+void pal_terminate_simulation(void)
+{
+ ;
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_config.h
similarity index 93%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_config.h
rename to api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_config.h
index 6d71d2ec..2ce1d331 100644
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -227,8 +227,8 @@
*
* Comment macros to disable the types
*/
-#define ARCH_TEST_MD2
-#define ARCH_TEST_MD4
+// #define ARCH_TEST_MD2
+// #define ARCH_TEST_MD4
#define ARCH_TEST_MD5
#define ARCH_TEST_RIPEMD160
#define ARCH_TEST_SHA1
@@ -236,12 +236,12 @@
#define ARCH_TEST_SHA256
#define ARCH_TEST_SHA384
#define ARCH_TEST_SHA512
-#define ARCH_TEST_SHA512_224
-#define ARCH_TEST_SHA512_256
-#define ARCH_TEST_SHA3_224
-#define ARCH_TEST_SHA3_256
-#define ARCH_TEST_SHA3_384
-#define ARCH_TEST_SHA3_512
+// #define ARCH_TEST_SHA512_224
+// #define ARCH_TEST_SHA512_256
+// #define ARCH_TEST_SHA3_224
+// #define ARCH_TEST_SHA3_256
+// #define ARCH_TEST_SHA3_384
+// #define ARCH_TEST_SHA3_512
/**
* \def ARCH_TEST_HKDF
@@ -262,7 +262,6 @@
* Comment macros to disable the types
*/
#define ARCH_TEST_CMAC
-#define ARCH_TEST_GMAC
#define ARCH_TEST_HMAC
/**
@@ -318,6 +317,12 @@
*/
#define ARCH_TEST_DETERMINISTIC_ECDSA
+/**
+ * \def ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
+ *
+ * Enable ECC support for asymmetric API.
+*/
+//#define ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
#include "pal_crypto_config_check.h"
#endif /* _PAL_CRYPTO_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_config_check.h b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_config_check.h
similarity index 98%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_config_check.h
rename to api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_config_check.h
index f18a7852..443e0bc2 100644
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_config_check.h
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_config_check.h
@@ -94,13 +94,13 @@
#error "ARCH_TEST_CTR_AES defined, but not all prerequisites"
#endif
-#if (defined(ARCH_TEST_CBC_AES)|| defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\
+#if (defined(ARCH_TEST_CBC_AES) || defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\
(!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CBC))
#error "ARCH_TEST_CBC_AES defined, but not all prerequisites"
#endif
#if (defined(ARCH_TEST_CBC_NO_PADDING)) &&\
- (!defined(ARCH_TEST_CIPER) ||!defined(ARCH_TEST_CIPER_MODE_CBC))
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_CIPER_MODE_CBC))
#error "ARCH_TEST_CBC_NO_PADDING defined, but not all prerequisites"
#endif
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_empty_intf.c
similarity index 100%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_empty_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_empty_intf.c
diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_intf.c
new file mode 100644
index 00000000..9a051c95
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_intf.c
@@ -0,0 +1,517 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_crypto_intf.h"
+
+#define PAL_KEY_SLOT_COUNT 32
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_crypto_function(int type, va_list valist)
+{
+ int i;
+ psa_status_t status;
+ uint8_t *buffer, *ciphertext, *plaintext;
+ const uint8_t *nonce, *additional_data, *salt, *peer;
+ size_t *length, size, ciphertext_size, nonce_length;
+ size_t salt_length, peer_length, additional_data_length;
+#ifdef NOT_SUPPORTED
+ size_t *tag_length, plaintext_size;
+ psa_aead_operation_t *aead_operation;
+#endif
+ psa_key_attributes_t *attributes;
+ psa_key_handle_t *handle, key_handle;
+ psa_key_type_t *key_type_out, key_type;
+ psa_key_usage_t *usage_out, usage;
+ psa_key_id_t *key_id_out, key_id;
+ psa_key_lifetime_t *key_lifetime_out, key_lifetime;
+ psa_algorithm_t *key_alg_out, key_alg, alg;
+ psa_hash_operation_t *hash_operation, *target_operation;
+ psa_mac_operation_t *mac_operation;
+ psa_cipher_operation_t *cipher_operation;
+ psa_key_derivation_operation_t *derive_operation;
+ psa_key_derivation_step_t step;
+
+ switch (type)
+ {
+ case PAL_CRYPTO_INIT:
+ return psa_crypto_init();
+ case PAL_CRYPTO_GENERATE_RANDOM:
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, int);
+ return psa_generate_random(buffer, size);
+ case PAL_CRYPTO_IMPORT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ status = psa_import_key(attributes, buffer, size, handle);
+ return status;
+ case PAL_CRYPTO_SET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type = va_arg(valist, psa_key_type_t);
+ psa_set_key_type(attributes, key_type);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ size = va_arg(valist, size_t);
+ psa_set_key_bits(attributes, size);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ATTRIBUTES:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ return psa_get_key_attributes(key_handle, attributes);
+ case PAL_CRYPTO_GET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type_out = va_arg(valist, psa_key_type_t *);
+ *key_type_out = psa_get_key_type(attributes);
+ return 0;
+ case PAL_CRYPTO_EXPORT_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage = va_arg(valist, psa_key_usage_t);
+ psa_set_key_usage_flags(attributes, usage);
+ return 0;
+ case PAL_CRYPTO_RESET_KEY_ATTRIBUTES:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ psa_reset_key_attributes(attributes);
+ return 0;
+ case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_public_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id = va_arg(valist, psa_key_id_t);
+ psa_set_key_id(attributes, key_id);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime = va_arg(valist, psa_key_lifetime_t);
+ psa_set_key_lifetime(attributes, key_lifetime);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg = va_arg(valist, psa_algorithm_t);
+ psa_set_key_algorithm(attributes, key_alg);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id_out = va_arg(valist, psa_key_id_t *);
+ *key_id_out = psa_get_key_id(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime_out = va_arg(valist, psa_key_lifetime_t *);
+ *key_lifetime_out = psa_get_key_lifetime(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage_out = va_arg(valist, psa_key_usage_t *);
+ *usage_out = psa_get_key_usage_flags(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg_out = va_arg(valist, psa_algorithm_t *);
+ *key_alg_out = psa_get_key_algorithm(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ length = va_arg(valist, size_t *);
+ *length = psa_get_key_bits(attributes);
+ return 0;
+ case PAL_CRYPTO_DESTROY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_destroy_key(key_handle);
+ case PAL_CRYPTO_HASH_SETUP:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_hash_setup(hash_operation, alg);
+ case PAL_CRYPTO_HASH_UPDATE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_update(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_VERIFY:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_verify(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_FINISH:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_finish(hash_operation, buffer, size, length);
+ case PAL_CRYPTO_HASH_ABORT:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_abort(hash_operation);
+#ifdef NOT_SUPPORTED
+ case PAL_CRYPTO_HASH_COMPUTE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_compute(alg, plaintext, plaintext_size, buffer, size, length);
+ case PAL_CRYPTO_HASH_COMPARE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size);
+#endif
+ case PAL_CRYPTO_HASH_CLONE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ target_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_clone(hash_operation, target_operation);
+ case PAL_CRYPTO_GENERATE_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_generate_key(attributes, handle);
+ case PAL_CRYPTO_AEAD_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_encrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+#ifdef NOT_SUPPORTED
+ case PAL_CRYPTO_AEAD_ENCRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_encrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_DECRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_decrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_GENERATE_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_generate_nonce(aead_operation, buffer, size, length);
+ case PAL_CRYPTO_AEAD_SET_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_set_nonce(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_SET_LENGTHS:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ size = va_arg(valist, size_t);
+ plaintext_size = va_arg(valist, size_t);
+ return psa_aead_set_lengths(aead_operation, size, plaintext_size);
+ case PAL_CRYPTO_AEAD_UPDATE_AD:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_update_ad(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_UPDATE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_update(aead_operation, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_FINISH:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ tag_length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_finish(aead_operation, ciphertext, ciphertext_size, length, buffer,
+ size, tag_length);
+ case PAL_CRYPTO_AEAD_VERIFY:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_verify(aead_operation, plaintext, plaintext_size, length, buffer, size);
+ case PAL_CRYPTO_AEAD_ABORT:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ return psa_aead_abort(aead_operation);
+#endif
+ case PAL_CRYPTO_MAC_SIGN_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_sign_setup(mac_operation, key_handle, alg);
+ case PAL_CRYPTO_MAC_UPDATE:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_update(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_SIGN_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_mac_sign_finish(mac_operation, buffer, size, length);
+ case PAL_CRYPTO_MAC_VERIFY_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_verify_setup(mac_operation, key_handle, alg);
+ case PAL_CRYPTO_MAC_VERIFY_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_verify_finish(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_ABORT:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ return psa_mac_abort(mac_operation);
+#ifdef NOT_SUPPORTED
+ case PAL_CRYPTO_MAC_COMPUTE:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_mac_compute(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_MAC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size);
+#endif
+ case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_encrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_decrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_encrypt_setup(cipher_operation, key_handle, alg);
+ case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_decrypt_setup(cipher_operation, key_handle, alg);
+ case PAL_CRYPTO_CIPHER_GENERATE_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_generate_iv(cipher_operation, buffer, size, length);
+ case PAL_CRYPTO_CIPHER_SET_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_cipher_set_iv(cipher_operation, buffer, size);
+ case PAL_CRYPTO_CIPHER_UPDATE:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_FINISH:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_finish(cipher_operation, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ABORT:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ return psa_cipher_abort(cipher_operation);
+#ifdef NOT_SUPPORTED
+ case PAL_CRYPTO_CIPHER_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_encrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+#endif
+ case PAL_CRYPTO_ASYMMTERIC_SIGN:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_sign(key_handle, alg, buffer, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_ASYMMTERIC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_asymmetric_verify(key_handle, alg, buffer, size, ciphertext,
+ ciphertext_size);
+ case PAL_CRYPTO_RAW_KEY_AGREEMENT:
+ alg = va_arg(valist, psa_algorithm_t);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_raw_key_agreement(alg, key_handle, peer, peer_length, buffer, size, length);
+ case PAL_CRYPTO_COPY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_copy_key(key_handle, attributes, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SETUP:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_key_derivation_setup(derive_operation, alg);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_input_bytes(derive_operation, step, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_key_derivation_input_key(derive_operation, step, key_handle);
+ case PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ return psa_key_derivation_key_agreement(derive_operation, step, key_handle, peer,
+ peer_length);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_output_bytes(derive_operation, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_key_derivation_output_key(attributes, derive_operation, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_set_capacity(derive_operation, size);
+ case PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ length = va_arg(valist, size_t *);
+ return psa_key_derivation_get_capacity(derive_operation, length);
+ case PAL_CRYPTO_KEY_DERIVATION_ABORT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ return psa_key_derivation_abort(derive_operation);
+ case PAL_CRYPTO_OPEN_KEY:
+ key_id = va_arg(valist, psa_key_id_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_open_key(key_id, handle);
+ case PAL_CRYPTO_CLOSE_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_close_key(key_handle);
+ case PAL_CRYPTO_FREE:
+ for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
+ psa_destroy_key(i);
+ return 0;
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_intf.h b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_intf.h
new file mode 100644
index 00000000..671dfa0b
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/crypto/pal_crypto_intf.h
@@ -0,0 +1,103 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CRYPTO_INTF_H_
+#define _PAL_CRYPTO_INTF_H_
+
+#include "pal_common.h"
+
+enum crypto_function_code {
+ PAL_CRYPTO_INIT = 0x1,
+ PAL_CRYPTO_GENERATE_RANDOM = 0x2,
+ PAL_CRYPTO_IMPORT_KEY = 0x3,
+ PAL_CRYPTO_EXPORT_KEY = 0x4,
+ PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
+ PAL_CRYPTO_DESTROY_KEY = 0x6,
+ PAL_CRYPTO_HASH_SETUP = 0x7,
+ PAL_CRYPTO_HASH_UPDATE = 0x8,
+ PAL_CRYPTO_HASH_VERIFY = 0x9,
+ PAL_CRYPTO_HASH_FINISH = 0xA,
+ PAL_CRYPTO_HASH_ABORT = 0xB,
+ PAL_CRYPTO_GENERATE_KEY = 0xC,
+ PAL_CRYPTO_AEAD_ENCRYPT = 0xD,
+ PAL_CRYPTO_AEAD_DECRYPT = 0xE,
+ PAL_CRYPTO_MAC_SIGN_SETUP = 0xF,
+ PAL_CRYPTO_MAC_UPDATE = 0x10,
+ PAL_CRYPTO_MAC_SIGN_FINISH = 0x11,
+ PAL_CRYPTO_MAC_VERIFY_SETUP = 0x12,
+ PAL_CRYPTO_MAC_VERIFY_FINISH = 0x13,
+ PAL_CRYPTO_MAC_ABORT = 0x14,
+ PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x15,
+ PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x16,
+ PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x17,
+ PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x18,
+ PAL_CRYPTO_CIPHER_GENERATE_IV = 0x19,
+ PAL_CRYPTO_CIPHER_SET_IV = 0x1A,
+ PAL_CRYPTO_CIPHER_UPDATE = 0x1B,
+ PAL_CRYPTO_CIPHER_FINISH = 0x1C,
+ PAL_CRYPTO_CIPHER_ABORT = 0x1D,
+ PAL_CRYPTO_ASYMMTERIC_SIGN = 0x1E,
+ PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x1F,
+ PAL_CRYPTO_COPY_KEY = 0x20,
+ PAL_CRYPTO_SET_KEY_TYPE = 0x21,
+ PAL_CRYPTO_SET_KEY_BITS = 0x22,
+ PAL_CRYPTO_GET_KEY_ATTRIBUTES = 0x23,
+ PAL_CRYPTO_GET_KEY_TYPE = 0x24,
+ PAL_CRYPTO_SET_KEY_USAGE_FLAGS = 0x25,
+ PAL_CRYPTO_RESET_KEY_ATTRIBUTES = 0x26,
+ PAL_CRYPTO_SET_KEY_ID = 0x27,
+ PAL_CRYPTO_SET_KEY_LIFETIME = 0x28,
+ PAL_CRYPTO_SET_KEY_ALGORITHM = 0x29,
+ PAL_CRYPTO_GET_KEY_ID = 0x2A,
+ PAL_CRYPTO_GET_KEY_LIFETIME = 0x2B,
+ PAL_CRYPTO_GET_KEY_USAGE_FLAGS = 0x2C,
+ PAL_CRYPTO_GET_KEY_ALGORITHM = 0x2D,
+ PAL_CRYPTO_GET_KEY_BITS = 0x2E,
+ PAL_CRYPTO_HASH_COMPUTE = 0x2F,
+ PAL_CRYPTO_HASH_COMPARE = 0x30,
+ PAL_CRYPTO_KEY_DERIVATION_SETUP = 0x31,
+ PAL_CRYPTO_KEY_DERIVATION_ABORT = 0x32,
+ PAL_CRYPTO_RAW_KEY_AGREEMENT = 0x33,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES = 0x34,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY = 0x35,
+ PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT = 0x36,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES = 0x37,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY = 0x38,
+ PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY = 0x39,
+ PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY = 0x3A,
+ PAL_CRYPTO_HASH_CLONE = 0x3B,
+ PAL_CRYPTO_MAC_COMPUTE = 0x3C,
+ PAL_CRYPTO_MAC_VERIFY = 0x3D,
+ PAL_CRYPTO_CIPHER_ENCRYPT = 0x3F,
+ PAL_CRYPTO_CIPHER_DECRYPT = 0x40,
+ PAL_CRYPTO_OPEN_KEY = 0x41,
+ PAL_CRYPTO_CLOSE_KEY = 0x42,
+ PAL_CRYPTO_AEAD_ENCRYPT_SETUP = 0x43,
+ PAL_CRYPTO_AEAD_DECRYPT_SETUP = 0x44,
+ PAL_CRYPTO_AEAD_GENERATE_NONCE = 0x45,
+ PAL_CRYPTO_AEAD_SET_NONCE = 0x46,
+ PAL_CRYPTO_AEAD_SET_LENGTHS = 0X47,
+ PAL_CRYPTO_AEAD_UPDATE_AD = 0x48,
+ PAL_CRYPTO_AEAD_UPDATE = 0x49,
+ PAL_CRYPTO_AEAD_FINISH = 0x4A,
+ PAL_CRYPTO_AEAD_VERIFY = 0x4B,
+ PAL_CRYPTO_AEAD_ABORT = 0x4C,
+ PAL_CRYPTO_FREE = 0xFE,
+};
+
+int32_t pal_crypto_function(int type, va_list valist);
+#endif /* _PAL_CRYPTO_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
similarity index 100%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_stdc/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
similarity index 59%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_stdc/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
index 4f04ab01..abfdc5d6 100644
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
@@ -26,33 +26,35 @@
**/
uint32_t pal_its_function(int type, va_list valist)
{
- psa_its_uid_t uid;
- uint32_t data_length, offset;
- const void *p_write_data;
- void *p_read_data;
- psa_its_create_flags_t its_create_flags;
- struct psa_its_info_t *its_p_info;
+ psa_storage_uid_t uid;
+ uint32_t data_size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t its_create_flags;
+ struct psa_storage_info_t *its_p_info;
switch (type)
{
case PAL_ITS_SET:
- uid = va_arg(valist, psa_its_uid_t);
- data_length = va_arg(valist, uint32_t);
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
p_write_data = va_arg(valist, const void*);
- its_create_flags = va_arg(valist, psa_its_create_flags_t);
- return psa_its_set(uid, data_length, p_write_data, its_create_flags);
+ its_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_its_set(uid, data_size, p_write_data, its_create_flags);
case PAL_ITS_GET:
- uid = va_arg(valist, psa_its_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
offset = va_arg(valist, uint32_t);
- data_length = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
p_read_data = va_arg(valist, void*);
- return psa_its_get(uid, offset, data_length, p_read_data);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_its_get(uid, offset, data_size, p_read_data, p_data_length);
case PAL_ITS_GET_INFO:
- uid = va_arg(valist, psa_its_uid_t);
- its_p_info = va_arg(valist, struct psa_its_info_t*);
+ uid = va_arg(valist, psa_storage_uid_t);
+ its_p_info = va_arg(valist, struct psa_storage_info_t*);
return psa_its_get_info(uid, its_p_info);
case PAL_ITS_REMOVE:
- uid = va_arg(valist, psa_its_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
return psa_its_remove(uid);
default:
return PAL_STATUS_UNSUPPORTED_FUNC;
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
similarity index 100%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
rename to api-tests/platform/targets/tgt_dev_apis_stdc/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/protected_storage/pal_protected_storage_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/protected_storage/pal_protected_storage_empty_intf.c
similarity index 100%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/protected_storage/pal_protected_storage_empty_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_stdc/nspe/protected_storage/pal_protected_storage_empty_intf.c
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/protected_storage/pal_protected_storage_intf.c b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/protected_storage/pal_protected_storage_intf.c
similarity index 58%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/protected_storage/pal_protected_storage_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_stdc/nspe/protected_storage/pal_protected_storage_intf.c
index a4241533..0dd07c57 100644
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/protected_storage/pal_protected_storage_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/protected_storage/pal_protected_storage_intf.c
@@ -26,45 +26,47 @@
**/
uint32_t pal_ps_function(int type, va_list valist)
{
- psa_ps_uid_t uid;
- uint32_t data_length, size, offset;
- const void *p_write_data;
- void *p_read_data;
- psa_ps_create_flags_t ps_create_flags;
- struct psa_ps_info_t *ps_p_info;
+ psa_storage_uid_t uid;
+ uint32_t data_size, size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t ps_create_flags;
+ struct psa_storage_info_t *ps_p_info;
switch (type)
{
case PAL_PS_SET:
- uid = va_arg(valist, psa_ps_uid_t);
- data_length = va_arg(valist, uint32_t);
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
p_write_data = va_arg(valist, const void*);
- ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
- return psa_ps_set(uid, data_length, p_write_data, ps_create_flags);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_ps_set(uid, data_size, p_write_data, ps_create_flags);
case PAL_PS_GET:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
offset = va_arg(valist, uint32_t);
- data_length = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
p_read_data = va_arg(valist, void*);
- return psa_ps_get(uid, offset, data_length, p_read_data);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_ps_get(uid, offset, data_size, p_read_data, p_data_length);
case PAL_PS_GET_INFO:
- uid = va_arg(valist, psa_ps_uid_t);
- ps_p_info = va_arg(valist, struct psa_ps_info_t*);
+ uid = va_arg(valist, psa_storage_uid_t);
+ ps_p_info = va_arg(valist, struct psa_storage_info_t*);
return psa_ps_get_info(uid, ps_p_info);
case PAL_PS_REMOVE:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
return psa_ps_remove(uid);
case PAL_PS_CREATE:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
size = va_arg(valist, uint32_t);
- ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
return psa_ps_create(uid, size, ps_create_flags);
case PAL_PS_SET_EXTENDED:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
offset = va_arg(valist, uint32_t);
- data_length = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
p_write_data = va_arg(valist, const void*);
- return psa_ps_set_extended(uid, offset, data_length, p_write_data);
+ return psa_ps_set_extended(uid, offset, data_size, p_write_data);
case PAL_PS_GET_SUPPORT:
return psa_ps_get_support();
default:
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/protected_storage/pal_protected_storage_intf.h b/api-tests/platform/targets/tgt_dev_apis_stdc/nspe/protected_storage/pal_protected_storage_intf.h
similarity index 100%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/protected_storage/pal_protected_storage_intf.h
rename to api-tests/platform/targets/tgt_dev_apis_stdc/nspe/protected_storage/pal_protected_storage_intf.h
diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/target.cfg b/api-tests/platform/targets/tgt_dev_apis_stdc/target.cfg
new file mode 100644
index 00000000..1befaec8
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/target.cfg
@@ -0,0 +1,60 @@
+///** @file
+// * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+// * SPDX-License-Identifier : Apache-2.0
+// *
+// * Licensed under the Apache License, Version 2.0 (the "License");
+// * you may not use this file except in compliance with the License.
+// * You may obtain a copy of the License at
+// *
+// * http://www.apache.org/licenses/LICENSE-2.0
+// *
+// * Unless required by applicable law or agreed to in writing, software
+// * distributed under the License is distributed on an "AS IS" BASIS,
+// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// * See the License for the specific language governing permissions and
+// * limitations under the License.
+//**/
+
+// UART device info
+// In this implementation we don't assume there's a UART device, we just print
+// to stdout, so the values below don't mean much.
+uart.num=1;
+uart.0.base = 0x00000000;
+uart.0.size = 0x0;
+uart.0.intr_id = 0x0;
+uart.0.permission = TYPE_READ_WRITE;
+
+// Watchdog device info
+// In this implementation we don't assume there's a watchdog. Watchdog PAL
+// functions all just return SUCCESS, so the values below don't mean much.
+watchdog.num = 1;
+watchdog.0.base = 0x0;
+watchdog.0.size = 0x0;
+watchdog.0.intr_id = 0x0;
+watchdog.0.permission = TYPE_READ_WRITE;
+watchdog.0.num_of_tick_per_micro_sec = 0x0;
+watchdog.0.timeout_in_micro_sec_low = 0x0;
+watchdog.0.timeout_in_micro_sec_medium = 0x0;
+watchdog.0.timeout_in_micro_sec_high = 0x0;
+watchdog.0.timeout_in_micro_sec_crypto = 0x0;
+
+// In this implementation we don't actually use NV memory - we don't support
+// tests that require process or system restarts so NV memory isn't required.
+// The implementation just uses an array in memory.
+nvmem.num =1;
+nvmem.0.start = 0x0;
+nvmem.0.end = 0x0;
+nvmem.0.permission = TYPE_READ_WRITE;
+
+// Miscellaneous - Test scatter info
+dut.num = 1;
+
+// Start address of 12KB NS memory for test ELF
+dut.0.ns_test_addr = 0x2007F000;
+
+// Start address of combine_test_binary in memory. Memory can be main memory or secondary memory.
+// Size of combine_test_binary = Summation of size of each test ELF file.
+dut.0.ns_start_addr_of_combine_test_binary = 0x2003F000;
+
+// Is combine_test_binary available in RAM?
+dut.0.combine_test_binary_in_ram = AVAILABLE;
diff --git a/api-tests/platform/targets/tgt_dev_apis_stdc/target.cmake b/api-tests/platform/targets/tgt_dev_apis_stdc/target.cmake
new file mode 100644
index 00000000..ce8fb1d9
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_stdc/target.cmake
@@ -0,0 +1,131 @@
+#/** @file
+# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+###############################################################################
+# FUNCTION: _create_psa_stdc_exe()
+# Function for generating PSA stdc test binaries linking with libraries
+# external to the psa-arch-tests project. This function requires
+# PSA_STORAGE_LIB_FILENAME to be specificed on the cmake command line,
+# where the symbol is defined as the full path to the external PSA storage
+# library to test. e.g.
+# cmake ... -DPSA_STORAGE_LIB_FILENAME=/wdir/usr/lib/libpsastorage.so
+# If the function is being used to generate a test binary for testing
+# the mbed-crypto library then the function requires
+# PSA_CRYPTO_LIB_FILENAME to be specificed on the cmake command line,
+# where the symbol is defined as the full path to the external PSA crypto
+# library to test. e.g.
+# cmake ... -DPSA_CRYPTO_LIB_FILENAME=/wdir/mbed-crypto/library/ \
+# libmbedcrypto.a
+# ARGUMENTS:
+# _exe_name Name of the test binary to generate.
+# _api_dir PSA API directory name e.g. crypto,
+# internal_trusted_storage or protected_storage.
+###############################################################################
+function(_create_psa_stdc_exe _exe_name _api_dir)
+
+ # Create the PSA test binary.
+ set(EXE_NAME ${_exe_name})
+
+ # Create list of test binary source files.
+ list(APPEND EXE_SRC ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/main.c)
+
+ # Create list of libraries to link to test binary
+ list(APPEND EXE_LIBS
+ ${PROJECT_BINARY_DIR}/val/val_nspe.a
+ ${PROJECT_BINARY_DIR}/platform/pal_nspe.a
+ ${PROJECT_BINARY_DIR}/dev_apis/${_api_dir}/test_combine.a
+ )
+
+ add_executable(${EXE_NAME} ${EXE_SRC})
+ target_link_libraries(${EXE_NAME} ${EXE_LIBS} ${PSA_CRYPTO_LIB_FILENAME} ${PSA_STORAGE_LIB_FILENAME})
+ add_dependencies(${EXE_NAME} ${PSA_TARGET_TEST_COMBINE_LIB})
+endfunction(_create_psa_stdc_exe)
+
+# PAL C source files part of NSPE library
+list(APPEND PAL_SRC_C_NSPE )
+
+# PAL ASM source files part of NSPE library
+list(APPEND PAL_SRC_ASM_NSPE )
+
+# PAL C source files part of SPE library - driver partition
+list(APPEND PAL_SRC_C_DRIVER_SP )
+
+# PAL ASM source files part of SPE library - driver partition
+list(APPEND PAL_SRC_ASM_DRIVER_SP )
+
+# Listing all the sources required for given target
+if(${SUITE} STREQUAL "IPC")
+ message(FATAL_ERROR "IPC not supported")
+else()
+ list(APPEND PAL_SRC_C_NSPE
+ # driver files will be compiled as part of NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_empty_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ns_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "CRYPTO")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto/pal_crypto_intf.c
+ )
+ if(NOT DEFINED PSA_CRYPTO_LIB_FILENAME)
+ message(FATAL_ERROR "ERROR: PSA_CRYPTO_LIB_FILENAME undefined.")
+ endif()
+ _create_psa_stdc_exe(psa-arch-tests-crypto crypto)
+endif()
+if(${SUITE} STREQUAL "PROTECTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage/pal_protected_storage_intf.c
+ )
+ if(NOT DEFINED PSA_STORAGE_LIB_FILENAME)
+ message(FATAL_ERROR "ERROR: PSA_STORAGE_LIB_FILENAME undefined.")
+ endif()
+ _create_psa_stdc_exe(psa-arch-tests-ps protected_storage)
+endif()
+if(${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+ )
+ if(NOT DEFINED PSA_STORAGE_LIB_FILENAME)
+ message(FATAL_ERROR "ERROR: PSA_STORAGE_LIB_FILENAME undefined.")
+ endif()
+ _create_psa_stdc_exe(psa-arch-tests-its internal_trusted_storage)
+endif()
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ message(FATAL_ERROR "Initial attestation not supported")
+endif()
+
+# Create NSPE library
+add_library(${PSA_TARGET_PAL_NSPE_LIB} STATIC ${PAL_SRC_C_NSPE} ${PAL_SRC_ASM_NSPE})
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE ${psa_inc_path})
+endforeach()
+
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation
+)
+
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PSA_QCBOR_INCLUDE_PATH}
+)
+endif()
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/Makefile b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/Makefile
deleted file mode 100644
index 473879d5..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/Makefile
+++ /dev/null
@@ -1,160 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-include $(SOURCE)/tools/makefiles/toolchain.mk
-
-# Make variables to select correct instances of PAL files
-
-## PSA_IPC_IMPLEMENTED must be true for IPC SUITE
-PSA_IPC_IMPLEMENTED:=0
-
-## PSA_CRYPTO_IMPLEMENTED must be true for CRYPTO SUITE
-PSA_CRYPTO_IMPLEMENTED:=1
-
-## PSA_PROTECTED_STORAGE_IMPLEMENTED must be true for PROTECTED_STORAGE SUITE
-PSA_PROTECTED_STORAGE_IMPLEMENTED:=1
-
-## PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED must be true for INTERNAL_TRUSTED_STORAGE SUITE
-PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED:=0
-
-## PSA_INITIAL_ATTESTATION_IMPLEMENTED must be true for INITIAL_ATTESTATION SUITE
-PSA_INITIAL_ATTESTATION_IMPLEMENTED:=1
-
-# Make variables holding NSPE/SPE source files
-
-## PAL C source files part of NSPE library
-SRC_C_NSPE=
-
-## PAL ASM source files part of NSPE library
-SRC_ASM_NSPE=
-
-## PAL C source files part of SPE library - driver partition
-SRC_C_DRIVER_SP=
-
-## PAL ASM source files part of SPE library - driver partition
-SRC_ASM_DRIVER_SP=
-
-ifeq (${PSA_IPC_IMPLEMENTED},1)
-# When PSA_IPC_IMPLEMENTED=1, driver functionalities are implemented as RoT-services
-# and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
-SRC_C_NSPE += pal_client_api_intf.c
-SRC_C_NSPE += pal_driver_ipc_intf.c
-
-# Driver files will be compiled as part of driver partition
-SRC_C_DRIVER_SP += pal_driver_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
-else
-
-# When PSA_IPC_IMPLEMENTED=0, driver files will be compiled as part of NSPE
-SRC_C_NSPE += pal_client_api_empty_intf.c
-SRC_C_NSPE += pal_driver_ns_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
-endif
-
-ifeq (${PSA_CRYPTO_IMPLEMENTED},1)
-SRC_C_NSPE += pal_crypto_intf.c
-else
-SRC_C_NSPE += pal_crypto_empty_intf.c
-endif
-
-ifeq (${PSA_PROTECTED_STORAGE_IMPLEMENTED},1)
-SRC_C_NSPE += pal_protected_storage_intf.c
-else
-SRC_C_NSPE += pal_protected_storage_empty_intf.c
-endif
-
-ifeq (${PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED},1)
-SRC_C_NSPE += pal_internal_trusted_storage_intf.c
-else
-SRC_C_NSPE += pal_internal_trusted_storage_empty_intf.c
-endif
-
-ifeq (${PSA_INITIAL_ATTESTATION_IMPLEMENTED},1)
-SRC_C_NSPE += pal_attestation_intf.c
-SRC_C_NSPE += pal_attestation_eat.c
-SRC_C_NSPE += pal_attestation_crypto.c
-else
-SRC_C_NSPE += pal_attestation_empty_intf.c
-endif
-
-INCLUDE= -I$(SOURCE)/platform/targets/$(TARGET)/nspe \
- -I$(SOURCE)/platform/targets/$(TARGET)/spe \
- -I$(BUILD)/platform/$(TARGET)/ \
- -I$(SOURCE)/platform/drivers/uart/cmsdk \
- -I$(SOURCE)/platform/drivers/nvmem/ \
- -I$(SOURCE)/platform/drivers/watchdog/cmsdk \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/common \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/crypto \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation/ext/inc \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/internal_trusted_storage \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/protected_storage \
-
-VPATH=$(SOURCE)/platform/targets/$(TARGET)/: \
- $(SOURCE)/platform/targets/$(TARGET)/spe: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe: \
- $(SOURCE)/platform/drivers/uart/cmsdk: \
- $(SOURCE)/platform/drivers/nvmem: \
- $(SOURCE)/platform/drivers/watchdog/cmsdk: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/common: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/crypto: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation/ext/src: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/internal_trusted_storage: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/protected_storage: \
-
-all: build
-
-ifeq (${PSA_IPC_IMPLEMENTED},1)
-build: mkdir build_nspe_pal build_spe_pal
-else
-build: mkdir build_nspe_pal
-endif
-
-mkdir:
- @mkdir -p $(BUILD)/platform/nspe/
- @mkdir -p $(BUILD)/platform/spe/
-
-# BUILD NSPE PAL
-build_nspe_pal: build_c_nspe build_asm_nspe pal_nspe.a
-
-build_c_nspe: $(SRC_C_NSPE:%.c=$(BUILD)/platform/nspe/%.o)
-build_asm_nspe: $(SRC_ASM_NSPE:%.s=$(BUILD)/platform/nspe/%.o)
-
-$(BUILD)/platform/nspe/%.o : %.c
- $(CC) $(PAL_CDEFS) $(INCLUDE) -o $@ -c $<
-
-$(BUILD)/platform/nspe/%.o : %.s
- $(AS) $(INCLUDE) -o $@ $<
-
-pal_nspe.a:
- $(AR) $(AR_OPTIONS) $(BUILD)/platform/pal_nspe.a $(BUILD)/platform/nspe/*.o
-
-# BUILD SPE PAL
-build_spe_pal: build_driver_sp
-
-build_driver_sp: build_c_driver_sp build_asm_driver_sp
-
-build_c_driver_sp: $(SRC_C_DRIVER_SP:%.c=$(BUILD)/platform/spe/%_driver_sp.o)
-build_asm_driver_sp: $(SRC_ASM_DRIVER_SP:%.s=$(BUILD)/platform/spe/%_driver_sp.o)
-
-# Generated %_driver_sp.o(s) are used in spbuild.mk to create final driver_partition.a
-$(BUILD)/platform/spe/%_driver_sp.o : %.c
- $(CC) $(INCLUDE) -DSPE_BUILD -o $@ -c $<
-
-$(BUILD)/platform/spe/%_driver_sp.o : %.s
- $(AS) $(INCLUDE) -o $@ $<
-
-clean:
- @rm -rf $(BUILD)/platform/nspe/* $(BUILD)/platform/spe/*.a
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/common/driver_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/common/driver_partition_psa.json
deleted file mode 100644
index e3cec929..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/common/driver_partition_psa.json
+++ /dev/null
@@ -1,75 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "DRIVER_PARTITION",
- "type": "PSA-ROT",
- "priority": "NORMAL",
- "description": "Implements device services such print, flash read/write,. etc.",
- "entry_point": "driver_main",
- "stack_size": "0x400",
- "services": [{
- "name": "DRIVER_UART_SID",
- "sid": "0x0000FC01",
- "signal": "DRIVER_UART_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_WATCHDOG_SID",
- "sid": "0x0000FC02",
- "signal": "DRIVER_WATCHDOG_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_NVMEM_SID",
- "sid": "0x0000FC03",
- "signal": "DRIVER_NVMEM_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_TEST_SID",
- "sid": "0x0000FC04",
- "signal": "DRIVER_TEST_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "mmio_regions" : [
- {
- "name": "UART_REGION",
- "base": "0x40004000",
- "size": "0x1000",
- "permission": "READ-WRITE"
- },
- {
- "name": "WATCHDOG_REGION",
- "base": "0x40008000",
- "size": "0x1000",
- "permission": "READ-WRITE"
- },
- {
- "name": "NVMEM_REGION",
- "base": "0x2002F000",
- "size": "0x400",
- "permission": "READ-WRITE"
- },
- {
- "name": "DRIVER_PARTITION_MMIO",
- "base": "0x200AF040",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ],
- "irqs": [
- {
- "description": "Using UART TX interrupt to test psa_wait and psa_eoi for irq_signal",
- "signal": "DRIVER_UART_INTR_SIG",
- "line_num": 37
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/ipc/client_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/ipc/client_partition_psa.json
deleted file mode 100644
index b93377bd..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/ipc/client_partition_psa.json
+++ /dev/null
@@ -1,37 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "CLIENT_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Client partition executing client test func from SPE",
- "entry_point": "client_main",
- "stack_size": "0x400",
- "services": [{
- "name": "CLIENT_TEST_DISPATCHER_SID",
- "sid": "0x0000FA01",
- "signal": "CLIENT_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID",
- "DRIVER_TEST_SID",
- "SERVER_TEST_DISPATCHER_SID",
- "SERVER_UNSPECIFED_MINOR_V_SID",
- "SERVER_STRICT_MINOR_VERSION_SID",
- "SERVER_RELAX_MINOR_VERSION_SID",
- "SERVER_SECURE_CONNECT_ONLY_SID",
- "SERVER_CONNECTION_DROP_SID"
- ],
- "mmio_regions" : [
- {
- "name": "CLIENT_PARTITION_MMIO",
- "base": "0x200AF000",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/ipc/server_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/ipc/server_partition_psa.json
deleted file mode 100644
index 146b8fbc..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/manifests/ipc/server_partition_psa.json
+++ /dev/null
@@ -1,69 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "SERVER_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Server partition executing server test func",
- "entry_point": "server_main",
- "stack_size": "0x400",
- "heap_size": "0x100",
- "services": [{
- "name": "SERVER_TEST_DISPATCHER_SID",
- "sid": "0x0000FB01",
- "signal": "SERVER_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_SECURE_CONNECT_ONLY_SID",
- "sid": "0x0000FB02",
- "signal": "SERVER_SECURE_CONNECT_ONLY_SIG",
- "non_secure_clients": false,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_STRICT_MINOR_VERSION_SID",
- "sid": "0x0000FB03",
- "signal": "SERVER_STRICT_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "STRICT"
- },
- {
- "name": "SERVER_UNSPECIFED_MINOR_V_SID",
- "sid": "0x0000FB04",
- "signal": "SERVER_UNSPECIFED_MINOR_V_SIG",
- "non_secure_clients": true
- },
- {
- "name": "SERVER_RELAX_MINOR_VERSION_SID",
- "sid": "0x0000FB05",
- "signal": "SERVER_RELAX_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_UNEXTERN_SID",
- "sid": "0x0000FB06",
- "signal": "SERVER_UNEXTERN_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_CONNECTION_DROP_SID",
- "sid": "0x0000FB07",
- "signal": "SERVER_CONNECTION_DROP_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID"
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_empty_intf.c
index 578b4cef..0030ef04 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_empty_intf.c
@@ -31,10 +31,10 @@ uint32_t pal_ipc_framework_version(void)
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
*/
@@ -47,11 +47,11 @@ uint32_t pal_ipc_version(uint32_t sid)
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
return PSA_NULL_HANDLE;
}
@@ -62,6 +62,7 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -70,10 +71,11 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
return (PSA_SUCCESS - 1);
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.c
index 20ddd118..68af13d3 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.c
@@ -32,10 +32,10 @@ uint32_t pal_ipc_framework_version(void)
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - Version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
* Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
*/
@@ -49,14 +49,14 @@ uint32_t pal_ipc_version(uint32_t sid)
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
* Note - Return PSA_NULL_HANDLE if PSA IPC is not implemented.
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
- return (psa_connect(sid, minor_version));
+ return (psa_connect(sid, version));
}
/**
@@ -65,6 +65,7 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -74,12 +75,13 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
- return (psa_call(handle, in_vec, in_len, out_vec, out_len));
+ return (psa_call(handle, type, in_vec, in_len, out_vec, out_len));
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.h
index 3f5741e0..89b4da66 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_client_api_intf.h
@@ -22,11 +22,12 @@
uint32_t pal_ipc_framework_version(void);
uint32_t pal_ipc_version(uint32_t sid);
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version);
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len);
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
void pal_ipc_close(psa_handle_t handle);
#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_common.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_common.h
index 3ebe1e10..0a63b026 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_common.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_common.h
@@ -24,10 +24,8 @@
#include
#include
-#ifndef TARGET_CFG_BUILD
#include "pal_config.h"
#include "pal_crypto_config.h"
-#endif
/* typedef's */
typedef uint8_t bool_t;
@@ -87,7 +85,7 @@ typedef enum {
* Redefining some of the client.h elements for compilation to go through
* when PSA IPC APIs are not implemented.
*/
-#if (PSA_IPC_IMPLEMENTED == 0)
+#ifndef IPC
#ifndef PSA_VERSION_NONE
#define PSA_VERSION_NONE (0)
@@ -113,6 +111,6 @@ typedef struct psa_outvec {
size_t len;
} psa_outvec;
-#endif /* PSA_IPC_IMPLEMENTED */
+#endif /* IPC */
#endif /* _PAL_COMMON_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_config.h
index e3f70ad7..b8ddc57d 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,66 +18,44 @@
#ifndef _PAL_CONFIG_H_
#define _PAL_CONFIG_H_
-/*
- * List of macros used by test suite
- */
-#if !defined(PSA_IPC_IMPLEMENTED)
-#define PSA_IPC_IMPLEMENTED 0
-#endif
-
-#if !defined(PSA_CRYPTO_IMPLEMENTED)
-#define PSA_CRYPTO_IMPLEMENTED 0
-#endif
+/* Define PSA test suite dependent macros for non-cmake build */
+#if !defined(PSA_CMAKE_BUILD)
-#if !defined(PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED)
-#define PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED 0
-#endif
+/* Print verbosity = TEST */
+#define VERBOSE 3
-#if !defined(PSA_PROTECTED_STORAGE_IMPLEMENTED)
-#define PSA_PROTECTED_STORAGE_IMPLEMENTED 0
-#endif
+/* NSPE or SPE VAL build? */
+#define VAL_NSPE_BUILD
-#if !defined(PSA_INITIAL_ATTESTATION_IMPLEMENTED)
-#define PSA_INITIAL_ATTESTATION_IMPLEMENTED 0
-#endif
+/* NSPE or SPE TEST build? */
+#define NONSECURE_TEST_BUILD
-#if (PSA_IPC_IMPLEMENTED == 0) && \
- (PSA_CRYPTO_IMPLEMENTED == 0) && \
- (PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED == 0) && \
- (PSA_PROTECTED_STORAGE_IMPLEMENTED == 0) && \
- (PSA_INITIAL_ATTESTATION_IMPLEMENTED == 0)
-#error "You must define at least one of these macros to run test suite"
-#endif
+/* Combine test archive or binary? */
+#define TEST_COMBINE_ARCHIVE
-#if !defined(VERBOSE)
-#define VERBOSE 3 /* Print verbosity = TEST */
-#endif
+/* If not defined, skip watchdog programming */
+#define WATCHDOG_AVAILABLE
-#if (!defined(VAL_NSPE_BUILD) && !defined(SPE_BUILD))
-#define VAL_NSPE_BUILD 1
-#endif
+/* Are Dynamic memory APIs available to secure partition? */
+#define SP_HEAP_MEM_SUPP
-#if (!defined(NONSECURE_TEST_BUILD) && !defined(SPE_BUILD))
-#define NONSECURE_TEST_BUILD 1
-#endif
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
+#endif /* PSA_CMAKE_BUILD */
-#if !defined(TEST_COMBINE_ARCHIVE)
-#define TEST_COMBINE_ARCHIVE 0 /* Combine test archive or binary? */
-#endif
+/* Version of crypto spec used in attestation */
+#define CRYPTO_VERSION_BETA3
-#if !defined(WATCHDOG_AVAILABLE)
-#define WATCHDOG_AVAILABLE 0 /* If zero, skip watchdog programming */
-#endif
+/* Use hardcoded public key */
+//#define PLATFORM_OVERRIDE_ATTEST_PK
-#if !defined(SP_HEAP_MEM_SUPP)
-#define SP_HEAP_MEM_SUPP 0 /* Are Dynamic funcs available to secure partition? */
-#endif
+/* Platform specific max UID's size */
+#define PLATFORM_MAX_UID_SIZE 512
/*
* Include of PSA defined Header files
*/
-
-#if PSA_IPC_IMPLEMENTED
+#ifdef IPC
/* psa/client.h: Contains the PSA Client API elements */
#include "psa/client.h"
@@ -96,22 +74,22 @@
#include "psa_manifest/pid.h"
#endif
-#if PSA_CRYPTO_IMPLEMENTED
+#ifdef CRYPTO
/* psa/crypto.h: Contains the PSA Crypto API elements */
#include "psa/crypto.h"
#endif
-#if PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED
+#ifdef INTERNAL_TRUSTED_STORAGE
/* psa/internal_trusted_storage.h: Contains the PSA ITS API elements */
#include "psa/internal_trusted_storage.h"
#endif
-#if PSA_PROTECTED_STORAGE_IMPLEMENTED
+#ifdef PROTECTED_STORAGE
/* psa/protected_storage.h: Contains the PSA PS API elements */
#include "psa/protected_storage.h"
#endif
-#if PSA_INITIAL_ATTESTATION_IMPLEMENTED
+#ifdef INITIAL_ATTESTATION
/* psa/initial_attestation.h: Contains the PSA Initial Attestation API elements */
#include "psa/initial_attestation.h"
#endif
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_driver_ipc_intf.c
index f8f773fb..139f04fc 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/common/pal_driver_ipc_intf.c
@@ -33,20 +33,20 @@ int pal_uart_init_ns(uint32_t uart_base_addr)
{&uart_base_addr, sizeof(uart_base_addr)},
{NULL, 0}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return(PAL_STATUS_ERROR);
- }
+ status_of_call = pal_ipc_call(print_handle, 0, data, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
- status_of_call = pal_ipc_call(print_handle, data, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_SUCCESS;
+ }
+ else
{
- return(PAL_STATUS_ERROR);
+ return PAL_STATUS_ERROR;
}
-
- pal_ipc_close(print_handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -62,7 +62,6 @@ int pal_print_ns(char *str, int32_t data)
char *p = str;
psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
- pal_status_t status = PAL_STATUS_SUCCESS;
uart_fn_type_t uart_fn = UART_PRINT;
while (*p != '\0')
@@ -74,22 +73,21 @@ int pal_print_ns(char *str, int32_t data)
psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)},
{str, string_len+1},
{&data, sizeof(data)}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(print_handle, 0, data1, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(print_handle, data1, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- status = PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(print_handle);
- return status;
}
/**
@@ -111,22 +109,20 @@ int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick
wd_param.wd_timer_tick_us = timer_tick_us;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -146,22 +142,20 @@ int pal_wd_timer_enable_ns(addr_t base_addr)
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -181,22 +175,20 @@ int pal_wd_timer_disable_ns(addr_t base_addr)
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -220,22 +212,20 @@ int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)}};
psa_outvec outvec[1] = {{buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, outvec, 1);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, outvec, 1);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- psa_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -258,22 +248,20 @@ int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
nvmem_param.size = size;
psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 2, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 2, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_config.h
index ab11fd16..6f3eca7c 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -231,7 +231,7 @@
//#define ARCH_TEST_MD4
//#define ARCH_TEST_MD5
//#define ARCH_TEST_RIPEMD160
-#define ARCH_TEST_SHA1
+//#define ARCH_TEST_SHA1
#define ARCH_TEST_SHA224
#define ARCH_TEST_SHA256
#define ARCH_TEST_SHA384
@@ -262,7 +262,7 @@
* Comment macros to disable the types
*/
#define ARCH_TEST_CMAC
-#define ARCH_TEST_GMAC
+//#define ARCH_TEST_GMAC
#define ARCH_TEST_HMAC
/**
@@ -318,6 +318,12 @@
*/
#define ARCH_TEST_DETERMINISTIC_ECDSA
+/**
+ * \def ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
+ *
+ * Enable ECC support for asymmetric API.
+*/
+//#define ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
#include "pal_crypto_config_check.h"
#endif /* _PAL_CRYPTO_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_config_check.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_config_check.h
index f18a7852..443e0bc2 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_config_check.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_config_check.h
@@ -94,13 +94,13 @@
#error "ARCH_TEST_CTR_AES defined, but not all prerequisites"
#endif
-#if (defined(ARCH_TEST_CBC_AES)|| defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\
+#if (defined(ARCH_TEST_CBC_AES) || defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\
(!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CBC))
#error "ARCH_TEST_CBC_AES defined, but not all prerequisites"
#endif
#if (defined(ARCH_TEST_CBC_NO_PADDING)) &&\
- (!defined(ARCH_TEST_CIPER) ||!defined(ARCH_TEST_CIPER_MODE_CBC))
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_CIPER_MODE_CBC))
#error "ARCH_TEST_CBC_NO_PADDING defined, but not all prerequisites"
#endif
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_intf.c
index 3df6aa8d..7bad480c 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,96 +28,127 @@
**/
int32_t pal_crypto_function(int type, va_list valist)
{
- int i;
- size_t size, *length, salt_length, label_length, ciphertext_size;
- uint8_t *buffer, *ciphertext;
- const uint8_t *salt, *label, *nonce, *additional_data;
- uint8_t *plaintext;
- uint32_t status;
- const void *extra;
- size_t extra_size, capacity, *gen_cap, nonce_length, additional_data_length;
- psa_key_handle_t handle, *key_handle, target_handle;
- psa_key_type_t key_type, *key_type_out;
- psa_key_policy_t *policy;
- psa_key_usage_t usage, *usage_out;
- psa_key_lifetime_t *lifetime_out;
- psa_algorithm_t alg, *alg_out;
- psa_hash_operation_t *hash_operation;
- psa_mac_operation_t *mac_operation;
- psa_cipher_operation_t *cipher_operation;
- psa_crypto_generator_t *generator;
+ int i;
+ psa_status_t status;
+ uint8_t *buffer, *ciphertext, *plaintext;
+ const uint8_t *nonce, *additional_data, *salt, *peer;
+ size_t *length, size, ciphertext_size, nonce_length;
+ size_t salt_length, peer_length, additional_data_length;
+#ifdef NOT_SUPPORTED
+ size_t *tag_length, plaintext_size;
+ psa_aead_operation_t *aead_operation;
+#endif
+ psa_key_attributes_t *attributes;
+ psa_key_handle_t *handle, key_handle;
+ psa_key_type_t *key_type_out, key_type;
+ psa_key_usage_t *usage_out, usage;
+ psa_key_id_t *key_id_out, key_id;
+ psa_key_lifetime_t *key_lifetime_out, key_lifetime;
+ psa_algorithm_t *key_alg_out, key_alg, alg;
+ psa_hash_operation_t *hash_operation, *target_operation;
+ psa_mac_operation_t *mac_operation;
+ psa_cipher_operation_t *cipher_operation;
+ psa_key_derivation_operation_t *derive_operation;
+ psa_key_derivation_step_t step;
switch (type)
{
case PAL_CRYPTO_INIT:
return psa_crypto_init();
case PAL_CRYPTO_GENERATE_RANDOM:
- buffer = va_arg(valist, uint8_t*);
+ buffer = va_arg(valist, uint8_t *);
size = va_arg(valist, int);
return psa_generate_random(buffer, size);
case PAL_CRYPTO_IMPORT_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type = va_arg(valist, psa_key_type_t);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, int);
- status = psa_import_key(handle, key_type, buffer, size);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ status = psa_import_key(attributes, buffer, size, handle);
return status;
+ case PAL_CRYPTO_SET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type = va_arg(valist, psa_key_type_t);
+ psa_set_key_type(attributes, key_type);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ size = va_arg(valist, size_t);
+ psa_set_key_bits(attributes, size);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ATTRIBUTES:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ return psa_get_key_attributes(key_handle, attributes);
+ case PAL_CRYPTO_GET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type_out = va_arg(valist, psa_key_type_t *);
+ *key_type_out = psa_get_key_type(attributes);
+ return 0;
case PAL_CRYPTO_EXPORT_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- buffer = (uint8_t *)(va_arg(valist, uint8_t*));
- size = va_arg(valist, int);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_export_key(handle, buffer, size, length);
- return status;
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage = va_arg(valist, psa_key_usage_t);
+ psa_set_key_usage_flags(attributes, usage);
+ return 0;
+ case PAL_CRYPTO_RESET_KEY_ATTRIBUTES:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ psa_reset_key_attributes(attributes);
+ return 0;
case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- buffer = (uint8_t *)(va_arg(valist, uint8_t*));
- size = va_arg(valist, int);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_export_public_key(handle, buffer, size, length);
- return status;
- case PAL_CRYPTO_KEY_POLICY_INIT:
- policy = va_arg(valist, psa_key_policy_t*);
- memset(policy, 0, sizeof(psa_key_policy_t));
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_public_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id = va_arg(valist, psa_key_id_t);
+ psa_set_key_id(attributes, key_id);
return 0;
- case PAL_CRYPTO_KEY_POLICY_SET_USAGE:
- policy = va_arg(valist, psa_key_policy_t*);
- usage = va_arg(valist, psa_key_usage_t);
- alg = va_arg(valist, psa_algorithm_t);
- psa_key_policy_set_usage(policy, usage, alg);
+ case PAL_CRYPTO_SET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime = va_arg(valist, psa_key_lifetime_t);
+ psa_set_key_lifetime(attributes, key_lifetime);
return 0;
- case PAL_CRYPTO_SET_KEY_POLICY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_set_key_policy(handle, policy);
- case PAL_CRYPTO_DESTROY_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- status = psa_destroy_key(handle);
- return status;
- case PAL_CRYPTO_GET_KEY_INFORMATION:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type_out = va_arg(valist, psa_key_type_t*);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_get_key_information(handle, key_type_out, length);
- return status;
- case PAL_CRYPTO_GET_KEY_POLICY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_get_key_policy(handle, policy);
- case PAL_CRYPTO_KEY_POLICY_GET_USAGE:
- policy = va_arg(valist, psa_key_policy_t*);
- usage_out = va_arg(valist, psa_key_usage_t*);
- *usage_out = psa_key_policy_get_usage(policy);
+ case PAL_CRYPTO_SET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg = va_arg(valist, psa_algorithm_t);
+ psa_set_key_algorithm(attributes, key_alg);
return 0;
- case PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM:
- policy = va_arg(valist, psa_key_policy_t*);
- alg_out = va_arg(valist, psa_algorithm_t*);
- *alg_out = psa_key_policy_get_algorithm(policy);
+ case PAL_CRYPTO_GET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id_out = va_arg(valist, psa_key_id_t *);
+ *key_id_out = psa_get_key_id(attributes);
return 0;
case PAL_CRYPTO_GET_KEY_LIFETIME:
- handle = (psa_key_handle_t)va_arg(valist, int);
- lifetime_out = va_arg(valist, psa_key_lifetime_t*);
- return psa_get_key_lifetime(handle, lifetime_out);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime_out = va_arg(valist, psa_key_lifetime_t *);
+ *key_lifetime_out = psa_get_key_lifetime(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage_out = va_arg(valist, psa_key_usage_t *);
+ *usage_out = psa_get_key_usage_flags(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg_out = va_arg(valist, psa_algorithm_t *);
+ *key_alg_out = psa_get_key_algorithm(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ length = va_arg(valist, size_t *);
+ *length = psa_get_key_bits(attributes);
+ return 0;
+ case PAL_CRYPTO_DESTROY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_destroy_key(key_handle);
case PAL_CRYPTO_HASH_SETUP:
hash_operation = va_arg(valist, psa_hash_operation_t*);
alg = va_arg(valist, psa_algorithm_t);
@@ -141,44 +172,33 @@ int32_t pal_crypto_function(int type, va_list valist)
case PAL_CRYPTO_HASH_ABORT:
hash_operation = va_arg(valist, psa_hash_operation_t*);
return psa_hash_abort(hash_operation);
- case PAL_CRYPTO_GENERATE_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type = va_arg(valist, psa_key_type_t);
- size = va_arg(valist, size_t);
- extra = va_arg(valist, const void*);
- extra_size = va_arg(valist, size_t);
- return psa_generate_key(handle, key_type, size, extra, extra_size);
- case PAL_CRYPTO_GENERATOR_READ:
- generator = va_arg(valist, psa_crypto_generator_t*);
+#ifdef NOT_SUPPORTED
+ case PAL_CRYPTO_HASH_COMPUTE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, int);
- return psa_generator_read(generator, buffer, size);
- case PAL_CRYPTO_KEY_DERIVATION:
- generator = va_arg(valist, psa_crypto_generator_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_compute(alg, plaintext, plaintext_size, buffer, size, length);
+ case PAL_CRYPTO_HASH_COMPARE:
alg = va_arg(valist, psa_algorithm_t);
- salt = va_arg(valist, const uint8_t *);
- salt_length = va_arg(valist, size_t);
- label = va_arg(valist, const uint8_t *);
- label_length = va_arg(valist, size_t);
- capacity = va_arg(valist, size_t);
- return psa_key_derivation(generator, handle, alg, salt, salt_length, label,
- label_length, capacity);
- case PAL_CRYPTO_GET_GENERATOR_CAPACITY:
- generator = va_arg(valist, psa_crypto_generator_t*);
- gen_cap = va_arg(valist, size_t*);
- return psa_get_generator_capacity(generator, gen_cap);
- case PAL_CRYPTO_GENERATOR_IMPORT_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type = va_arg(valist, psa_key_type_t);
- size = va_arg(valist, size_t);
- generator = va_arg(valist, psa_crypto_generator_t*);
- return psa_generator_import_key(handle, key_type, size, generator);
- case PAL_CRYPTO_GENERATOR_ABORT:
- generator = va_arg(valist, psa_crypto_generator_t*);
- return psa_generator_abort(generator);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size);
+#endif
+ case PAL_CRYPTO_HASH_CLONE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ target_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_clone(hash_operation, target_operation);
+ case PAL_CRYPTO_GENERATE_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_generate_key(attributes, handle);
case PAL_CRYPTO_AEAD_ENCRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
nonce = va_arg(valist, const uint8_t *);
nonce_length = va_arg(valist, size_t);
@@ -189,10 +209,10 @@ int32_t pal_crypto_function(int type, va_list valist)
ciphertext = va_arg(valist, uint8_t *);
ciphertext_size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
- return psa_aead_encrypt(handle, alg, nonce, nonce_length, additional_data,
- additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
+ return psa_aead_encrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
case PAL_CRYPTO_AEAD_DECRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
nonce = va_arg(valist, const uint8_t *);
nonce_length = va_arg(valist, size_t);
@@ -203,13 +223,76 @@ int32_t pal_crypto_function(int type, va_list valist)
plaintext = va_arg(valist, uint8_t *);
size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
- return psa_aead_decrypt(handle, alg, nonce, nonce_length, additional_data,
- additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+ return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_AEAD_ENCRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_encrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_DECRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_decrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_GENERATE_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_generate_nonce(aead_operation, buffer, size, length);
+ case PAL_CRYPTO_AEAD_SET_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_set_nonce(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_SET_LENGTHS:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ size = va_arg(valist, size_t);
+ plaintext_size = va_arg(valist, size_t);
+ return psa_aead_set_lengths(aead_operation, size, plaintext_size);
+ case PAL_CRYPTO_AEAD_UPDATE_AD:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_update_ad(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_UPDATE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_update(aead_operation, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_FINISH:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ tag_length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_finish(aead_operation, ciphertext, ciphertext_size, length, buffer,
+ size, tag_length);
+ case PAL_CRYPTO_AEAD_VERIFY:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_verify(aead_operation, plaintext, plaintext_size, length, buffer, size);
+ case PAL_CRYPTO_AEAD_ABORT:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ return psa_aead_abort(aead_operation);
+#endif
case PAL_CRYPTO_MAC_SIGN_SETUP:
mac_operation = va_arg(valist, psa_mac_operation_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
- return psa_mac_sign_setup(mac_operation, handle, alg);
+ return psa_mac_sign_setup(mac_operation, key_handle, alg);
case PAL_CRYPTO_MAC_UPDATE:
mac_operation = va_arg(valist, psa_mac_operation_t*);
buffer = va_arg(valist, uint8_t*);
@@ -223,9 +306,9 @@ int32_t pal_crypto_function(int type, va_list valist)
return psa_mac_sign_finish(mac_operation, buffer, size, length);
case PAL_CRYPTO_MAC_VERIFY_SETUP:
mac_operation = va_arg(valist, psa_mac_operation_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
- return psa_mac_verify_setup(mac_operation, handle, alg);
+ return psa_mac_verify_setup(mac_operation, key_handle, alg);
case PAL_CRYPTO_MAC_VERIFY_FINISH:
mac_operation = va_arg(valist, psa_mac_operation_t*);
buffer = va_arg(valist, uint8_t*);
@@ -234,8 +317,29 @@ int32_t pal_crypto_function(int type, va_list valist)
case PAL_CRYPTO_MAC_ABORT:
mac_operation = va_arg(valist, psa_mac_operation_t*);
return psa_mac_abort(mac_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_MAC_COMPUTE:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_mac_compute(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_MAC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size);
+#endif
case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
plaintext = va_arg(valist, uint8_t *);
size = va_arg(valist, size_t);
@@ -244,10 +348,10 @@ int32_t pal_crypto_function(int type, va_list valist)
ciphertext = va_arg(valist, uint8_t *);
ciphertext_size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
- return psa_asymmetric_encrypt(handle, alg, plaintext, size, salt, salt_length,
- ciphertext, ciphertext_size, length);
+ return psa_asymmetric_encrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
plaintext = va_arg(valist, uint8_t *);
size = va_arg(valist, size_t);
@@ -256,18 +360,18 @@ int32_t pal_crypto_function(int type, va_list valist)
ciphertext = va_arg(valist, uint8_t *);
ciphertext_size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
- return psa_asymmetric_decrypt(handle, alg, plaintext, size, salt, salt_length,
- ciphertext, ciphertext_size, length);
+ return psa_asymmetric_decrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
- return psa_cipher_encrypt_setup(cipher_operation, handle, alg);
+ return psa_cipher_encrypt_setup(cipher_operation, key_handle, alg);
case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
- return psa_cipher_decrypt_setup(cipher_operation, handle, alg);
+ return psa_cipher_decrypt_setup(cipher_operation, key_handle, alg);
case PAL_CRYPTO_CIPHER_GENERATE_IV:
cipher_operation = va_arg(valist, psa_cipher_operation_t *);
buffer = va_arg(valist, uint8_t*);
@@ -287,7 +391,7 @@ int32_t pal_crypto_function(int type, va_list valist)
ciphertext_size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
- length);
+ length);
case PAL_CRYPTO_CIPHER_FINISH:
cipher_operation = va_arg(valist, psa_cipher_operation_t *);
ciphertext = va_arg(valist, uint8_t *);
@@ -297,39 +401,112 @@ int32_t pal_crypto_function(int type, va_list valist)
case PAL_CRYPTO_CIPHER_ABORT:
cipher_operation = va_arg(valist, psa_cipher_operation_t *);
return psa_cipher_abort(cipher_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_CIPHER_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_encrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+#endif
case PAL_CRYPTO_ASYMMTERIC_SIGN:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
buffer = va_arg(valist, uint8_t*);
size = va_arg(valist, size_t);
ciphertext = va_arg(valist, uint8_t *);
ciphertext_size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
- return psa_asymmetric_sign(handle, alg, buffer, size, ciphertext, ciphertext_size,
- length);
+ return psa_asymmetric_sign(key_handle, alg, buffer, size, ciphertext, ciphertext_size,
+ length);
case PAL_CRYPTO_ASYMMTERIC_VERIFY:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
buffer = va_arg(valist, uint8_t*);
size = va_arg(valist, size_t);
ciphertext = va_arg(valist, uint8_t *);
ciphertext_size = va_arg(valist, size_t);
- return psa_asymmetric_verify(handle, alg, buffer, size, ciphertext, ciphertext_size);
- case PAL_CRYPTO_KEY_AGREEMENT:
- generator = va_arg(valist, psa_crypto_generator_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_asymmetric_verify(key_handle, alg, buffer, size, ciphertext,
+ ciphertext_size);
+ case PAL_CRYPTO_RAW_KEY_AGREEMENT:
+ alg = va_arg(valist, psa_algorithm_t);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
buffer = va_arg(valist, uint8_t*);
size = va_arg(valist, size_t);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_key_agreement(generator, handle, buffer, size, alg);
- case PAL_CRYPTO_ALLOCATE_KEY:
- key_handle = (psa_key_handle_t *)va_arg(valist, int*);
- return psa_allocate_key(key_handle);
+ length = va_arg(valist, size_t*);
+ return psa_raw_key_agreement(alg, key_handle, peer, peer_length, buffer, size, length);
case PAL_CRYPTO_COPY_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- target_handle = (psa_key_handle_t)va_arg(valist, int);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_copy_key(handle, target_handle, policy);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_copy_key(key_handle, attributes, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SETUP:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_key_derivation_setup(derive_operation, alg);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_input_bytes(derive_operation, step, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_key_derivation_input_key(derive_operation, step, key_handle);
+ case PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ return psa_key_derivation_key_agreement(derive_operation, step, key_handle, peer,
+ peer_length);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_output_bytes(derive_operation, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_key_derivation_output_key(attributes, derive_operation, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_set_capacity(derive_operation, size);
+ case PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ length = va_arg(valist, size_t *);
+ return psa_key_derivation_get_capacity(derive_operation, length);
+ case PAL_CRYPTO_KEY_DERIVATION_ABORT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ return psa_key_derivation_abort(derive_operation);
+ case PAL_CRYPTO_OPEN_KEY:
+ key_id = va_arg(valist, psa_key_id_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_open_key(key_id, handle);
+ case PAL_CRYPTO_CLOSE_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_close_key(key_handle);
case PAL_CRYPTO_FREE:
for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
psa_destroy_key(i);
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_intf.h
index d1dabfa4..671dfa0b 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/crypto/pal_crypto_intf.h
@@ -15,62 +15,89 @@
* limitations under the License.
**/
-#ifndef _PAL_CRYPTO_H_
-#define _PAL_CRYPTO_H_
+#ifndef _PAL_CRYPTO_INTF_H_
+#define _PAL_CRYPTO_INTF_H_
#include "pal_common.h"
enum crypto_function_code {
- PAL_CRYPTO_INIT = 0x1,
- PAL_CRYPTO_GENERATE_RANDOM = 0x2,
- PAL_CRYPTO_IMPORT_KEY = 0x3,
- PAL_CRYPTO_EXPORT_KEY = 0x4,
- PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
- PAL_CRYPTO_DESTROY_KEY = 0x6,
- PAL_CRYPTO_GET_KEY_INFO = 0x7,
- PAL_CRYPTO_KEY_POLICY_INIT = 0x8,
- PAL_CRYPTO_KEY_POLICY_SET_USAGE = 0x9,
- PAL_CRYPTO_KEY_POLICY_GET_USAGE = 0xA,
- PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM = 0xB,
- PAL_CRYPTO_SET_KEY_POLICY = 0xC,
- PAL_CRYPTO_GET_KEY_POLICY = 0xD,
- PAL_CRYPTO_GET_KEY_INFORMATION = 0xE,
- PAL_CRYPTO_GET_KEY_LIFETIME = 0xF,
- PAL_CRYPTO_HASH_SETUP = 0x11,
- PAL_CRYPTO_HASH_UPDATE = 0x12,
- PAL_CRYPTO_HASH_VERIFY = 0x13,
- PAL_CRYPTO_HASH_FINISH = 0x14,
- PAL_CRYPTO_HASH_ABORT = 0x15,
- PAL_CRYPTO_GENERATE_KEY = 0x16,
- PAL_CRYPTO_GENERATOR_READ = 0x17,
- PAL_CRYPTO_KEY_DERIVATION = 0x18,
- PAL_CRYPTO_GET_GENERATOR_CAPACITY = 0x19,
- PAL_CRYPTO_GENERATOR_IMPORT_KEY = 0x1A,
- PAL_CRYPTO_GENERATOR_ABORT = 0x1B,
- PAL_CRYPTO_AEAD_ENCRYPT = 0x1C,
- PAL_CRYPTO_AEAD_DECRYPT = 0x1D,
- PAL_CRYPTO_MAC_SIGN_SETUP = 0x1E,
- PAL_CRYPTO_MAC_UPDATE = 0x1F,
- PAL_CRYPTO_MAC_SIGN_FINISH = 0x20,
- PAL_CRYPTO_MAC_VERIFY_SETUP = 0x21,
- PAL_CRYPTO_MAC_VERIFY_FINISH = 0x22,
- PAL_CRYPTO_MAC_ABORT = 0x23,
- PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x24,
- PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x25,
- PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x26,
- PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x2A,
- PAL_CRYPTO_CIPHER_GENERATE_IV = 0x2B,
- PAL_CRYPTO_CIPHER_SET_IV = 0x2C,
- PAL_CRYPTO_CIPHER_UPDATE = 0x2D,
- PAL_CRYPTO_CIPHER_FINISH = 0x2E,
- PAL_CRYPTO_CIPHER_ABORT = 0x2F,
- PAL_CRYPTO_ASYMMTERIC_SIGN = 0x30,
- PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x31,
- PAL_CRYPTO_KEY_AGREEMENT = 0x32,
- PAL_CRYPTO_ALLOCATE_KEY = 0x33,
- PAL_CRYPTO_COPY_KEY = 0x34,
- PAL_CRYPTO_FREE = 0xFE,
+ PAL_CRYPTO_INIT = 0x1,
+ PAL_CRYPTO_GENERATE_RANDOM = 0x2,
+ PAL_CRYPTO_IMPORT_KEY = 0x3,
+ PAL_CRYPTO_EXPORT_KEY = 0x4,
+ PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
+ PAL_CRYPTO_DESTROY_KEY = 0x6,
+ PAL_CRYPTO_HASH_SETUP = 0x7,
+ PAL_CRYPTO_HASH_UPDATE = 0x8,
+ PAL_CRYPTO_HASH_VERIFY = 0x9,
+ PAL_CRYPTO_HASH_FINISH = 0xA,
+ PAL_CRYPTO_HASH_ABORT = 0xB,
+ PAL_CRYPTO_GENERATE_KEY = 0xC,
+ PAL_CRYPTO_AEAD_ENCRYPT = 0xD,
+ PAL_CRYPTO_AEAD_DECRYPT = 0xE,
+ PAL_CRYPTO_MAC_SIGN_SETUP = 0xF,
+ PAL_CRYPTO_MAC_UPDATE = 0x10,
+ PAL_CRYPTO_MAC_SIGN_FINISH = 0x11,
+ PAL_CRYPTO_MAC_VERIFY_SETUP = 0x12,
+ PAL_CRYPTO_MAC_VERIFY_FINISH = 0x13,
+ PAL_CRYPTO_MAC_ABORT = 0x14,
+ PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x15,
+ PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x16,
+ PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x17,
+ PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x18,
+ PAL_CRYPTO_CIPHER_GENERATE_IV = 0x19,
+ PAL_CRYPTO_CIPHER_SET_IV = 0x1A,
+ PAL_CRYPTO_CIPHER_UPDATE = 0x1B,
+ PAL_CRYPTO_CIPHER_FINISH = 0x1C,
+ PAL_CRYPTO_CIPHER_ABORT = 0x1D,
+ PAL_CRYPTO_ASYMMTERIC_SIGN = 0x1E,
+ PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x1F,
+ PAL_CRYPTO_COPY_KEY = 0x20,
+ PAL_CRYPTO_SET_KEY_TYPE = 0x21,
+ PAL_CRYPTO_SET_KEY_BITS = 0x22,
+ PAL_CRYPTO_GET_KEY_ATTRIBUTES = 0x23,
+ PAL_CRYPTO_GET_KEY_TYPE = 0x24,
+ PAL_CRYPTO_SET_KEY_USAGE_FLAGS = 0x25,
+ PAL_CRYPTO_RESET_KEY_ATTRIBUTES = 0x26,
+ PAL_CRYPTO_SET_KEY_ID = 0x27,
+ PAL_CRYPTO_SET_KEY_LIFETIME = 0x28,
+ PAL_CRYPTO_SET_KEY_ALGORITHM = 0x29,
+ PAL_CRYPTO_GET_KEY_ID = 0x2A,
+ PAL_CRYPTO_GET_KEY_LIFETIME = 0x2B,
+ PAL_CRYPTO_GET_KEY_USAGE_FLAGS = 0x2C,
+ PAL_CRYPTO_GET_KEY_ALGORITHM = 0x2D,
+ PAL_CRYPTO_GET_KEY_BITS = 0x2E,
+ PAL_CRYPTO_HASH_COMPUTE = 0x2F,
+ PAL_CRYPTO_HASH_COMPARE = 0x30,
+ PAL_CRYPTO_KEY_DERIVATION_SETUP = 0x31,
+ PAL_CRYPTO_KEY_DERIVATION_ABORT = 0x32,
+ PAL_CRYPTO_RAW_KEY_AGREEMENT = 0x33,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES = 0x34,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY = 0x35,
+ PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT = 0x36,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES = 0x37,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY = 0x38,
+ PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY = 0x39,
+ PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY = 0x3A,
+ PAL_CRYPTO_HASH_CLONE = 0x3B,
+ PAL_CRYPTO_MAC_COMPUTE = 0x3C,
+ PAL_CRYPTO_MAC_VERIFY = 0x3D,
+ PAL_CRYPTO_CIPHER_ENCRYPT = 0x3F,
+ PAL_CRYPTO_CIPHER_DECRYPT = 0x40,
+ PAL_CRYPTO_OPEN_KEY = 0x41,
+ PAL_CRYPTO_CLOSE_KEY = 0x42,
+ PAL_CRYPTO_AEAD_ENCRYPT_SETUP = 0x43,
+ PAL_CRYPTO_AEAD_DECRYPT_SETUP = 0x44,
+ PAL_CRYPTO_AEAD_GENERATE_NONCE = 0x45,
+ PAL_CRYPTO_AEAD_SET_NONCE = 0x46,
+ PAL_CRYPTO_AEAD_SET_LENGTHS = 0X47,
+ PAL_CRYPTO_AEAD_UPDATE_AD = 0x48,
+ PAL_CRYPTO_AEAD_UPDATE = 0x49,
+ PAL_CRYPTO_AEAD_FINISH = 0x4A,
+ PAL_CRYPTO_AEAD_VERIFY = 0x4B,
+ PAL_CRYPTO_AEAD_ABORT = 0x4C,
+ PAL_CRYPTO_FREE = 0xFE,
};
int32_t pal_crypto_function(int type, va_list valist);
-#endif /* _PAL_CRYPTO_H_ */
+#endif /* _PAL_CRYPTO_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c
index ae2bdba4..91be54df 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,7 +17,8 @@
#include "pal_attestation_crypto.h"
-static uint32_t public_key_registered = 0;
+static uint32_t public_key_registered;
+static psa_key_handle_t public_key_handle;
static inline struct q_useful_buf_c useful_buf_head(struct q_useful_buf_c buf,
size_t amount)
@@ -25,33 +26,6 @@ static inline struct q_useful_buf_c useful_buf_head(struct q_useful_buf_c buf,
return UsefulBuf_Head(buf, amount);
}
-static uint32_t check_hash_sizes(void)
-{
- if (T_COSE_CRYPTO_SHA256_SIZE != PSA_HASH_SIZE(PSA_ALG_SHA_256))
- {
- return PAL_ATTEST_HASH_FAIL;
- }
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static psa_ecc_curve_t attest_map_elliptic_curve_type(int32_t cose_curve)
-{
- psa_ecc_curve_t psa_curve;
-
- /*FixMe: Mapping is not complete, missing ones: P384, P521, ED25519, ED448 */
- switch (cose_curve)
- {
- case P_256:
- psa_curve = PSA_ECC_CURVE_SECP256R1;
- break;
- default:
- psa_curve = USHRT_MAX;
- }
-
- return psa_curve;
-}
-
static psa_algorithm_t cose_hash_alg_id_to_psa(int32_t cose_hash_alg_id)
{
psa_algorithm_t status;
@@ -80,131 +54,70 @@ static int32_t hash_alg_id_from_sig_alg_id(int32_t cose_sig_alg_id)
}
}
-int32_t pal_cose_crypto_hash_start(struct pal_cose_crypto_hash *hash_ctx, int32_t cose_hash_alg_id)
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id)
{
- int32_t cose_ret = PAL_ATTEST_SUCCESS;
- psa_status_t psa_ret;
- struct pal_cose_psa_crypto_hash *psa_hash_ctx;
-
- cose_ret = check_hash_sizes();
- if (cose_ret)
- {
- goto error;
- }
+ psa_algorithm_t psa_alg;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
- if (sizeof(struct pal_cose_crypto_hash) < sizeof(struct pal_cose_psa_crypto_hash))
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- goto error;
- }
+ /* Map the algorithm ID */
+ psa_alg = cose_hash_alg_id_to_psa(cose_hash_alg_id);
- psa_hash_ctx = (struct pal_cose_psa_crypto_hash *)hash_ctx;
- psa_ret = psa_hash_setup(&psa_hash_ctx->operation, cose_hash_alg_id_to_psa(cose_hash_alg_id));
+ /* Actually do the hash set up */
+ status = psa_hash_setup(psa_hash, psa_alg);
- if (psa_ret == PAL_ATTEST_SUCCESS)
- {
- psa_hash_ctx->status = PAL_ATTEST_SUCCESS;
- cose_ret = PAL_ATTEST_SUCCESS;
- }
- else if (psa_ret == PSA_ERROR_NOT_SUPPORTED)
- {
- cose_ret = PAL_ATTEST_HASH_UNSUPPORTED;
- }
- else
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- }
+ return status;
-error:
- return cose_ret;
}
-void pal_cose_crypto_hash_update(struct pal_cose_crypto_hash *hash_ctx,
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
struct q_useful_buf_c data_to_hash)
{
- struct pal_cose_psa_crypto_hash *psa_hash_ctx;
-
- if (sizeof(struct pal_cose_crypto_hash) < sizeof(struct pal_cose_psa_crypto_hash))
- {
+ if (data_to_hash.ptr == NULL) {
+ /* No data was passed in to be hashed indicating the mode of use is
+ * the computation of the size of hash. This mode is hashing is used
+ * by t_cose when it is requested to compute the size of the signed
+ * data it might compute, which is in turn used to compute the
+ * size of a would be token. When computing the size, the size
+ * like this, there is nothing to do in update()
+ */
return;
}
- psa_hash_ctx = (struct pal_cose_psa_crypto_hash *)hash_ctx;
-
- if (psa_hash_ctx->status == PAL_ATTEST_SUCCESS)
- {
- if (data_to_hash.ptr != NULL)
- {
- psa_hash_ctx->status = psa_hash_update(&psa_hash_ctx->operation,
- data_to_hash.ptr,
- data_to_hash.len);
- }
- else
- {
- /* Intentionally do nothing, just computing the size of the token */
- }
- }
+ /* Actually hash the data */
+ psa_hash_update(psa_hash, data_to_hash.ptr, data_to_hash.len);
}
-int32_t pal_cose_crypto_hash_finish(struct pal_cose_crypto_hash *hash_ctx,
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
struct q_useful_buf buffer_to_hold_result,
struct q_useful_buf_c *hash_result)
{
- uint32_t cose_ret = PAL_ATTEST_SUCCESS;
- psa_status_t psa_ret;
- struct pal_cose_psa_crypto_hash *psa_hash_ctx;
-
- if (sizeof(struct pal_cose_crypto_hash) < sizeof(struct pal_cose_psa_crypto_hash))
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- goto error;
- }
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
- psa_hash_ctx = (struct pal_cose_psa_crypto_hash *)hash_ctx;
+ /* Actually finish up the hash */
+ status = psa_hash_finish(psa_hash, buffer_to_hold_result.ptr,
+ buffer_to_hold_result.len, &(hash_result->len));
+ hash_result->ptr = buffer_to_hold_result.ptr;
- if (psa_hash_ctx->status == PAL_ATTEST_SUCCESS)
- {
- psa_ret = psa_hash_finish(&psa_hash_ctx->operation,
- buffer_to_hold_result.ptr,
- buffer_to_hold_result.len,
- &(hash_result->len));
-
- if (psa_ret == PAL_ATTEST_SUCCESS)
- {
- hash_result->ptr = buffer_to_hold_result.ptr;
- cose_ret = 0;
- }
- else if (psa_ret == PSA_ERROR_BUFFER_TOO_SMALL)
- {
- cose_ret = PAL_ATTEST_HASH_BUFFER_SIZE;
- }
- else
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- }
- }
- else
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- }
+ return status;
-error:
- return cose_ret;
}
int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
struct q_useful_buf_c *hash)
{
- uint32_t status = PAL_ATTEST_SUCCESS;
- struct pal_cose_crypto_hash hash_ctx;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
- status = pal_cose_crypto_hash_start(&hash_ctx, COSE_ALG_SHA256_PROPRIETARY);
- if (status)
- return status;
+ status = pal_cose_crypto_hash_start(&psa_hash, COSE_ALG_SHA256_PROPRIETARY);
+ if (status != PSA_SUCCESS)
+ goto Done;
- pal_cose_crypto_hash_update(&hash_ctx, bytes_to_hash);
- status = pal_cose_crypto_hash_finish(&hash_ctx, buffer_for_hash, hash);
+ pal_cose_crypto_hash_update(&psa_hash, bytes_to_hash);
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
+ if (status != PSA_SUCCESS)
+ goto Done;
+Done:
return status;
}
@@ -216,25 +129,26 @@ uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_ha
QCBOREncodeContext cbor_encode_ctx;
struct q_useful_buf_c tbs_first_part;
QCBORError qcbor_result;
- struct pal_cose_crypto_hash hash_ctx = {{0}};
int32_t hash_alg_id;
UsefulBuf_MAKE_STACK_UB (buffer_for_TBS_first_part, T_COSE_SIZE_OF_TBS);
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
/* This builds the CBOR-format to-be-signed bytes */
QCBOREncode_Init(&cbor_encode_ctx, buffer_for_TBS_first_part);
QCBOREncode_OpenArray(&cbor_encode_ctx);
+
/* context */
- QCBOREncode_AddSZString(&cbor_encode_ctx,
- COSE_SIG_CONTEXT_STRING_SIGNATURE1);
+ QCBOREncode_AddSZString(&cbor_encode_ctx, COSE_SIG_CONTEXT_STRING_SIGNATURE1);
+
/* body_protected */
- QCBOREncode_AddBytes(&cbor_encode_ctx,
- protected_headers);
- /* sign_protected */
- QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
+ QCBOREncode_AddBytes(&cbor_encode_ctx, protected_headers);
+
+ /* sign_protected is not used for Sign1 */
/* external_aad */
QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
- /* fake payload */
- QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
+
+ /* The short fake payload. */
+ QCBOREncode_AddBytesLenOnly(&cbor_encode_ctx, payload);
QCBOREncode_CloseArray(&cbor_encode_ctx);
/* Get the result and convert it to struct q_useful_buf_c representation */
@@ -242,7 +156,8 @@ uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_ha
if (qcbor_result)
{
/* Mainly means that the protected_headers were too big
- (which should never happen) */
+ * (which should never happen)
+ */
status = PAL_ATTEST_ERR_SIGN_STRUCT;
goto Done;
}
@@ -253,94 +168,177 @@ uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_ha
/* Don't check hash_alg_id for failure. pal_cose_crypto_hash_start()
* will handle it properly
*/
- status = pal_cose_crypto_hash_start(&hash_ctx, hash_alg_id);
+ status = pal_cose_crypto_hash_start(&psa_hash, hash_alg_id);
if (status)
goto Done;
- /* Hash the first part of the TBS. Take all but the last two
- * bytes. The last two bytes are the fake payload from above. It
- * is replaced by the real payload which is hashed next. The fake
- * payload is needed so the array count is right. This is one of
- * the main things that make it possible to implement with one
- * buffer for the whole cose sign1.
+ /* This is hashing of the first part, all the CBOR
+ * except the payload.
*/
- pal_cose_crypto_hash_update(&hash_ctx, useful_buf_head(tbs_first_part,
- tbs_first_part.len - 2));
+ pal_cose_crypto_hash_update(&psa_hash, useful_buf_head(tbs_first_part, tbs_first_part.len));
- /* Hash the payload */
- pal_cose_crypto_hash_update(&hash_ctx, payload);
+ /* Hash the payload, the second part. */
+ pal_cose_crypto_hash_update(&psa_hash, payload);
/* Finish the hash and set up to return it */
- status = pal_cose_crypto_hash_finish(&hash_ctx,
- buffer_for_hash,
- hash);
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
Done:
return status;
}
-uint32_t pal_import_attest_key(int32_t alg)
+static int32_t pal_attest_get_public_key(uint8_t *public_key_buff, size_t public_key_buf_size,
+ size_t *public_key_len, psa_ecc_curve_t *elliptic_curve_type)
{
+ int32_t status = PAL_ATTEST_ERROR;
+
+#ifdef PLATFORM_OVERRIDE_ATTEST_PK
+ if (public_key_buf_size < (attest_key.pubx_key_size + attest_key.puby_key_size + 1))
+ return PAL_ATTEST_ERR_SMALL_BUFFER;
+
+ *public_key_len = (attest_key.pubx_key_size + attest_key.puby_key_size + 1);
+ *elliptic_curve_type = PSA_ECC_CURVE_SECP256R1;
+ memcpy(public_key_buff, (void *)&attest_public_key, *public_key_len);
+ status = PSA_SUCCESS;
+#else
+ status = tfm_initial_attest_get_public_key(public_key_buff,
+ public_key_buf_size,
+ public_key_len,
+ elliptic_curve_type);
+#endif
+
+ return status;
+}
+
+static uint32_t pal_import_attest_key(psa_algorithm_t key_alg)
+{
+ psa_status_t status = PAL_ATTEST_ERROR;
+ psa_key_usage_t usage = PSA_KEY_USAGE_VERIFY;
+ psa_ecc_curve_t ecc_curve;
psa_key_type_t attest_key_type;
size_t public_key_size;
- psa_status_t status = PSA_SUCCESS;
+ uint8_t public_key_buff[ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH] = {0};
+
+#if defined(CRYPTO_VERSION_BETA1) || defined(CRYPTO_VERSION_BETA2)
psa_key_policy_t policy;
- psa_ecc_curve_t psa_curve;
- psa_key_handle_t public_key_handle;
- /* Mapping of COSE curve type to PSA curve types */
- psa_curve = attest_map_elliptic_curve_type(P_256);
- if (psa_curve == USHRT_MAX)
- return PAL_ATTEST_ERROR;
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
- /* Setup the key policy for public key */
- policy = psa_key_policy_init();
- psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_VERIFY, alg);
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
- status = psa_allocate_key(&public_key_handle);
- if (status != PSA_SUCCESS)
- return status;
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
- status = psa_set_key_policy(public_key_handle, &policy);
- if (status != PSA_SUCCESS)
- return status;
+ /* Setup the key policy for public key */
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage(&policy, usage, key_alg);
- attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(psa_curve);
+ status = psa_allocate_key(&public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
- /* Register public key to crypto service */
- public_key_size = attest_key.pubx_key_size + attest_key.puby_key_size;
+ status = psa_set_key_policy(public_key_handle, &policy);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
- status = psa_import_key(public_key_handle,
+ /* Import the public key */
+ status = psa_import_key(public_key_handle,
attest_key_type,
- (const uint8_t *)&attest_public_key,
- public_key_size + 1);
+ public_key_buff,
+ public_key_size);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+
+#elif defined(CRYPTO_VERSION_BETA3)
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+
+ /* Set the attributes for the public key */
+ psa_set_key_type(&attributes, attest_key_type);
+ psa_set_key_bits(&attributes, public_key_size);
+ psa_set_key_usage_flags(&attributes, usage);
+ psa_set_key_algorithm(&attributes, key_alg);
+ psa_set_key_bits(&attributes, 0);
+
+ /* Import the public key */
+ status = psa_import_key(&attributes,
+ public_key_buff,
+ public_key_size,
+ &public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+#endif
return status;
}
+static uint32_t pal_destroy_attest_key(void)
+{
+ psa_status_t status;
+
+ if (!public_key_registered)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ status = psa_destroy_key(public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 0;
+
+ return PAL_ATTEST_SUCCESS;
+}
uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id,
struct q_useful_buf_c token_hash,
struct q_useful_buf_c signature)
{
- uint32_t status = PAL_ATTEST_SUCCESS;
+ int32_t status = PAL_ATTEST_ERROR;
+ psa_algorithm_t key_alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
- if (!public_key_registered)
- {
- status = pal_import_attest_key(cose_algorithm_id);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
+ /* Register the attestation public key */
+ status = pal_import_attest_key(key_alg);
+ if (status != PAL_ATTEST_SUCCESS)
+ return status;
- public_key_registered = 1;
- }
+ /* Verify the signature */
+ status = psa_asymmetric_verify(public_key_handle,
+ key_alg, token_hash.ptr, token_hash.len,
+ signature.ptr, signature.len);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_SIGNATURE_FAIL;
-/*
- * Enable the verify function when Trusted Firmare - M Supports
+ /* Unregister the attestation public key */
+ status = pal_destroy_attest_key();
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
- * Verify the signature a hash or short message using a public key.
- status = psa_asymmetric_verify(public_key_handle,
- cose_algorithm_id, token_hash.ptr, token_hash.len,
- signature.ptr, signature.len);
-*/
- return status;
+ return PAL_ATTEST_SUCCESS;
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.h
index 2d63ad13..559a24c1 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.h
@@ -15,16 +15,19 @@
* limitations under the License.
**/
-#include "pal_common.h"
+#ifndef _PAL_ATTESTATION_CRYPTO_H_
+#define _PAL_ATTESTATION_CRYPTO_H_
+
#include "pal_attestation_eat.h"
-#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH (1 + 2 * PSA_BITS_TO_BYTES(256))
-typedef struct{
+typedef struct {
uint8_t *pubx_key;
- uint32_t pubx_key_size;
+ size_t pubx_key_size;
uint8_t *puby_key;
- uint32_t puby_key_size;
+ size_t puby_key_size;
} ecc_key_t;
struct ecc_public_key_t {
@@ -47,29 +50,14 @@ static const struct ecc_public_key_t attest_public_key = {
0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64},
};
-struct pal_cose_crypto_hash {
- /* Can't put the actual size here without creating dependecy on
- * actual hash implementation, so this is a fairly large and
- * accommodating size.
- */
- uint8_t bytes[128];
-};
-
-struct pal_cose_psa_crypto_hash {
- psa_status_t status;
- psa_hash_operation_t operation;
-};
-
-static const uint8_t initial_attestation_public_x_key[] =
-{
+static const uint8_t initial_attestation_public_x_key[] = {
0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F
};
-static const uint8_t initial_attestation_public_y_key[] =
-{
+static const uint8_t initial_attestation_public_y_key[] = {
0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
@@ -84,10 +72,10 @@ static const ecc_key_t attest_key = {
sizeof(initial_attestation_public_y_key)
};
-int32_t pal_cose_crypto_hash_start(struct pal_cose_crypto_hash *hash_ctx, int32_t cose_hash_alg_id);
-void pal_cose_crypto_hash_update(struct pal_cose_crypto_hash *hash_ctx,
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id);
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
struct q_useful_buf_c data_to_hash);
-int32_t pal_cose_crypto_hash_finish(struct pal_cose_crypto_hash *hash_ctx,
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
struct q_useful_buf buffer_to_hold_result,
struct q_useful_buf_c *hash_result);
int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
@@ -95,8 +83,6 @@ int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf b
uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
struct q_useful_buf_c payload);
-uint32_t pal_import_attest_key(int32_t alg);
uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash,
struct q_useful_buf_c signature);
-
-
+#endif /* _PAL_ATTESTATION_CRYPTO_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_eat.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_eat.c
deleted file mode 100644
index 178fdc9c..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_eat.c
+++ /dev/null
@@ -1,491 +0,0 @@
-/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-#include "pal_attestation_crypto.h"
-
-uint32_t mandatory_claims = 0;
-uint32_t mandaroty_sw_components = 0;
-bool_t sw_component_present = 0;
-
-static int pal_encode_cose_key(struct q_useful_buf_c *cose_key,
- struct q_useful_buf buffer_for_cose_key,
- struct q_useful_buf_c x_cord, struct q_useful_buf_c y_cord)
-{
- uint32_t return_value;
- QCBORError qcbor_result;
- QCBOREncodeContext cbor_encode_ctx;
- int32_t cose_curve_id = P_256;
- struct q_useful_buf_c encoded_key_id;
-
- /* Get the public key x and y */
- /* Encode it into a COSE_Key structure */
- QCBOREncode_Init(&cbor_encode_ctx, buffer_for_cose_key);
- QCBOREncode_OpenMap(&cbor_encode_ctx);
- QCBOREncode_AddInt64ToMapN(&cbor_encode_ctx,
- COSE_KEY_COMMON_KTY,
- COSE_KEY_TYPE_EC2);
- QCBOREncode_AddInt64ToMapN(&cbor_encode_ctx,
- COSE_KEY_PARAM_CRV,
- cose_curve_id);
- QCBOREncode_AddBytesToMapN(&cbor_encode_ctx,
- COSE_KEY_PARAM_X_COORDINATE,
- x_cord);
- QCBOREncode_AddBytesToMapN(&cbor_encode_ctx,
- COSE_KEY_PARAM_Y_COORDINATE,
- y_cord);
- QCBOREncode_CloseMap(&cbor_encode_ctx);
-
- qcbor_result = QCBOREncode_Finish(&cbor_encode_ctx, &encoded_key_id);
- if (qcbor_result != QCBOR_SUCCESS)
- {
- /* Mainly means that the COSE_Key was too big for buffer_for_cose_key */
- return_value = PAL_ATTEST_ERR_PROTECTED_HEADERS;
- goto Done;
- }
-
- /* Finish up and return */
- *cose_key = encoded_key_id;
- return_value = PAL_ATTEST_SUCCESS;
-
-Done:
- return return_value;
-}
-
-
-static int get_items_in_map(QCBORDecodeContext *decode_context,
- struct items_to_get_t *item_list)
-{
- int item_index;
- QCBORItem item;
- struct items_to_get_t *item_ptr = item_list;
-
- /* initialize the data type of all items in the list */
- while (item_ptr->label != 0)
- {
- item_ptr->item.uDataType = QCBOR_TYPE_NONE;
- item_ptr++;
- }
-
- QCBORDecode_GetNext(decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_MAP)
- {
- return PAL_ATTEST_ERROR;
- }
-
- for (item_index = item.val.uCount; item_index != 0; item_index--)
- {
- if (QCBORDecode_GetNext(decode_context, &item) != QCBOR_SUCCESS)
- {
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- if (item.uLabelType != QCBOR_TYPE_INT64)
- {
- continue;
- }
-
- item_ptr = item_list;
- while (item_ptr->label != 0)
- {
- if (item.label.int64 == item_ptr->label)
- {
- item_ptr->item = item;
- }
- item_ptr++;
- }
- }
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static int get_item_in_map(QCBORDecodeContext *decode_context,
- int32_t label,
- QCBORItem *item)
-{
- struct items_to_get_t item_list[2];
-
- item_list[0].label = label;
- item_list[1].label = 0;
-
- if (get_items_in_map(decode_context, item_list))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if (item_list[0].item.uDataType == QCBOR_TYPE_NONE)
- {
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
-
- *item = item_list[0].item;
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static int parse_unprotected_headers(QCBORDecodeContext *decode_context,
- struct q_useful_buf_c *child,
- bool *loop_back)
-{
- struct items_to_get_t item_list[3];
-
- item_list[0].label = COSE_HEADER_PARAM_KID;
- item_list[1].label = T_COSE_SHORT_CIRCUIT_LABEL;
- item_list[2].label = 0;
- *loop_back = false;
-
- if (get_items_in_map(decode_context, item_list))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if (item_list[1].item.uDataType == QCBOR_TYPE_TRUE)
- {
- *loop_back = true;
- }
-
- if (item_list[0].item.uDataType != QCBOR_TYPE_BYTE_STRING)
- {
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
-
- *child = item_list[0].item.val.string;
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static int parse_protected_headers(struct q_useful_buf_c protected_headers,
- int32_t *alg_id)
-{
- QCBORDecodeContext decode_context;
- QCBORItem item;
-
- QCBORDecode_Init(&decode_context, protected_headers, 0);
-
- if (get_item_in_map(&decode_context, COSE_HEADER_PARAM_ALG, &item))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if (QCBORDecode_Finish(&decode_context))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if ((item.uDataType != QCBOR_TYPE_INT64) || (item.val.int64 > INT32_MAX))
- {
- return PAL_ATTEST_ERROR;
- }
-
- *alg_id = (int32_t)item.val.int64;
-
- return PAL_ATTEST_SUCCESS;
-}
-
-/**
- @brief - This API will verify the claims
- @param - decode_context : The buffer containing the challenge
- item : context for decoding the data items
- completed_challenge : Buffer containing the challenge
- @return - error status
-**/
-static int parse_claims(QCBORDecodeContext *decode_context, QCBORItem item,
- struct q_useful_buf_c completed_challenge)
-{
- int i, count = 0;
- int status = PAL_ATTEST_SUCCESS;
-
- /* Parse each claim and validate their data type */
- while (status == PAL_ATTEST_SUCCESS)
- {
- status = QCBORDecode_GetNext(decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- break;
-
- mandatory_claims |= 1 << (EAT_CBOR_ARM_RANGE_BASE - item.label.int64);
- if (item.uLabelType == QCBOR_TYPE_INT64)
- {
- if (item.label.int64 == EAT_CBOR_ARM_LABEL_NONCE)
- {
- if (item.uDataType == QCBOR_TYPE_BYTE_STRING)
- {
- /* Given challenge vs challenge in token */
- if (UsefulBuf_Compare(item.val.string, completed_challenge))
- return PAL_ATTEST_TOKEN_CHALLENGE_MISMATCH;
- }
- else
- return PAL_ATTEST_TOKEN_NOT_SUPPORTED;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_BOOT_SEED ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_UEID)
- {
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_ORIGINATION ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_PROFILE_DEFINITION ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_HW_VERSION)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_CLIENT_ID ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE)
- {
- if (item.uDataType != QCBOR_TYPE_INT64)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_SW_COMPONENTS)
- {
- if (item.uDataType != QCBOR_TYPE_ARRAY)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- sw_component_present = 1;
- status = QCBORDecode_GetNext(decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- continue;
-
- count = item.val.uCount;
- for (i = 0; i <= count; i++)
- {
- mandaroty_sw_components |= 1 << item.label.int64;
-
- if (item.label.int64 == EAT_CBOR_SW_COMPONENT_MEASUREMENT)
- {
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_MEASUREMENT_DESC)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_VERSION)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_SIGNER_ID)
- {
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_EPOCH)
- {
- if (item.uDataType != QCBOR_TYPE_INT64)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_TYPE)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
-
- if (i < count)
- {
- status = QCBORDecode_GetNext(decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- }
-
- }
- }
- else
- {
- /* ToDo: Add other claim types */
- }
- }
-
- if (status == QCBOR_ERR_HIT_END)
- return PAL_ATTEST_SUCCESS;
- else
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-}
-
-/**
- @brief - This API will verify the attestation token
- @param - challenge : The buffer containing the challenge
- challenge_size : Size of the challenge buffer
- token : The buffer containing the attestation token
- token_size : Size of the token buffer
- @return - error status
-**/
-int32_t pal_initial_attest_verify_token(uint8_t *challenge, uint32_t challenge_size,
- uint8_t *token, uint32_t token_size)
-{
- int32_t status = PAL_ATTEST_SUCCESS;
- bool short_circuit;
- int32_t cose_algorithm_id;
- QCBORItem item;
- QCBORDecodeContext decode_context;
- struct q_useful_buf_c completed_challenge;
- struct q_useful_buf_c completed_token;
- struct q_useful_buf_c payload;
- struct q_useful_buf_c signature;
- struct q_useful_buf_c protected_headers;
- struct q_useful_buf_c kid;
- struct q_useful_buf_c x_cord;
- struct q_useful_buf_c y_cord;
- struct q_useful_buf_c cose_key_to_hash;
- struct q_useful_buf_c key_hash;
- struct q_useful_buf_c token_hash;
- USEFUL_BUF_MAKE_STACK_UB(buf_to_hold_x_coord, T_COSE_CRYPTO_EC_P256_COORD_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buf_to_hold_y_coord, T_COSE_CRYPTO_EC_P256_COORD_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_kid, T_COSE_CRYPTO_SHA256_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_cose_key, MAX_ENCODED_COSE_KEY_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_encoded_key, MAX_ENCODED_COSE_KEY_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_token_hash, T_COSE_CRYPTO_SHA256_SIZE);
-
- kid.ptr = buffer_for_encoded_key.ptr;
-
- memcpy(buf_to_hold_x_coord.ptr, (const void *)attest_key.pubx_key, attest_key.pubx_key_size);
- memcpy(buf_to_hold_y_coord.ptr, (const void *)attest_key.puby_key, attest_key.puby_key_size);
-
- /* Update size */
- buf_to_hold_x_coord.len = attest_key.pubx_key_size;
- buf_to_hold_y_coord.len = attest_key.puby_key_size;
-
- x_cord.ptr = buf_to_hold_x_coord.ptr;
- x_cord.len = buf_to_hold_x_coord.len;
- y_cord.ptr = buf_to_hold_y_coord.ptr;
- y_cord.len = buf_to_hold_y_coord.len;
-
- /* Construct the token buffer for validation */
- completed_token.ptr = token;
- completed_token.len = token_size;
-
- /* Construct the challenge buffer for validation */
- completed_challenge.ptr = challenge;
- completed_challenge.len = challenge_size;
-
-/*
- -------------------------
- | CBOR Array Type |
- -------------------------
- | Protected Headers |
- -------------------------
- | Unprotected Headers |
- -------------------------
- | Payload |
- -------------------------
- | Signature |
- -------------------------
-*/
-
- /* Initialize the decorder */
- QCBORDecode_Init(&decode_context, completed_token, QCBOR_DECODE_MODE_NORMAL);
-
- /* Get the Header */
- QCBORDecode_GetNext(&decode_context, &item);
-
- /* Check the CBOR Array type. Check if the count is 4.
- * Only COSE_SIGN1 is supported now.
- */
- if (item.uDataType != QCBOR_TYPE_ARRAY || item.val.uCount != 4 ||
- !QCBORDecode_IsTagged(&decode_context, &item, CBOR_TAG_COSE_SIGN1))
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- /* Get the next headers */
- QCBORDecode_GetNext(&decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- protected_headers = item.val.string;
-
- /* Parse the protected headers and check the data type and value*/
- status = parse_protected_headers(protected_headers, &cose_algorithm_id);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Parse the unprotected headers and check the data type and value */
- short_circuit = false;
- status = parse_unprotected_headers(&decode_context, &kid, &short_circuit);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Encode the given public key */
- status = pal_encode_cose_key(&cose_key_to_hash, buffer_for_cose_key, x_cord, y_cord);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Create hash of the given public key */
- status = pal_create_sha256(cose_key_to_hash, buffer_for_kid, &key_hash);
- if (status != PSA_SUCCESS)
- return status;
-
- /* Compare the hash of the public key in token and hash of the given public key */
- if (kid.len != key_hash.len)
- {
- return PAL_ATTEST_HASH_LENGTH_MISMATCH;
- }
-
- if (memcmp(kid.ptr, key_hash.ptr, kid.len) != 0)
- {
- return PAL_ATTEST_HASH_MISMATCH;
- }
-
- /* Get the payload */
- QCBORDecode_GetNext(&decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- payload = item.val.string;
-
- /* Get the digital signature */
- QCBORDecode_GetNext(&decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- signature = item.val.string;
-
- /* Compute the hash from the token */
- status = pal_compute_hash(cose_algorithm_id, buffer_for_token_hash, &token_hash,
- protected_headers, payload);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Verify the signature */
- status = pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Initialize the Decoder and validate the payload format */
- QCBORDecode_Init(&decode_context, payload, QCBOR_DECODE_MODE_NORMAL);
- status = QCBORDecode_GetNext(&decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- if (item.uDataType != QCBOR_TYPE_MAP)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- /* Parse the payload and check the data type of each claim */
- status = parse_claims(&decode_context, item, completed_challenge);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- if ((mandatory_claims & MANDATORY_CLAIM_WITH_SW_COMP) == MANDATORY_CLAIM_WITH_SW_COMP)
- {
- if ((mandaroty_sw_components & MANDATORY_SW_COMP) != MANDATORY_SW_COMP)
- return PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS;
- }
- else if ((mandatory_claims & MANDATORY_CLAIM_NO_SW_COMP) != MANDATORY_CLAIM_NO_SW_COMP)
- {
- return PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS;
- }
-
- return PAL_ATTEST_SUCCESS;
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_eat.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_eat.h
index 8a0c5455..fae5434e 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_eat.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_eat.h
@@ -15,43 +15,17 @@
* limitations under the License.
**/
+#ifndef _PAL_ATTESTATION_EAT_H_
+#define _PAL_ATTESTATION_EAT_H_
+
#include "qcbor.h"
#include "pal_common.h"
-#include "psa/crypto.h"
#define PAL_ATTEST_MIN_ERROR 30
-/* NIST P-256 also known as secp256r1 */
-#define P_256 1
-
-#define COSE_HEADER_PARAM_ALG 1
-#define COSE_HEADER_PARAM_KID 4
-
-#define COSE_KEY_COMMON_KTY 1
-#define COSE_KEY_TYPE_EC2 2
-#define COSE_KEY_PARAM_CRV -1
-#define COSE_KEY_PARAM_X_COORDINATE -2
-#define COSE_KEY_PARAM_Y_COORDINATE -3
#define COSE_ALGORITHM_ES256 -7
#define COSE_ALG_SHA256_PROPRIETARY -72000
-/**
- * The size of X and Y coordinate in 2 parameter style EC public
- * key. Format is as defined in [COSE (RFC 8152)]
- * (https://tools.ietf.org/html/rfc8152) and [SEC 1: Elliptic Curve
- * Cryptography](http://www.secg.org/sec1-v2.pdf).
- *
- * This size is well-known and documented in public standards.
- */
-#define T_COSE_CRYPTO_EC_P256_COORD_SIZE 32
-#define T_COSE_CRYPTO_SHA256_SIZE 32
-
-#define MAX_ENCODED_COSE_KEY_SIZE \
- 1 + /* 1 byte to encode map */ \
- 2 + /* 2 bytes to encode key type */ \
- 2 + /* 2 bytes to encode curve */ \
- 2 * /* the X and Y coordinates at 32 bytes each */ \
- (T_COSE_CRYPTO_EC_P256_COORD_SIZE + 1 + 2)
#define USEFUL_BUF_MAKE_STACK_UB UsefulBuf_MAKE_STACK_UB
#define COSE_SIG_CONTEXT_STRING_SIGNATURE1 "Signature1"
@@ -78,71 +52,9 @@
sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \
2 + /* Overhead for encoding string */ \
T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \
- 3 * ( /* 3 NULL bstrs for fields not used */ \
+ 3 * (/* 3 NULL bstrs for fields not used */ \
1 /* size of a NULL bstr */ \
)
-
-/*
- CBOR Label for proprietary header indicating short-circuit
- signing was used. Just a random number in the proprietary
- label space */
-#define T_COSE_SHORT_CIRCUIT_LABEL (-8675309)
-
-#define EAT_CBOR_ARM_RANGE_BASE (-75000)
-#define EAT_CBOR_ARM_LABEL_PROFILE_DEFINITION (EAT_CBOR_ARM_RANGE_BASE - 0)
-#define EAT_CBOR_ARM_LABEL_CLIENT_ID (EAT_CBOR_ARM_RANGE_BASE - 1)
-#define EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE (EAT_CBOR_ARM_RANGE_BASE - 2)
-#define EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID (EAT_CBOR_ARM_RANGE_BASE - 3)
-#define EAT_CBOR_ARM_LABEL_BOOT_SEED (EAT_CBOR_ARM_RANGE_BASE - 4)
-#define EAT_CBOR_ARM_LABEL_HW_VERSION (EAT_CBOR_ARM_RANGE_BASE - 5)
-#define EAT_CBOR_ARM_LABEL_SW_COMPONENTS (EAT_CBOR_ARM_RANGE_BASE - 6)
-#define EAT_CBOR_ARM_LABEL_NO_SW_COMPONENTS (EAT_CBOR_ARM_RANGE_BASE - 7)
-#define EAT_CBOR_ARM_LABEL_NONCE (EAT_CBOR_ARM_RANGE_BASE - 8)
-#define EAT_CBOR_ARM_LABEL_UEID (EAT_CBOR_ARM_RANGE_BASE - 9)
-#define EAT_CBOR_ARM_LABEL_ORIGINATION (EAT_CBOR_ARM_RANGE_BASE - 10)
-
-#define CBOR_ARM_TOTAL_CLAIM_INSTANCE 10
-
-#define EAT_CBOR_SW_COMPONENT_TYPE (1u)
-#define EAT_CBOR_SW_COMPONENT_MEASUREMENT (2u)
-#define EAT_CBOR_SW_COMPONENT_EPOCH (3u)
-#define EAT_CBOR_SW_COMPONENT_VERSION (4u)
-#define EAT_CBOR_SW_COMPONENT_SIGNER_ID (5u)
-#define EAT_CBOR_SW_COMPONENT_MEASUREMENT_DESC (6u)
-
-#define MANDATORY_CLAIM_WITH_SW_COMP (1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_NONCE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_UEID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_CLIENT_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_BOOT_SEED) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_SW_COMPONENTS))
-
-#define MANDATORY_CLAIM_NO_SW_COMP (1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_NONCE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_UEID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_CLIENT_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_BOOT_SEED) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_NO_SW_COMPONENTS))
-
-#define MANDATORY_SW_COMP (1 << EAT_CBOR_SW_COMPONENT_MEASUREMENT | \
- 1 << EAT_CBOR_SW_COMPONENT_SIGNER_ID)
-
#define NULL_USEFUL_BUF_C NULLUsefulBufC
enum attestation_error_code {
@@ -158,13 +70,11 @@ enum attestation_error_code {
PAL_ATTEST_HASH_BUFFER_SIZE,
PAL_ATTEST_ERR_PROTECTED_HEADERS,
PAL_ATTEST_ERR_SIGN_STRUCT,
+ PAL_ATTEST_ERR_KEY_FAIL,
+ PAL_ATTEST_ERR_SIGNATURE_FAIL,
+ PAL_ATTEST_ERR_CBOR_STRUCTURE,
+ PAL_ATTEST_ERR_SMALL_BUFFER,
PAL_ATTEST_ERROR,
};
-struct items_to_get_t {
- int64_t label;
- QCBORItem item;
-};
-
-int32_t pal_initial_attest_verify_token(uint8_t *challenge, uint32_t challenge_size,
- uint8_t *token, uint32_t token_size);
+#endif /* _PAL_ATTESTATION_EAT_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_intf.c
index 2d99f74d..8dc9406a 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_intf.c
@@ -26,28 +26,39 @@
**/
int32_t pal_attestation_function(int type, va_list valist)
{
- uint8_t *challenge, *token;
- uint32_t challenge_size, *token_size, verify_token_size;
+ uint8_t *challenge, *token;
+ size_t challenge_size, *token_size, token_buffer_size;
+ int32_t cose_algorithm_id;
+ struct q_useful_buf buffer_for_hash;
+ struct q_useful_buf_c *hash, payload, protected_headers, token_hash, signature;
switch (type)
{
case PAL_INITIAL_ATTEST_GET_TOKEN:
challenge = va_arg(valist, uint8_t*);
- challenge_size = va_arg(valist, uint32_t);
+ challenge_size = va_arg(valist, size_t);
token = va_arg(valist, uint8_t*);
- token_size = va_arg(valist, uint32_t*);
- return psa_initial_attest_get_token(challenge, challenge_size, token, token_size);
+ token_buffer_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token(challenge, challenge_size, token, token_buffer_size,
+ token_size);
case PAL_INITIAL_ATTEST_GET_TOKEN_SIZE:
- challenge_size = va_arg(valist, uint32_t);
- token_size = va_arg(valist, uint32_t*);
+ challenge_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
return psa_initial_attest_get_token_size(challenge_size, token_size);
- case PAL_INITIAL_ATTEST_VERIFY_TOKEN:
- challenge = va_arg(valist, uint8_t*);
- challenge_size = va_arg(valist, uint32_t);
- token = va_arg(valist, uint8_t*);
- verify_token_size = va_arg(valist, uint32_t);
- return pal_initial_attest_verify_token(challenge, challenge_size,
- token, verify_token_size);
+ case PAL_INITIAL_ATTEST_COMPUTE_HASH:
+ cose_algorithm_id = va_arg(valist, int32_t);
+ buffer_for_hash = va_arg(valist, struct q_useful_buf);
+ hash = va_arg(valist, struct q_useful_buf_c*);
+ protected_headers = va_arg(valist, struct q_useful_buf_c);
+ payload = va_arg(valist, struct q_useful_buf_c);
+ return pal_compute_hash(cose_algorithm_id, buffer_for_hash, hash,
+ protected_headers, payload);
+ case PAL_INITIAL_ATTEST_VERIFY_WITH_PK:
+ cose_algorithm_id = va_arg(valist, int32_t);
+ token_hash = va_arg(valist, struct q_useful_buf_c);
+ signature = va_arg(valist, struct q_useful_buf_c);
+ return pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature);
default:
return PAL_STATUS_UNSUPPORTED_FUNC;
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_intf.h
index 12f6ee94..3ab7ebb4 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/initial_attestation/pal_attestation_intf.h
@@ -15,8 +15,8 @@
* limitations under the License.
**/
-#ifndef _PAL_INITIAL_ATTESTATION_H_
-#define _PAL_INITIAL_ATTESTATION_H_
+#ifndef _PAL_ATTESTATION_INTF_H_
+#define _PAL_ATTESTATION_INTF_H_
#include "pal_attestation_crypto.h"
@@ -24,7 +24,9 @@ enum attestation_function_code {
PAL_INITIAL_ATTEST_GET_TOKEN = 0x1,
PAL_INITIAL_ATTEST_GET_TOKEN_SIZE = 0x2,
PAL_INITIAL_ATTEST_VERIFY_TOKEN = 0x3,
+ PAL_INITIAL_ATTEST_COMPUTE_HASH = 0x4,
+ PAL_INITIAL_ATTEST_VERIFY_WITH_PK = 0x5,
};
int32_t pal_attestation_function(int type, va_list valist);
-#endif /* _PAL_INITIAL_ATTESTATION_H_ */
+#endif /* _PAL_ATTESTATION_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
index 4f04ab01..abfdc5d6 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
@@ -26,33 +26,35 @@
**/
uint32_t pal_its_function(int type, va_list valist)
{
- psa_its_uid_t uid;
- uint32_t data_length, offset;
- const void *p_write_data;
- void *p_read_data;
- psa_its_create_flags_t its_create_flags;
- struct psa_its_info_t *its_p_info;
+ psa_storage_uid_t uid;
+ uint32_t data_size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t its_create_flags;
+ struct psa_storage_info_t *its_p_info;
switch (type)
{
case PAL_ITS_SET:
- uid = va_arg(valist, psa_its_uid_t);
- data_length = va_arg(valist, uint32_t);
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
p_write_data = va_arg(valist, const void*);
- its_create_flags = va_arg(valist, psa_its_create_flags_t);
- return psa_its_set(uid, data_length, p_write_data, its_create_flags);
+ its_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_its_set(uid, data_size, p_write_data, its_create_flags);
case PAL_ITS_GET:
- uid = va_arg(valist, psa_its_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
offset = va_arg(valist, uint32_t);
- data_length = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
p_read_data = va_arg(valist, void*);
- return psa_its_get(uid, offset, data_length, p_read_data);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_its_get(uid, offset, data_size, p_read_data, p_data_length);
case PAL_ITS_GET_INFO:
- uid = va_arg(valist, psa_its_uid_t);
- its_p_info = va_arg(valist, struct psa_its_info_t*);
+ uid = va_arg(valist, psa_storage_uid_t);
+ its_p_info = va_arg(valist, struct psa_storage_info_t*);
return psa_its_get_info(uid, its_p_info);
case PAL_ITS_REMOVE:
- uid = va_arg(valist, psa_its_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
return psa_its_remove(uid);
default:
return PAL_STATUS_UNSUPPORTED_FUNC;
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.c
index a4241533..0dd07c57 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.c
@@ -26,45 +26,47 @@
**/
uint32_t pal_ps_function(int type, va_list valist)
{
- psa_ps_uid_t uid;
- uint32_t data_length, size, offset;
- const void *p_write_data;
- void *p_read_data;
- psa_ps_create_flags_t ps_create_flags;
- struct psa_ps_info_t *ps_p_info;
+ psa_storage_uid_t uid;
+ uint32_t data_size, size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t ps_create_flags;
+ struct psa_storage_info_t *ps_p_info;
switch (type)
{
case PAL_PS_SET:
- uid = va_arg(valist, psa_ps_uid_t);
- data_length = va_arg(valist, uint32_t);
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
p_write_data = va_arg(valist, const void*);
- ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
- return psa_ps_set(uid, data_length, p_write_data, ps_create_flags);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_ps_set(uid, data_size, p_write_data, ps_create_flags);
case PAL_PS_GET:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
offset = va_arg(valist, uint32_t);
- data_length = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
p_read_data = va_arg(valist, void*);
- return psa_ps_get(uid, offset, data_length, p_read_data);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_ps_get(uid, offset, data_size, p_read_data, p_data_length);
case PAL_PS_GET_INFO:
- uid = va_arg(valist, psa_ps_uid_t);
- ps_p_info = va_arg(valist, struct psa_ps_info_t*);
+ uid = va_arg(valist, psa_storage_uid_t);
+ ps_p_info = va_arg(valist, struct psa_storage_info_t*);
return psa_ps_get_info(uid, ps_p_info);
case PAL_PS_REMOVE:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
return psa_ps_remove(uid);
case PAL_PS_CREATE:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
size = va_arg(valist, uint32_t);
- ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
return psa_ps_create(uid, size, ps_create_flags);
case PAL_PS_SET_EXTENDED:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
offset = va_arg(valist, uint32_t);
- data_length = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
p_write_data = va_arg(valist, const void*);
- return psa_ps_set_extended(uid, offset, data_length, p_write_data);
+ return psa_ps_set_extended(uid, offset, data_size, p_write_data);
case PAL_PS_GET_SUPPORT:
return psa_ps_get_support();
default:
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/spe/pal_driver_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/spe/pal_driver_intf.c
deleted file mode 100644
index fd307839..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/spe/pal_driver_intf.c
+++ /dev/null
@@ -1,132 +0,0 @@
- /** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- **/
-
-#include "pal_driver_intf.h"
-
-/**
- @brief - This function initializes the UART
- @param - uart base addr
- @return - void
-**/
-void pal_uart_init(uint32_t uart_base_addr)
-{
- pal_uart_cmsdk_init(uart_base_addr);
-}
-
-/**
- @brief - This function parses the input string and writes bytes into UART TX FIFO
- @param - str : Input String
- - data : Value for format specifier
-**/
-
-void pal_print(char *str, int32_t data)
-{
- pal_cmsdk_print(str,data);
-
-}
-
-
-/**
- @brief - Writes into given non-volatile address.
- @param - base : Base address of nvmem
- offset : Offset
- buffer : Pointer to source address
- size : Number of bytes
- @return - 1/0
-**/
-int pal_nvmem_write(addr_t base, uint32_t offset, void *buffer, int size)
-{
- return nvmem_write(base, offset, buffer, size);
-}
-
-/**
- @brief - Reads from given non-volatile address.
- @param - base : Base address of nvmem
- offset : Offset
- buffer : Pointer to source address
- size : Number of bytes
- @return - 1/0
-**/
-int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size)
-{
- return nvmem_read(base, offset, buffer, size);
-}
-
-
-/**
- @brief - Initializes an hardware watchdog timer
- @param - base_addr : Base address of the watchdog module
- - time_us : Time in micro seconds
- - timer_tick_us : Number of ticks per micro second
- @return - SUCCESS/FAILURE
-**/
-int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
-{
- return(pal_wd_cmsdk_init(base_addr,time_us, timer_tick_us));
-
-}
-
-/**
- @brief - Enables a hardware watchdog timer
- @param - base_addr : Base address of the watchdog module
- @return - SUCCESS/FAILURE
-**/
-int pal_wd_timer_enable(addr_t base_addr)
-{
- return(pal_wd_cmsdk_enable(base_addr));
-}
-
-/**
- @brief - Disables a hardware watchdog timer
- @param - base_addr : Base address of the watchdog module
- @return - SUCCESS/FAILURE
-**/
-int pal_wd_timer_disable(addr_t base_addr)
-{
- return (pal_wd_cmsdk_disable(base_addr));
-}
-
-/**
- @brief - Checks whether hardware watchdog timer is enabled
- @param - base_addr : Base address of the watchdog module
- @return - Enabled : 1, Disabled : 0
-**/
-int pal_wd_timer_is_enabled(addr_t base_addr)
-{
- return (pal_wd_cmsdk_is_enabled(base_addr));
-}
-
-/**
- @brief - Trigger interrupt for irq signal assigned to driver partition
- before return to caller.
- @param - void
- @return - void
-**/
-void pal_generate_interrupt(void)
-{
- pal_uart_cmsdk_generate_irq();
-}
-
-/**
- @brief - Disable interrupt that was generated using pal_generate_interrupt API.
- @param - void
- @return - void
-**/
-void pal_disable_interrupt(void)
-{
- pal_uart_cmsdk_disable_irq();
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/target.cfg b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/target.cfg
index 79a845f1..1ec4be24 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/target.cfg
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/target.cfg
@@ -52,6 +52,3 @@ dut.0.ns_start_addr_of_combine_test_binary = 0x28120000;
// Is combine_test_binary available in RAM?
dut.0.combine_test_binary_in_ram = AVAILABLE;
-
-// Level of Isolation
-dut.0.implemented_psa_firmware_isolation_level = LEVEL1;
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/target.cmake b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/target.cmake
new file mode 100644
index 00000000..d33dcc93
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an521/target.cmake
@@ -0,0 +1,109 @@
+#/** @file
+# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+# PAL C source files part of NSPE library
+list(APPEND PAL_SRC_C_NSPE )
+
+# PAL ASM source files part of NSPE library
+list(APPEND PAL_SRC_ASM_NSPE )
+
+# PAL C source files part of SPE library - driver partition
+list(APPEND PAL_SRC_C_DRIVER_SP )
+
+# PAL ASM source files part of SPE library - driver partition
+list(APPEND PAL_SRC_ASM_DRIVER_SP )
+
+
+# Listing all the sources required for given target
+if(${SUITE} STREQUAL "IPC")
+ list(APPEND PAL_SRC_C_NSPE
+ # driver functionalities are implemented as RoT-services
+ # and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ipc_intf.c
+ )
+ list(APPEND PAL_SRC_C_DRIVER_SP
+ # Driver files will be compiled as part of driver partition
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/spe/pal_driver_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/cmsdk/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+else()
+ list(APPEND PAL_SRC_C_NSPE
+ # driver files will be compiled as part of NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_empty_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ns_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/cmsdk/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+endif()
+if(${SUITE} STREQUAL "CRYPTO")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto/pal_crypto_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "PROTECTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage/pal_protected_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c
+ )
+endif()
+
+# Create NSPE library
+add_library(${PSA_TARGET_PAL_NSPE_LIB} STATIC ${PAL_SRC_C_NSPE} ${PAL_SRC_ASM_NSPE})
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE ${psa_inc_path})
+endforeach()
+
+list(APPEND PAL_DRIVER_INCLUDE_PATHS
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem
+ ${PSA_ROOT_DIR}/platform/drivers/uart/cmsdk
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk
+)
+
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PAL_DRIVER_INCLUDE_PATHS}
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation
+)
+
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PSA_QCBOR_INCLUDE_PATH}
+)
+endif()
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_empty_intf.c
similarity index 82%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_empty_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_empty_intf.c
index 578b4cef..0030ef04 100644
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_empty_intf.c
@@ -31,10 +31,10 @@ uint32_t pal_ipc_framework_version(void)
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
*/
@@ -47,11 +47,11 @@ uint32_t pal_ipc_version(uint32_t sid)
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
return PSA_NULL_HANDLE;
}
@@ -62,6 +62,7 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -70,10 +71,11 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
return (PSA_SUCCESS - 1);
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_intf.c
new file mode 100644
index 00000000..c29938c7
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_intf.c
@@ -0,0 +1,99 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_client_api_intf.h"
+
+/**
+ * @brief - Retrieve the version of the PSA Framework API that is implemented.
+ * This is a wrapper API for psa_framework_version API.
+ * @param - void
+ * @return - The PSA Framework API version.
+ * Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
+ */
+
+uint32_t pal_ipc_framework_version(void)
+{
+ return psa_framework_version();
+}
+
+/**
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
+ * This is a wrapper API for the psa_version API.
+ * @param - sid The Root of Trust Service ID
+ * @return - Version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * Service not present on the system.
+ * Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
+ */
+
+uint32_t pal_ipc_version(uint32_t sid)
+{
+ return psa_version(sid);
+}
+
+/**
+ * @brief - Connect to given sid.
+ * This is a wrapper API for the psa_connect API.
+ * @param - sid : RoT service id
+ * @param - version : version of RoT service
+ * @return - psa_handle_t : return connection handle
+ * Note - Return PSA_NULL_HANDLE if PSA IPC is not implemented.
+ */
+
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
+{
+ return psa_connect(sid, version);
+}
+
+/**
+ * @brief Call a connected Root of Trust Service.
+ * This is a wrapper API for the psa_call API.
+ * The caller must provide an array of ::psa_invec_t structures as the input payload.
+ *
+ * @param -handle Handle for the connection.
+ * @param -type Request type.
+ * @param -in_vec Array of psa_invec structures.
+ * @param -in_len Number of psa_invec structures in in_vec.
+ * @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
+ * @param -out_len Number of psa_outvec structures in out_vec.
+ * @return -psa_status_t
+ * Note - Return -1 if PSA IPC is not implemented.
+ */
+
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
+{
+ return psa_call(handle, type, in_vec, in_len, out_vec, out_len);
+}
+
+/**
+ * @brief Close a connection to a Root of Trust Service.
+ * This is a wrapper API for the psa_close API.
+ * Sends the PSA_IPC_DISCONNECT message to the Root of Trust Service so it can clean up resources.
+ *
+ * @param - handle Handle for the connection.
+ * @return - void
+ */
+
+void pal_ipc_close(psa_handle_t handle)
+{
+ psa_close(handle);
+}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_intf.h
similarity index 77%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_intf.h
rename to api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_intf.h
index 3f5741e0..89b4da66 100644
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_client_api_intf.h
@@ -22,11 +22,12 @@
uint32_t pal_ipc_framework_version(void);
uint32_t pal_ipc_version(uint32_t sid);
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version);
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len);
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
void pal_ipc_close(psa_handle_t handle);
#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_common.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_common.h
new file mode 100644
index 00000000..a03cd8d2
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_common.h
@@ -0,0 +1,115 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_COMMON_H_
+#define _PAL_COMMON_H_
+
+#include
+#include
+#include
+#include
+#include
+
+#include "pal_config.h"
+#include "pal_crypto_config.h"
+
+/* typedef's */
+typedef uint8_t bool_t;
+typedef uint32_t addr_t;
+typedef uint32_t test_id_t;
+typedef uint32_t block_id_t;
+typedef char char8_t;
+typedef uint32_t cfg_id_t;
+
+#define PAL_STATUS_UNSUPPORTED_FUNC 0xFF
+
+typedef enum {
+ PAL_STATUS_SUCCESS = 0x0,
+ PAL_STATUS_ERROR = 0x80
+} pal_status_t;
+
+typedef enum {
+ NVMEM_READ = 0x1,
+ NVMEM_WRITE = 0x2,
+} nvmem_fn_type_t;
+
+typedef struct {
+ nvmem_fn_type_t nvmem_fn_type;
+ addr_t base;
+ uint32_t offset;
+ int size;
+} nvmem_param_t;
+
+typedef enum {
+ WD_INIT_SEQ = 0x1,
+ WD_ENABLE_SEQ = 0x2,
+ WD_DISABLE_SEQ = 0x3,
+ WD_STATUS_SEQ = 0x4,
+} wd_fn_type_t;
+
+typedef enum {
+ WD_LOW_TIMEOUT = 0x1,
+ WD_MEDIUM_TIMEOUT = 0x2,
+ WD_HIGH_TIMEOUT = 0x3,
+ WD_CRYPTO_TIMEOUT = 0x4,
+} wd_timeout_type_t;
+
+typedef struct {
+ wd_fn_type_t wd_fn_type;
+ addr_t wd_base_addr;
+ uint32_t wd_time_us;
+ uint32_t wd_timer_tick_us;
+} wd_param_t;
+
+typedef enum {
+ UART_INIT = 0x1,
+ UART_PRINT = 0x2,
+} uart_fn_type_t;
+
+/*
+ * Redefining some of the client.h elements for compilation to go through
+ * when PSA IPC APIs are not implemented.
+ */
+#ifndef IPC
+
+#ifndef PSA_VERSION_NONE
+#define PSA_VERSION_NONE (0)
+#endif
+
+#ifndef PSA_SUCCESS
+#define PSA_SUCCESS (0)
+typedef int32_t psa_status_t;
+#endif
+typedef int32_t psa_handle_t;
+
+#ifndef PSA_NULL_HANDLE
+#define PSA_NULL_HANDLE ((psa_handle_t)0)
+#endif
+
+typedef struct psa_invec {
+ const void *base;
+ size_t len;
+} psa_invec;
+
+typedef struct psa_outvec {
+ void *base;
+ size_t len;
+} psa_outvec;
+
+#endif /* IPC */
+
+#endif /* _PAL_COMMON_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_config.h
new file mode 100644
index 00000000..b8ddc57d
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_config.h
@@ -0,0 +1,97 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CONFIG_H_
+#define _PAL_CONFIG_H_
+
+/* Define PSA test suite dependent macros for non-cmake build */
+#if !defined(PSA_CMAKE_BUILD)
+
+/* Print verbosity = TEST */
+#define VERBOSE 3
+
+/* NSPE or SPE VAL build? */
+#define VAL_NSPE_BUILD
+
+/* NSPE or SPE TEST build? */
+#define NONSECURE_TEST_BUILD
+
+/* Combine test archive or binary? */
+#define TEST_COMBINE_ARCHIVE
+
+/* If not defined, skip watchdog programming */
+#define WATCHDOG_AVAILABLE
+
+/* Are Dynamic memory APIs available to secure partition? */
+#define SP_HEAP_MEM_SUPP
+
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
+#endif /* PSA_CMAKE_BUILD */
+
+/* Version of crypto spec used in attestation */
+#define CRYPTO_VERSION_BETA3
+
+/* Use hardcoded public key */
+//#define PLATFORM_OVERRIDE_ATTEST_PK
+
+/* Platform specific max UID's size */
+#define PLATFORM_MAX_UID_SIZE 512
+
+/*
+ * Include of PSA defined Header files
+ */
+#ifdef IPC
+/* psa/client.h: Contains the PSA Client API elements */
+#include "psa/client.h"
+
+/*
+ * psa_manifest/sid.h: Macro definitions derived from manifest files that map from RoT Service
+ * names to Service IDs (SIDs). Partition manifest parse build tool must provide the implementation
+ * of this file.
+*/
+#include "psa_manifest/sid.h"
+
+/*
+ * psa_manifest/pid.h: Secure Partition IDs
+ * Macro definitions that map from Secure Partition names to Secure Partition IDs.
+ * Partition manifest parse build tool must provide the implementation of this file.
+*/
+#include "psa_manifest/pid.h"
+#endif
+
+#ifdef CRYPTO
+/* psa/crypto.h: Contains the PSA Crypto API elements */
+#include "psa/crypto.h"
+#endif
+
+#ifdef INTERNAL_TRUSTED_STORAGE
+/* psa/internal_trusted_storage.h: Contains the PSA ITS API elements */
+#include "psa/internal_trusted_storage.h"
+#endif
+
+#ifdef PROTECTED_STORAGE
+/* psa/protected_storage.h: Contains the PSA PS API elements */
+#include "psa/protected_storage.h"
+#endif
+
+#ifdef INITIAL_ATTESTATION
+/* psa/initial_attestation.h: Contains the PSA Initial Attestation API elements */
+#include "psa/initial_attestation.h"
+#endif
+
+#endif /* _PAL_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_driver_ipc_intf.c
new file mode 100644
index 00000000..862b9487
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_driver_ipc_intf.c
@@ -0,0 +1,293 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_client_api_intf.h"
+
+/**
+ @brief - This function initializes the UART
+ @param - uart base addr
+ @return - SUCCESS/FAILURE
+**/
+int pal_uart_init_ns(uint32_t uart_base_addr)
+{
+ psa_handle_t print_handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+ uart_fn_type_t uart_fn = UART_INIT;
+
+ psa_invec data[3] = {{&uart_fn, sizeof(uart_fn)},
+ {&uart_base_addr, sizeof(uart_base_addr)},
+ {NULL, 0} };
+
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
+ {
+ status_of_call = pal_ipc_call(print_handle, 0, data, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - This function parses the input string and writes bytes into UART TX FIFO
+ @param - str : Input String
+ - data : Value for format specifier
+ @return - SUCCESS/FAILURE
+**/
+
+int pal_print_ns(char *str, int32_t data)
+{
+ int string_len = 0;
+ char *p = str;
+ psa_handle_t print_handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+ uart_fn_type_t uart_fn = UART_PRINT;
+
+ while (*p != '\0')
+ {
+ string_len++;
+ p++;
+ }
+
+ psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)},
+ {str, string_len+1},
+ {&data, sizeof(data)} };
+
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
+ {
+ status_of_call = pal_ipc_call(print_handle, 0, data1, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Initializes an hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ - time_us : Time in micro seconds
+ - timer_tick_us : Number of ticks per micro second
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_INIT_SEQ;
+ wd_param.wd_base_addr = base_addr;
+ wd_param.wd_time_us = time_us;
+ wd_param.wd_timer_tick_us = timer_tick_us;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} };
+
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Enables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_enable_ns(addr_t base_addr)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_ENABLE_SEQ;
+ wd_param.wd_base_addr = base_addr;
+ wd_param.wd_time_us = 0;
+ wd_param.wd_timer_tick_us = 0;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} };
+
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Disables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_disable_ns(addr_t base_addr)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_DISABLE_SEQ;
+ wd_param.wd_base_addr = base_addr;
+ wd_param.wd_time_us = 0;
+ wd_param.wd_timer_tick_us = 0;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} };
+
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Reads from given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ nvmem_param_t nvmem_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ nvmem_param.nvmem_fn_type = NVMEM_READ;
+ nvmem_param.base = base;
+ nvmem_param.offset = offset;
+ nvmem_param.size = size;
+ psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)} };
+ psa_outvec outvec[1] = {{buffer, size} };
+
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, outvec, 1);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Writes into given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ nvmem_param_t nvmem_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ nvmem_param.nvmem_fn_type = NVMEM_WRITE;
+ nvmem_param.base = base;
+ nvmem_param.offset = offset;
+ nvmem_param.size = size;
+ psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size} };
+
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 2, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ * @brief - This function will read peripherals using SPI commands
+ * @param - addr : address of the peripheral
+ * data : read buffer
+ * len : length of the read buffer in bytes
+ * @return - error status
+**/
+int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len)
+{
+ return 0xFF;
+}
+
+/**
+ * @brief - Terminates the simulation at the end of all tests completion.
+ * By default, it put cpus into power down mode.
+ * @param - void
+ * @return - void
+**/
+void pal_terminate_simulation(void)
+{
+ /* Add logic to terminate the simluation */
+
+ while (1)
+ {
+ asm volatile("WFI");
+ }
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_driver_ns_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_driver_ns_intf.c
new file mode 100644
index 00000000..2f1f0086
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/common/pal_driver_ns_intf.c
@@ -0,0 +1,145 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_uart.h"
+#include "pal_nvmem.h"
+#include "pal_wd_cmsdk.h"
+
+/**
+ @brief - This function initializes the UART
+ @param - uart base addr
+ @return - SUCCESS/FAILURE
+**/
+int pal_uart_init_ns(uint32_t uart_base_addr)
+{
+ pal_uart_cmsdk_init(uart_base_addr);
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - This function parses the input string and writes bytes into UART TX FIFO
+ @param - str : Input String
+ - data : Value for format specifier
+ @return - SUCCESS/FAILURE
+**/
+
+int pal_print_ns(char *str, int32_t data)
+{
+ pal_cmsdk_print(str, data);
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Initializes an hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ - time_us : Time in micro seconds
+ - timer_tick_us : Number of ticks per micro second
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
+{
+ return pal_wd_cmsdk_init(base_addr, time_us, timer_tick_us);
+}
+
+/**
+ @brief - Enables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_enable_ns(addr_t base_addr)
+{
+ return pal_wd_cmsdk_enable(base_addr);
+}
+
+/**
+ @brief - Disables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_disable_ns(addr_t base_addr)
+{
+ return pal_wd_cmsdk_disable(base_addr);
+}
+
+/**
+ @brief - Reads from given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ if (nvmem_read(base, offset, buffer, size))
+ {
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Writes into given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ if (nvmem_write(base, offset, buffer, size))
+ {
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ * @brief - This function will read peripherals using SPI commands
+ * @param - addr : address of the peripheral
+ * data : read buffer
+ * len : length of the read buffer in bytes
+ * @return - error status
+**/
+int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len)
+{
+ return 0xFF;
+}
+
+/**
+ * @brief - Terminates the simulation at the end of all tests completion.
+ * By default, it put cpus into power down mode.
+ * @param - void
+ * @return - void
+**/
+void pal_terminate_simulation(void)
+{
+ /* Add logic to terminate the simluation */
+
+ while (1)
+ {
+ asm volatile("WFI");
+ }
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_config.h
new file mode 100644
index 00000000..6f3eca7c
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_config.h
@@ -0,0 +1,329 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+/*
+ * \file pal_crypto_config.h
+ *
+ * \brief Configuration options for crypto tests (set of defines)
+ *
+ * This set of compile-time options may be used to enable
+ * or disable features selectively for crypto test suite
+ */
+
+#ifndef _PAL_CRYPTO_CONFIG_H_
+#define _PAL_CRYPTO_CONFIG_H_
+/**
+ * \def ARCH_TEST_RSA
+ *
+ * Enable the RSA public-key cryptosystem.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_RSA
+#define ARCH_TEST_RSA_1024
+#define ARCH_TEST_RSA_2048
+#define ARCH_TEST_RSA_3072
+
+/**
+ * \def ARCH_TEST_ECC
+ * \def ARCH_TEST_ECC_CURVE_SECPXXXR1
+ *
+ * Enable the elliptic curve
+ * Enable specific curves within the Elliptic Curve
+ * module. By default all supported curves are enabled.
+ *
+ * Requires: ARCH_TEST_ECC
+ * Comment macros to disable the curve
+ */
+#define ARCH_TEST_ECC
+#define ARCH_TEST_ECC_CURVE_SECP192R1
+#define ARCH_TEST_ECC_CURVE_SECP224R1
+#define ARCH_TEST_ECC_CURVE_SECP256R1
+#define ARCH_TEST_ECC_CURVE_SECP384R1
+
+/**
+ * \def ARCH_TEST_AES
+ *
+ * Enable the AES block cipher.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_AES
+#define ARCH_TEST_AES_128
+#define ARCH_TEST_AES_192
+#define ARCH_TEST_AES_256
+#define ARCH_TEST_AES_512
+
+/**
+ * \def ARCH_TEST_DES
+ *
+ * Enable the DES block cipher.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+//#define ARCH_TEST_DES
+//#define ARCH_TEST_DES_1KEY
+//#define ARCH_TEST_DES_2KEY
+//#define ARCH_TEST_DES_3KEY
+
+/**
+ * \def ARCH_TEST_RAW
+ *
+ * A "key" of this type cannot be used for any cryptographic operation.
+ * Applications may use this type to store arbitrary data in the keystore.
+ */
+#define ARCH_TEST_RAW
+
+/**
+ * \def ARCH_TEST_CIPER
+ *
+ * Enable the generic cipher layer.
+ */
+
+#define ARCH_TEST_CIPER
+
+/**
+ * \def ARCH_TEST_ARC4
+ *
+ * Enable the ARC4 key type.
+ */
+//#define ARCH_TEST_ARC4
+
+/**
+ * \def ARCH_TEST_CIPER_MODE_CTR
+ *
+ * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPER
+ */
+#define ARCH_TEST_CIPER_MODE_CTR
+
+/**
+ * \def ARCH_TEST_CIPER_MODE_CFB
+ *
+ * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPER
+ */
+#define ARCH_TEST_CIPER_MODE_CFB
+
+/**
+ * \def ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPER
+ */
+#define ARCH_TEST_CIPER_MODE_CBC
+
+/**
+ * \def ARCH_TEST_CTR_AES
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CTR
+ */
+#define ARCH_TEST_CTR_AES
+
+/**
+ * \def ARCH_TEST_CBC_AES
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_AES
+#define ARCH_TEST_CBC_AES_NO_PADDING
+
+/**
+ * \def ARCH_TEST_CBC_NO_PADDING
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_NO_PADDING
+
+/**
+ * \def ARCH_TEST_CFB_AES
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CFB
+ */
+#define ARCH_TEST_CFB_AES
+
+/**
+ * \def ARCH_TEST_PKCS1V15_*
+ *
+ * Enable support for PKCS#1 v1.5 encoding.
+ * Enable support for PKCS#1 v1.5 operations.
+ * Enable support for RSA-OAEP
+ *
+ * Requires: ARCH_TEST_RSA, ARCH_TEST_PKCS1V15
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_PKCS1V15
+#define ARCH_TEST_RSA_PKCS1V15_SIGN
+#define ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
+#define ARCH_TEST_RSA_PKCS1V15_CRYPT
+#define ARCH_TEST_RSA_OAEP
+
+/**
+ * \def ARCH_TEST_CBC_PKCS7
+ *
+ * Requires: ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_PKCS7
+
+/**
+ * \def ARCH_TEST_ASYMMETRIC_ENCRYPTION
+ *
+ * Enable support for Asymmetric encryption algorithms
+ */
+#define ARCH_TEST_ASYMMETRIC_ENCRYPTION
+
+/**
+ * \def ARCH_TEST_HASH
+ *
+ * Enable the hash algorithm.
+ */
+#define ARCH_TEST_HASH
+
+/**
+ * \def ARCH_TEST_HMAC
+ *
+ * The key policy determines which underlying hash algorithm the key can be
+ * used for.
+ *
+ * Requires: ARCH_TEST_HASH
+ */
+#define ARCH_TEST_HMAC
+
+/**
+ * \def ARCH_TEST_MDX
+ * \def ARCH_TEST_SHAXXX
+ *
+ * Enable the MDX algorithm.
+ * Enable the SHAXXX algorithm.
+ *
+ * Requires: ARCH_TEST_HASH
+ *
+ * Comment macros to disable the types
+ */
+//#define ARCH_TEST_MD2
+//#define ARCH_TEST_MD4
+//#define ARCH_TEST_MD5
+//#define ARCH_TEST_RIPEMD160
+//#define ARCH_TEST_SHA1
+#define ARCH_TEST_SHA224
+#define ARCH_TEST_SHA256
+#define ARCH_TEST_SHA384
+#define ARCH_TEST_SHA512
+//#define ARCH_TEST_SHA512_224
+//#define ARCH_TEST_SHA512_256
+//#define ARCH_TEST_SHA3_224
+//#define ARCH_TEST_SHA3_256
+//#define ARCH_TEST_SHA3_384
+//#define ARCH_TEST_SHA3_512
+
+/**
+ * \def ARCH_TEST_HKDF
+ *
+ * Enable the HKDF algorithm (RFC 5869).
+ *
+ * Requires: ARCH_TEST_HASH
+*/
+#define ARCH_TEST_HKDF
+
+/**
+ * \def ARCH_TEST_xMAC
+ *
+ * Enable the xMAC (Cipher/Hash/G-based Message Authentication Code) mode for block
+ * ciphers.
+ * Requires: ARCH_TEST_AES or ARCH_TEST_DES
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CMAC
+//#define ARCH_TEST_GMAC
+#define ARCH_TEST_HMAC
+
+/**
+ * \def ARCH_TEST_CCM
+ *
+ * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
+ *
+ * Requires: ARCH_TEST_AES
+ */
+#define ARCH_TEST_CCM
+
+/**
+ * \def ARCH_TEST_GCM
+ *
+ * Enable the Galois/Counter Mode (GCM) for AES.
+ *
+ * Requires: ARCH_TEST_AES
+ *
+ */
+#define ARCH_TEST_GCM
+
+/**
+ * \def ARCH_TEST_TRUNCATED_MAC
+ *
+ * Enable support for RFC 6066 truncated HMAC in SSL.
+ *
+ * Comment this macro to disable support for truncated HMAC in SSL
+ */
+#define ARCH_TEST_TRUNCATED_MAC
+
+
+/**
+ * \def ARCH_TEST_ECDH
+ *
+ * Enable the elliptic curve Diffie-Hellman library.
+ *
+ * Requires: ARCH_TEST_ECC
+ */
+#define ARCH_TEST_ECDH
+
+/**
+ * \def ARCH_TEST_ECDSA
+ *
+ * Enable the elliptic curve DSA library.
+ * Requires: ARCH_TEST_ECC
+ */
+#define ARCH_TEST_ECDSA
+
+/**
+ * \def ARCH_TEST_DETERMINISTIC_ECDSA
+ *
+ * Enable deterministic ECDSA (RFC 6979).
+*/
+#define ARCH_TEST_DETERMINISTIC_ECDSA
+
+/**
+ * \def ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
+ *
+ * Enable ECC support for asymmetric API.
+*/
+//#define ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
+#include "pal_crypto_config_check.h"
+
+#endif /* _PAL_CRYPTO_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_config_check.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_config_check.h
similarity index 98%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_config_check.h
rename to api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_config_check.h
index f18a7852..443e0bc2 100644
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_config_check.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_config_check.h
@@ -94,13 +94,13 @@
#error "ARCH_TEST_CTR_AES defined, but not all prerequisites"
#endif
-#if (defined(ARCH_TEST_CBC_AES)|| defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\
+#if (defined(ARCH_TEST_CBC_AES) || defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\
(!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CBC))
#error "ARCH_TEST_CBC_AES defined, but not all prerequisites"
#endif
#if (defined(ARCH_TEST_CBC_NO_PADDING)) &&\
- (!defined(ARCH_TEST_CIPER) ||!defined(ARCH_TEST_CIPER_MODE_CBC))
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_CIPER_MODE_CBC))
#error "ARCH_TEST_CBC_NO_PADDING defined, but not all prerequisites"
#endif
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_empty_intf.c
similarity index 100%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_empty_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_empty_intf.c
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_intf.c
new file mode 100644
index 00000000..7bad480c
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_intf.c
@@ -0,0 +1,517 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_crypto_intf.h"
+
+#define PAL_KEY_SLOT_COUNT 32
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_crypto_function(int type, va_list valist)
+{
+ int i;
+ psa_status_t status;
+ uint8_t *buffer, *ciphertext, *plaintext;
+ const uint8_t *nonce, *additional_data, *salt, *peer;
+ size_t *length, size, ciphertext_size, nonce_length;
+ size_t salt_length, peer_length, additional_data_length;
+#ifdef NOT_SUPPORTED
+ size_t *tag_length, plaintext_size;
+ psa_aead_operation_t *aead_operation;
+#endif
+ psa_key_attributes_t *attributes;
+ psa_key_handle_t *handle, key_handle;
+ psa_key_type_t *key_type_out, key_type;
+ psa_key_usage_t *usage_out, usage;
+ psa_key_id_t *key_id_out, key_id;
+ psa_key_lifetime_t *key_lifetime_out, key_lifetime;
+ psa_algorithm_t *key_alg_out, key_alg, alg;
+ psa_hash_operation_t *hash_operation, *target_operation;
+ psa_mac_operation_t *mac_operation;
+ psa_cipher_operation_t *cipher_operation;
+ psa_key_derivation_operation_t *derive_operation;
+ psa_key_derivation_step_t step;
+
+ switch (type)
+ {
+ case PAL_CRYPTO_INIT:
+ return psa_crypto_init();
+ case PAL_CRYPTO_GENERATE_RANDOM:
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, int);
+ return psa_generate_random(buffer, size);
+ case PAL_CRYPTO_IMPORT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ status = psa_import_key(attributes, buffer, size, handle);
+ return status;
+ case PAL_CRYPTO_SET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type = va_arg(valist, psa_key_type_t);
+ psa_set_key_type(attributes, key_type);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ size = va_arg(valist, size_t);
+ psa_set_key_bits(attributes, size);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ATTRIBUTES:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ return psa_get_key_attributes(key_handle, attributes);
+ case PAL_CRYPTO_GET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type_out = va_arg(valist, psa_key_type_t *);
+ *key_type_out = psa_get_key_type(attributes);
+ return 0;
+ case PAL_CRYPTO_EXPORT_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage = va_arg(valist, psa_key_usage_t);
+ psa_set_key_usage_flags(attributes, usage);
+ return 0;
+ case PAL_CRYPTO_RESET_KEY_ATTRIBUTES:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ psa_reset_key_attributes(attributes);
+ return 0;
+ case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_public_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id = va_arg(valist, psa_key_id_t);
+ psa_set_key_id(attributes, key_id);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime = va_arg(valist, psa_key_lifetime_t);
+ psa_set_key_lifetime(attributes, key_lifetime);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg = va_arg(valist, psa_algorithm_t);
+ psa_set_key_algorithm(attributes, key_alg);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id_out = va_arg(valist, psa_key_id_t *);
+ *key_id_out = psa_get_key_id(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime_out = va_arg(valist, psa_key_lifetime_t *);
+ *key_lifetime_out = psa_get_key_lifetime(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage_out = va_arg(valist, psa_key_usage_t *);
+ *usage_out = psa_get_key_usage_flags(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg_out = va_arg(valist, psa_algorithm_t *);
+ *key_alg_out = psa_get_key_algorithm(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ length = va_arg(valist, size_t *);
+ *length = psa_get_key_bits(attributes);
+ return 0;
+ case PAL_CRYPTO_DESTROY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_destroy_key(key_handle);
+ case PAL_CRYPTO_HASH_SETUP:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_hash_setup(hash_operation, alg);
+ case PAL_CRYPTO_HASH_UPDATE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_update(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_VERIFY:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_verify(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_FINISH:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_finish(hash_operation, buffer, size, length);
+ case PAL_CRYPTO_HASH_ABORT:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_abort(hash_operation);
+#ifdef NOT_SUPPORTED
+ case PAL_CRYPTO_HASH_COMPUTE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_compute(alg, plaintext, plaintext_size, buffer, size, length);
+ case PAL_CRYPTO_HASH_COMPARE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size);
+#endif
+ case PAL_CRYPTO_HASH_CLONE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ target_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_clone(hash_operation, target_operation);
+ case PAL_CRYPTO_GENERATE_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_generate_key(attributes, handle);
+ case PAL_CRYPTO_AEAD_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_encrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_AEAD_ENCRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_encrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_DECRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_decrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_GENERATE_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_generate_nonce(aead_operation, buffer, size, length);
+ case PAL_CRYPTO_AEAD_SET_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_set_nonce(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_SET_LENGTHS:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ size = va_arg(valist, size_t);
+ plaintext_size = va_arg(valist, size_t);
+ return psa_aead_set_lengths(aead_operation, size, plaintext_size);
+ case PAL_CRYPTO_AEAD_UPDATE_AD:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_update_ad(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_UPDATE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_update(aead_operation, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_FINISH:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ tag_length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_finish(aead_operation, ciphertext, ciphertext_size, length, buffer,
+ size, tag_length);
+ case PAL_CRYPTO_AEAD_VERIFY:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_verify(aead_operation, plaintext, plaintext_size, length, buffer, size);
+ case PAL_CRYPTO_AEAD_ABORT:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ return psa_aead_abort(aead_operation);
+#endif
+ case PAL_CRYPTO_MAC_SIGN_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_sign_setup(mac_operation, key_handle, alg);
+ case PAL_CRYPTO_MAC_UPDATE:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_update(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_SIGN_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_mac_sign_finish(mac_operation, buffer, size, length);
+ case PAL_CRYPTO_MAC_VERIFY_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_verify_setup(mac_operation, key_handle, alg);
+ case PAL_CRYPTO_MAC_VERIFY_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_verify_finish(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_ABORT:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ return psa_mac_abort(mac_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_MAC_COMPUTE:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_mac_compute(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_MAC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size);
+#endif
+ case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_encrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_decrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_encrypt_setup(cipher_operation, key_handle, alg);
+ case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_decrypt_setup(cipher_operation, key_handle, alg);
+ case PAL_CRYPTO_CIPHER_GENERATE_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_generate_iv(cipher_operation, buffer, size, length);
+ case PAL_CRYPTO_CIPHER_SET_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_cipher_set_iv(cipher_operation, buffer, size);
+ case PAL_CRYPTO_CIPHER_UPDATE:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_FINISH:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_finish(cipher_operation, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ABORT:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ return psa_cipher_abort(cipher_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_CIPHER_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_encrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+#endif
+ case PAL_CRYPTO_ASYMMTERIC_SIGN:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_sign(key_handle, alg, buffer, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_ASYMMTERIC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_asymmetric_verify(key_handle, alg, buffer, size, ciphertext,
+ ciphertext_size);
+ case PAL_CRYPTO_RAW_KEY_AGREEMENT:
+ alg = va_arg(valist, psa_algorithm_t);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_raw_key_agreement(alg, key_handle, peer, peer_length, buffer, size, length);
+ case PAL_CRYPTO_COPY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_copy_key(key_handle, attributes, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SETUP:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_key_derivation_setup(derive_operation, alg);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_input_bytes(derive_operation, step, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_key_derivation_input_key(derive_operation, step, key_handle);
+ case PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ return psa_key_derivation_key_agreement(derive_operation, step, key_handle, peer,
+ peer_length);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_output_bytes(derive_operation, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_key_derivation_output_key(attributes, derive_operation, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_set_capacity(derive_operation, size);
+ case PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ length = va_arg(valist, size_t *);
+ return psa_key_derivation_get_capacity(derive_operation, length);
+ case PAL_CRYPTO_KEY_DERIVATION_ABORT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ return psa_key_derivation_abort(derive_operation);
+ case PAL_CRYPTO_OPEN_KEY:
+ key_id = va_arg(valist, psa_key_id_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_open_key(key_id, handle);
+ case PAL_CRYPTO_CLOSE_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_close_key(key_handle);
+ case PAL_CRYPTO_FREE:
+ for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
+ psa_destroy_key(i);
+ return 0;
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_intf.h
new file mode 100644
index 00000000..671dfa0b
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/crypto/pal_crypto_intf.h
@@ -0,0 +1,103 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CRYPTO_INTF_H_
+#define _PAL_CRYPTO_INTF_H_
+
+#include "pal_common.h"
+
+enum crypto_function_code {
+ PAL_CRYPTO_INIT = 0x1,
+ PAL_CRYPTO_GENERATE_RANDOM = 0x2,
+ PAL_CRYPTO_IMPORT_KEY = 0x3,
+ PAL_CRYPTO_EXPORT_KEY = 0x4,
+ PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
+ PAL_CRYPTO_DESTROY_KEY = 0x6,
+ PAL_CRYPTO_HASH_SETUP = 0x7,
+ PAL_CRYPTO_HASH_UPDATE = 0x8,
+ PAL_CRYPTO_HASH_VERIFY = 0x9,
+ PAL_CRYPTO_HASH_FINISH = 0xA,
+ PAL_CRYPTO_HASH_ABORT = 0xB,
+ PAL_CRYPTO_GENERATE_KEY = 0xC,
+ PAL_CRYPTO_AEAD_ENCRYPT = 0xD,
+ PAL_CRYPTO_AEAD_DECRYPT = 0xE,
+ PAL_CRYPTO_MAC_SIGN_SETUP = 0xF,
+ PAL_CRYPTO_MAC_UPDATE = 0x10,
+ PAL_CRYPTO_MAC_SIGN_FINISH = 0x11,
+ PAL_CRYPTO_MAC_VERIFY_SETUP = 0x12,
+ PAL_CRYPTO_MAC_VERIFY_FINISH = 0x13,
+ PAL_CRYPTO_MAC_ABORT = 0x14,
+ PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x15,
+ PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x16,
+ PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x17,
+ PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x18,
+ PAL_CRYPTO_CIPHER_GENERATE_IV = 0x19,
+ PAL_CRYPTO_CIPHER_SET_IV = 0x1A,
+ PAL_CRYPTO_CIPHER_UPDATE = 0x1B,
+ PAL_CRYPTO_CIPHER_FINISH = 0x1C,
+ PAL_CRYPTO_CIPHER_ABORT = 0x1D,
+ PAL_CRYPTO_ASYMMTERIC_SIGN = 0x1E,
+ PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x1F,
+ PAL_CRYPTO_COPY_KEY = 0x20,
+ PAL_CRYPTO_SET_KEY_TYPE = 0x21,
+ PAL_CRYPTO_SET_KEY_BITS = 0x22,
+ PAL_CRYPTO_GET_KEY_ATTRIBUTES = 0x23,
+ PAL_CRYPTO_GET_KEY_TYPE = 0x24,
+ PAL_CRYPTO_SET_KEY_USAGE_FLAGS = 0x25,
+ PAL_CRYPTO_RESET_KEY_ATTRIBUTES = 0x26,
+ PAL_CRYPTO_SET_KEY_ID = 0x27,
+ PAL_CRYPTO_SET_KEY_LIFETIME = 0x28,
+ PAL_CRYPTO_SET_KEY_ALGORITHM = 0x29,
+ PAL_CRYPTO_GET_KEY_ID = 0x2A,
+ PAL_CRYPTO_GET_KEY_LIFETIME = 0x2B,
+ PAL_CRYPTO_GET_KEY_USAGE_FLAGS = 0x2C,
+ PAL_CRYPTO_GET_KEY_ALGORITHM = 0x2D,
+ PAL_CRYPTO_GET_KEY_BITS = 0x2E,
+ PAL_CRYPTO_HASH_COMPUTE = 0x2F,
+ PAL_CRYPTO_HASH_COMPARE = 0x30,
+ PAL_CRYPTO_KEY_DERIVATION_SETUP = 0x31,
+ PAL_CRYPTO_KEY_DERIVATION_ABORT = 0x32,
+ PAL_CRYPTO_RAW_KEY_AGREEMENT = 0x33,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES = 0x34,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY = 0x35,
+ PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT = 0x36,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES = 0x37,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY = 0x38,
+ PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY = 0x39,
+ PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY = 0x3A,
+ PAL_CRYPTO_HASH_CLONE = 0x3B,
+ PAL_CRYPTO_MAC_COMPUTE = 0x3C,
+ PAL_CRYPTO_MAC_VERIFY = 0x3D,
+ PAL_CRYPTO_CIPHER_ENCRYPT = 0x3F,
+ PAL_CRYPTO_CIPHER_DECRYPT = 0x40,
+ PAL_CRYPTO_OPEN_KEY = 0x41,
+ PAL_CRYPTO_CLOSE_KEY = 0x42,
+ PAL_CRYPTO_AEAD_ENCRYPT_SETUP = 0x43,
+ PAL_CRYPTO_AEAD_DECRYPT_SETUP = 0x44,
+ PAL_CRYPTO_AEAD_GENERATE_NONCE = 0x45,
+ PAL_CRYPTO_AEAD_SET_NONCE = 0x46,
+ PAL_CRYPTO_AEAD_SET_LENGTHS = 0X47,
+ PAL_CRYPTO_AEAD_UPDATE_AD = 0x48,
+ PAL_CRYPTO_AEAD_UPDATE = 0x49,
+ PAL_CRYPTO_AEAD_FINISH = 0x4A,
+ PAL_CRYPTO_AEAD_VERIFY = 0x4B,
+ PAL_CRYPTO_AEAD_ABORT = 0x4C,
+ PAL_CRYPTO_FREE = 0xFE,
+};
+
+int32_t pal_crypto_function(int type, va_list valist);
+#endif /* _PAL_CRYPTO_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_crypto.c
new file mode 100644
index 00000000..91be54df
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_crypto.c
@@ -0,0 +1,344 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_attestation_crypto.h"
+
+static uint32_t public_key_registered;
+static psa_key_handle_t public_key_handle;
+
+static inline struct q_useful_buf_c useful_buf_head(struct q_useful_buf_c buf,
+ size_t amount)
+{
+ return UsefulBuf_Head(buf, amount);
+}
+
+static psa_algorithm_t cose_hash_alg_id_to_psa(int32_t cose_hash_alg_id)
+{
+ psa_algorithm_t status;
+
+ switch (cose_hash_alg_id)
+ {
+ case COSE_ALG_SHA256_PROPRIETARY:
+ status = PSA_ALG_SHA_256;
+ break;
+ default:
+ status = PSA_ALG_MD4;
+ break;
+ }
+
+ return status;
+}
+
+static int32_t hash_alg_id_from_sig_alg_id(int32_t cose_sig_alg_id)
+{
+ switch (cose_sig_alg_id)
+ {
+ case COSE_ALGORITHM_ES256:
+ return COSE_ALG_SHA256_PROPRIETARY;
+ default:
+ return INT32_MAX;
+ }
+}
+
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id)
+{
+ psa_algorithm_t psa_alg;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+ /* Map the algorithm ID */
+ psa_alg = cose_hash_alg_id_to_psa(cose_hash_alg_id);
+
+ /* Actually do the hash set up */
+ status = psa_hash_setup(psa_hash, psa_alg);
+
+ return status;
+
+}
+
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf_c data_to_hash)
+{
+ if (data_to_hash.ptr == NULL) {
+ /* No data was passed in to be hashed indicating the mode of use is
+ * the computation of the size of hash. This mode is hashing is used
+ * by t_cose when it is requested to compute the size of the signed
+ * data it might compute, which is in turn used to compute the
+ * size of a would be token. When computing the size, the size
+ * like this, there is nothing to do in update()
+ */
+ return;
+ }
+
+ /* Actually hash the data */
+ psa_hash_update(psa_hash, data_to_hash.ptr, data_to_hash.len);
+}
+
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf buffer_to_hold_result,
+ struct q_useful_buf_c *hash_result)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+ /* Actually finish up the hash */
+ status = psa_hash_finish(psa_hash, buffer_to_hold_result.ptr,
+ buffer_to_hold_result.len, &(hash_result->len));
+ hash_result->ptr = buffer_to_hold_result.ptr;
+
+ return status;
+
+}
+
+int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
+
+ status = pal_cose_crypto_hash_start(&psa_hash, COSE_ALG_SHA256_PROPRIETARY);
+ if (status != PSA_SUCCESS)
+ goto Done;
+
+ pal_cose_crypto_hash_update(&psa_hash, bytes_to_hash);
+
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
+ if (status != PSA_SUCCESS)
+ goto Done;
+Done:
+ return status;
+}
+
+uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
+ struct q_useful_buf_c payload)
+{
+ uint32_t status;
+ QCBOREncodeContext cbor_encode_ctx;
+ struct q_useful_buf_c tbs_first_part;
+ QCBORError qcbor_result;
+ int32_t hash_alg_id;
+ UsefulBuf_MAKE_STACK_UB (buffer_for_TBS_first_part, T_COSE_SIZE_OF_TBS);
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
+
+ /* This builds the CBOR-format to-be-signed bytes */
+ QCBOREncode_Init(&cbor_encode_ctx, buffer_for_TBS_first_part);
+ QCBOREncode_OpenArray(&cbor_encode_ctx);
+
+ /* context */
+ QCBOREncode_AddSZString(&cbor_encode_ctx, COSE_SIG_CONTEXT_STRING_SIGNATURE1);
+
+ /* body_protected */
+ QCBOREncode_AddBytes(&cbor_encode_ctx, protected_headers);
+
+ /* sign_protected is not used for Sign1 */
+ /* external_aad */
+ QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
+
+ /* The short fake payload. */
+ QCBOREncode_AddBytesLenOnly(&cbor_encode_ctx, payload);
+ QCBOREncode_CloseArray(&cbor_encode_ctx);
+
+ /* Get the result and convert it to struct q_useful_buf_c representation */
+ qcbor_result = QCBOREncode_Finish(&cbor_encode_ctx, &tbs_first_part);
+ if (qcbor_result)
+ {
+ /* Mainly means that the protected_headers were too big
+ * (which should never happen)
+ */
+ status = PAL_ATTEST_ERR_SIGN_STRUCT;
+ goto Done;
+ }
+
+ /* Start the hashing */
+ hash_alg_id = hash_alg_id_from_sig_alg_id(cose_alg_id);
+
+ /* Don't check hash_alg_id for failure. pal_cose_crypto_hash_start()
+ * will handle it properly
+ */
+ status = pal_cose_crypto_hash_start(&psa_hash, hash_alg_id);
+ if (status)
+ goto Done;
+
+ /* This is hashing of the first part, all the CBOR
+ * except the payload.
+ */
+ pal_cose_crypto_hash_update(&psa_hash, useful_buf_head(tbs_first_part, tbs_first_part.len));
+
+ /* Hash the payload, the second part. */
+ pal_cose_crypto_hash_update(&psa_hash, payload);
+
+ /* Finish the hash and set up to return it */
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
+
+Done:
+ return status;
+}
+
+static int32_t pal_attest_get_public_key(uint8_t *public_key_buff, size_t public_key_buf_size,
+ size_t *public_key_len, psa_ecc_curve_t *elliptic_curve_type)
+{
+ int32_t status = PAL_ATTEST_ERROR;
+
+#ifdef PLATFORM_OVERRIDE_ATTEST_PK
+ if (public_key_buf_size < (attest_key.pubx_key_size + attest_key.puby_key_size + 1))
+ return PAL_ATTEST_ERR_SMALL_BUFFER;
+
+ *public_key_len = (attest_key.pubx_key_size + attest_key.puby_key_size + 1);
+ *elliptic_curve_type = PSA_ECC_CURVE_SECP256R1;
+ memcpy(public_key_buff, (void *)&attest_public_key, *public_key_len);
+ status = PSA_SUCCESS;
+#else
+ status = tfm_initial_attest_get_public_key(public_key_buff,
+ public_key_buf_size,
+ public_key_len,
+ elliptic_curve_type);
+#endif
+
+ return status;
+}
+
+static uint32_t pal_import_attest_key(psa_algorithm_t key_alg)
+{
+ psa_status_t status = PAL_ATTEST_ERROR;
+ psa_key_usage_t usage = PSA_KEY_USAGE_VERIFY;
+ psa_ecc_curve_t ecc_curve;
+ psa_key_type_t attest_key_type;
+ size_t public_key_size;
+ uint8_t public_key_buff[ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH] = {0};
+
+#if defined(CRYPTO_VERSION_BETA1) || defined(CRYPTO_VERSION_BETA2)
+ psa_key_policy_t policy;
+
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+
+ /* Setup the key policy for public key */
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage(&policy, usage, key_alg);
+
+ status = psa_allocate_key(&public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ status = psa_set_key_policy(public_key_handle, &policy);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ /* Import the public key */
+ status = psa_import_key(public_key_handle,
+ attest_key_type,
+ public_key_buff,
+ public_key_size);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+
+#elif defined(CRYPTO_VERSION_BETA3)
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+
+ /* Set the attributes for the public key */
+ psa_set_key_type(&attributes, attest_key_type);
+ psa_set_key_bits(&attributes, public_key_size);
+ psa_set_key_usage_flags(&attributes, usage);
+ psa_set_key_algorithm(&attributes, key_alg);
+ psa_set_key_bits(&attributes, 0);
+
+ /* Import the public key */
+ status = psa_import_key(&attributes,
+ public_key_buff,
+ public_key_size,
+ &public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+#endif
+
+ return status;
+}
+
+static uint32_t pal_destroy_attest_key(void)
+{
+ psa_status_t status;
+
+ if (!public_key_registered)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ status = psa_destroy_key(public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 0;
+
+ return PAL_ATTEST_SUCCESS;
+}
+
+uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id,
+ struct q_useful_buf_c token_hash,
+ struct q_useful_buf_c signature)
+{
+ int32_t status = PAL_ATTEST_ERROR;
+ psa_algorithm_t key_alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
+
+ /* Register the attestation public key */
+ status = pal_import_attest_key(key_alg);
+ if (status != PAL_ATTEST_SUCCESS)
+ return status;
+
+ /* Verify the signature */
+ status = psa_asymmetric_verify(public_key_handle,
+ key_alg, token_hash.ptr, token_hash.len,
+ signature.ptr, signature.len);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_SIGNATURE_FAIL;
+
+ /* Unregister the attestation public key */
+ status = pal_destroy_attest_key();
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ return PAL_ATTEST_SUCCESS;
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_crypto.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_crypto.h
similarity index 76%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_crypto.h
rename to api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_crypto.h
index 2d63ad13..559a24c1 100644
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_crypto.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_crypto.h
@@ -15,16 +15,19 @@
* limitations under the License.
**/
-#include "pal_common.h"
+#ifndef _PAL_ATTESTATION_CRYPTO_H_
+#define _PAL_ATTESTATION_CRYPTO_H_
+
#include "pal_attestation_eat.h"
-#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH (1 + 2 * PSA_BITS_TO_BYTES(256))
-typedef struct{
+typedef struct {
uint8_t *pubx_key;
- uint32_t pubx_key_size;
+ size_t pubx_key_size;
uint8_t *puby_key;
- uint32_t puby_key_size;
+ size_t puby_key_size;
} ecc_key_t;
struct ecc_public_key_t {
@@ -47,29 +50,14 @@ static const struct ecc_public_key_t attest_public_key = {
0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64},
};
-struct pal_cose_crypto_hash {
- /* Can't put the actual size here without creating dependecy on
- * actual hash implementation, so this is a fairly large and
- * accommodating size.
- */
- uint8_t bytes[128];
-};
-
-struct pal_cose_psa_crypto_hash {
- psa_status_t status;
- psa_hash_operation_t operation;
-};
-
-static const uint8_t initial_attestation_public_x_key[] =
-{
+static const uint8_t initial_attestation_public_x_key[] = {
0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F
};
-static const uint8_t initial_attestation_public_y_key[] =
-{
+static const uint8_t initial_attestation_public_y_key[] = {
0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
@@ -84,10 +72,10 @@ static const ecc_key_t attest_key = {
sizeof(initial_attestation_public_y_key)
};
-int32_t pal_cose_crypto_hash_start(struct pal_cose_crypto_hash *hash_ctx, int32_t cose_hash_alg_id);
-void pal_cose_crypto_hash_update(struct pal_cose_crypto_hash *hash_ctx,
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id);
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
struct q_useful_buf_c data_to_hash);
-int32_t pal_cose_crypto_hash_finish(struct pal_cose_crypto_hash *hash_ctx,
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
struct q_useful_buf buffer_to_hold_result,
struct q_useful_buf_c *hash_result);
int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
@@ -95,8 +83,6 @@ int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf b
uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
struct q_useful_buf_c payload);
-uint32_t pal_import_attest_key(int32_t alg);
uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash,
struct q_useful_buf_c signature);
-
-
+#endif /* _PAL_ATTESTATION_CRYPTO_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_eat.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_eat.h
new file mode 100644
index 00000000..fae5434e
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_eat.h
@@ -0,0 +1,80 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_EAT_H_
+#define _PAL_ATTESTATION_EAT_H_
+
+#include "qcbor.h"
+#include "pal_common.h"
+
+#define PAL_ATTEST_MIN_ERROR 30
+
+#define COSE_ALGORITHM_ES256 -7
+#define COSE_ALG_SHA256_PROPRIETARY -72000
+
+#define USEFUL_BUF_MAKE_STACK_UB UsefulBuf_MAKE_STACK_UB
+
+#define COSE_SIG_CONTEXT_STRING_SIGNATURE1 "Signature1"
+
+/* Private value. Intentionally not documented for Doxygen.
+ * This is the size allocated for the encoded protected headers. It
+ * needs to be big enough for make_protected_header() to succeed. It
+ * currently sized for one header with an algorithm ID up to 32 bits
+ * long -- one byte for the wrapping map, one byte for the label, 5
+ * bytes for the ID. If this is made accidentially too small, QCBOR will
+ * only return an error, and not overrun any buffers.
+ *
+ * 9 extra bytes are added, rounding it up to 16 total, in case some
+ * other protected header is to be added.
+ */
+#define T_COSE_SIGN1_MAX_PROT_HEADER (1+1+5+9)
+
+/**
+ * This is the size of the first part of the CBOR encoded TBS
+ * bytes. It is around 20 bytes. See create_tbs_hash().
+ */
+#define T_COSE_SIZE_OF_TBS \
+ 1 + /* For opening the array */ \
+ sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \
+ 2 + /* Overhead for encoding string */ \
+ T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \
+ 3 * (/* 3 NULL bstrs for fields not used */ \
+ 1 /* size of a NULL bstr */ \
+ )
+#define NULL_USEFUL_BUF_C NULLUsefulBufC
+
+enum attestation_error_code {
+ PAL_ATTEST_SUCCESS = 0,
+ PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING = PAL_ATTEST_MIN_ERROR,
+ PAL_ATTEST_TOKEN_CHALLENGE_MISMATCH,
+ PAL_ATTEST_TOKEN_NOT_SUPPORTED,
+ PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS,
+ PAL_ATTEST_HASH_LENGTH_MISMATCH,
+ PAL_ATTEST_HASH_MISMATCH,
+ PAL_ATTEST_HASH_FAIL,
+ PAL_ATTEST_HASH_UNSUPPORTED,
+ PAL_ATTEST_HASH_BUFFER_SIZE,
+ PAL_ATTEST_ERR_PROTECTED_HEADERS,
+ PAL_ATTEST_ERR_SIGN_STRUCT,
+ PAL_ATTEST_ERR_KEY_FAIL,
+ PAL_ATTEST_ERR_SIGNATURE_FAIL,
+ PAL_ATTEST_ERR_CBOR_STRUCTURE,
+ PAL_ATTEST_ERR_SMALL_BUFFER,
+ PAL_ATTEST_ERROR,
+};
+
+#endif /* _PAL_ATTESTATION_EAT_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_empty_intf.c
similarity index 100%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_empty_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_empty_intf.c
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_intf.c
new file mode 100644
index 00000000..dd41690e
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_intf.c
@@ -0,0 +1,65 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_attestation_intf.h"
+
+/**
+ @brief - This API will call the requested attestation function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_attestation_function(int type, va_list valist)
+{
+ uint8_t *challenge, *token;
+ size_t challenge_size, *token_size, token_buffer_size;
+ int32_t cose_algorithm_id;
+ struct q_useful_buf buffer_for_hash;
+ struct q_useful_buf_c *hash, payload, protected_headers, token_hash, signature;
+
+ switch (type)
+ {
+ case PAL_INITIAL_ATTEST_GET_TOKEN:
+ challenge = va_arg(valist, uint8_t*);
+ challenge_size = va_arg(valist, size_t);
+ token = va_arg(valist, uint8_t*);
+ token_buffer_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token(challenge, challenge_size, token, token_buffer_size,
+ token_size);
+ case PAL_INITIAL_ATTEST_GET_TOKEN_SIZE:
+ challenge_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token_size(challenge_size, token_size);
+ case PAL_INITIAL_ATTEST_COMPUTE_HASH:
+ cose_algorithm_id = va_arg(valist, int32_t);
+ buffer_for_hash = va_arg(valist, struct q_useful_buf);
+ hash = va_arg(valist, struct q_useful_buf_c*);
+ protected_headers = va_arg(valist, struct q_useful_buf_c);
+ payload = va_arg(valist, struct q_useful_buf_c);
+ return pal_compute_hash(cose_algorithm_id, buffer_for_hash, hash,
+ protected_headers, payload);
+ case PAL_INITIAL_ATTEST_VERIFY_WITH_PK:
+ cose_algorithm_id = va_arg(valist, int32_t);
+ token_hash = va_arg(valist, struct q_useful_buf_c);
+ signature = va_arg(valist, struct q_useful_buf_c);
+ return pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_intf.h
similarity index 82%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_intf.h
rename to api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_intf.h
index 12f6ee94..3ab7ebb4 100644
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/initial_attestation/pal_attestation_intf.h
@@ -15,8 +15,8 @@
* limitations under the License.
**/
-#ifndef _PAL_INITIAL_ATTESTATION_H_
-#define _PAL_INITIAL_ATTESTATION_H_
+#ifndef _PAL_ATTESTATION_INTF_H_
+#define _PAL_ATTESTATION_INTF_H_
#include "pal_attestation_crypto.h"
@@ -24,7 +24,9 @@ enum attestation_function_code {
PAL_INITIAL_ATTEST_GET_TOKEN = 0x1,
PAL_INITIAL_ATTEST_GET_TOKEN_SIZE = 0x2,
PAL_INITIAL_ATTEST_VERIFY_TOKEN = 0x3,
+ PAL_INITIAL_ATTEST_COMPUTE_HASH = 0x4,
+ PAL_INITIAL_ATTEST_VERIFY_WITH_PK = 0x5,
};
int32_t pal_attestation_function(int type, va_list valist);
-#endif /* _PAL_INITIAL_ATTESTATION_H_ */
+#endif /* _PAL_ATTESTATION_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
similarity index 100%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
similarity index 59%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
index 4f04ab01..abfdc5d6 100644
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
@@ -26,33 +26,35 @@
**/
uint32_t pal_its_function(int type, va_list valist)
{
- psa_its_uid_t uid;
- uint32_t data_length, offset;
- const void *p_write_data;
- void *p_read_data;
- psa_its_create_flags_t its_create_flags;
- struct psa_its_info_t *its_p_info;
+ psa_storage_uid_t uid;
+ uint32_t data_size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t its_create_flags;
+ struct psa_storage_info_t *its_p_info;
switch (type)
{
case PAL_ITS_SET:
- uid = va_arg(valist, psa_its_uid_t);
- data_length = va_arg(valist, uint32_t);
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
p_write_data = va_arg(valist, const void*);
- its_create_flags = va_arg(valist, psa_its_create_flags_t);
- return psa_its_set(uid, data_length, p_write_data, its_create_flags);
+ its_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_its_set(uid, data_size, p_write_data, its_create_flags);
case PAL_ITS_GET:
- uid = va_arg(valist, psa_its_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
offset = va_arg(valist, uint32_t);
- data_length = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
p_read_data = va_arg(valist, void*);
- return psa_its_get(uid, offset, data_length, p_read_data);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_its_get(uid, offset, data_size, p_read_data, p_data_length);
case PAL_ITS_GET_INFO:
- uid = va_arg(valist, psa_its_uid_t);
- its_p_info = va_arg(valist, struct psa_its_info_t*);
+ uid = va_arg(valist, psa_storage_uid_t);
+ its_p_info = va_arg(valist, struct psa_storage_info_t*);
return psa_its_get_info(uid, its_p_info);
case PAL_ITS_REMOVE:
- uid = va_arg(valist, psa_its_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
return psa_its_remove(uid);
default:
return PAL_STATUS_UNSUPPORTED_FUNC;
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
similarity index 100%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
rename to api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/protected_storage/pal_protected_storage_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/protected_storage/pal_protected_storage_empty_intf.c
similarity index 100%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/protected_storage/pal_protected_storage_empty_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/protected_storage/pal_protected_storage_empty_intf.c
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/protected_storage/pal_protected_storage_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/protected_storage/pal_protected_storage_intf.c
similarity index 58%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/protected_storage/pal_protected_storage_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/protected_storage/pal_protected_storage_intf.c
index a4241533..0dd07c57 100644
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/protected_storage/pal_protected_storage_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/protected_storage/pal_protected_storage_intf.c
@@ -26,45 +26,47 @@
**/
uint32_t pal_ps_function(int type, va_list valist)
{
- psa_ps_uid_t uid;
- uint32_t data_length, size, offset;
- const void *p_write_data;
- void *p_read_data;
- psa_ps_create_flags_t ps_create_flags;
- struct psa_ps_info_t *ps_p_info;
+ psa_storage_uid_t uid;
+ uint32_t data_size, size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t ps_create_flags;
+ struct psa_storage_info_t *ps_p_info;
switch (type)
{
case PAL_PS_SET:
- uid = va_arg(valist, psa_ps_uid_t);
- data_length = va_arg(valist, uint32_t);
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
p_write_data = va_arg(valist, const void*);
- ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
- return psa_ps_set(uid, data_length, p_write_data, ps_create_flags);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_ps_set(uid, data_size, p_write_data, ps_create_flags);
case PAL_PS_GET:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
offset = va_arg(valist, uint32_t);
- data_length = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
p_read_data = va_arg(valist, void*);
- return psa_ps_get(uid, offset, data_length, p_read_data);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_ps_get(uid, offset, data_size, p_read_data, p_data_length);
case PAL_PS_GET_INFO:
- uid = va_arg(valist, psa_ps_uid_t);
- ps_p_info = va_arg(valist, struct psa_ps_info_t*);
+ uid = va_arg(valist, psa_storage_uid_t);
+ ps_p_info = va_arg(valist, struct psa_storage_info_t*);
return psa_ps_get_info(uid, ps_p_info);
case PAL_PS_REMOVE:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
return psa_ps_remove(uid);
case PAL_PS_CREATE:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
size = va_arg(valist, uint32_t);
- ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
return psa_ps_create(uid, size, ps_create_flags);
case PAL_PS_SET_EXTENDED:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
offset = va_arg(valist, uint32_t);
- data_length = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
p_write_data = va_arg(valist, const void*);
- return psa_ps_set_extended(uid, offset, data_length, p_write_data);
+ return psa_ps_set_extended(uid, offset, data_size, p_write_data);
case PAL_PS_GET_SUPPORT:
return psa_ps_get_support();
default:
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/protected_storage/pal_protected_storage_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/protected_storage/pal_protected_storage_intf.h
similarity index 100%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/protected_storage/pal_protected_storage_intf.h
rename to api-tests/platform/targets/tgt_dev_apis_tfm_an524/nspe/protected_storage/pal_protected_storage_intf.h
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/target.cfg b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/target.cfg
similarity index 86%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/target.cfg
rename to api-tests/platform/targets/tgt_dev_apis_tfm_an524/target.cfg
index e4580415..eafa7b09 100644
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/target.cfg
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/target.cfg
@@ -17,14 +17,14 @@
// UART device info
uart.num=1;
-uart.0.base = 0x40004000;
+uart.0.base = 0x41303000; // UART0_NS
uart.0.size = 0xFFF;
uart.0.intr_id = 0xFF;
uart.0.permission = TYPE_READ_WRITE;
// Watchdog device info
watchdog.num = 1;
-watchdog.0.base = 0x40008000;
+watchdog.0.base = 0x40081000;
watchdog.0.size = 0xFFF;
watchdog.0.intr_id = 0xFF;
watchdog.0.permission = TYPE_READ_WRITE;
@@ -36,22 +36,19 @@ watchdog.0.timeout_in_micro_sec_crypto = 0x1312D00; //18.0 sec : 18 * 1000 * 100
// Range of 1KB Non-volatile memory to preserve data over reset. Ex, NVRAM and FLASH
nvmem.num =1;
-nvmem.0.start = 0x2002F000;
-nvmem.0.end = 0x2002F3FF;
+nvmem.0.start = 0x20018000;
+nvmem.0.end = 0x200183FF;
nvmem.0.permission = TYPE_READ_WRITE;
// Miscellaneous - Test scatter info
dut.num = 1;
// Start address of 12KB NS memory for test ELF
-dut.0.ns_test_addr = 0x2007F000;
+dut.0.ns_test_addr = 0x28110000;
// Start address of combine_test_binary in memory. Memory can be main memory or secondary memory.
// Size of combine_test_binary = Summation of size of each test ELF file.
-dut.0.ns_start_addr_of_combine_test_binary = 0x2003F000;
+dut.0.ns_start_addr_of_combine_test_binary = 0x28120000;
// Is combine_test_binary available in RAM?
dut.0.combine_test_binary_in_ram = AVAILABLE;
-
-// Level of Isolation
-dut.0.implemented_psa_firmware_isolation_level = LEVEL1;
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an524/target.cmake b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/target.cmake
new file mode 100644
index 00000000..d33dcc93
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_an524/target.cmake
@@ -0,0 +1,109 @@
+#/** @file
+# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+# PAL C source files part of NSPE library
+list(APPEND PAL_SRC_C_NSPE )
+
+# PAL ASM source files part of NSPE library
+list(APPEND PAL_SRC_ASM_NSPE )
+
+# PAL C source files part of SPE library - driver partition
+list(APPEND PAL_SRC_C_DRIVER_SP )
+
+# PAL ASM source files part of SPE library - driver partition
+list(APPEND PAL_SRC_ASM_DRIVER_SP )
+
+
+# Listing all the sources required for given target
+if(${SUITE} STREQUAL "IPC")
+ list(APPEND PAL_SRC_C_NSPE
+ # driver functionalities are implemented as RoT-services
+ # and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ipc_intf.c
+ )
+ list(APPEND PAL_SRC_C_DRIVER_SP
+ # Driver files will be compiled as part of driver partition
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/spe/pal_driver_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/cmsdk/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+else()
+ list(APPEND PAL_SRC_C_NSPE
+ # driver files will be compiled as part of NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_empty_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ns_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/cmsdk/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+endif()
+if(${SUITE} STREQUAL "CRYPTO")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto/pal_crypto_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "PROTECTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage/pal_protected_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c
+ )
+endif()
+
+# Create NSPE library
+add_library(${PSA_TARGET_PAL_NSPE_LIB} STATIC ${PAL_SRC_C_NSPE} ${PAL_SRC_ASM_NSPE})
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE ${psa_inc_path})
+endforeach()
+
+list(APPEND PAL_DRIVER_INCLUDE_PATHS
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem
+ ${PSA_ROOT_DIR}/platform/drivers/uart/cmsdk
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk
+)
+
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PAL_DRIVER_INCLUDE_PATHS}
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation
+)
+
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PSA_QCBOR_INCLUDE_PATH}
+)
+endif()
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/Makefile b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/Makefile
deleted file mode 100644
index aa7e10b7..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/Makefile
+++ /dev/null
@@ -1,160 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-include $(SOURCE)/tools/makefiles/toolchain.mk
-
-# Make variables to select correct instances of PAL files
-
-## PSA_IPC_IMPLEMENTED must be true for IPC SUITE
-PSA_IPC_IMPLEMENTED:=0
-
-## PSA_CRYPTO_IMPLEMENTED must be true for CRYPTO SUITE
-PSA_CRYPTO_IMPLEMENTED:=1
-
-## PSA_PROTECTED_STORAGE_IMPLEMENTED must be true for PROTECTED_STORAGE SUITE
-PSA_PROTECTED_STORAGE_IMPLEMENTED:=1
-
-## PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED must be true for INTERNAL_TRUSTED_STORAGE SUITE
-PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED:=0
-
-## PSA_INITIAL_ATTESTATION_IMPLEMENTED must be true for INITIAL_ATTESTATION SUITE
-PSA_INITIAL_ATTESTATION_IMPLEMENTED:=1
-
-# Make variables holding NSPE/SPE source files
-
-## PAL C source files part of NSPE library
-SRC_C_NSPE=
-
-## PAL ASM source files part of NSPE library
-SRC_ASM_NSPE=
-
-## PAL C source files part of SPE library - driver partition
-SRC_C_DRIVER_SP=
-
-## PAL ASM source files part of SPE library - driver partition
-SRC_ASM_DRIVER_SP=
-
-ifeq (${PSA_IPC_IMPLEMENTED},1)
-# When PSA_IPC_IMPLEMENTED=1, driver functionalities are implemented as RoT-services
-# and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
-SRC_C_NSPE += pal_client_api_intf.c
-SRC_C_NSPE += pal_driver_ipc_intf.c
-
-# Driver files will be compiled as part of driver partition
-SRC_C_DRIVER_SP += pal_driver_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
-else
-
-# When PSA_IPC_IMPLEMENTED=0, driver files will be compiled as part of NSPE
-SRC_C_NSPE += pal_client_api_empty_intf.c
-SRC_C_NSPE += pal_driver_ns_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
-endif
-
-ifeq (${PSA_CRYPTO_IMPLEMENTED},1)
-SRC_C_NSPE += pal_crypto_intf.c
-else
-SRC_C_NSPE += pal_crypto_empty_intf.c
-endif
-
-ifeq (${PSA_PROTECTED_STORAGE_IMPLEMENTED},1)
-SRC_C_NSPE += pal_protected_storage_intf.c
-else
-SRC_C_NSPE += pal_protected_storage_empty_intf.c
-endif
-
-ifeq (${PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED},1)
-SRC_C_NSPE += pal_internal_trusted_storage_intf.c
-else
-SRC_C_NSPE += pal_internal_trusted_storage_empty_intf.c
-endif
-
-ifeq (${PSA_INITIAL_ATTESTATION_IMPLEMENTED},1)
-SRC_C_NSPE += pal_attestation_intf.c
-SRC_C_NSPE += pal_attestation_eat.c
-SRC_C_NSPE += pal_attestation_crypto.c
-else
-SRC_C_NSPE += pal_attestation_empty_intf.c
-endif
-
-INCLUDE= -I$(SOURCE)/platform/targets/$(TARGET)/nspe \
- -I$(SOURCE)/platform/targets/$(TARGET)/spe \
- -I$(BUILD)/platform/$(TARGET)/ \
- -I$(SOURCE)/platform/drivers/uart/pl011 \
- -I$(SOURCE)/platform/drivers/nvmem/ \
- -I$(SOURCE)/platform/drivers/watchdog/cmsdk \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/common \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/crypto \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation/ext/inc \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/internal_trusted_storage \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/protected_storage \
-
-VPATH=$(SOURCE)/platform/targets/$(TARGET)/: \
- $(SOURCE)/platform/targets/$(TARGET)/spe: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe: \
- $(SOURCE)/platform/drivers/uart/pl011: \
- $(SOURCE)/platform/drivers/nvmem: \
- $(SOURCE)/platform/drivers/watchdog/cmsdk: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/common: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/crypto: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation/ext/src: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/internal_trusted_storage: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/protected_storage: \
-
-all: build
-
-ifeq (${PSA_IPC_IMPLEMENTED},1)
-build: mkdir build_nspe_pal build_spe_pal
-else
-build: mkdir build_nspe_pal
-endif
-
-mkdir:
- @mkdir -p $(BUILD)/platform/nspe/
- @mkdir -p $(BUILD)/platform/spe/
-
-# BUILD NSPE PAL
-build_nspe_pal: build_c_nspe build_asm_nspe pal_nspe.a
-
-build_c_nspe: $(SRC_C_NSPE:%.c=$(BUILD)/platform/nspe/%.o)
-build_asm_nspe: $(SRC_ASM_NSPE:%.s=$(BUILD)/platform/nspe/%.o)
-
-$(BUILD)/platform/nspe/%.o : %.c
- $(CC) $(PAL_CDEFS) $(INCLUDE) -o $@ -c $<
-
-$(BUILD)/platform/nspe/%.o : %.s
- $(AS) $(INCLUDE) -o $@ $<
-
-pal_nspe.a:
- $(AR) $(AR_OPTIONS) $(BUILD)/platform/pal_nspe.a $(BUILD)/platform/nspe/*.o
-
-# BUILD SPE PAL
-build_spe_pal: build_driver_sp
-
-build_driver_sp: build_c_driver_sp build_asm_driver_sp
-
-build_c_driver_sp: $(SRC_C_DRIVER_SP:%.c=$(BUILD)/platform/spe/%_driver_sp.o)
-build_asm_driver_sp: $(SRC_ASM_DRIVER_SP:%.s=$(BUILD)/platform/spe/%_driver_sp.o)
-
-# Generated %_driver_sp.o(s) are used in spbuild.mk to create final driver_partition.a
-$(BUILD)/platform/spe/%_driver_sp.o : %.c
- $(CC) $(INCLUDE) -DSPE_BUILD -o $@ -c $<
-
-$(BUILD)/platform/spe/%_driver_sp.o : %.s
- $(AS) $(INCLUDE) -o $@ $<
-
-clean:
- @rm -rf $(BUILD)/platform/nspe/* $(BUILD)/platform/spe/*.a
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/client_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/client_partition_psa.json
deleted file mode 100644
index b93377bd..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/client_partition_psa.json
+++ /dev/null
@@ -1,37 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "CLIENT_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Client partition executing client test func from SPE",
- "entry_point": "client_main",
- "stack_size": "0x400",
- "services": [{
- "name": "CLIENT_TEST_DISPATCHER_SID",
- "sid": "0x0000FA01",
- "signal": "CLIENT_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID",
- "DRIVER_TEST_SID",
- "SERVER_TEST_DISPATCHER_SID",
- "SERVER_UNSPECIFED_MINOR_V_SID",
- "SERVER_STRICT_MINOR_VERSION_SID",
- "SERVER_RELAX_MINOR_VERSION_SID",
- "SERVER_SECURE_CONNECT_ONLY_SID",
- "SERVER_CONNECTION_DROP_SID"
- ],
- "mmio_regions" : [
- {
- "name": "CLIENT_PARTITION_MMIO",
- "base": "0x200AF000",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/server_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/server_partition_psa.json
deleted file mode 100644
index 146b8fbc..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/server_partition_psa.json
+++ /dev/null
@@ -1,69 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "SERVER_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Server partition executing server test func",
- "entry_point": "server_main",
- "stack_size": "0x400",
- "heap_size": "0x100",
- "services": [{
- "name": "SERVER_TEST_DISPATCHER_SID",
- "sid": "0x0000FB01",
- "signal": "SERVER_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_SECURE_CONNECT_ONLY_SID",
- "sid": "0x0000FB02",
- "signal": "SERVER_SECURE_CONNECT_ONLY_SIG",
- "non_secure_clients": false,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_STRICT_MINOR_VERSION_SID",
- "sid": "0x0000FB03",
- "signal": "SERVER_STRICT_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "STRICT"
- },
- {
- "name": "SERVER_UNSPECIFED_MINOR_V_SID",
- "sid": "0x0000FB04",
- "signal": "SERVER_UNSPECIFED_MINOR_V_SIG",
- "non_secure_clients": true
- },
- {
- "name": "SERVER_RELAX_MINOR_VERSION_SID",
- "sid": "0x0000FB05",
- "signal": "SERVER_RELAX_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_UNEXTERN_SID",
- "sid": "0x0000FB06",
- "signal": "SERVER_UNEXTERN_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_CONNECTION_DROP_SID",
- "sid": "0x0000FB07",
- "signal": "SERVER_CONNECTION_DROP_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID"
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_empty_intf.c
index 578b4cef..0030ef04 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_empty_intf.c
@@ -31,10 +31,10 @@ uint32_t pal_ipc_framework_version(void)
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
*/
@@ -47,11 +47,11 @@ uint32_t pal_ipc_version(uint32_t sid)
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
return PSA_NULL_HANDLE;
}
@@ -62,6 +62,7 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -70,10 +71,11 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
return (PSA_SUCCESS - 1);
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.c
index 20ddd118..68af13d3 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.c
@@ -32,10 +32,10 @@ uint32_t pal_ipc_framework_version(void)
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - Version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
* Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
*/
@@ -49,14 +49,14 @@ uint32_t pal_ipc_version(uint32_t sid)
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
* Note - Return PSA_NULL_HANDLE if PSA IPC is not implemented.
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
- return (psa_connect(sid, minor_version));
+ return (psa_connect(sid, version));
}
/**
@@ -65,6 +65,7 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -74,12 +75,13 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
- return (psa_call(handle, in_vec, in_len, out_vec, out_len));
+ return (psa_call(handle, type, in_vec, in_len, out_vec, out_len));
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.h
index 3f5741e0..89b4da66 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_client_api_intf.h
@@ -22,11 +22,12 @@
uint32_t pal_ipc_framework_version(void);
uint32_t pal_ipc_version(uint32_t sid);
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version);
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len);
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
void pal_ipc_close(psa_handle_t handle);
#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_common.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_common.h
index 3ebe1e10..0a63b026 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_common.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_common.h
@@ -24,10 +24,8 @@
#include
#include
-#ifndef TARGET_CFG_BUILD
#include "pal_config.h"
#include "pal_crypto_config.h"
-#endif
/* typedef's */
typedef uint8_t bool_t;
@@ -87,7 +85,7 @@ typedef enum {
* Redefining some of the client.h elements for compilation to go through
* when PSA IPC APIs are not implemented.
*/
-#if (PSA_IPC_IMPLEMENTED == 0)
+#ifndef IPC
#ifndef PSA_VERSION_NONE
#define PSA_VERSION_NONE (0)
@@ -113,6 +111,6 @@ typedef struct psa_outvec {
size_t len;
} psa_outvec;
-#endif /* PSA_IPC_IMPLEMENTED */
+#endif /* IPC */
#endif /* _PAL_COMMON_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_config.h
index e3f70ad7..b8ddc57d 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,66 +18,44 @@
#ifndef _PAL_CONFIG_H_
#define _PAL_CONFIG_H_
-/*
- * List of macros used by test suite
- */
-#if !defined(PSA_IPC_IMPLEMENTED)
-#define PSA_IPC_IMPLEMENTED 0
-#endif
-
-#if !defined(PSA_CRYPTO_IMPLEMENTED)
-#define PSA_CRYPTO_IMPLEMENTED 0
-#endif
+/* Define PSA test suite dependent macros for non-cmake build */
+#if !defined(PSA_CMAKE_BUILD)
-#if !defined(PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED)
-#define PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED 0
-#endif
+/* Print verbosity = TEST */
+#define VERBOSE 3
-#if !defined(PSA_PROTECTED_STORAGE_IMPLEMENTED)
-#define PSA_PROTECTED_STORAGE_IMPLEMENTED 0
-#endif
+/* NSPE or SPE VAL build? */
+#define VAL_NSPE_BUILD
-#if !defined(PSA_INITIAL_ATTESTATION_IMPLEMENTED)
-#define PSA_INITIAL_ATTESTATION_IMPLEMENTED 0
-#endif
+/* NSPE or SPE TEST build? */
+#define NONSECURE_TEST_BUILD
-#if (PSA_IPC_IMPLEMENTED == 0) && \
- (PSA_CRYPTO_IMPLEMENTED == 0) && \
- (PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED == 0) && \
- (PSA_PROTECTED_STORAGE_IMPLEMENTED == 0) && \
- (PSA_INITIAL_ATTESTATION_IMPLEMENTED == 0)
-#error "You must define at least one of these macros to run test suite"
-#endif
+/* Combine test archive or binary? */
+#define TEST_COMBINE_ARCHIVE
-#if !defined(VERBOSE)
-#define VERBOSE 3 /* Print verbosity = TEST */
-#endif
+/* If not defined, skip watchdog programming */
+#define WATCHDOG_AVAILABLE
-#if (!defined(VAL_NSPE_BUILD) && !defined(SPE_BUILD))
-#define VAL_NSPE_BUILD 1
-#endif
+/* Are Dynamic memory APIs available to secure partition? */
+#define SP_HEAP_MEM_SUPP
-#if (!defined(NONSECURE_TEST_BUILD) && !defined(SPE_BUILD))
-#define NONSECURE_TEST_BUILD 1
-#endif
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
+#endif /* PSA_CMAKE_BUILD */
-#if !defined(TEST_COMBINE_ARCHIVE)
-#define TEST_COMBINE_ARCHIVE 0 /* Combine test archive or binary? */
-#endif
+/* Version of crypto spec used in attestation */
+#define CRYPTO_VERSION_BETA3
-#if !defined(WATCHDOG_AVAILABLE)
-#define WATCHDOG_AVAILABLE 0 /* If zero, skip watchdog programming */
-#endif
+/* Use hardcoded public key */
+//#define PLATFORM_OVERRIDE_ATTEST_PK
-#if !defined(SP_HEAP_MEM_SUPP)
-#define SP_HEAP_MEM_SUPP 0 /* Are Dynamic funcs available to secure partition? */
-#endif
+/* Platform specific max UID's size */
+#define PLATFORM_MAX_UID_SIZE 512
/*
* Include of PSA defined Header files
*/
-
-#if PSA_IPC_IMPLEMENTED
+#ifdef IPC
/* psa/client.h: Contains the PSA Client API elements */
#include "psa/client.h"
@@ -96,22 +74,22 @@
#include "psa_manifest/pid.h"
#endif
-#if PSA_CRYPTO_IMPLEMENTED
+#ifdef CRYPTO
/* psa/crypto.h: Contains the PSA Crypto API elements */
#include "psa/crypto.h"
#endif
-#if PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED
+#ifdef INTERNAL_TRUSTED_STORAGE
/* psa/internal_trusted_storage.h: Contains the PSA ITS API elements */
#include "psa/internal_trusted_storage.h"
#endif
-#if PSA_PROTECTED_STORAGE_IMPLEMENTED
+#ifdef PROTECTED_STORAGE
/* psa/protected_storage.h: Contains the PSA PS API elements */
#include "psa/protected_storage.h"
#endif
-#if PSA_INITIAL_ATTESTATION_IMPLEMENTED
+#ifdef INITIAL_ATTESTATION
/* psa/initial_attestation.h: Contains the PSA Initial Attestation API elements */
#include "psa/initial_attestation.h"
#endif
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_driver_ipc_intf.c
index f8f773fb..139f04fc 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/common/pal_driver_ipc_intf.c
@@ -33,20 +33,20 @@ int pal_uart_init_ns(uint32_t uart_base_addr)
{&uart_base_addr, sizeof(uart_base_addr)},
{NULL, 0}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return(PAL_STATUS_ERROR);
- }
+ status_of_call = pal_ipc_call(print_handle, 0, data, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
- status_of_call = pal_ipc_call(print_handle, data, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_SUCCESS;
+ }
+ else
{
- return(PAL_STATUS_ERROR);
+ return PAL_STATUS_ERROR;
}
-
- pal_ipc_close(print_handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -62,7 +62,6 @@ int pal_print_ns(char *str, int32_t data)
char *p = str;
psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
- pal_status_t status = PAL_STATUS_SUCCESS;
uart_fn_type_t uart_fn = UART_PRINT;
while (*p != '\0')
@@ -74,22 +73,21 @@ int pal_print_ns(char *str, int32_t data)
psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)},
{str, string_len+1},
{&data, sizeof(data)}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(print_handle, 0, data1, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(print_handle, data1, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- status = PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(print_handle);
- return status;
}
/**
@@ -111,22 +109,20 @@ int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick
wd_param.wd_timer_tick_us = timer_tick_us;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -146,22 +142,20 @@ int pal_wd_timer_enable_ns(addr_t base_addr)
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -181,22 +175,20 @@ int pal_wd_timer_disable_ns(addr_t base_addr)
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -220,22 +212,20 @@ int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)}};
psa_outvec outvec[1] = {{buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, outvec, 1);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, outvec, 1);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- psa_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -258,22 +248,20 @@ int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
nvmem_param.size = size;
psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 2, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 2, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_config.h
index ab11fd16..6f3eca7c 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -231,7 +231,7 @@
//#define ARCH_TEST_MD4
//#define ARCH_TEST_MD5
//#define ARCH_TEST_RIPEMD160
-#define ARCH_TEST_SHA1
+//#define ARCH_TEST_SHA1
#define ARCH_TEST_SHA224
#define ARCH_TEST_SHA256
#define ARCH_TEST_SHA384
@@ -262,7 +262,7 @@
* Comment macros to disable the types
*/
#define ARCH_TEST_CMAC
-#define ARCH_TEST_GMAC
+//#define ARCH_TEST_GMAC
#define ARCH_TEST_HMAC
/**
@@ -318,6 +318,12 @@
*/
#define ARCH_TEST_DETERMINISTIC_ECDSA
+/**
+ * \def ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
+ *
+ * Enable ECC support for asymmetric API.
+*/
+//#define ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
#include "pal_crypto_config_check.h"
#endif /* _PAL_CRYPTO_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_config_check.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_config_check.h
index f18a7852..443e0bc2 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_config_check.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_config_check.h
@@ -94,13 +94,13 @@
#error "ARCH_TEST_CTR_AES defined, but not all prerequisites"
#endif
-#if (defined(ARCH_TEST_CBC_AES)|| defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\
+#if (defined(ARCH_TEST_CBC_AES) || defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\
(!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CBC))
#error "ARCH_TEST_CBC_AES defined, but not all prerequisites"
#endif
#if (defined(ARCH_TEST_CBC_NO_PADDING)) &&\
- (!defined(ARCH_TEST_CIPER) ||!defined(ARCH_TEST_CIPER_MODE_CBC))
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_CIPER_MODE_CBC))
#error "ARCH_TEST_CBC_NO_PADDING defined, but not all prerequisites"
#endif
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.c
index 3df6aa8d..7bad480c 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,96 +28,127 @@
**/
int32_t pal_crypto_function(int type, va_list valist)
{
- int i;
- size_t size, *length, salt_length, label_length, ciphertext_size;
- uint8_t *buffer, *ciphertext;
- const uint8_t *salt, *label, *nonce, *additional_data;
- uint8_t *plaintext;
- uint32_t status;
- const void *extra;
- size_t extra_size, capacity, *gen_cap, nonce_length, additional_data_length;
- psa_key_handle_t handle, *key_handle, target_handle;
- psa_key_type_t key_type, *key_type_out;
- psa_key_policy_t *policy;
- psa_key_usage_t usage, *usage_out;
- psa_key_lifetime_t *lifetime_out;
- psa_algorithm_t alg, *alg_out;
- psa_hash_operation_t *hash_operation;
- psa_mac_operation_t *mac_operation;
- psa_cipher_operation_t *cipher_operation;
- psa_crypto_generator_t *generator;
+ int i;
+ psa_status_t status;
+ uint8_t *buffer, *ciphertext, *plaintext;
+ const uint8_t *nonce, *additional_data, *salt, *peer;
+ size_t *length, size, ciphertext_size, nonce_length;
+ size_t salt_length, peer_length, additional_data_length;
+#ifdef NOT_SUPPORTED
+ size_t *tag_length, plaintext_size;
+ psa_aead_operation_t *aead_operation;
+#endif
+ psa_key_attributes_t *attributes;
+ psa_key_handle_t *handle, key_handle;
+ psa_key_type_t *key_type_out, key_type;
+ psa_key_usage_t *usage_out, usage;
+ psa_key_id_t *key_id_out, key_id;
+ psa_key_lifetime_t *key_lifetime_out, key_lifetime;
+ psa_algorithm_t *key_alg_out, key_alg, alg;
+ psa_hash_operation_t *hash_operation, *target_operation;
+ psa_mac_operation_t *mac_operation;
+ psa_cipher_operation_t *cipher_operation;
+ psa_key_derivation_operation_t *derive_operation;
+ psa_key_derivation_step_t step;
switch (type)
{
case PAL_CRYPTO_INIT:
return psa_crypto_init();
case PAL_CRYPTO_GENERATE_RANDOM:
- buffer = va_arg(valist, uint8_t*);
+ buffer = va_arg(valist, uint8_t *);
size = va_arg(valist, int);
return psa_generate_random(buffer, size);
case PAL_CRYPTO_IMPORT_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type = va_arg(valist, psa_key_type_t);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, int);
- status = psa_import_key(handle, key_type, buffer, size);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ status = psa_import_key(attributes, buffer, size, handle);
return status;
+ case PAL_CRYPTO_SET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type = va_arg(valist, psa_key_type_t);
+ psa_set_key_type(attributes, key_type);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ size = va_arg(valist, size_t);
+ psa_set_key_bits(attributes, size);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ATTRIBUTES:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ return psa_get_key_attributes(key_handle, attributes);
+ case PAL_CRYPTO_GET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type_out = va_arg(valist, psa_key_type_t *);
+ *key_type_out = psa_get_key_type(attributes);
+ return 0;
case PAL_CRYPTO_EXPORT_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- buffer = (uint8_t *)(va_arg(valist, uint8_t*));
- size = va_arg(valist, int);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_export_key(handle, buffer, size, length);
- return status;
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage = va_arg(valist, psa_key_usage_t);
+ psa_set_key_usage_flags(attributes, usage);
+ return 0;
+ case PAL_CRYPTO_RESET_KEY_ATTRIBUTES:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ psa_reset_key_attributes(attributes);
+ return 0;
case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- buffer = (uint8_t *)(va_arg(valist, uint8_t*));
- size = va_arg(valist, int);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_export_public_key(handle, buffer, size, length);
- return status;
- case PAL_CRYPTO_KEY_POLICY_INIT:
- policy = va_arg(valist, psa_key_policy_t*);
- memset(policy, 0, sizeof(psa_key_policy_t));
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_public_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id = va_arg(valist, psa_key_id_t);
+ psa_set_key_id(attributes, key_id);
return 0;
- case PAL_CRYPTO_KEY_POLICY_SET_USAGE:
- policy = va_arg(valist, psa_key_policy_t*);
- usage = va_arg(valist, psa_key_usage_t);
- alg = va_arg(valist, psa_algorithm_t);
- psa_key_policy_set_usage(policy, usage, alg);
+ case PAL_CRYPTO_SET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime = va_arg(valist, psa_key_lifetime_t);
+ psa_set_key_lifetime(attributes, key_lifetime);
return 0;
- case PAL_CRYPTO_SET_KEY_POLICY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_set_key_policy(handle, policy);
- case PAL_CRYPTO_DESTROY_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- status = psa_destroy_key(handle);
- return status;
- case PAL_CRYPTO_GET_KEY_INFORMATION:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type_out = va_arg(valist, psa_key_type_t*);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_get_key_information(handle, key_type_out, length);
- return status;
- case PAL_CRYPTO_GET_KEY_POLICY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_get_key_policy(handle, policy);
- case PAL_CRYPTO_KEY_POLICY_GET_USAGE:
- policy = va_arg(valist, psa_key_policy_t*);
- usage_out = va_arg(valist, psa_key_usage_t*);
- *usage_out = psa_key_policy_get_usage(policy);
+ case PAL_CRYPTO_SET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg = va_arg(valist, psa_algorithm_t);
+ psa_set_key_algorithm(attributes, key_alg);
return 0;
- case PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM:
- policy = va_arg(valist, psa_key_policy_t*);
- alg_out = va_arg(valist, psa_algorithm_t*);
- *alg_out = psa_key_policy_get_algorithm(policy);
+ case PAL_CRYPTO_GET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id_out = va_arg(valist, psa_key_id_t *);
+ *key_id_out = psa_get_key_id(attributes);
return 0;
case PAL_CRYPTO_GET_KEY_LIFETIME:
- handle = (psa_key_handle_t)va_arg(valist, int);
- lifetime_out = va_arg(valist, psa_key_lifetime_t*);
- return psa_get_key_lifetime(handle, lifetime_out);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime_out = va_arg(valist, psa_key_lifetime_t *);
+ *key_lifetime_out = psa_get_key_lifetime(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage_out = va_arg(valist, psa_key_usage_t *);
+ *usage_out = psa_get_key_usage_flags(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg_out = va_arg(valist, psa_algorithm_t *);
+ *key_alg_out = psa_get_key_algorithm(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ length = va_arg(valist, size_t *);
+ *length = psa_get_key_bits(attributes);
+ return 0;
+ case PAL_CRYPTO_DESTROY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_destroy_key(key_handle);
case PAL_CRYPTO_HASH_SETUP:
hash_operation = va_arg(valist, psa_hash_operation_t*);
alg = va_arg(valist, psa_algorithm_t);
@@ -141,44 +172,33 @@ int32_t pal_crypto_function(int type, va_list valist)
case PAL_CRYPTO_HASH_ABORT:
hash_operation = va_arg(valist, psa_hash_operation_t*);
return psa_hash_abort(hash_operation);
- case PAL_CRYPTO_GENERATE_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type = va_arg(valist, psa_key_type_t);
- size = va_arg(valist, size_t);
- extra = va_arg(valist, const void*);
- extra_size = va_arg(valist, size_t);
- return psa_generate_key(handle, key_type, size, extra, extra_size);
- case PAL_CRYPTO_GENERATOR_READ:
- generator = va_arg(valist, psa_crypto_generator_t*);
+#ifdef NOT_SUPPORTED
+ case PAL_CRYPTO_HASH_COMPUTE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, int);
- return psa_generator_read(generator, buffer, size);
- case PAL_CRYPTO_KEY_DERIVATION:
- generator = va_arg(valist, psa_crypto_generator_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_compute(alg, plaintext, plaintext_size, buffer, size, length);
+ case PAL_CRYPTO_HASH_COMPARE:
alg = va_arg(valist, psa_algorithm_t);
- salt = va_arg(valist, const uint8_t *);
- salt_length = va_arg(valist, size_t);
- label = va_arg(valist, const uint8_t *);
- label_length = va_arg(valist, size_t);
- capacity = va_arg(valist, size_t);
- return psa_key_derivation(generator, handle, alg, salt, salt_length, label,
- label_length, capacity);
- case PAL_CRYPTO_GET_GENERATOR_CAPACITY:
- generator = va_arg(valist, psa_crypto_generator_t*);
- gen_cap = va_arg(valist, size_t*);
- return psa_get_generator_capacity(generator, gen_cap);
- case PAL_CRYPTO_GENERATOR_IMPORT_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type = va_arg(valist, psa_key_type_t);
- size = va_arg(valist, size_t);
- generator = va_arg(valist, psa_crypto_generator_t*);
- return psa_generator_import_key(handle, key_type, size, generator);
- case PAL_CRYPTO_GENERATOR_ABORT:
- generator = va_arg(valist, psa_crypto_generator_t*);
- return psa_generator_abort(generator);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size);
+#endif
+ case PAL_CRYPTO_HASH_CLONE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ target_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_clone(hash_operation, target_operation);
+ case PAL_CRYPTO_GENERATE_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_generate_key(attributes, handle);
case PAL_CRYPTO_AEAD_ENCRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
nonce = va_arg(valist, const uint8_t *);
nonce_length = va_arg(valist, size_t);
@@ -189,10 +209,10 @@ int32_t pal_crypto_function(int type, va_list valist)
ciphertext = va_arg(valist, uint8_t *);
ciphertext_size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
- return psa_aead_encrypt(handle, alg, nonce, nonce_length, additional_data,
- additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
+ return psa_aead_encrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
case PAL_CRYPTO_AEAD_DECRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
nonce = va_arg(valist, const uint8_t *);
nonce_length = va_arg(valist, size_t);
@@ -203,13 +223,76 @@ int32_t pal_crypto_function(int type, va_list valist)
plaintext = va_arg(valist, uint8_t *);
size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
- return psa_aead_decrypt(handle, alg, nonce, nonce_length, additional_data,
- additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+ return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_AEAD_ENCRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_encrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_DECRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_decrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_GENERATE_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_generate_nonce(aead_operation, buffer, size, length);
+ case PAL_CRYPTO_AEAD_SET_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_set_nonce(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_SET_LENGTHS:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ size = va_arg(valist, size_t);
+ plaintext_size = va_arg(valist, size_t);
+ return psa_aead_set_lengths(aead_operation, size, plaintext_size);
+ case PAL_CRYPTO_AEAD_UPDATE_AD:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_update_ad(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_UPDATE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_update(aead_operation, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_FINISH:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ tag_length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_finish(aead_operation, ciphertext, ciphertext_size, length, buffer,
+ size, tag_length);
+ case PAL_CRYPTO_AEAD_VERIFY:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_verify(aead_operation, plaintext, plaintext_size, length, buffer, size);
+ case PAL_CRYPTO_AEAD_ABORT:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ return psa_aead_abort(aead_operation);
+#endif
case PAL_CRYPTO_MAC_SIGN_SETUP:
mac_operation = va_arg(valist, psa_mac_operation_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
- return psa_mac_sign_setup(mac_operation, handle, alg);
+ return psa_mac_sign_setup(mac_operation, key_handle, alg);
case PAL_CRYPTO_MAC_UPDATE:
mac_operation = va_arg(valist, psa_mac_operation_t*);
buffer = va_arg(valist, uint8_t*);
@@ -223,9 +306,9 @@ int32_t pal_crypto_function(int type, va_list valist)
return psa_mac_sign_finish(mac_operation, buffer, size, length);
case PAL_CRYPTO_MAC_VERIFY_SETUP:
mac_operation = va_arg(valist, psa_mac_operation_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
- return psa_mac_verify_setup(mac_operation, handle, alg);
+ return psa_mac_verify_setup(mac_operation, key_handle, alg);
case PAL_CRYPTO_MAC_VERIFY_FINISH:
mac_operation = va_arg(valist, psa_mac_operation_t*);
buffer = va_arg(valist, uint8_t*);
@@ -234,8 +317,29 @@ int32_t pal_crypto_function(int type, va_list valist)
case PAL_CRYPTO_MAC_ABORT:
mac_operation = va_arg(valist, psa_mac_operation_t*);
return psa_mac_abort(mac_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_MAC_COMPUTE:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_mac_compute(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_MAC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size);
+#endif
case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
plaintext = va_arg(valist, uint8_t *);
size = va_arg(valist, size_t);
@@ -244,10 +348,10 @@ int32_t pal_crypto_function(int type, va_list valist)
ciphertext = va_arg(valist, uint8_t *);
ciphertext_size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
- return psa_asymmetric_encrypt(handle, alg, plaintext, size, salt, salt_length,
- ciphertext, ciphertext_size, length);
+ return psa_asymmetric_encrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
plaintext = va_arg(valist, uint8_t *);
size = va_arg(valist, size_t);
@@ -256,18 +360,18 @@ int32_t pal_crypto_function(int type, va_list valist)
ciphertext = va_arg(valist, uint8_t *);
ciphertext_size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
- return psa_asymmetric_decrypt(handle, alg, plaintext, size, salt, salt_length,
- ciphertext, ciphertext_size, length);
+ return psa_asymmetric_decrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
- return psa_cipher_encrypt_setup(cipher_operation, handle, alg);
+ return psa_cipher_encrypt_setup(cipher_operation, key_handle, alg);
case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
- return psa_cipher_decrypt_setup(cipher_operation, handle, alg);
+ return psa_cipher_decrypt_setup(cipher_operation, key_handle, alg);
case PAL_CRYPTO_CIPHER_GENERATE_IV:
cipher_operation = va_arg(valist, psa_cipher_operation_t *);
buffer = va_arg(valist, uint8_t*);
@@ -287,7 +391,7 @@ int32_t pal_crypto_function(int type, va_list valist)
ciphertext_size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
- length);
+ length);
case PAL_CRYPTO_CIPHER_FINISH:
cipher_operation = va_arg(valist, psa_cipher_operation_t *);
ciphertext = va_arg(valist, uint8_t *);
@@ -297,39 +401,112 @@ int32_t pal_crypto_function(int type, va_list valist)
case PAL_CRYPTO_CIPHER_ABORT:
cipher_operation = va_arg(valist, psa_cipher_operation_t *);
return psa_cipher_abort(cipher_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_CIPHER_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_encrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+#endif
case PAL_CRYPTO_ASYMMTERIC_SIGN:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
buffer = va_arg(valist, uint8_t*);
size = va_arg(valist, size_t);
ciphertext = va_arg(valist, uint8_t *);
ciphertext_size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
- return psa_asymmetric_sign(handle, alg, buffer, size, ciphertext, ciphertext_size,
- length);
+ return psa_asymmetric_sign(key_handle, alg, buffer, size, ciphertext, ciphertext_size,
+ length);
case PAL_CRYPTO_ASYMMTERIC_VERIFY:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
buffer = va_arg(valist, uint8_t*);
size = va_arg(valist, size_t);
ciphertext = va_arg(valist, uint8_t *);
ciphertext_size = va_arg(valist, size_t);
- return psa_asymmetric_verify(handle, alg, buffer, size, ciphertext, ciphertext_size);
- case PAL_CRYPTO_KEY_AGREEMENT:
- generator = va_arg(valist, psa_crypto_generator_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_asymmetric_verify(key_handle, alg, buffer, size, ciphertext,
+ ciphertext_size);
+ case PAL_CRYPTO_RAW_KEY_AGREEMENT:
+ alg = va_arg(valist, psa_algorithm_t);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
buffer = va_arg(valist, uint8_t*);
size = va_arg(valist, size_t);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_key_agreement(generator, handle, buffer, size, alg);
- case PAL_CRYPTO_ALLOCATE_KEY:
- key_handle = (psa_key_handle_t *)va_arg(valist, int*);
- return psa_allocate_key(key_handle);
+ length = va_arg(valist, size_t*);
+ return psa_raw_key_agreement(alg, key_handle, peer, peer_length, buffer, size, length);
case PAL_CRYPTO_COPY_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- target_handle = (psa_key_handle_t)va_arg(valist, int);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_copy_key(handle, target_handle, policy);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_copy_key(key_handle, attributes, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SETUP:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_key_derivation_setup(derive_operation, alg);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_input_bytes(derive_operation, step, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_key_derivation_input_key(derive_operation, step, key_handle);
+ case PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ return psa_key_derivation_key_agreement(derive_operation, step, key_handle, peer,
+ peer_length);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_output_bytes(derive_operation, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_key_derivation_output_key(attributes, derive_operation, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_set_capacity(derive_operation, size);
+ case PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ length = va_arg(valist, size_t *);
+ return psa_key_derivation_get_capacity(derive_operation, length);
+ case PAL_CRYPTO_KEY_DERIVATION_ABORT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ return psa_key_derivation_abort(derive_operation);
+ case PAL_CRYPTO_OPEN_KEY:
+ key_id = va_arg(valist, psa_key_id_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_open_key(key_id, handle);
+ case PAL_CRYPTO_CLOSE_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_close_key(key_handle);
case PAL_CRYPTO_FREE:
for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
psa_destroy_key(i);
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.h
index d1dabfa4..671dfa0b 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/crypto/pal_crypto_intf.h
@@ -15,62 +15,89 @@
* limitations under the License.
**/
-#ifndef _PAL_CRYPTO_H_
-#define _PAL_CRYPTO_H_
+#ifndef _PAL_CRYPTO_INTF_H_
+#define _PAL_CRYPTO_INTF_H_
#include "pal_common.h"
enum crypto_function_code {
- PAL_CRYPTO_INIT = 0x1,
- PAL_CRYPTO_GENERATE_RANDOM = 0x2,
- PAL_CRYPTO_IMPORT_KEY = 0x3,
- PAL_CRYPTO_EXPORT_KEY = 0x4,
- PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
- PAL_CRYPTO_DESTROY_KEY = 0x6,
- PAL_CRYPTO_GET_KEY_INFO = 0x7,
- PAL_CRYPTO_KEY_POLICY_INIT = 0x8,
- PAL_CRYPTO_KEY_POLICY_SET_USAGE = 0x9,
- PAL_CRYPTO_KEY_POLICY_GET_USAGE = 0xA,
- PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM = 0xB,
- PAL_CRYPTO_SET_KEY_POLICY = 0xC,
- PAL_CRYPTO_GET_KEY_POLICY = 0xD,
- PAL_CRYPTO_GET_KEY_INFORMATION = 0xE,
- PAL_CRYPTO_GET_KEY_LIFETIME = 0xF,
- PAL_CRYPTO_HASH_SETUP = 0x11,
- PAL_CRYPTO_HASH_UPDATE = 0x12,
- PAL_CRYPTO_HASH_VERIFY = 0x13,
- PAL_CRYPTO_HASH_FINISH = 0x14,
- PAL_CRYPTO_HASH_ABORT = 0x15,
- PAL_CRYPTO_GENERATE_KEY = 0x16,
- PAL_CRYPTO_GENERATOR_READ = 0x17,
- PAL_CRYPTO_KEY_DERIVATION = 0x18,
- PAL_CRYPTO_GET_GENERATOR_CAPACITY = 0x19,
- PAL_CRYPTO_GENERATOR_IMPORT_KEY = 0x1A,
- PAL_CRYPTO_GENERATOR_ABORT = 0x1B,
- PAL_CRYPTO_AEAD_ENCRYPT = 0x1C,
- PAL_CRYPTO_AEAD_DECRYPT = 0x1D,
- PAL_CRYPTO_MAC_SIGN_SETUP = 0x1E,
- PAL_CRYPTO_MAC_UPDATE = 0x1F,
- PAL_CRYPTO_MAC_SIGN_FINISH = 0x20,
- PAL_CRYPTO_MAC_VERIFY_SETUP = 0x21,
- PAL_CRYPTO_MAC_VERIFY_FINISH = 0x22,
- PAL_CRYPTO_MAC_ABORT = 0x23,
- PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x24,
- PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x25,
- PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x26,
- PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x2A,
- PAL_CRYPTO_CIPHER_GENERATE_IV = 0x2B,
- PAL_CRYPTO_CIPHER_SET_IV = 0x2C,
- PAL_CRYPTO_CIPHER_UPDATE = 0x2D,
- PAL_CRYPTO_CIPHER_FINISH = 0x2E,
- PAL_CRYPTO_CIPHER_ABORT = 0x2F,
- PAL_CRYPTO_ASYMMTERIC_SIGN = 0x30,
- PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x31,
- PAL_CRYPTO_KEY_AGREEMENT = 0x32,
- PAL_CRYPTO_ALLOCATE_KEY = 0x33,
- PAL_CRYPTO_COPY_KEY = 0x34,
- PAL_CRYPTO_FREE = 0xFE,
+ PAL_CRYPTO_INIT = 0x1,
+ PAL_CRYPTO_GENERATE_RANDOM = 0x2,
+ PAL_CRYPTO_IMPORT_KEY = 0x3,
+ PAL_CRYPTO_EXPORT_KEY = 0x4,
+ PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
+ PAL_CRYPTO_DESTROY_KEY = 0x6,
+ PAL_CRYPTO_HASH_SETUP = 0x7,
+ PAL_CRYPTO_HASH_UPDATE = 0x8,
+ PAL_CRYPTO_HASH_VERIFY = 0x9,
+ PAL_CRYPTO_HASH_FINISH = 0xA,
+ PAL_CRYPTO_HASH_ABORT = 0xB,
+ PAL_CRYPTO_GENERATE_KEY = 0xC,
+ PAL_CRYPTO_AEAD_ENCRYPT = 0xD,
+ PAL_CRYPTO_AEAD_DECRYPT = 0xE,
+ PAL_CRYPTO_MAC_SIGN_SETUP = 0xF,
+ PAL_CRYPTO_MAC_UPDATE = 0x10,
+ PAL_CRYPTO_MAC_SIGN_FINISH = 0x11,
+ PAL_CRYPTO_MAC_VERIFY_SETUP = 0x12,
+ PAL_CRYPTO_MAC_VERIFY_FINISH = 0x13,
+ PAL_CRYPTO_MAC_ABORT = 0x14,
+ PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x15,
+ PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x16,
+ PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x17,
+ PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x18,
+ PAL_CRYPTO_CIPHER_GENERATE_IV = 0x19,
+ PAL_CRYPTO_CIPHER_SET_IV = 0x1A,
+ PAL_CRYPTO_CIPHER_UPDATE = 0x1B,
+ PAL_CRYPTO_CIPHER_FINISH = 0x1C,
+ PAL_CRYPTO_CIPHER_ABORT = 0x1D,
+ PAL_CRYPTO_ASYMMTERIC_SIGN = 0x1E,
+ PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x1F,
+ PAL_CRYPTO_COPY_KEY = 0x20,
+ PAL_CRYPTO_SET_KEY_TYPE = 0x21,
+ PAL_CRYPTO_SET_KEY_BITS = 0x22,
+ PAL_CRYPTO_GET_KEY_ATTRIBUTES = 0x23,
+ PAL_CRYPTO_GET_KEY_TYPE = 0x24,
+ PAL_CRYPTO_SET_KEY_USAGE_FLAGS = 0x25,
+ PAL_CRYPTO_RESET_KEY_ATTRIBUTES = 0x26,
+ PAL_CRYPTO_SET_KEY_ID = 0x27,
+ PAL_CRYPTO_SET_KEY_LIFETIME = 0x28,
+ PAL_CRYPTO_SET_KEY_ALGORITHM = 0x29,
+ PAL_CRYPTO_GET_KEY_ID = 0x2A,
+ PAL_CRYPTO_GET_KEY_LIFETIME = 0x2B,
+ PAL_CRYPTO_GET_KEY_USAGE_FLAGS = 0x2C,
+ PAL_CRYPTO_GET_KEY_ALGORITHM = 0x2D,
+ PAL_CRYPTO_GET_KEY_BITS = 0x2E,
+ PAL_CRYPTO_HASH_COMPUTE = 0x2F,
+ PAL_CRYPTO_HASH_COMPARE = 0x30,
+ PAL_CRYPTO_KEY_DERIVATION_SETUP = 0x31,
+ PAL_CRYPTO_KEY_DERIVATION_ABORT = 0x32,
+ PAL_CRYPTO_RAW_KEY_AGREEMENT = 0x33,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES = 0x34,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY = 0x35,
+ PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT = 0x36,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES = 0x37,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY = 0x38,
+ PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY = 0x39,
+ PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY = 0x3A,
+ PAL_CRYPTO_HASH_CLONE = 0x3B,
+ PAL_CRYPTO_MAC_COMPUTE = 0x3C,
+ PAL_CRYPTO_MAC_VERIFY = 0x3D,
+ PAL_CRYPTO_CIPHER_ENCRYPT = 0x3F,
+ PAL_CRYPTO_CIPHER_DECRYPT = 0x40,
+ PAL_CRYPTO_OPEN_KEY = 0x41,
+ PAL_CRYPTO_CLOSE_KEY = 0x42,
+ PAL_CRYPTO_AEAD_ENCRYPT_SETUP = 0x43,
+ PAL_CRYPTO_AEAD_DECRYPT_SETUP = 0x44,
+ PAL_CRYPTO_AEAD_GENERATE_NONCE = 0x45,
+ PAL_CRYPTO_AEAD_SET_NONCE = 0x46,
+ PAL_CRYPTO_AEAD_SET_LENGTHS = 0X47,
+ PAL_CRYPTO_AEAD_UPDATE_AD = 0x48,
+ PAL_CRYPTO_AEAD_UPDATE = 0x49,
+ PAL_CRYPTO_AEAD_FINISH = 0x4A,
+ PAL_CRYPTO_AEAD_VERIFY = 0x4B,
+ PAL_CRYPTO_AEAD_ABORT = 0x4C,
+ PAL_CRYPTO_FREE = 0xFE,
};
int32_t pal_crypto_function(int type, va_list valist);
-#endif /* _PAL_CRYPTO_H_ */
+#endif /* _PAL_CRYPTO_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c
index ae2bdba4..91be54df 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,7 +17,8 @@
#include "pal_attestation_crypto.h"
-static uint32_t public_key_registered = 0;
+static uint32_t public_key_registered;
+static psa_key_handle_t public_key_handle;
static inline struct q_useful_buf_c useful_buf_head(struct q_useful_buf_c buf,
size_t amount)
@@ -25,33 +26,6 @@ static inline struct q_useful_buf_c useful_buf_head(struct q_useful_buf_c buf,
return UsefulBuf_Head(buf, amount);
}
-static uint32_t check_hash_sizes(void)
-{
- if (T_COSE_CRYPTO_SHA256_SIZE != PSA_HASH_SIZE(PSA_ALG_SHA_256))
- {
- return PAL_ATTEST_HASH_FAIL;
- }
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static psa_ecc_curve_t attest_map_elliptic_curve_type(int32_t cose_curve)
-{
- psa_ecc_curve_t psa_curve;
-
- /*FixMe: Mapping is not complete, missing ones: P384, P521, ED25519, ED448 */
- switch (cose_curve)
- {
- case P_256:
- psa_curve = PSA_ECC_CURVE_SECP256R1;
- break;
- default:
- psa_curve = USHRT_MAX;
- }
-
- return psa_curve;
-}
-
static psa_algorithm_t cose_hash_alg_id_to_psa(int32_t cose_hash_alg_id)
{
psa_algorithm_t status;
@@ -80,131 +54,70 @@ static int32_t hash_alg_id_from_sig_alg_id(int32_t cose_sig_alg_id)
}
}
-int32_t pal_cose_crypto_hash_start(struct pal_cose_crypto_hash *hash_ctx, int32_t cose_hash_alg_id)
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id)
{
- int32_t cose_ret = PAL_ATTEST_SUCCESS;
- psa_status_t psa_ret;
- struct pal_cose_psa_crypto_hash *psa_hash_ctx;
-
- cose_ret = check_hash_sizes();
- if (cose_ret)
- {
- goto error;
- }
+ psa_algorithm_t psa_alg;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
- if (sizeof(struct pal_cose_crypto_hash) < sizeof(struct pal_cose_psa_crypto_hash))
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- goto error;
- }
+ /* Map the algorithm ID */
+ psa_alg = cose_hash_alg_id_to_psa(cose_hash_alg_id);
- psa_hash_ctx = (struct pal_cose_psa_crypto_hash *)hash_ctx;
- psa_ret = psa_hash_setup(&psa_hash_ctx->operation, cose_hash_alg_id_to_psa(cose_hash_alg_id));
+ /* Actually do the hash set up */
+ status = psa_hash_setup(psa_hash, psa_alg);
- if (psa_ret == PAL_ATTEST_SUCCESS)
- {
- psa_hash_ctx->status = PAL_ATTEST_SUCCESS;
- cose_ret = PAL_ATTEST_SUCCESS;
- }
- else if (psa_ret == PSA_ERROR_NOT_SUPPORTED)
- {
- cose_ret = PAL_ATTEST_HASH_UNSUPPORTED;
- }
- else
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- }
+ return status;
-error:
- return cose_ret;
}
-void pal_cose_crypto_hash_update(struct pal_cose_crypto_hash *hash_ctx,
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
struct q_useful_buf_c data_to_hash)
{
- struct pal_cose_psa_crypto_hash *psa_hash_ctx;
-
- if (sizeof(struct pal_cose_crypto_hash) < sizeof(struct pal_cose_psa_crypto_hash))
- {
+ if (data_to_hash.ptr == NULL) {
+ /* No data was passed in to be hashed indicating the mode of use is
+ * the computation of the size of hash. This mode is hashing is used
+ * by t_cose when it is requested to compute the size of the signed
+ * data it might compute, which is in turn used to compute the
+ * size of a would be token. When computing the size, the size
+ * like this, there is nothing to do in update()
+ */
return;
}
- psa_hash_ctx = (struct pal_cose_psa_crypto_hash *)hash_ctx;
-
- if (psa_hash_ctx->status == PAL_ATTEST_SUCCESS)
- {
- if (data_to_hash.ptr != NULL)
- {
- psa_hash_ctx->status = psa_hash_update(&psa_hash_ctx->operation,
- data_to_hash.ptr,
- data_to_hash.len);
- }
- else
- {
- /* Intentionally do nothing, just computing the size of the token */
- }
- }
+ /* Actually hash the data */
+ psa_hash_update(psa_hash, data_to_hash.ptr, data_to_hash.len);
}
-int32_t pal_cose_crypto_hash_finish(struct pal_cose_crypto_hash *hash_ctx,
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
struct q_useful_buf buffer_to_hold_result,
struct q_useful_buf_c *hash_result)
{
- uint32_t cose_ret = PAL_ATTEST_SUCCESS;
- psa_status_t psa_ret;
- struct pal_cose_psa_crypto_hash *psa_hash_ctx;
-
- if (sizeof(struct pal_cose_crypto_hash) < sizeof(struct pal_cose_psa_crypto_hash))
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- goto error;
- }
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
- psa_hash_ctx = (struct pal_cose_psa_crypto_hash *)hash_ctx;
+ /* Actually finish up the hash */
+ status = psa_hash_finish(psa_hash, buffer_to_hold_result.ptr,
+ buffer_to_hold_result.len, &(hash_result->len));
+ hash_result->ptr = buffer_to_hold_result.ptr;
- if (psa_hash_ctx->status == PAL_ATTEST_SUCCESS)
- {
- psa_ret = psa_hash_finish(&psa_hash_ctx->operation,
- buffer_to_hold_result.ptr,
- buffer_to_hold_result.len,
- &(hash_result->len));
-
- if (psa_ret == PAL_ATTEST_SUCCESS)
- {
- hash_result->ptr = buffer_to_hold_result.ptr;
- cose_ret = 0;
- }
- else if (psa_ret == PSA_ERROR_BUFFER_TOO_SMALL)
- {
- cose_ret = PAL_ATTEST_HASH_BUFFER_SIZE;
- }
- else
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- }
- }
- else
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- }
+ return status;
-error:
- return cose_ret;
}
int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
struct q_useful_buf_c *hash)
{
- uint32_t status = PAL_ATTEST_SUCCESS;
- struct pal_cose_crypto_hash hash_ctx;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
- status = pal_cose_crypto_hash_start(&hash_ctx, COSE_ALG_SHA256_PROPRIETARY);
- if (status)
- return status;
+ status = pal_cose_crypto_hash_start(&psa_hash, COSE_ALG_SHA256_PROPRIETARY);
+ if (status != PSA_SUCCESS)
+ goto Done;
- pal_cose_crypto_hash_update(&hash_ctx, bytes_to_hash);
- status = pal_cose_crypto_hash_finish(&hash_ctx, buffer_for_hash, hash);
+ pal_cose_crypto_hash_update(&psa_hash, bytes_to_hash);
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
+ if (status != PSA_SUCCESS)
+ goto Done;
+Done:
return status;
}
@@ -216,25 +129,26 @@ uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_ha
QCBOREncodeContext cbor_encode_ctx;
struct q_useful_buf_c tbs_first_part;
QCBORError qcbor_result;
- struct pal_cose_crypto_hash hash_ctx = {{0}};
int32_t hash_alg_id;
UsefulBuf_MAKE_STACK_UB (buffer_for_TBS_first_part, T_COSE_SIZE_OF_TBS);
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
/* This builds the CBOR-format to-be-signed bytes */
QCBOREncode_Init(&cbor_encode_ctx, buffer_for_TBS_first_part);
QCBOREncode_OpenArray(&cbor_encode_ctx);
+
/* context */
- QCBOREncode_AddSZString(&cbor_encode_ctx,
- COSE_SIG_CONTEXT_STRING_SIGNATURE1);
+ QCBOREncode_AddSZString(&cbor_encode_ctx, COSE_SIG_CONTEXT_STRING_SIGNATURE1);
+
/* body_protected */
- QCBOREncode_AddBytes(&cbor_encode_ctx,
- protected_headers);
- /* sign_protected */
- QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
+ QCBOREncode_AddBytes(&cbor_encode_ctx, protected_headers);
+
+ /* sign_protected is not used for Sign1 */
/* external_aad */
QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
- /* fake payload */
- QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
+
+ /* The short fake payload. */
+ QCBOREncode_AddBytesLenOnly(&cbor_encode_ctx, payload);
QCBOREncode_CloseArray(&cbor_encode_ctx);
/* Get the result and convert it to struct q_useful_buf_c representation */
@@ -242,7 +156,8 @@ uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_ha
if (qcbor_result)
{
/* Mainly means that the protected_headers were too big
- (which should never happen) */
+ * (which should never happen)
+ */
status = PAL_ATTEST_ERR_SIGN_STRUCT;
goto Done;
}
@@ -253,94 +168,177 @@ uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_ha
/* Don't check hash_alg_id for failure. pal_cose_crypto_hash_start()
* will handle it properly
*/
- status = pal_cose_crypto_hash_start(&hash_ctx, hash_alg_id);
+ status = pal_cose_crypto_hash_start(&psa_hash, hash_alg_id);
if (status)
goto Done;
- /* Hash the first part of the TBS. Take all but the last two
- * bytes. The last two bytes are the fake payload from above. It
- * is replaced by the real payload which is hashed next. The fake
- * payload is needed so the array count is right. This is one of
- * the main things that make it possible to implement with one
- * buffer for the whole cose sign1.
+ /* This is hashing of the first part, all the CBOR
+ * except the payload.
*/
- pal_cose_crypto_hash_update(&hash_ctx, useful_buf_head(tbs_first_part,
- tbs_first_part.len - 2));
+ pal_cose_crypto_hash_update(&psa_hash, useful_buf_head(tbs_first_part, tbs_first_part.len));
- /* Hash the payload */
- pal_cose_crypto_hash_update(&hash_ctx, payload);
+ /* Hash the payload, the second part. */
+ pal_cose_crypto_hash_update(&psa_hash, payload);
/* Finish the hash and set up to return it */
- status = pal_cose_crypto_hash_finish(&hash_ctx,
- buffer_for_hash,
- hash);
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
Done:
return status;
}
-uint32_t pal_import_attest_key(int32_t alg)
+static int32_t pal_attest_get_public_key(uint8_t *public_key_buff, size_t public_key_buf_size,
+ size_t *public_key_len, psa_ecc_curve_t *elliptic_curve_type)
{
+ int32_t status = PAL_ATTEST_ERROR;
+
+#ifdef PLATFORM_OVERRIDE_ATTEST_PK
+ if (public_key_buf_size < (attest_key.pubx_key_size + attest_key.puby_key_size + 1))
+ return PAL_ATTEST_ERR_SMALL_BUFFER;
+
+ *public_key_len = (attest_key.pubx_key_size + attest_key.puby_key_size + 1);
+ *elliptic_curve_type = PSA_ECC_CURVE_SECP256R1;
+ memcpy(public_key_buff, (void *)&attest_public_key, *public_key_len);
+ status = PSA_SUCCESS;
+#else
+ status = tfm_initial_attest_get_public_key(public_key_buff,
+ public_key_buf_size,
+ public_key_len,
+ elliptic_curve_type);
+#endif
+
+ return status;
+}
+
+static uint32_t pal_import_attest_key(psa_algorithm_t key_alg)
+{
+ psa_status_t status = PAL_ATTEST_ERROR;
+ psa_key_usage_t usage = PSA_KEY_USAGE_VERIFY;
+ psa_ecc_curve_t ecc_curve;
psa_key_type_t attest_key_type;
size_t public_key_size;
- psa_status_t status = PSA_SUCCESS;
+ uint8_t public_key_buff[ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH] = {0};
+
+#if defined(CRYPTO_VERSION_BETA1) || defined(CRYPTO_VERSION_BETA2)
psa_key_policy_t policy;
- psa_ecc_curve_t psa_curve;
- psa_key_handle_t public_key_handle;
- /* Mapping of COSE curve type to PSA curve types */
- psa_curve = attest_map_elliptic_curve_type(P_256);
- if (psa_curve == USHRT_MAX)
- return PAL_ATTEST_ERROR;
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
- /* Setup the key policy for public key */
- policy = psa_key_policy_init();
- psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_VERIFY, alg);
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
- status = psa_allocate_key(&public_key_handle);
- if (status != PSA_SUCCESS)
- return status;
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
- status = psa_set_key_policy(public_key_handle, &policy);
- if (status != PSA_SUCCESS)
- return status;
+ /* Setup the key policy for public key */
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage(&policy, usage, key_alg);
- attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(psa_curve);
+ status = psa_allocate_key(&public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
- /* Register public key to crypto service */
- public_key_size = attest_key.pubx_key_size + attest_key.puby_key_size;
+ status = psa_set_key_policy(public_key_handle, &policy);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
- status = psa_import_key(public_key_handle,
+ /* Import the public key */
+ status = psa_import_key(public_key_handle,
attest_key_type,
- (const uint8_t *)&attest_public_key,
- public_key_size + 1);
+ public_key_buff,
+ public_key_size);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+
+#elif defined(CRYPTO_VERSION_BETA3)
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+
+ /* Set the attributes for the public key */
+ psa_set_key_type(&attributes, attest_key_type);
+ psa_set_key_bits(&attributes, public_key_size);
+ psa_set_key_usage_flags(&attributes, usage);
+ psa_set_key_algorithm(&attributes, key_alg);
+ psa_set_key_bits(&attributes, 0);
+
+ /* Import the public key */
+ status = psa_import_key(&attributes,
+ public_key_buff,
+ public_key_size,
+ &public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+#endif
return status;
}
+static uint32_t pal_destroy_attest_key(void)
+{
+ psa_status_t status;
+
+ if (!public_key_registered)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ status = psa_destroy_key(public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 0;
+
+ return PAL_ATTEST_SUCCESS;
+}
uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id,
struct q_useful_buf_c token_hash,
struct q_useful_buf_c signature)
{
- uint32_t status = PAL_ATTEST_SUCCESS;
+ int32_t status = PAL_ATTEST_ERROR;
+ psa_algorithm_t key_alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
- if (!public_key_registered)
- {
- status = pal_import_attest_key(cose_algorithm_id);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
+ /* Register the attestation public key */
+ status = pal_import_attest_key(key_alg);
+ if (status != PAL_ATTEST_SUCCESS)
+ return status;
- public_key_registered = 1;
- }
+ /* Verify the signature */
+ status = psa_asymmetric_verify(public_key_handle,
+ key_alg, token_hash.ptr, token_hash.len,
+ signature.ptr, signature.len);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_SIGNATURE_FAIL;
-/*
- * Enable the verify function when Trusted Firmare - M Supports
+ /* Unregister the attestation public key */
+ status = pal_destroy_attest_key();
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
- * Verify the signature a hash or short message using a public key.
- status = psa_asymmetric_verify(public_key_handle,
- cose_algorithm_id, token_hash.ptr, token_hash.len,
- signature.ptr, signature.len);
-*/
- return status;
+ return PAL_ATTEST_SUCCESS;
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.h
index 2d63ad13..559a24c1 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.h
@@ -15,16 +15,19 @@
* limitations under the License.
**/
-#include "pal_common.h"
+#ifndef _PAL_ATTESTATION_CRYPTO_H_
+#define _PAL_ATTESTATION_CRYPTO_H_
+
#include "pal_attestation_eat.h"
-#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH (1 + 2 * PSA_BITS_TO_BYTES(256))
-typedef struct{
+typedef struct {
uint8_t *pubx_key;
- uint32_t pubx_key_size;
+ size_t pubx_key_size;
uint8_t *puby_key;
- uint32_t puby_key_size;
+ size_t puby_key_size;
} ecc_key_t;
struct ecc_public_key_t {
@@ -47,29 +50,14 @@ static const struct ecc_public_key_t attest_public_key = {
0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64},
};
-struct pal_cose_crypto_hash {
- /* Can't put the actual size here without creating dependecy on
- * actual hash implementation, so this is a fairly large and
- * accommodating size.
- */
- uint8_t bytes[128];
-};
-
-struct pal_cose_psa_crypto_hash {
- psa_status_t status;
- psa_hash_operation_t operation;
-};
-
-static const uint8_t initial_attestation_public_x_key[] =
-{
+static const uint8_t initial_attestation_public_x_key[] = {
0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F
};
-static const uint8_t initial_attestation_public_y_key[] =
-{
+static const uint8_t initial_attestation_public_y_key[] = {
0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
@@ -84,10 +72,10 @@ static const ecc_key_t attest_key = {
sizeof(initial_attestation_public_y_key)
};
-int32_t pal_cose_crypto_hash_start(struct pal_cose_crypto_hash *hash_ctx, int32_t cose_hash_alg_id);
-void pal_cose_crypto_hash_update(struct pal_cose_crypto_hash *hash_ctx,
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id);
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
struct q_useful_buf_c data_to_hash);
-int32_t pal_cose_crypto_hash_finish(struct pal_cose_crypto_hash *hash_ctx,
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
struct q_useful_buf buffer_to_hold_result,
struct q_useful_buf_c *hash_result);
int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
@@ -95,8 +83,6 @@ int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf b
uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
struct q_useful_buf_c payload);
-uint32_t pal_import_attest_key(int32_t alg);
uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash,
struct q_useful_buf_c signature);
-
-
+#endif /* _PAL_ATTESTATION_CRYPTO_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.c
deleted file mode 100644
index 178fdc9c..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.c
+++ /dev/null
@@ -1,491 +0,0 @@
-/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-#include "pal_attestation_crypto.h"
-
-uint32_t mandatory_claims = 0;
-uint32_t mandaroty_sw_components = 0;
-bool_t sw_component_present = 0;
-
-static int pal_encode_cose_key(struct q_useful_buf_c *cose_key,
- struct q_useful_buf buffer_for_cose_key,
- struct q_useful_buf_c x_cord, struct q_useful_buf_c y_cord)
-{
- uint32_t return_value;
- QCBORError qcbor_result;
- QCBOREncodeContext cbor_encode_ctx;
- int32_t cose_curve_id = P_256;
- struct q_useful_buf_c encoded_key_id;
-
- /* Get the public key x and y */
- /* Encode it into a COSE_Key structure */
- QCBOREncode_Init(&cbor_encode_ctx, buffer_for_cose_key);
- QCBOREncode_OpenMap(&cbor_encode_ctx);
- QCBOREncode_AddInt64ToMapN(&cbor_encode_ctx,
- COSE_KEY_COMMON_KTY,
- COSE_KEY_TYPE_EC2);
- QCBOREncode_AddInt64ToMapN(&cbor_encode_ctx,
- COSE_KEY_PARAM_CRV,
- cose_curve_id);
- QCBOREncode_AddBytesToMapN(&cbor_encode_ctx,
- COSE_KEY_PARAM_X_COORDINATE,
- x_cord);
- QCBOREncode_AddBytesToMapN(&cbor_encode_ctx,
- COSE_KEY_PARAM_Y_COORDINATE,
- y_cord);
- QCBOREncode_CloseMap(&cbor_encode_ctx);
-
- qcbor_result = QCBOREncode_Finish(&cbor_encode_ctx, &encoded_key_id);
- if (qcbor_result != QCBOR_SUCCESS)
- {
- /* Mainly means that the COSE_Key was too big for buffer_for_cose_key */
- return_value = PAL_ATTEST_ERR_PROTECTED_HEADERS;
- goto Done;
- }
-
- /* Finish up and return */
- *cose_key = encoded_key_id;
- return_value = PAL_ATTEST_SUCCESS;
-
-Done:
- return return_value;
-}
-
-
-static int get_items_in_map(QCBORDecodeContext *decode_context,
- struct items_to_get_t *item_list)
-{
- int item_index;
- QCBORItem item;
- struct items_to_get_t *item_ptr = item_list;
-
- /* initialize the data type of all items in the list */
- while (item_ptr->label != 0)
- {
- item_ptr->item.uDataType = QCBOR_TYPE_NONE;
- item_ptr++;
- }
-
- QCBORDecode_GetNext(decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_MAP)
- {
- return PAL_ATTEST_ERROR;
- }
-
- for (item_index = item.val.uCount; item_index != 0; item_index--)
- {
- if (QCBORDecode_GetNext(decode_context, &item) != QCBOR_SUCCESS)
- {
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- if (item.uLabelType != QCBOR_TYPE_INT64)
- {
- continue;
- }
-
- item_ptr = item_list;
- while (item_ptr->label != 0)
- {
- if (item.label.int64 == item_ptr->label)
- {
- item_ptr->item = item;
- }
- item_ptr++;
- }
- }
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static int get_item_in_map(QCBORDecodeContext *decode_context,
- int32_t label,
- QCBORItem *item)
-{
- struct items_to_get_t item_list[2];
-
- item_list[0].label = label;
- item_list[1].label = 0;
-
- if (get_items_in_map(decode_context, item_list))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if (item_list[0].item.uDataType == QCBOR_TYPE_NONE)
- {
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
-
- *item = item_list[0].item;
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static int parse_unprotected_headers(QCBORDecodeContext *decode_context,
- struct q_useful_buf_c *child,
- bool *loop_back)
-{
- struct items_to_get_t item_list[3];
-
- item_list[0].label = COSE_HEADER_PARAM_KID;
- item_list[1].label = T_COSE_SHORT_CIRCUIT_LABEL;
- item_list[2].label = 0;
- *loop_back = false;
-
- if (get_items_in_map(decode_context, item_list))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if (item_list[1].item.uDataType == QCBOR_TYPE_TRUE)
- {
- *loop_back = true;
- }
-
- if (item_list[0].item.uDataType != QCBOR_TYPE_BYTE_STRING)
- {
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
-
- *child = item_list[0].item.val.string;
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static int parse_protected_headers(struct q_useful_buf_c protected_headers,
- int32_t *alg_id)
-{
- QCBORDecodeContext decode_context;
- QCBORItem item;
-
- QCBORDecode_Init(&decode_context, protected_headers, 0);
-
- if (get_item_in_map(&decode_context, COSE_HEADER_PARAM_ALG, &item))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if (QCBORDecode_Finish(&decode_context))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if ((item.uDataType != QCBOR_TYPE_INT64) || (item.val.int64 > INT32_MAX))
- {
- return PAL_ATTEST_ERROR;
- }
-
- *alg_id = (int32_t)item.val.int64;
-
- return PAL_ATTEST_SUCCESS;
-}
-
-/**
- @brief - This API will verify the claims
- @param - decode_context : The buffer containing the challenge
- item : context for decoding the data items
- completed_challenge : Buffer containing the challenge
- @return - error status
-**/
-static int parse_claims(QCBORDecodeContext *decode_context, QCBORItem item,
- struct q_useful_buf_c completed_challenge)
-{
- int i, count = 0;
- int status = PAL_ATTEST_SUCCESS;
-
- /* Parse each claim and validate their data type */
- while (status == PAL_ATTEST_SUCCESS)
- {
- status = QCBORDecode_GetNext(decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- break;
-
- mandatory_claims |= 1 << (EAT_CBOR_ARM_RANGE_BASE - item.label.int64);
- if (item.uLabelType == QCBOR_TYPE_INT64)
- {
- if (item.label.int64 == EAT_CBOR_ARM_LABEL_NONCE)
- {
- if (item.uDataType == QCBOR_TYPE_BYTE_STRING)
- {
- /* Given challenge vs challenge in token */
- if (UsefulBuf_Compare(item.val.string, completed_challenge))
- return PAL_ATTEST_TOKEN_CHALLENGE_MISMATCH;
- }
- else
- return PAL_ATTEST_TOKEN_NOT_SUPPORTED;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_BOOT_SEED ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_UEID)
- {
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_ORIGINATION ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_PROFILE_DEFINITION ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_HW_VERSION)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_CLIENT_ID ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE)
- {
- if (item.uDataType != QCBOR_TYPE_INT64)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_SW_COMPONENTS)
- {
- if (item.uDataType != QCBOR_TYPE_ARRAY)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- sw_component_present = 1;
- status = QCBORDecode_GetNext(decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- continue;
-
- count = item.val.uCount;
- for (i = 0; i <= count; i++)
- {
- mandaroty_sw_components |= 1 << item.label.int64;
-
- if (item.label.int64 == EAT_CBOR_SW_COMPONENT_MEASUREMENT)
- {
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_MEASUREMENT_DESC)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_VERSION)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_SIGNER_ID)
- {
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_EPOCH)
- {
- if (item.uDataType != QCBOR_TYPE_INT64)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_TYPE)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
-
- if (i < count)
- {
- status = QCBORDecode_GetNext(decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- }
-
- }
- }
- else
- {
- /* ToDo: Add other claim types */
- }
- }
-
- if (status == QCBOR_ERR_HIT_END)
- return PAL_ATTEST_SUCCESS;
- else
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-}
-
-/**
- @brief - This API will verify the attestation token
- @param - challenge : The buffer containing the challenge
- challenge_size : Size of the challenge buffer
- token : The buffer containing the attestation token
- token_size : Size of the token buffer
- @return - error status
-**/
-int32_t pal_initial_attest_verify_token(uint8_t *challenge, uint32_t challenge_size,
- uint8_t *token, uint32_t token_size)
-{
- int32_t status = PAL_ATTEST_SUCCESS;
- bool short_circuit;
- int32_t cose_algorithm_id;
- QCBORItem item;
- QCBORDecodeContext decode_context;
- struct q_useful_buf_c completed_challenge;
- struct q_useful_buf_c completed_token;
- struct q_useful_buf_c payload;
- struct q_useful_buf_c signature;
- struct q_useful_buf_c protected_headers;
- struct q_useful_buf_c kid;
- struct q_useful_buf_c x_cord;
- struct q_useful_buf_c y_cord;
- struct q_useful_buf_c cose_key_to_hash;
- struct q_useful_buf_c key_hash;
- struct q_useful_buf_c token_hash;
- USEFUL_BUF_MAKE_STACK_UB(buf_to_hold_x_coord, T_COSE_CRYPTO_EC_P256_COORD_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buf_to_hold_y_coord, T_COSE_CRYPTO_EC_P256_COORD_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_kid, T_COSE_CRYPTO_SHA256_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_cose_key, MAX_ENCODED_COSE_KEY_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_encoded_key, MAX_ENCODED_COSE_KEY_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_token_hash, T_COSE_CRYPTO_SHA256_SIZE);
-
- kid.ptr = buffer_for_encoded_key.ptr;
-
- memcpy(buf_to_hold_x_coord.ptr, (const void *)attest_key.pubx_key, attest_key.pubx_key_size);
- memcpy(buf_to_hold_y_coord.ptr, (const void *)attest_key.puby_key, attest_key.puby_key_size);
-
- /* Update size */
- buf_to_hold_x_coord.len = attest_key.pubx_key_size;
- buf_to_hold_y_coord.len = attest_key.puby_key_size;
-
- x_cord.ptr = buf_to_hold_x_coord.ptr;
- x_cord.len = buf_to_hold_x_coord.len;
- y_cord.ptr = buf_to_hold_y_coord.ptr;
- y_cord.len = buf_to_hold_y_coord.len;
-
- /* Construct the token buffer for validation */
- completed_token.ptr = token;
- completed_token.len = token_size;
-
- /* Construct the challenge buffer for validation */
- completed_challenge.ptr = challenge;
- completed_challenge.len = challenge_size;
-
-/*
- -------------------------
- | CBOR Array Type |
- -------------------------
- | Protected Headers |
- -------------------------
- | Unprotected Headers |
- -------------------------
- | Payload |
- -------------------------
- | Signature |
- -------------------------
-*/
-
- /* Initialize the decorder */
- QCBORDecode_Init(&decode_context, completed_token, QCBOR_DECODE_MODE_NORMAL);
-
- /* Get the Header */
- QCBORDecode_GetNext(&decode_context, &item);
-
- /* Check the CBOR Array type. Check if the count is 4.
- * Only COSE_SIGN1 is supported now.
- */
- if (item.uDataType != QCBOR_TYPE_ARRAY || item.val.uCount != 4 ||
- !QCBORDecode_IsTagged(&decode_context, &item, CBOR_TAG_COSE_SIGN1))
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- /* Get the next headers */
- QCBORDecode_GetNext(&decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- protected_headers = item.val.string;
-
- /* Parse the protected headers and check the data type and value*/
- status = parse_protected_headers(protected_headers, &cose_algorithm_id);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Parse the unprotected headers and check the data type and value */
- short_circuit = false;
- status = parse_unprotected_headers(&decode_context, &kid, &short_circuit);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Encode the given public key */
- status = pal_encode_cose_key(&cose_key_to_hash, buffer_for_cose_key, x_cord, y_cord);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Create hash of the given public key */
- status = pal_create_sha256(cose_key_to_hash, buffer_for_kid, &key_hash);
- if (status != PSA_SUCCESS)
- return status;
-
- /* Compare the hash of the public key in token and hash of the given public key */
- if (kid.len != key_hash.len)
- {
- return PAL_ATTEST_HASH_LENGTH_MISMATCH;
- }
-
- if (memcmp(kid.ptr, key_hash.ptr, kid.len) != 0)
- {
- return PAL_ATTEST_HASH_MISMATCH;
- }
-
- /* Get the payload */
- QCBORDecode_GetNext(&decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- payload = item.val.string;
-
- /* Get the digital signature */
- QCBORDecode_GetNext(&decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- signature = item.val.string;
-
- /* Compute the hash from the token */
- status = pal_compute_hash(cose_algorithm_id, buffer_for_token_hash, &token_hash,
- protected_headers, payload);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Verify the signature */
- status = pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Initialize the Decoder and validate the payload format */
- QCBORDecode_Init(&decode_context, payload, QCBOR_DECODE_MODE_NORMAL);
- status = QCBORDecode_GetNext(&decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- if (item.uDataType != QCBOR_TYPE_MAP)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- /* Parse the payload and check the data type of each claim */
- status = parse_claims(&decode_context, item, completed_challenge);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- if ((mandatory_claims & MANDATORY_CLAIM_WITH_SW_COMP) == MANDATORY_CLAIM_WITH_SW_COMP)
- {
- if ((mandaroty_sw_components & MANDATORY_SW_COMP) != MANDATORY_SW_COMP)
- return PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS;
- }
- else if ((mandatory_claims & MANDATORY_CLAIM_NO_SW_COMP) != MANDATORY_CLAIM_NO_SW_COMP)
- {
- return PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS;
- }
-
- return PAL_ATTEST_SUCCESS;
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.h
index 8a0c5455..fae5434e 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.h
@@ -15,43 +15,17 @@
* limitations under the License.
**/
+#ifndef _PAL_ATTESTATION_EAT_H_
+#define _PAL_ATTESTATION_EAT_H_
+
#include "qcbor.h"
#include "pal_common.h"
-#include "psa/crypto.h"
#define PAL_ATTEST_MIN_ERROR 30
-/* NIST P-256 also known as secp256r1 */
-#define P_256 1
-
-#define COSE_HEADER_PARAM_ALG 1
-#define COSE_HEADER_PARAM_KID 4
-
-#define COSE_KEY_COMMON_KTY 1
-#define COSE_KEY_TYPE_EC2 2
-#define COSE_KEY_PARAM_CRV -1
-#define COSE_KEY_PARAM_X_COORDINATE -2
-#define COSE_KEY_PARAM_Y_COORDINATE -3
#define COSE_ALGORITHM_ES256 -7
#define COSE_ALG_SHA256_PROPRIETARY -72000
-/**
- * The size of X and Y coordinate in 2 parameter style EC public
- * key. Format is as defined in [COSE (RFC 8152)]
- * (https://tools.ietf.org/html/rfc8152) and [SEC 1: Elliptic Curve
- * Cryptography](http://www.secg.org/sec1-v2.pdf).
- *
- * This size is well-known and documented in public standards.
- */
-#define T_COSE_CRYPTO_EC_P256_COORD_SIZE 32
-#define T_COSE_CRYPTO_SHA256_SIZE 32
-
-#define MAX_ENCODED_COSE_KEY_SIZE \
- 1 + /* 1 byte to encode map */ \
- 2 + /* 2 bytes to encode key type */ \
- 2 + /* 2 bytes to encode curve */ \
- 2 * /* the X and Y coordinates at 32 bytes each */ \
- (T_COSE_CRYPTO_EC_P256_COORD_SIZE + 1 + 2)
#define USEFUL_BUF_MAKE_STACK_UB UsefulBuf_MAKE_STACK_UB
#define COSE_SIG_CONTEXT_STRING_SIGNATURE1 "Signature1"
@@ -78,71 +52,9 @@
sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \
2 + /* Overhead for encoding string */ \
T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \
- 3 * ( /* 3 NULL bstrs for fields not used */ \
+ 3 * (/* 3 NULL bstrs for fields not used */ \
1 /* size of a NULL bstr */ \
)
-
-/*
- CBOR Label for proprietary header indicating short-circuit
- signing was used. Just a random number in the proprietary
- label space */
-#define T_COSE_SHORT_CIRCUIT_LABEL (-8675309)
-
-#define EAT_CBOR_ARM_RANGE_BASE (-75000)
-#define EAT_CBOR_ARM_LABEL_PROFILE_DEFINITION (EAT_CBOR_ARM_RANGE_BASE - 0)
-#define EAT_CBOR_ARM_LABEL_CLIENT_ID (EAT_CBOR_ARM_RANGE_BASE - 1)
-#define EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE (EAT_CBOR_ARM_RANGE_BASE - 2)
-#define EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID (EAT_CBOR_ARM_RANGE_BASE - 3)
-#define EAT_CBOR_ARM_LABEL_BOOT_SEED (EAT_CBOR_ARM_RANGE_BASE - 4)
-#define EAT_CBOR_ARM_LABEL_HW_VERSION (EAT_CBOR_ARM_RANGE_BASE - 5)
-#define EAT_CBOR_ARM_LABEL_SW_COMPONENTS (EAT_CBOR_ARM_RANGE_BASE - 6)
-#define EAT_CBOR_ARM_LABEL_NO_SW_COMPONENTS (EAT_CBOR_ARM_RANGE_BASE - 7)
-#define EAT_CBOR_ARM_LABEL_NONCE (EAT_CBOR_ARM_RANGE_BASE - 8)
-#define EAT_CBOR_ARM_LABEL_UEID (EAT_CBOR_ARM_RANGE_BASE - 9)
-#define EAT_CBOR_ARM_LABEL_ORIGINATION (EAT_CBOR_ARM_RANGE_BASE - 10)
-
-#define CBOR_ARM_TOTAL_CLAIM_INSTANCE 10
-
-#define EAT_CBOR_SW_COMPONENT_TYPE (1u)
-#define EAT_CBOR_SW_COMPONENT_MEASUREMENT (2u)
-#define EAT_CBOR_SW_COMPONENT_EPOCH (3u)
-#define EAT_CBOR_SW_COMPONENT_VERSION (4u)
-#define EAT_CBOR_SW_COMPONENT_SIGNER_ID (5u)
-#define EAT_CBOR_SW_COMPONENT_MEASUREMENT_DESC (6u)
-
-#define MANDATORY_CLAIM_WITH_SW_COMP (1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_NONCE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_UEID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_CLIENT_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_BOOT_SEED) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_SW_COMPONENTS))
-
-#define MANDATORY_CLAIM_NO_SW_COMP (1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_NONCE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_UEID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_CLIENT_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_BOOT_SEED) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_NO_SW_COMPONENTS))
-
-#define MANDATORY_SW_COMP (1 << EAT_CBOR_SW_COMPONENT_MEASUREMENT | \
- 1 << EAT_CBOR_SW_COMPONENT_SIGNER_ID)
-
#define NULL_USEFUL_BUF_C NULLUsefulBufC
enum attestation_error_code {
@@ -158,13 +70,11 @@ enum attestation_error_code {
PAL_ATTEST_HASH_BUFFER_SIZE,
PAL_ATTEST_ERR_PROTECTED_HEADERS,
PAL_ATTEST_ERR_SIGN_STRUCT,
+ PAL_ATTEST_ERR_KEY_FAIL,
+ PAL_ATTEST_ERR_SIGNATURE_FAIL,
+ PAL_ATTEST_ERR_CBOR_STRUCTURE,
+ PAL_ATTEST_ERR_SMALL_BUFFER,
PAL_ATTEST_ERROR,
};
-struct items_to_get_t {
- int64_t label;
- QCBORItem item;
-};
-
-int32_t pal_initial_attest_verify_token(uint8_t *challenge, uint32_t challenge_size,
- uint8_t *token, uint32_t token_size);
+#endif /* _PAL_ATTESTATION_EAT_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c
index 2d99f74d..dd41690e 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -26,28 +26,39 @@
**/
int32_t pal_attestation_function(int type, va_list valist)
{
- uint8_t *challenge, *token;
- uint32_t challenge_size, *token_size, verify_token_size;
+ uint8_t *challenge, *token;
+ size_t challenge_size, *token_size, token_buffer_size;
+ int32_t cose_algorithm_id;
+ struct q_useful_buf buffer_for_hash;
+ struct q_useful_buf_c *hash, payload, protected_headers, token_hash, signature;
switch (type)
{
case PAL_INITIAL_ATTEST_GET_TOKEN:
challenge = va_arg(valist, uint8_t*);
- challenge_size = va_arg(valist, uint32_t);
+ challenge_size = va_arg(valist, size_t);
token = va_arg(valist, uint8_t*);
- token_size = va_arg(valist, uint32_t*);
- return psa_initial_attest_get_token(challenge, challenge_size, token, token_size);
+ token_buffer_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token(challenge, challenge_size, token, token_buffer_size,
+ token_size);
case PAL_INITIAL_ATTEST_GET_TOKEN_SIZE:
- challenge_size = va_arg(valist, uint32_t);
- token_size = va_arg(valist, uint32_t*);
+ challenge_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
return psa_initial_attest_get_token_size(challenge_size, token_size);
- case PAL_INITIAL_ATTEST_VERIFY_TOKEN:
- challenge = va_arg(valist, uint8_t*);
- challenge_size = va_arg(valist, uint32_t);
- token = va_arg(valist, uint8_t*);
- verify_token_size = va_arg(valist, uint32_t);
- return pal_initial_attest_verify_token(challenge, challenge_size,
- token, verify_token_size);
+ case PAL_INITIAL_ATTEST_COMPUTE_HASH:
+ cose_algorithm_id = va_arg(valist, int32_t);
+ buffer_for_hash = va_arg(valist, struct q_useful_buf);
+ hash = va_arg(valist, struct q_useful_buf_c*);
+ protected_headers = va_arg(valist, struct q_useful_buf_c);
+ payload = va_arg(valist, struct q_useful_buf_c);
+ return pal_compute_hash(cose_algorithm_id, buffer_for_hash, hash,
+ protected_headers, payload);
+ case PAL_INITIAL_ATTEST_VERIFY_WITH_PK:
+ cose_algorithm_id = va_arg(valist, int32_t);
+ token_hash = va_arg(valist, struct q_useful_buf_c);
+ signature = va_arg(valist, struct q_useful_buf_c);
+ return pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature);
default:
return PAL_STATUS_UNSUPPORTED_FUNC;
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.h
index 12f6ee94..3ab7ebb4 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.h
@@ -15,8 +15,8 @@
* limitations under the License.
**/
-#ifndef _PAL_INITIAL_ATTESTATION_H_
-#define _PAL_INITIAL_ATTESTATION_H_
+#ifndef _PAL_ATTESTATION_INTF_H_
+#define _PAL_ATTESTATION_INTF_H_
#include "pal_attestation_crypto.h"
@@ -24,7 +24,9 @@ enum attestation_function_code {
PAL_INITIAL_ATTEST_GET_TOKEN = 0x1,
PAL_INITIAL_ATTEST_GET_TOKEN_SIZE = 0x2,
PAL_INITIAL_ATTEST_VERIFY_TOKEN = 0x3,
+ PAL_INITIAL_ATTEST_COMPUTE_HASH = 0x4,
+ PAL_INITIAL_ATTEST_VERIFY_WITH_PK = 0x5,
};
int32_t pal_attestation_function(int type, va_list valist);
-#endif /* _PAL_INITIAL_ATTESTATION_H_ */
+#endif /* _PAL_ATTESTATION_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
index 4f04ab01..abfdc5d6 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
@@ -26,33 +26,35 @@
**/
uint32_t pal_its_function(int type, va_list valist)
{
- psa_its_uid_t uid;
- uint32_t data_length, offset;
- const void *p_write_data;
- void *p_read_data;
- psa_its_create_flags_t its_create_flags;
- struct psa_its_info_t *its_p_info;
+ psa_storage_uid_t uid;
+ uint32_t data_size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t its_create_flags;
+ struct psa_storage_info_t *its_p_info;
switch (type)
{
case PAL_ITS_SET:
- uid = va_arg(valist, psa_its_uid_t);
- data_length = va_arg(valist, uint32_t);
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
p_write_data = va_arg(valist, const void*);
- its_create_flags = va_arg(valist, psa_its_create_flags_t);
- return psa_its_set(uid, data_length, p_write_data, its_create_flags);
+ its_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_its_set(uid, data_size, p_write_data, its_create_flags);
case PAL_ITS_GET:
- uid = va_arg(valist, psa_its_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
offset = va_arg(valist, uint32_t);
- data_length = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
p_read_data = va_arg(valist, void*);
- return psa_its_get(uid, offset, data_length, p_read_data);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_its_get(uid, offset, data_size, p_read_data, p_data_length);
case PAL_ITS_GET_INFO:
- uid = va_arg(valist, psa_its_uid_t);
- its_p_info = va_arg(valist, struct psa_its_info_t*);
+ uid = va_arg(valist, psa_storage_uid_t);
+ its_p_info = va_arg(valist, struct psa_storage_info_t*);
return psa_its_get_info(uid, its_p_info);
case PAL_ITS_REMOVE:
- uid = va_arg(valist, psa_its_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
return psa_its_remove(uid);
default:
return PAL_STATUS_UNSUPPORTED_FUNC;
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.c
index a4241533..0dd07c57 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.c
@@ -26,45 +26,47 @@
**/
uint32_t pal_ps_function(int type, va_list valist)
{
- psa_ps_uid_t uid;
- uint32_t data_length, size, offset;
- const void *p_write_data;
- void *p_read_data;
- psa_ps_create_flags_t ps_create_flags;
- struct psa_ps_info_t *ps_p_info;
+ psa_storage_uid_t uid;
+ uint32_t data_size, size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t ps_create_flags;
+ struct psa_storage_info_t *ps_p_info;
switch (type)
{
case PAL_PS_SET:
- uid = va_arg(valist, psa_ps_uid_t);
- data_length = va_arg(valist, uint32_t);
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
p_write_data = va_arg(valist, const void*);
- ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
- return psa_ps_set(uid, data_length, p_write_data, ps_create_flags);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_ps_set(uid, data_size, p_write_data, ps_create_flags);
case PAL_PS_GET:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
offset = va_arg(valist, uint32_t);
- data_length = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
p_read_data = va_arg(valist, void*);
- return psa_ps_get(uid, offset, data_length, p_read_data);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_ps_get(uid, offset, data_size, p_read_data, p_data_length);
case PAL_PS_GET_INFO:
- uid = va_arg(valist, psa_ps_uid_t);
- ps_p_info = va_arg(valist, struct psa_ps_info_t*);
+ uid = va_arg(valist, psa_storage_uid_t);
+ ps_p_info = va_arg(valist, struct psa_storage_info_t*);
return psa_ps_get_info(uid, ps_p_info);
case PAL_PS_REMOVE:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
return psa_ps_remove(uid);
case PAL_PS_CREATE:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
size = va_arg(valist, uint32_t);
- ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
return psa_ps_create(uid, size, ps_create_flags);
case PAL_PS_SET_EXTENDED:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
offset = va_arg(valist, uint32_t);
- data_length = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
p_write_data = va_arg(valist, const void*);
- return psa_ps_set_extended(uid, offset, data_length, p_write_data);
+ return psa_ps_set_extended(uid, offset, data_size, p_write_data);
case PAL_PS_GET_SUPPORT:
return psa_ps_get_support();
default:
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cfg b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cfg
index 23d5d1fe..97ac9c65 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cfg
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cfg
@@ -52,5 +52,3 @@ dut.0.ns_start_addr_of_combine_test_binary = 0x28120000;
// Is combine_test_binary available in RAM?
dut.0.combine_test_binary_in_ram = AVAILABLE;
-
-dut.0.implemented_psa_firmware_isolation_level = LEVEL1;
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cmake b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cmake
new file mode 100644
index 00000000..5388ca1a
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cmake
@@ -0,0 +1,109 @@
+#/** @file
+# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+# PAL C source files part of NSPE library
+list(APPEND PAL_SRC_C_NSPE )
+
+# PAL ASM source files part of NSPE library
+list(APPEND PAL_SRC_ASM_NSPE )
+
+# PAL C source files part of SPE library - driver partition
+list(APPEND PAL_SRC_C_DRIVER_SP )
+
+# PAL ASM source files part of SPE library - driver partition
+list(APPEND PAL_SRC_ASM_DRIVER_SP )
+
+
+# Listing all the sources required for given target
+if(${SUITE} STREQUAL "IPC")
+ list(APPEND PAL_SRC_C_NSPE
+ # driver functionalities are implemented as RoT-services
+ # and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ipc_intf.c
+ )
+ list(APPEND PAL_SRC_C_DRIVER_SP
+ # Driver files will be compiled as part of driver partition
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/spe/pal_driver_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/pl011/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+else()
+ list(APPEND PAL_SRC_C_NSPE
+ # driver files will be compiled as part of NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_empty_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ns_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/pl011/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+endif()
+if(${SUITE} STREQUAL "CRYPTO")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto/pal_crypto_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "PROTECTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage/pal_protected_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c
+ )
+endif()
+
+# Create NSPE library
+add_library(${PSA_TARGET_PAL_NSPE_LIB} STATIC ${PAL_SRC_C_NSPE} ${PAL_SRC_ASM_NSPE})
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE ${psa_inc_path})
+endforeach()
+
+list(APPEND PAL_DRIVER_INCLUDE_PATHS
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem
+ ${PSA_ROOT_DIR}/platform/drivers/uart/pl011
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk
+)
+
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PAL_DRIVER_INCLUDE_PATHS}
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation
+)
+
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PSA_QCBOR_INCLUDE_PATH}
+)
+endif()
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/Makefile b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/Makefile
deleted file mode 100644
index aa7e10b7..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/Makefile
+++ /dev/null
@@ -1,160 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-include $(SOURCE)/tools/makefiles/toolchain.mk
-
-# Make variables to select correct instances of PAL files
-
-## PSA_IPC_IMPLEMENTED must be true for IPC SUITE
-PSA_IPC_IMPLEMENTED:=0
-
-## PSA_CRYPTO_IMPLEMENTED must be true for CRYPTO SUITE
-PSA_CRYPTO_IMPLEMENTED:=1
-
-## PSA_PROTECTED_STORAGE_IMPLEMENTED must be true for PROTECTED_STORAGE SUITE
-PSA_PROTECTED_STORAGE_IMPLEMENTED:=1
-
-## PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED must be true for INTERNAL_TRUSTED_STORAGE SUITE
-PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED:=0
-
-## PSA_INITIAL_ATTESTATION_IMPLEMENTED must be true for INITIAL_ATTESTATION SUITE
-PSA_INITIAL_ATTESTATION_IMPLEMENTED:=1
-
-# Make variables holding NSPE/SPE source files
-
-## PAL C source files part of NSPE library
-SRC_C_NSPE=
-
-## PAL ASM source files part of NSPE library
-SRC_ASM_NSPE=
-
-## PAL C source files part of SPE library - driver partition
-SRC_C_DRIVER_SP=
-
-## PAL ASM source files part of SPE library - driver partition
-SRC_ASM_DRIVER_SP=
-
-ifeq (${PSA_IPC_IMPLEMENTED},1)
-# When PSA_IPC_IMPLEMENTED=1, driver functionalities are implemented as RoT-services
-# and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
-SRC_C_NSPE += pal_client_api_intf.c
-SRC_C_NSPE += pal_driver_ipc_intf.c
-
-# Driver files will be compiled as part of driver partition
-SRC_C_DRIVER_SP += pal_driver_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
-else
-
-# When PSA_IPC_IMPLEMENTED=0, driver files will be compiled as part of NSPE
-SRC_C_NSPE += pal_client_api_empty_intf.c
-SRC_C_NSPE += pal_driver_ns_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
-endif
-
-ifeq (${PSA_CRYPTO_IMPLEMENTED},1)
-SRC_C_NSPE += pal_crypto_intf.c
-else
-SRC_C_NSPE += pal_crypto_empty_intf.c
-endif
-
-ifeq (${PSA_PROTECTED_STORAGE_IMPLEMENTED},1)
-SRC_C_NSPE += pal_protected_storage_intf.c
-else
-SRC_C_NSPE += pal_protected_storage_empty_intf.c
-endif
-
-ifeq (${PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED},1)
-SRC_C_NSPE += pal_internal_trusted_storage_intf.c
-else
-SRC_C_NSPE += pal_internal_trusted_storage_empty_intf.c
-endif
-
-ifeq (${PSA_INITIAL_ATTESTATION_IMPLEMENTED},1)
-SRC_C_NSPE += pal_attestation_intf.c
-SRC_C_NSPE += pal_attestation_eat.c
-SRC_C_NSPE += pal_attestation_crypto.c
-else
-SRC_C_NSPE += pal_attestation_empty_intf.c
-endif
-
-INCLUDE= -I$(SOURCE)/platform/targets/$(TARGET)/nspe \
- -I$(SOURCE)/platform/targets/$(TARGET)/spe \
- -I$(BUILD)/platform/$(TARGET)/ \
- -I$(SOURCE)/platform/drivers/uart/pl011 \
- -I$(SOURCE)/platform/drivers/nvmem/ \
- -I$(SOURCE)/platform/drivers/watchdog/cmsdk \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/common \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/crypto \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation/ext/inc \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/internal_trusted_storage \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/protected_storage \
-
-VPATH=$(SOURCE)/platform/targets/$(TARGET)/: \
- $(SOURCE)/platform/targets/$(TARGET)/spe: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe: \
- $(SOURCE)/platform/drivers/uart/pl011: \
- $(SOURCE)/platform/drivers/nvmem: \
- $(SOURCE)/platform/drivers/watchdog/cmsdk: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/common: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/crypto: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation/ext/src: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/internal_trusted_storage: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/protected_storage: \
-
-all: build
-
-ifeq (${PSA_IPC_IMPLEMENTED},1)
-build: mkdir build_nspe_pal build_spe_pal
-else
-build: mkdir build_nspe_pal
-endif
-
-mkdir:
- @mkdir -p $(BUILD)/platform/nspe/
- @mkdir -p $(BUILD)/platform/spe/
-
-# BUILD NSPE PAL
-build_nspe_pal: build_c_nspe build_asm_nspe pal_nspe.a
-
-build_c_nspe: $(SRC_C_NSPE:%.c=$(BUILD)/platform/nspe/%.o)
-build_asm_nspe: $(SRC_ASM_NSPE:%.s=$(BUILD)/platform/nspe/%.o)
-
-$(BUILD)/platform/nspe/%.o : %.c
- $(CC) $(PAL_CDEFS) $(INCLUDE) -o $@ -c $<
-
-$(BUILD)/platform/nspe/%.o : %.s
- $(AS) $(INCLUDE) -o $@ $<
-
-pal_nspe.a:
- $(AR) $(AR_OPTIONS) $(BUILD)/platform/pal_nspe.a $(BUILD)/platform/nspe/*.o
-
-# BUILD SPE PAL
-build_spe_pal: build_driver_sp
-
-build_driver_sp: build_c_driver_sp build_asm_driver_sp
-
-build_c_driver_sp: $(SRC_C_DRIVER_SP:%.c=$(BUILD)/platform/spe/%_driver_sp.o)
-build_asm_driver_sp: $(SRC_ASM_DRIVER_SP:%.s=$(BUILD)/platform/spe/%_driver_sp.o)
-
-# Generated %_driver_sp.o(s) are used in spbuild.mk to create final driver_partition.a
-$(BUILD)/platform/spe/%_driver_sp.o : %.c
- $(CC) $(INCLUDE) -DSPE_BUILD -o $@ -c $<
-
-$(BUILD)/platform/spe/%_driver_sp.o : %.s
- $(AS) $(INCLUDE) -o $@ $<
-
-clean:
- @rm -rf $(BUILD)/platform/nspe/* $(BUILD)/platform/spe/*.a
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/common/driver_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/common/driver_partition_psa.json
deleted file mode 100644
index 7010c9b5..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/common/driver_partition_psa.json
+++ /dev/null
@@ -1,75 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "DRIVER_PARTITION",
- "type": "PSA-ROT",
- "priority": "NORMAL",
- "description": "Implements device services such print, flash read/write,. etc.",
- "entry_point": "driver_main",
- "stack_size": "0x400",
- "services": [{
- "name": "DRIVER_UART_SID",
- "sid": "0x0000FC01",
- "signal": "DRIVER_UART_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_WATCHDOG_SID",
- "sid": "0x0000FC02",
- "signal": "DRIVER_WATCHDOG_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_NVMEM_SID",
- "sid": "0x0000FC03",
- "signal": "DRIVER_NVMEM_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_TEST_SID",
- "sid": "0x0000FC04",
- "signal": "DRIVER_TEST_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "mmio_regions" : [
- {
- "name": "UART_REGION",
- "base": "0x40004000",
- "size": "0x1000",
- "permission": "READ-WRITE"
- },
- {
- "name": "WATCHDOG_REGION",
- "base": "0x40008000",
- "size": "0x1000",
- "permission": "READ-WRITE"
- },
- {
- "name": "NVMEM_REGION",
- "base": "0x2002F000",
- "size": "0x400",
- "permission": "READ-WRITE"
- },
- {
- "name": "DRIVER_PARTITION_MMIO",
- "base": "0x200AF040",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ],
- "irqs": [
- {
- "description": "Using UART TX interrupt to test psa_wait and psa_eoi for irq_signal",
- "signal": "DRIVER_UART_INTR_SIG",
- "line_num": 46
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/ipc/client_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/ipc/client_partition_psa.json
deleted file mode 100644
index b93377bd..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/ipc/client_partition_psa.json
+++ /dev/null
@@ -1,37 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "CLIENT_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Client partition executing client test func from SPE",
- "entry_point": "client_main",
- "stack_size": "0x400",
- "services": [{
- "name": "CLIENT_TEST_DISPATCHER_SID",
- "sid": "0x0000FA01",
- "signal": "CLIENT_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID",
- "DRIVER_TEST_SID",
- "SERVER_TEST_DISPATCHER_SID",
- "SERVER_UNSPECIFED_MINOR_V_SID",
- "SERVER_STRICT_MINOR_VERSION_SID",
- "SERVER_RELAX_MINOR_VERSION_SID",
- "SERVER_SECURE_CONNECT_ONLY_SID",
- "SERVER_CONNECTION_DROP_SID"
- ],
- "mmio_regions" : [
- {
- "name": "CLIENT_PARTITION_MMIO",
- "base": "0x200AF000",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/ipc/server_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/ipc/server_partition_psa.json
deleted file mode 100644
index 146b8fbc..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/manifests/ipc/server_partition_psa.json
+++ /dev/null
@@ -1,69 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "SERVER_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Server partition executing server test func",
- "entry_point": "server_main",
- "stack_size": "0x400",
- "heap_size": "0x100",
- "services": [{
- "name": "SERVER_TEST_DISPATCHER_SID",
- "sid": "0x0000FB01",
- "signal": "SERVER_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_SECURE_CONNECT_ONLY_SID",
- "sid": "0x0000FB02",
- "signal": "SERVER_SECURE_CONNECT_ONLY_SIG",
- "non_secure_clients": false,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_STRICT_MINOR_VERSION_SID",
- "sid": "0x0000FB03",
- "signal": "SERVER_STRICT_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "STRICT"
- },
- {
- "name": "SERVER_UNSPECIFED_MINOR_V_SID",
- "sid": "0x0000FB04",
- "signal": "SERVER_UNSPECIFED_MINOR_V_SIG",
- "non_secure_clients": true
- },
- {
- "name": "SERVER_RELAX_MINOR_VERSION_SID",
- "sid": "0x0000FB05",
- "signal": "SERVER_RELAX_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_UNEXTERN_SID",
- "sid": "0x0000FB06",
- "signal": "SERVER_UNEXTERN_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_CONNECTION_DROP_SID",
- "sid": "0x0000FB07",
- "signal": "SERVER_CONNECTION_DROP_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID"
- ]
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_empty_intf.c
index 578b4cef..0030ef04 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_empty_intf.c
@@ -31,10 +31,10 @@ uint32_t pal_ipc_framework_version(void)
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
*/
@@ -47,11 +47,11 @@ uint32_t pal_ipc_version(uint32_t sid)
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
return PSA_NULL_HANDLE;
}
@@ -62,6 +62,7 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -70,10 +71,11 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
return (PSA_SUCCESS - 1);
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.c
index 20ddd118..68af13d3 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.c
@@ -32,10 +32,10 @@ uint32_t pal_ipc_framework_version(void)
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - Version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
* Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
*/
@@ -49,14 +49,14 @@ uint32_t pal_ipc_version(uint32_t sid)
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
* Note - Return PSA_NULL_HANDLE if PSA IPC is not implemented.
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
- return (psa_connect(sid, minor_version));
+ return (psa_connect(sid, version));
}
/**
@@ -65,6 +65,7 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -74,12 +75,13 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
- return (psa_call(handle, in_vec, in_len, out_vec, out_len));
+ return (psa_call(handle, type, in_vec, in_len, out_vec, out_len));
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.h
index 3f5741e0..89b4da66 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_client_api_intf.h
@@ -22,11 +22,12 @@
uint32_t pal_ipc_framework_version(void);
uint32_t pal_ipc_version(uint32_t sid);
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version);
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len);
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
void pal_ipc_close(psa_handle_t handle);
#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_common.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_common.h
index 3ebe1e10..0a63b026 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_common.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_common.h
@@ -24,10 +24,8 @@
#include
#include
-#ifndef TARGET_CFG_BUILD
#include "pal_config.h"
#include "pal_crypto_config.h"
-#endif
/* typedef's */
typedef uint8_t bool_t;
@@ -87,7 +85,7 @@ typedef enum {
* Redefining some of the client.h elements for compilation to go through
* when PSA IPC APIs are not implemented.
*/
-#if (PSA_IPC_IMPLEMENTED == 0)
+#ifndef IPC
#ifndef PSA_VERSION_NONE
#define PSA_VERSION_NONE (0)
@@ -113,6 +111,6 @@ typedef struct psa_outvec {
size_t len;
} psa_outvec;
-#endif /* PSA_IPC_IMPLEMENTED */
+#endif /* IPC */
#endif /* _PAL_COMMON_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_config.h
index e3f70ad7..b8ddc57d 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,66 +18,44 @@
#ifndef _PAL_CONFIG_H_
#define _PAL_CONFIG_H_
-/*
- * List of macros used by test suite
- */
-#if !defined(PSA_IPC_IMPLEMENTED)
-#define PSA_IPC_IMPLEMENTED 0
-#endif
-
-#if !defined(PSA_CRYPTO_IMPLEMENTED)
-#define PSA_CRYPTO_IMPLEMENTED 0
-#endif
+/* Define PSA test suite dependent macros for non-cmake build */
+#if !defined(PSA_CMAKE_BUILD)
-#if !defined(PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED)
-#define PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED 0
-#endif
+/* Print verbosity = TEST */
+#define VERBOSE 3
-#if !defined(PSA_PROTECTED_STORAGE_IMPLEMENTED)
-#define PSA_PROTECTED_STORAGE_IMPLEMENTED 0
-#endif
+/* NSPE or SPE VAL build? */
+#define VAL_NSPE_BUILD
-#if !defined(PSA_INITIAL_ATTESTATION_IMPLEMENTED)
-#define PSA_INITIAL_ATTESTATION_IMPLEMENTED 0
-#endif
+/* NSPE or SPE TEST build? */
+#define NONSECURE_TEST_BUILD
-#if (PSA_IPC_IMPLEMENTED == 0) && \
- (PSA_CRYPTO_IMPLEMENTED == 0) && \
- (PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED == 0) && \
- (PSA_PROTECTED_STORAGE_IMPLEMENTED == 0) && \
- (PSA_INITIAL_ATTESTATION_IMPLEMENTED == 0)
-#error "You must define at least one of these macros to run test suite"
-#endif
+/* Combine test archive or binary? */
+#define TEST_COMBINE_ARCHIVE
-#if !defined(VERBOSE)
-#define VERBOSE 3 /* Print verbosity = TEST */
-#endif
+/* If not defined, skip watchdog programming */
+#define WATCHDOG_AVAILABLE
-#if (!defined(VAL_NSPE_BUILD) && !defined(SPE_BUILD))
-#define VAL_NSPE_BUILD 1
-#endif
+/* Are Dynamic memory APIs available to secure partition? */
+#define SP_HEAP_MEM_SUPP
-#if (!defined(NONSECURE_TEST_BUILD) && !defined(SPE_BUILD))
-#define NONSECURE_TEST_BUILD 1
-#endif
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
+#endif /* PSA_CMAKE_BUILD */
-#if !defined(TEST_COMBINE_ARCHIVE)
-#define TEST_COMBINE_ARCHIVE 0 /* Combine test archive or binary? */
-#endif
+/* Version of crypto spec used in attestation */
+#define CRYPTO_VERSION_BETA3
-#if !defined(WATCHDOG_AVAILABLE)
-#define WATCHDOG_AVAILABLE 0 /* If zero, skip watchdog programming */
-#endif
+/* Use hardcoded public key */
+//#define PLATFORM_OVERRIDE_ATTEST_PK
-#if !defined(SP_HEAP_MEM_SUPP)
-#define SP_HEAP_MEM_SUPP 0 /* Are Dynamic funcs available to secure partition? */
-#endif
+/* Platform specific max UID's size */
+#define PLATFORM_MAX_UID_SIZE 512
/*
* Include of PSA defined Header files
*/
-
-#if PSA_IPC_IMPLEMENTED
+#ifdef IPC
/* psa/client.h: Contains the PSA Client API elements */
#include "psa/client.h"
@@ -96,22 +74,22 @@
#include "psa_manifest/pid.h"
#endif
-#if PSA_CRYPTO_IMPLEMENTED
+#ifdef CRYPTO
/* psa/crypto.h: Contains the PSA Crypto API elements */
#include "psa/crypto.h"
#endif
-#if PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED
+#ifdef INTERNAL_TRUSTED_STORAGE
/* psa/internal_trusted_storage.h: Contains the PSA ITS API elements */
#include "psa/internal_trusted_storage.h"
#endif
-#if PSA_PROTECTED_STORAGE_IMPLEMENTED
+#ifdef PROTECTED_STORAGE
/* psa/protected_storage.h: Contains the PSA PS API elements */
#include "psa/protected_storage.h"
#endif
-#if PSA_INITIAL_ATTESTATION_IMPLEMENTED
+#ifdef INITIAL_ATTESTATION
/* psa/initial_attestation.h: Contains the PSA Initial Attestation API elements */
#include "psa/initial_attestation.h"
#endif
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_driver_ipc_intf.c
index f8f773fb..139f04fc 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/common/pal_driver_ipc_intf.c
@@ -33,20 +33,20 @@ int pal_uart_init_ns(uint32_t uart_base_addr)
{&uart_base_addr, sizeof(uart_base_addr)},
{NULL, 0}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return(PAL_STATUS_ERROR);
- }
+ status_of_call = pal_ipc_call(print_handle, 0, data, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
- status_of_call = pal_ipc_call(print_handle, data, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_SUCCESS;
+ }
+ else
{
- return(PAL_STATUS_ERROR);
+ return PAL_STATUS_ERROR;
}
-
- pal_ipc_close(print_handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -62,7 +62,6 @@ int pal_print_ns(char *str, int32_t data)
char *p = str;
psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
- pal_status_t status = PAL_STATUS_SUCCESS;
uart_fn_type_t uart_fn = UART_PRINT;
while (*p != '\0')
@@ -74,22 +73,21 @@ int pal_print_ns(char *str, int32_t data)
psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)},
{str, string_len+1},
{&data, sizeof(data)}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(print_handle, 0, data1, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(print_handle, data1, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- status = PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(print_handle);
- return status;
}
/**
@@ -111,22 +109,20 @@ int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick
wd_param.wd_timer_tick_us = timer_tick_us;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -146,22 +142,20 @@ int pal_wd_timer_enable_ns(addr_t base_addr)
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -181,22 +175,20 @@ int pal_wd_timer_disable_ns(addr_t base_addr)
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -220,22 +212,20 @@ int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)}};
psa_outvec outvec[1] = {{buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, outvec, 1);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, outvec, 1);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- psa_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -258,22 +248,20 @@ int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
nvmem_param.size = size;
psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 2, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 2, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_config.h
index ab11fd16..6f3eca7c 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_config.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -231,7 +231,7 @@
//#define ARCH_TEST_MD4
//#define ARCH_TEST_MD5
//#define ARCH_TEST_RIPEMD160
-#define ARCH_TEST_SHA1
+//#define ARCH_TEST_SHA1
#define ARCH_TEST_SHA224
#define ARCH_TEST_SHA256
#define ARCH_TEST_SHA384
@@ -262,7 +262,7 @@
* Comment macros to disable the types
*/
#define ARCH_TEST_CMAC
-#define ARCH_TEST_GMAC
+//#define ARCH_TEST_GMAC
#define ARCH_TEST_HMAC
/**
@@ -318,6 +318,12 @@
*/
#define ARCH_TEST_DETERMINISTIC_ECDSA
+/**
+ * \def ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
+ *
+ * Enable ECC support for asymmetric API.
+*/
+//#define ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
#include "pal_crypto_config_check.h"
#endif /* _PAL_CRYPTO_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_config_check.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_config_check.h
index f18a7852..443e0bc2 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_config_check.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_config_check.h
@@ -94,13 +94,13 @@
#error "ARCH_TEST_CTR_AES defined, but not all prerequisites"
#endif
-#if (defined(ARCH_TEST_CBC_AES)|| defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\
+#if (defined(ARCH_TEST_CBC_AES) || defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\
(!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CBC))
#error "ARCH_TEST_CBC_AES defined, but not all prerequisites"
#endif
#if (defined(ARCH_TEST_CBC_NO_PADDING)) &&\
- (!defined(ARCH_TEST_CIPER) ||!defined(ARCH_TEST_CIPER_MODE_CBC))
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_CIPER_MODE_CBC))
#error "ARCH_TEST_CBC_NO_PADDING defined, but not all prerequisites"
#endif
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c
index 3df6aa8d..7bad480c 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,96 +28,127 @@
**/
int32_t pal_crypto_function(int type, va_list valist)
{
- int i;
- size_t size, *length, salt_length, label_length, ciphertext_size;
- uint8_t *buffer, *ciphertext;
- const uint8_t *salt, *label, *nonce, *additional_data;
- uint8_t *plaintext;
- uint32_t status;
- const void *extra;
- size_t extra_size, capacity, *gen_cap, nonce_length, additional_data_length;
- psa_key_handle_t handle, *key_handle, target_handle;
- psa_key_type_t key_type, *key_type_out;
- psa_key_policy_t *policy;
- psa_key_usage_t usage, *usage_out;
- psa_key_lifetime_t *lifetime_out;
- psa_algorithm_t alg, *alg_out;
- psa_hash_operation_t *hash_operation;
- psa_mac_operation_t *mac_operation;
- psa_cipher_operation_t *cipher_operation;
- psa_crypto_generator_t *generator;
+ int i;
+ psa_status_t status;
+ uint8_t *buffer, *ciphertext, *plaintext;
+ const uint8_t *nonce, *additional_data, *salt, *peer;
+ size_t *length, size, ciphertext_size, nonce_length;
+ size_t salt_length, peer_length, additional_data_length;
+#ifdef NOT_SUPPORTED
+ size_t *tag_length, plaintext_size;
+ psa_aead_operation_t *aead_operation;
+#endif
+ psa_key_attributes_t *attributes;
+ psa_key_handle_t *handle, key_handle;
+ psa_key_type_t *key_type_out, key_type;
+ psa_key_usage_t *usage_out, usage;
+ psa_key_id_t *key_id_out, key_id;
+ psa_key_lifetime_t *key_lifetime_out, key_lifetime;
+ psa_algorithm_t *key_alg_out, key_alg, alg;
+ psa_hash_operation_t *hash_operation, *target_operation;
+ psa_mac_operation_t *mac_operation;
+ psa_cipher_operation_t *cipher_operation;
+ psa_key_derivation_operation_t *derive_operation;
+ psa_key_derivation_step_t step;
switch (type)
{
case PAL_CRYPTO_INIT:
return psa_crypto_init();
case PAL_CRYPTO_GENERATE_RANDOM:
- buffer = va_arg(valist, uint8_t*);
+ buffer = va_arg(valist, uint8_t *);
size = va_arg(valist, int);
return psa_generate_random(buffer, size);
case PAL_CRYPTO_IMPORT_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type = va_arg(valist, psa_key_type_t);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, int);
- status = psa_import_key(handle, key_type, buffer, size);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ status = psa_import_key(attributes, buffer, size, handle);
return status;
+ case PAL_CRYPTO_SET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type = va_arg(valist, psa_key_type_t);
+ psa_set_key_type(attributes, key_type);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ size = va_arg(valist, size_t);
+ psa_set_key_bits(attributes, size);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ATTRIBUTES:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ return psa_get_key_attributes(key_handle, attributes);
+ case PAL_CRYPTO_GET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type_out = va_arg(valist, psa_key_type_t *);
+ *key_type_out = psa_get_key_type(attributes);
+ return 0;
case PAL_CRYPTO_EXPORT_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- buffer = (uint8_t *)(va_arg(valist, uint8_t*));
- size = va_arg(valist, int);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_export_key(handle, buffer, size, length);
- return status;
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage = va_arg(valist, psa_key_usage_t);
+ psa_set_key_usage_flags(attributes, usage);
+ return 0;
+ case PAL_CRYPTO_RESET_KEY_ATTRIBUTES:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ psa_reset_key_attributes(attributes);
+ return 0;
case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- buffer = (uint8_t *)(va_arg(valist, uint8_t*));
- size = va_arg(valist, int);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_export_public_key(handle, buffer, size, length);
- return status;
- case PAL_CRYPTO_KEY_POLICY_INIT:
- policy = va_arg(valist, psa_key_policy_t*);
- memset(policy, 0, sizeof(psa_key_policy_t));
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_public_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id = va_arg(valist, psa_key_id_t);
+ psa_set_key_id(attributes, key_id);
return 0;
- case PAL_CRYPTO_KEY_POLICY_SET_USAGE:
- policy = va_arg(valist, psa_key_policy_t*);
- usage = va_arg(valist, psa_key_usage_t);
- alg = va_arg(valist, psa_algorithm_t);
- psa_key_policy_set_usage(policy, usage, alg);
+ case PAL_CRYPTO_SET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime = va_arg(valist, psa_key_lifetime_t);
+ psa_set_key_lifetime(attributes, key_lifetime);
return 0;
- case PAL_CRYPTO_SET_KEY_POLICY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_set_key_policy(handle, policy);
- case PAL_CRYPTO_DESTROY_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- status = psa_destroy_key(handle);
- return status;
- case PAL_CRYPTO_GET_KEY_INFORMATION:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type_out = va_arg(valist, psa_key_type_t*);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_get_key_information(handle, key_type_out, length);
- return status;
- case PAL_CRYPTO_GET_KEY_POLICY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_get_key_policy(handle, policy);
- case PAL_CRYPTO_KEY_POLICY_GET_USAGE:
- policy = va_arg(valist, psa_key_policy_t*);
- usage_out = va_arg(valist, psa_key_usage_t*);
- *usage_out = psa_key_policy_get_usage(policy);
+ case PAL_CRYPTO_SET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg = va_arg(valist, psa_algorithm_t);
+ psa_set_key_algorithm(attributes, key_alg);
return 0;
- case PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM:
- policy = va_arg(valist, psa_key_policy_t*);
- alg_out = va_arg(valist, psa_algorithm_t*);
- *alg_out = psa_key_policy_get_algorithm(policy);
+ case PAL_CRYPTO_GET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id_out = va_arg(valist, psa_key_id_t *);
+ *key_id_out = psa_get_key_id(attributes);
return 0;
case PAL_CRYPTO_GET_KEY_LIFETIME:
- handle = (psa_key_handle_t)va_arg(valist, int);
- lifetime_out = va_arg(valist, psa_key_lifetime_t*);
- return psa_get_key_lifetime(handle, lifetime_out);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime_out = va_arg(valist, psa_key_lifetime_t *);
+ *key_lifetime_out = psa_get_key_lifetime(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage_out = va_arg(valist, psa_key_usage_t *);
+ *usage_out = psa_get_key_usage_flags(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg_out = va_arg(valist, psa_algorithm_t *);
+ *key_alg_out = psa_get_key_algorithm(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ length = va_arg(valist, size_t *);
+ *length = psa_get_key_bits(attributes);
+ return 0;
+ case PAL_CRYPTO_DESTROY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_destroy_key(key_handle);
case PAL_CRYPTO_HASH_SETUP:
hash_operation = va_arg(valist, psa_hash_operation_t*);
alg = va_arg(valist, psa_algorithm_t);
@@ -141,44 +172,33 @@ int32_t pal_crypto_function(int type, va_list valist)
case PAL_CRYPTO_HASH_ABORT:
hash_operation = va_arg(valist, psa_hash_operation_t*);
return psa_hash_abort(hash_operation);
- case PAL_CRYPTO_GENERATE_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type = va_arg(valist, psa_key_type_t);
- size = va_arg(valist, size_t);
- extra = va_arg(valist, const void*);
- extra_size = va_arg(valist, size_t);
- return psa_generate_key(handle, key_type, size, extra, extra_size);
- case PAL_CRYPTO_GENERATOR_READ:
- generator = va_arg(valist, psa_crypto_generator_t*);
+#ifdef NOT_SUPPORTED
+ case PAL_CRYPTO_HASH_COMPUTE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, int);
- return psa_generator_read(generator, buffer, size);
- case PAL_CRYPTO_KEY_DERIVATION:
- generator = va_arg(valist, psa_crypto_generator_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_compute(alg, plaintext, plaintext_size, buffer, size, length);
+ case PAL_CRYPTO_HASH_COMPARE:
alg = va_arg(valist, psa_algorithm_t);
- salt = va_arg(valist, const uint8_t *);
- salt_length = va_arg(valist, size_t);
- label = va_arg(valist, const uint8_t *);
- label_length = va_arg(valist, size_t);
- capacity = va_arg(valist, size_t);
- return psa_key_derivation(generator, handle, alg, salt, salt_length, label,
- label_length, capacity);
- case PAL_CRYPTO_GET_GENERATOR_CAPACITY:
- generator = va_arg(valist, psa_crypto_generator_t*);
- gen_cap = va_arg(valist, size_t*);
- return psa_get_generator_capacity(generator, gen_cap);
- case PAL_CRYPTO_GENERATOR_IMPORT_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type = va_arg(valist, psa_key_type_t);
- size = va_arg(valist, size_t);
- generator = va_arg(valist, psa_crypto_generator_t*);
- return psa_generator_import_key(handle, key_type, size, generator);
- case PAL_CRYPTO_GENERATOR_ABORT:
- generator = va_arg(valist, psa_crypto_generator_t*);
- return psa_generator_abort(generator);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size);
+#endif
+ case PAL_CRYPTO_HASH_CLONE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ target_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_clone(hash_operation, target_operation);
+ case PAL_CRYPTO_GENERATE_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_generate_key(attributes, handle);
case PAL_CRYPTO_AEAD_ENCRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
nonce = va_arg(valist, const uint8_t *);
nonce_length = va_arg(valist, size_t);
@@ -189,10 +209,10 @@ int32_t pal_crypto_function(int type, va_list valist)
ciphertext = va_arg(valist, uint8_t *);
ciphertext_size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
- return psa_aead_encrypt(handle, alg, nonce, nonce_length, additional_data,
- additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
+ return psa_aead_encrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
case PAL_CRYPTO_AEAD_DECRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
nonce = va_arg(valist, const uint8_t *);
nonce_length = va_arg(valist, size_t);
@@ -203,13 +223,76 @@ int32_t pal_crypto_function(int type, va_list valist)
plaintext = va_arg(valist, uint8_t *);
size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
- return psa_aead_decrypt(handle, alg, nonce, nonce_length, additional_data,
- additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+ return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_AEAD_ENCRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_encrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_DECRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_decrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_GENERATE_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_generate_nonce(aead_operation, buffer, size, length);
+ case PAL_CRYPTO_AEAD_SET_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_set_nonce(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_SET_LENGTHS:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ size = va_arg(valist, size_t);
+ plaintext_size = va_arg(valist, size_t);
+ return psa_aead_set_lengths(aead_operation, size, plaintext_size);
+ case PAL_CRYPTO_AEAD_UPDATE_AD:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_update_ad(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_UPDATE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_update(aead_operation, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_FINISH:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ tag_length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_finish(aead_operation, ciphertext, ciphertext_size, length, buffer,
+ size, tag_length);
+ case PAL_CRYPTO_AEAD_VERIFY:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_verify(aead_operation, plaintext, plaintext_size, length, buffer, size);
+ case PAL_CRYPTO_AEAD_ABORT:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ return psa_aead_abort(aead_operation);
+#endif
case PAL_CRYPTO_MAC_SIGN_SETUP:
mac_operation = va_arg(valist, psa_mac_operation_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
- return psa_mac_sign_setup(mac_operation, handle, alg);
+ return psa_mac_sign_setup(mac_operation, key_handle, alg);
case PAL_CRYPTO_MAC_UPDATE:
mac_operation = va_arg(valist, psa_mac_operation_t*);
buffer = va_arg(valist, uint8_t*);
@@ -223,9 +306,9 @@ int32_t pal_crypto_function(int type, va_list valist)
return psa_mac_sign_finish(mac_operation, buffer, size, length);
case PAL_CRYPTO_MAC_VERIFY_SETUP:
mac_operation = va_arg(valist, psa_mac_operation_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
- return psa_mac_verify_setup(mac_operation, handle, alg);
+ return psa_mac_verify_setup(mac_operation, key_handle, alg);
case PAL_CRYPTO_MAC_VERIFY_FINISH:
mac_operation = va_arg(valist, psa_mac_operation_t*);
buffer = va_arg(valist, uint8_t*);
@@ -234,8 +317,29 @@ int32_t pal_crypto_function(int type, va_list valist)
case PAL_CRYPTO_MAC_ABORT:
mac_operation = va_arg(valist, psa_mac_operation_t*);
return psa_mac_abort(mac_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_MAC_COMPUTE:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_mac_compute(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_MAC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size);
+#endif
case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
plaintext = va_arg(valist, uint8_t *);
size = va_arg(valist, size_t);
@@ -244,10 +348,10 @@ int32_t pal_crypto_function(int type, va_list valist)
ciphertext = va_arg(valist, uint8_t *);
ciphertext_size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
- return psa_asymmetric_encrypt(handle, alg, plaintext, size, salt, salt_length,
- ciphertext, ciphertext_size, length);
+ return psa_asymmetric_encrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
plaintext = va_arg(valist, uint8_t *);
size = va_arg(valist, size_t);
@@ -256,18 +360,18 @@ int32_t pal_crypto_function(int type, va_list valist)
ciphertext = va_arg(valist, uint8_t *);
ciphertext_size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
- return psa_asymmetric_decrypt(handle, alg, plaintext, size, salt, salt_length,
- ciphertext, ciphertext_size, length);
+ return psa_asymmetric_decrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
- return psa_cipher_encrypt_setup(cipher_operation, handle, alg);
+ return psa_cipher_encrypt_setup(cipher_operation, key_handle, alg);
case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
- return psa_cipher_decrypt_setup(cipher_operation, handle, alg);
+ return psa_cipher_decrypt_setup(cipher_operation, key_handle, alg);
case PAL_CRYPTO_CIPHER_GENERATE_IV:
cipher_operation = va_arg(valist, psa_cipher_operation_t *);
buffer = va_arg(valist, uint8_t*);
@@ -287,7 +391,7 @@ int32_t pal_crypto_function(int type, va_list valist)
ciphertext_size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
- length);
+ length);
case PAL_CRYPTO_CIPHER_FINISH:
cipher_operation = va_arg(valist, psa_cipher_operation_t *);
ciphertext = va_arg(valist, uint8_t *);
@@ -297,39 +401,112 @@ int32_t pal_crypto_function(int type, va_list valist)
case PAL_CRYPTO_CIPHER_ABORT:
cipher_operation = va_arg(valist, psa_cipher_operation_t *);
return psa_cipher_abort(cipher_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_CIPHER_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_encrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+#endif
case PAL_CRYPTO_ASYMMTERIC_SIGN:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
buffer = va_arg(valist, uint8_t*);
size = va_arg(valist, size_t);
ciphertext = va_arg(valist, uint8_t *);
ciphertext_size = va_arg(valist, size_t);
length = va_arg(valist, size_t*);
- return psa_asymmetric_sign(handle, alg, buffer, size, ciphertext, ciphertext_size,
- length);
+ return psa_asymmetric_sign(key_handle, alg, buffer, size, ciphertext, ciphertext_size,
+ length);
case PAL_CRYPTO_ASYMMTERIC_VERIFY:
- handle = (psa_key_handle_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
alg = va_arg(valist, psa_algorithm_t);
buffer = va_arg(valist, uint8_t*);
size = va_arg(valist, size_t);
ciphertext = va_arg(valist, uint8_t *);
ciphertext_size = va_arg(valist, size_t);
- return psa_asymmetric_verify(handle, alg, buffer, size, ciphertext, ciphertext_size);
- case PAL_CRYPTO_KEY_AGREEMENT:
- generator = va_arg(valist, psa_crypto_generator_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_asymmetric_verify(key_handle, alg, buffer, size, ciphertext,
+ ciphertext_size);
+ case PAL_CRYPTO_RAW_KEY_AGREEMENT:
+ alg = va_arg(valist, psa_algorithm_t);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
buffer = va_arg(valist, uint8_t*);
size = va_arg(valist, size_t);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_key_agreement(generator, handle, buffer, size, alg);
- case PAL_CRYPTO_ALLOCATE_KEY:
- key_handle = (psa_key_handle_t *)va_arg(valist, int*);
- return psa_allocate_key(key_handle);
+ length = va_arg(valist, size_t*);
+ return psa_raw_key_agreement(alg, key_handle, peer, peer_length, buffer, size, length);
case PAL_CRYPTO_COPY_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- target_handle = (psa_key_handle_t)va_arg(valist, int);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_copy_key(handle, target_handle, policy);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_copy_key(key_handle, attributes, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SETUP:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_key_derivation_setup(derive_operation, alg);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_input_bytes(derive_operation, step, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_key_derivation_input_key(derive_operation, step, key_handle);
+ case PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ return psa_key_derivation_key_agreement(derive_operation, step, key_handle, peer,
+ peer_length);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_output_bytes(derive_operation, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_key_derivation_output_key(attributes, derive_operation, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_set_capacity(derive_operation, size);
+ case PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ length = va_arg(valist, size_t *);
+ return psa_key_derivation_get_capacity(derive_operation, length);
+ case PAL_CRYPTO_KEY_DERIVATION_ABORT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ return psa_key_derivation_abort(derive_operation);
+ case PAL_CRYPTO_OPEN_KEY:
+ key_id = va_arg(valist, psa_key_id_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_open_key(key_id, handle);
+ case PAL_CRYPTO_CLOSE_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_close_key(key_handle);
case PAL_CRYPTO_FREE:
for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
psa_destroy_key(i);
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.h
index d1dabfa4..671dfa0b 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/crypto/pal_crypto_intf.h
@@ -15,62 +15,89 @@
* limitations under the License.
**/
-#ifndef _PAL_CRYPTO_H_
-#define _PAL_CRYPTO_H_
+#ifndef _PAL_CRYPTO_INTF_H_
+#define _PAL_CRYPTO_INTF_H_
#include "pal_common.h"
enum crypto_function_code {
- PAL_CRYPTO_INIT = 0x1,
- PAL_CRYPTO_GENERATE_RANDOM = 0x2,
- PAL_CRYPTO_IMPORT_KEY = 0x3,
- PAL_CRYPTO_EXPORT_KEY = 0x4,
- PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
- PAL_CRYPTO_DESTROY_KEY = 0x6,
- PAL_CRYPTO_GET_KEY_INFO = 0x7,
- PAL_CRYPTO_KEY_POLICY_INIT = 0x8,
- PAL_CRYPTO_KEY_POLICY_SET_USAGE = 0x9,
- PAL_CRYPTO_KEY_POLICY_GET_USAGE = 0xA,
- PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM = 0xB,
- PAL_CRYPTO_SET_KEY_POLICY = 0xC,
- PAL_CRYPTO_GET_KEY_POLICY = 0xD,
- PAL_CRYPTO_GET_KEY_INFORMATION = 0xE,
- PAL_CRYPTO_GET_KEY_LIFETIME = 0xF,
- PAL_CRYPTO_HASH_SETUP = 0x11,
- PAL_CRYPTO_HASH_UPDATE = 0x12,
- PAL_CRYPTO_HASH_VERIFY = 0x13,
- PAL_CRYPTO_HASH_FINISH = 0x14,
- PAL_CRYPTO_HASH_ABORT = 0x15,
- PAL_CRYPTO_GENERATE_KEY = 0x16,
- PAL_CRYPTO_GENERATOR_READ = 0x17,
- PAL_CRYPTO_KEY_DERIVATION = 0x18,
- PAL_CRYPTO_GET_GENERATOR_CAPACITY = 0x19,
- PAL_CRYPTO_GENERATOR_IMPORT_KEY = 0x1A,
- PAL_CRYPTO_GENERATOR_ABORT = 0x1B,
- PAL_CRYPTO_AEAD_ENCRYPT = 0x1C,
- PAL_CRYPTO_AEAD_DECRYPT = 0x1D,
- PAL_CRYPTO_MAC_SIGN_SETUP = 0x1E,
- PAL_CRYPTO_MAC_UPDATE = 0x1F,
- PAL_CRYPTO_MAC_SIGN_FINISH = 0x20,
- PAL_CRYPTO_MAC_VERIFY_SETUP = 0x21,
- PAL_CRYPTO_MAC_VERIFY_FINISH = 0x22,
- PAL_CRYPTO_MAC_ABORT = 0x23,
- PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x24,
- PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x25,
- PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x26,
- PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x2A,
- PAL_CRYPTO_CIPHER_GENERATE_IV = 0x2B,
- PAL_CRYPTO_CIPHER_SET_IV = 0x2C,
- PAL_CRYPTO_CIPHER_UPDATE = 0x2D,
- PAL_CRYPTO_CIPHER_FINISH = 0x2E,
- PAL_CRYPTO_CIPHER_ABORT = 0x2F,
- PAL_CRYPTO_ASYMMTERIC_SIGN = 0x30,
- PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x31,
- PAL_CRYPTO_KEY_AGREEMENT = 0x32,
- PAL_CRYPTO_ALLOCATE_KEY = 0x33,
- PAL_CRYPTO_COPY_KEY = 0x34,
- PAL_CRYPTO_FREE = 0xFE,
+ PAL_CRYPTO_INIT = 0x1,
+ PAL_CRYPTO_GENERATE_RANDOM = 0x2,
+ PAL_CRYPTO_IMPORT_KEY = 0x3,
+ PAL_CRYPTO_EXPORT_KEY = 0x4,
+ PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
+ PAL_CRYPTO_DESTROY_KEY = 0x6,
+ PAL_CRYPTO_HASH_SETUP = 0x7,
+ PAL_CRYPTO_HASH_UPDATE = 0x8,
+ PAL_CRYPTO_HASH_VERIFY = 0x9,
+ PAL_CRYPTO_HASH_FINISH = 0xA,
+ PAL_CRYPTO_HASH_ABORT = 0xB,
+ PAL_CRYPTO_GENERATE_KEY = 0xC,
+ PAL_CRYPTO_AEAD_ENCRYPT = 0xD,
+ PAL_CRYPTO_AEAD_DECRYPT = 0xE,
+ PAL_CRYPTO_MAC_SIGN_SETUP = 0xF,
+ PAL_CRYPTO_MAC_UPDATE = 0x10,
+ PAL_CRYPTO_MAC_SIGN_FINISH = 0x11,
+ PAL_CRYPTO_MAC_VERIFY_SETUP = 0x12,
+ PAL_CRYPTO_MAC_VERIFY_FINISH = 0x13,
+ PAL_CRYPTO_MAC_ABORT = 0x14,
+ PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x15,
+ PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x16,
+ PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x17,
+ PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x18,
+ PAL_CRYPTO_CIPHER_GENERATE_IV = 0x19,
+ PAL_CRYPTO_CIPHER_SET_IV = 0x1A,
+ PAL_CRYPTO_CIPHER_UPDATE = 0x1B,
+ PAL_CRYPTO_CIPHER_FINISH = 0x1C,
+ PAL_CRYPTO_CIPHER_ABORT = 0x1D,
+ PAL_CRYPTO_ASYMMTERIC_SIGN = 0x1E,
+ PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x1F,
+ PAL_CRYPTO_COPY_KEY = 0x20,
+ PAL_CRYPTO_SET_KEY_TYPE = 0x21,
+ PAL_CRYPTO_SET_KEY_BITS = 0x22,
+ PAL_CRYPTO_GET_KEY_ATTRIBUTES = 0x23,
+ PAL_CRYPTO_GET_KEY_TYPE = 0x24,
+ PAL_CRYPTO_SET_KEY_USAGE_FLAGS = 0x25,
+ PAL_CRYPTO_RESET_KEY_ATTRIBUTES = 0x26,
+ PAL_CRYPTO_SET_KEY_ID = 0x27,
+ PAL_CRYPTO_SET_KEY_LIFETIME = 0x28,
+ PAL_CRYPTO_SET_KEY_ALGORITHM = 0x29,
+ PAL_CRYPTO_GET_KEY_ID = 0x2A,
+ PAL_CRYPTO_GET_KEY_LIFETIME = 0x2B,
+ PAL_CRYPTO_GET_KEY_USAGE_FLAGS = 0x2C,
+ PAL_CRYPTO_GET_KEY_ALGORITHM = 0x2D,
+ PAL_CRYPTO_GET_KEY_BITS = 0x2E,
+ PAL_CRYPTO_HASH_COMPUTE = 0x2F,
+ PAL_CRYPTO_HASH_COMPARE = 0x30,
+ PAL_CRYPTO_KEY_DERIVATION_SETUP = 0x31,
+ PAL_CRYPTO_KEY_DERIVATION_ABORT = 0x32,
+ PAL_CRYPTO_RAW_KEY_AGREEMENT = 0x33,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES = 0x34,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY = 0x35,
+ PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT = 0x36,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES = 0x37,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY = 0x38,
+ PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY = 0x39,
+ PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY = 0x3A,
+ PAL_CRYPTO_HASH_CLONE = 0x3B,
+ PAL_CRYPTO_MAC_COMPUTE = 0x3C,
+ PAL_CRYPTO_MAC_VERIFY = 0x3D,
+ PAL_CRYPTO_CIPHER_ENCRYPT = 0x3F,
+ PAL_CRYPTO_CIPHER_DECRYPT = 0x40,
+ PAL_CRYPTO_OPEN_KEY = 0x41,
+ PAL_CRYPTO_CLOSE_KEY = 0x42,
+ PAL_CRYPTO_AEAD_ENCRYPT_SETUP = 0x43,
+ PAL_CRYPTO_AEAD_DECRYPT_SETUP = 0x44,
+ PAL_CRYPTO_AEAD_GENERATE_NONCE = 0x45,
+ PAL_CRYPTO_AEAD_SET_NONCE = 0x46,
+ PAL_CRYPTO_AEAD_SET_LENGTHS = 0X47,
+ PAL_CRYPTO_AEAD_UPDATE_AD = 0x48,
+ PAL_CRYPTO_AEAD_UPDATE = 0x49,
+ PAL_CRYPTO_AEAD_FINISH = 0x4A,
+ PAL_CRYPTO_AEAD_VERIFY = 0x4B,
+ PAL_CRYPTO_AEAD_ABORT = 0x4C,
+ PAL_CRYPTO_FREE = 0xFE,
};
int32_t pal_crypto_function(int type, va_list valist);
-#endif /* _PAL_CRYPTO_H_ */
+#endif /* _PAL_CRYPTO_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.c
index ae2bdba4..91be54df 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,7 +17,8 @@
#include "pal_attestation_crypto.h"
-static uint32_t public_key_registered = 0;
+static uint32_t public_key_registered;
+static psa_key_handle_t public_key_handle;
static inline struct q_useful_buf_c useful_buf_head(struct q_useful_buf_c buf,
size_t amount)
@@ -25,33 +26,6 @@ static inline struct q_useful_buf_c useful_buf_head(struct q_useful_buf_c buf,
return UsefulBuf_Head(buf, amount);
}
-static uint32_t check_hash_sizes(void)
-{
- if (T_COSE_CRYPTO_SHA256_SIZE != PSA_HASH_SIZE(PSA_ALG_SHA_256))
- {
- return PAL_ATTEST_HASH_FAIL;
- }
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static psa_ecc_curve_t attest_map_elliptic_curve_type(int32_t cose_curve)
-{
- psa_ecc_curve_t psa_curve;
-
- /*FixMe: Mapping is not complete, missing ones: P384, P521, ED25519, ED448 */
- switch (cose_curve)
- {
- case P_256:
- psa_curve = PSA_ECC_CURVE_SECP256R1;
- break;
- default:
- psa_curve = USHRT_MAX;
- }
-
- return psa_curve;
-}
-
static psa_algorithm_t cose_hash_alg_id_to_psa(int32_t cose_hash_alg_id)
{
psa_algorithm_t status;
@@ -80,131 +54,70 @@ static int32_t hash_alg_id_from_sig_alg_id(int32_t cose_sig_alg_id)
}
}
-int32_t pal_cose_crypto_hash_start(struct pal_cose_crypto_hash *hash_ctx, int32_t cose_hash_alg_id)
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id)
{
- int32_t cose_ret = PAL_ATTEST_SUCCESS;
- psa_status_t psa_ret;
- struct pal_cose_psa_crypto_hash *psa_hash_ctx;
-
- cose_ret = check_hash_sizes();
- if (cose_ret)
- {
- goto error;
- }
+ psa_algorithm_t psa_alg;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
- if (sizeof(struct pal_cose_crypto_hash) < sizeof(struct pal_cose_psa_crypto_hash))
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- goto error;
- }
+ /* Map the algorithm ID */
+ psa_alg = cose_hash_alg_id_to_psa(cose_hash_alg_id);
- psa_hash_ctx = (struct pal_cose_psa_crypto_hash *)hash_ctx;
- psa_ret = psa_hash_setup(&psa_hash_ctx->operation, cose_hash_alg_id_to_psa(cose_hash_alg_id));
+ /* Actually do the hash set up */
+ status = psa_hash_setup(psa_hash, psa_alg);
- if (psa_ret == PAL_ATTEST_SUCCESS)
- {
- psa_hash_ctx->status = PAL_ATTEST_SUCCESS;
- cose_ret = PAL_ATTEST_SUCCESS;
- }
- else if (psa_ret == PSA_ERROR_NOT_SUPPORTED)
- {
- cose_ret = PAL_ATTEST_HASH_UNSUPPORTED;
- }
- else
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- }
+ return status;
-error:
- return cose_ret;
}
-void pal_cose_crypto_hash_update(struct pal_cose_crypto_hash *hash_ctx,
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
struct q_useful_buf_c data_to_hash)
{
- struct pal_cose_psa_crypto_hash *psa_hash_ctx;
-
- if (sizeof(struct pal_cose_crypto_hash) < sizeof(struct pal_cose_psa_crypto_hash))
- {
+ if (data_to_hash.ptr == NULL) {
+ /* No data was passed in to be hashed indicating the mode of use is
+ * the computation of the size of hash. This mode is hashing is used
+ * by t_cose when it is requested to compute the size of the signed
+ * data it might compute, which is in turn used to compute the
+ * size of a would be token. When computing the size, the size
+ * like this, there is nothing to do in update()
+ */
return;
}
- psa_hash_ctx = (struct pal_cose_psa_crypto_hash *)hash_ctx;
-
- if (psa_hash_ctx->status == PAL_ATTEST_SUCCESS)
- {
- if (data_to_hash.ptr != NULL)
- {
- psa_hash_ctx->status = psa_hash_update(&psa_hash_ctx->operation,
- data_to_hash.ptr,
- data_to_hash.len);
- }
- else
- {
- /* Intentionally do nothing, just computing the size of the token */
- }
- }
+ /* Actually hash the data */
+ psa_hash_update(psa_hash, data_to_hash.ptr, data_to_hash.len);
}
-int32_t pal_cose_crypto_hash_finish(struct pal_cose_crypto_hash *hash_ctx,
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
struct q_useful_buf buffer_to_hold_result,
struct q_useful_buf_c *hash_result)
{
- uint32_t cose_ret = PAL_ATTEST_SUCCESS;
- psa_status_t psa_ret;
- struct pal_cose_psa_crypto_hash *psa_hash_ctx;
-
- if (sizeof(struct pal_cose_crypto_hash) < sizeof(struct pal_cose_psa_crypto_hash))
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- goto error;
- }
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
- psa_hash_ctx = (struct pal_cose_psa_crypto_hash *)hash_ctx;
+ /* Actually finish up the hash */
+ status = psa_hash_finish(psa_hash, buffer_to_hold_result.ptr,
+ buffer_to_hold_result.len, &(hash_result->len));
+ hash_result->ptr = buffer_to_hold_result.ptr;
- if (psa_hash_ctx->status == PAL_ATTEST_SUCCESS)
- {
- psa_ret = psa_hash_finish(&psa_hash_ctx->operation,
- buffer_to_hold_result.ptr,
- buffer_to_hold_result.len,
- &(hash_result->len));
-
- if (psa_ret == PAL_ATTEST_SUCCESS)
- {
- hash_result->ptr = buffer_to_hold_result.ptr;
- cose_ret = 0;
- }
- else if (psa_ret == PSA_ERROR_BUFFER_TOO_SMALL)
- {
- cose_ret = PAL_ATTEST_HASH_BUFFER_SIZE;
- }
- else
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- }
- }
- else
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- }
+ return status;
-error:
- return cose_ret;
}
int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
struct q_useful_buf_c *hash)
{
- uint32_t status = PAL_ATTEST_SUCCESS;
- struct pal_cose_crypto_hash hash_ctx;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
- status = pal_cose_crypto_hash_start(&hash_ctx, COSE_ALG_SHA256_PROPRIETARY);
- if (status)
- return status;
+ status = pal_cose_crypto_hash_start(&psa_hash, COSE_ALG_SHA256_PROPRIETARY);
+ if (status != PSA_SUCCESS)
+ goto Done;
- pal_cose_crypto_hash_update(&hash_ctx, bytes_to_hash);
- status = pal_cose_crypto_hash_finish(&hash_ctx, buffer_for_hash, hash);
+ pal_cose_crypto_hash_update(&psa_hash, bytes_to_hash);
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
+ if (status != PSA_SUCCESS)
+ goto Done;
+Done:
return status;
}
@@ -216,25 +129,26 @@ uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_ha
QCBOREncodeContext cbor_encode_ctx;
struct q_useful_buf_c tbs_first_part;
QCBORError qcbor_result;
- struct pal_cose_crypto_hash hash_ctx = {{0}};
int32_t hash_alg_id;
UsefulBuf_MAKE_STACK_UB (buffer_for_TBS_first_part, T_COSE_SIZE_OF_TBS);
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
/* This builds the CBOR-format to-be-signed bytes */
QCBOREncode_Init(&cbor_encode_ctx, buffer_for_TBS_first_part);
QCBOREncode_OpenArray(&cbor_encode_ctx);
+
/* context */
- QCBOREncode_AddSZString(&cbor_encode_ctx,
- COSE_SIG_CONTEXT_STRING_SIGNATURE1);
+ QCBOREncode_AddSZString(&cbor_encode_ctx, COSE_SIG_CONTEXT_STRING_SIGNATURE1);
+
/* body_protected */
- QCBOREncode_AddBytes(&cbor_encode_ctx,
- protected_headers);
- /* sign_protected */
- QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
+ QCBOREncode_AddBytes(&cbor_encode_ctx, protected_headers);
+
+ /* sign_protected is not used for Sign1 */
/* external_aad */
QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
- /* fake payload */
- QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
+
+ /* The short fake payload. */
+ QCBOREncode_AddBytesLenOnly(&cbor_encode_ctx, payload);
QCBOREncode_CloseArray(&cbor_encode_ctx);
/* Get the result and convert it to struct q_useful_buf_c representation */
@@ -242,7 +156,8 @@ uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_ha
if (qcbor_result)
{
/* Mainly means that the protected_headers were too big
- (which should never happen) */
+ * (which should never happen)
+ */
status = PAL_ATTEST_ERR_SIGN_STRUCT;
goto Done;
}
@@ -253,94 +168,177 @@ uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_ha
/* Don't check hash_alg_id for failure. pal_cose_crypto_hash_start()
* will handle it properly
*/
- status = pal_cose_crypto_hash_start(&hash_ctx, hash_alg_id);
+ status = pal_cose_crypto_hash_start(&psa_hash, hash_alg_id);
if (status)
goto Done;
- /* Hash the first part of the TBS. Take all but the last two
- * bytes. The last two bytes are the fake payload from above. It
- * is replaced by the real payload which is hashed next. The fake
- * payload is needed so the array count is right. This is one of
- * the main things that make it possible to implement with one
- * buffer for the whole cose sign1.
+ /* This is hashing of the first part, all the CBOR
+ * except the payload.
*/
- pal_cose_crypto_hash_update(&hash_ctx, useful_buf_head(tbs_first_part,
- tbs_first_part.len - 2));
+ pal_cose_crypto_hash_update(&psa_hash, useful_buf_head(tbs_first_part, tbs_first_part.len));
- /* Hash the payload */
- pal_cose_crypto_hash_update(&hash_ctx, payload);
+ /* Hash the payload, the second part. */
+ pal_cose_crypto_hash_update(&psa_hash, payload);
/* Finish the hash and set up to return it */
- status = pal_cose_crypto_hash_finish(&hash_ctx,
- buffer_for_hash,
- hash);
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
Done:
return status;
}
-uint32_t pal_import_attest_key(int32_t alg)
+static int32_t pal_attest_get_public_key(uint8_t *public_key_buff, size_t public_key_buf_size,
+ size_t *public_key_len, psa_ecc_curve_t *elliptic_curve_type)
{
+ int32_t status = PAL_ATTEST_ERROR;
+
+#ifdef PLATFORM_OVERRIDE_ATTEST_PK
+ if (public_key_buf_size < (attest_key.pubx_key_size + attest_key.puby_key_size + 1))
+ return PAL_ATTEST_ERR_SMALL_BUFFER;
+
+ *public_key_len = (attest_key.pubx_key_size + attest_key.puby_key_size + 1);
+ *elliptic_curve_type = PSA_ECC_CURVE_SECP256R1;
+ memcpy(public_key_buff, (void *)&attest_public_key, *public_key_len);
+ status = PSA_SUCCESS;
+#else
+ status = tfm_initial_attest_get_public_key(public_key_buff,
+ public_key_buf_size,
+ public_key_len,
+ elliptic_curve_type);
+#endif
+
+ return status;
+}
+
+static uint32_t pal_import_attest_key(psa_algorithm_t key_alg)
+{
+ psa_status_t status = PAL_ATTEST_ERROR;
+ psa_key_usage_t usage = PSA_KEY_USAGE_VERIFY;
+ psa_ecc_curve_t ecc_curve;
psa_key_type_t attest_key_type;
size_t public_key_size;
- psa_status_t status = PSA_SUCCESS;
+ uint8_t public_key_buff[ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH] = {0};
+
+#if defined(CRYPTO_VERSION_BETA1) || defined(CRYPTO_VERSION_BETA2)
psa_key_policy_t policy;
- psa_ecc_curve_t psa_curve;
- psa_key_handle_t public_key_handle;
- /* Mapping of COSE curve type to PSA curve types */
- psa_curve = attest_map_elliptic_curve_type(P_256);
- if (psa_curve == USHRT_MAX)
- return PAL_ATTEST_ERROR;
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
- /* Setup the key policy for public key */
- policy = psa_key_policy_init();
- psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_VERIFY, alg);
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
- status = psa_allocate_key(&public_key_handle);
- if (status != PSA_SUCCESS)
- return status;
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
- status = psa_set_key_policy(public_key_handle, &policy);
- if (status != PSA_SUCCESS)
- return status;
+ /* Setup the key policy for public key */
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage(&policy, usage, key_alg);
- attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(psa_curve);
+ status = psa_allocate_key(&public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
- /* Register public key to crypto service */
- public_key_size = attest_key.pubx_key_size + attest_key.puby_key_size;
+ status = psa_set_key_policy(public_key_handle, &policy);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
- status = psa_import_key(public_key_handle,
+ /* Import the public key */
+ status = psa_import_key(public_key_handle,
attest_key_type,
- (const uint8_t *)&attest_public_key,
- public_key_size + 1);
+ public_key_buff,
+ public_key_size);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+
+#elif defined(CRYPTO_VERSION_BETA3)
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+
+ /* Set the attributes for the public key */
+ psa_set_key_type(&attributes, attest_key_type);
+ psa_set_key_bits(&attributes, public_key_size);
+ psa_set_key_usage_flags(&attributes, usage);
+ psa_set_key_algorithm(&attributes, key_alg);
+ psa_set_key_bits(&attributes, 0);
+
+ /* Import the public key */
+ status = psa_import_key(&attributes,
+ public_key_buff,
+ public_key_size,
+ &public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+#endif
return status;
}
+static uint32_t pal_destroy_attest_key(void)
+{
+ psa_status_t status;
+
+ if (!public_key_registered)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ status = psa_destroy_key(public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 0;
+
+ return PAL_ATTEST_SUCCESS;
+}
uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id,
struct q_useful_buf_c token_hash,
struct q_useful_buf_c signature)
{
- uint32_t status = PAL_ATTEST_SUCCESS;
+ int32_t status = PAL_ATTEST_ERROR;
+ psa_algorithm_t key_alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
- if (!public_key_registered)
- {
- status = pal_import_attest_key(cose_algorithm_id);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
+ /* Register the attestation public key */
+ status = pal_import_attest_key(key_alg);
+ if (status != PAL_ATTEST_SUCCESS)
+ return status;
- public_key_registered = 1;
- }
+ /* Verify the signature */
+ status = psa_asymmetric_verify(public_key_handle,
+ key_alg, token_hash.ptr, token_hash.len,
+ signature.ptr, signature.len);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_SIGNATURE_FAIL;
-/*
- * Enable the verify function when Trusted Firmare - M Supports
+ /* Unregister the attestation public key */
+ status = pal_destroy_attest_key();
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
- * Verify the signature a hash or short message using a public key.
- status = psa_asymmetric_verify(public_key_handle,
- cose_algorithm_id, token_hash.ptr, token_hash.len,
- signature.ptr, signature.len);
-*/
- return status;
+ return PAL_ATTEST_SUCCESS;
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.h
index 2d63ad13..559a24c1 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.h
@@ -15,16 +15,19 @@
* limitations under the License.
**/
-#include "pal_common.h"
+#ifndef _PAL_ATTESTATION_CRYPTO_H_
+#define _PAL_ATTESTATION_CRYPTO_H_
+
#include "pal_attestation_eat.h"
-#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH (1 + 2 * PSA_BITS_TO_BYTES(256))
-typedef struct{
+typedef struct {
uint8_t *pubx_key;
- uint32_t pubx_key_size;
+ size_t pubx_key_size;
uint8_t *puby_key;
- uint32_t puby_key_size;
+ size_t puby_key_size;
} ecc_key_t;
struct ecc_public_key_t {
@@ -47,29 +50,14 @@ static const struct ecc_public_key_t attest_public_key = {
0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64},
};
-struct pal_cose_crypto_hash {
- /* Can't put the actual size here without creating dependecy on
- * actual hash implementation, so this is a fairly large and
- * accommodating size.
- */
- uint8_t bytes[128];
-};
-
-struct pal_cose_psa_crypto_hash {
- psa_status_t status;
- psa_hash_operation_t operation;
-};
-
-static const uint8_t initial_attestation_public_x_key[] =
-{
+static const uint8_t initial_attestation_public_x_key[] = {
0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F
};
-static const uint8_t initial_attestation_public_y_key[] =
-{
+static const uint8_t initial_attestation_public_y_key[] = {
0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
@@ -84,10 +72,10 @@ static const ecc_key_t attest_key = {
sizeof(initial_attestation_public_y_key)
};
-int32_t pal_cose_crypto_hash_start(struct pal_cose_crypto_hash *hash_ctx, int32_t cose_hash_alg_id);
-void pal_cose_crypto_hash_update(struct pal_cose_crypto_hash *hash_ctx,
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id);
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
struct q_useful_buf_c data_to_hash);
-int32_t pal_cose_crypto_hash_finish(struct pal_cose_crypto_hash *hash_ctx,
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
struct q_useful_buf buffer_to_hold_result,
struct q_useful_buf_c *hash_result);
int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
@@ -95,8 +83,6 @@ int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf b
uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
struct q_useful_buf_c payload);
-uint32_t pal_import_attest_key(int32_t alg);
uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash,
struct q_useful_buf_c signature);
-
-
+#endif /* _PAL_ATTESTATION_CRYPTO_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_eat.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_eat.c
deleted file mode 100644
index 178fdc9c..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_eat.c
+++ /dev/null
@@ -1,491 +0,0 @@
-/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-#include "pal_attestation_crypto.h"
-
-uint32_t mandatory_claims = 0;
-uint32_t mandaroty_sw_components = 0;
-bool_t sw_component_present = 0;
-
-static int pal_encode_cose_key(struct q_useful_buf_c *cose_key,
- struct q_useful_buf buffer_for_cose_key,
- struct q_useful_buf_c x_cord, struct q_useful_buf_c y_cord)
-{
- uint32_t return_value;
- QCBORError qcbor_result;
- QCBOREncodeContext cbor_encode_ctx;
- int32_t cose_curve_id = P_256;
- struct q_useful_buf_c encoded_key_id;
-
- /* Get the public key x and y */
- /* Encode it into a COSE_Key structure */
- QCBOREncode_Init(&cbor_encode_ctx, buffer_for_cose_key);
- QCBOREncode_OpenMap(&cbor_encode_ctx);
- QCBOREncode_AddInt64ToMapN(&cbor_encode_ctx,
- COSE_KEY_COMMON_KTY,
- COSE_KEY_TYPE_EC2);
- QCBOREncode_AddInt64ToMapN(&cbor_encode_ctx,
- COSE_KEY_PARAM_CRV,
- cose_curve_id);
- QCBOREncode_AddBytesToMapN(&cbor_encode_ctx,
- COSE_KEY_PARAM_X_COORDINATE,
- x_cord);
- QCBOREncode_AddBytesToMapN(&cbor_encode_ctx,
- COSE_KEY_PARAM_Y_COORDINATE,
- y_cord);
- QCBOREncode_CloseMap(&cbor_encode_ctx);
-
- qcbor_result = QCBOREncode_Finish(&cbor_encode_ctx, &encoded_key_id);
- if (qcbor_result != QCBOR_SUCCESS)
- {
- /* Mainly means that the COSE_Key was too big for buffer_for_cose_key */
- return_value = PAL_ATTEST_ERR_PROTECTED_HEADERS;
- goto Done;
- }
-
- /* Finish up and return */
- *cose_key = encoded_key_id;
- return_value = PAL_ATTEST_SUCCESS;
-
-Done:
- return return_value;
-}
-
-
-static int get_items_in_map(QCBORDecodeContext *decode_context,
- struct items_to_get_t *item_list)
-{
- int item_index;
- QCBORItem item;
- struct items_to_get_t *item_ptr = item_list;
-
- /* initialize the data type of all items in the list */
- while (item_ptr->label != 0)
- {
- item_ptr->item.uDataType = QCBOR_TYPE_NONE;
- item_ptr++;
- }
-
- QCBORDecode_GetNext(decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_MAP)
- {
- return PAL_ATTEST_ERROR;
- }
-
- for (item_index = item.val.uCount; item_index != 0; item_index--)
- {
- if (QCBORDecode_GetNext(decode_context, &item) != QCBOR_SUCCESS)
- {
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- if (item.uLabelType != QCBOR_TYPE_INT64)
- {
- continue;
- }
-
- item_ptr = item_list;
- while (item_ptr->label != 0)
- {
- if (item.label.int64 == item_ptr->label)
- {
- item_ptr->item = item;
- }
- item_ptr++;
- }
- }
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static int get_item_in_map(QCBORDecodeContext *decode_context,
- int32_t label,
- QCBORItem *item)
-{
- struct items_to_get_t item_list[2];
-
- item_list[0].label = label;
- item_list[1].label = 0;
-
- if (get_items_in_map(decode_context, item_list))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if (item_list[0].item.uDataType == QCBOR_TYPE_NONE)
- {
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
-
- *item = item_list[0].item;
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static int parse_unprotected_headers(QCBORDecodeContext *decode_context,
- struct q_useful_buf_c *child,
- bool *loop_back)
-{
- struct items_to_get_t item_list[3];
-
- item_list[0].label = COSE_HEADER_PARAM_KID;
- item_list[1].label = T_COSE_SHORT_CIRCUIT_LABEL;
- item_list[2].label = 0;
- *loop_back = false;
-
- if (get_items_in_map(decode_context, item_list))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if (item_list[1].item.uDataType == QCBOR_TYPE_TRUE)
- {
- *loop_back = true;
- }
-
- if (item_list[0].item.uDataType != QCBOR_TYPE_BYTE_STRING)
- {
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
-
- *child = item_list[0].item.val.string;
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static int parse_protected_headers(struct q_useful_buf_c protected_headers,
- int32_t *alg_id)
-{
- QCBORDecodeContext decode_context;
- QCBORItem item;
-
- QCBORDecode_Init(&decode_context, protected_headers, 0);
-
- if (get_item_in_map(&decode_context, COSE_HEADER_PARAM_ALG, &item))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if (QCBORDecode_Finish(&decode_context))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if ((item.uDataType != QCBOR_TYPE_INT64) || (item.val.int64 > INT32_MAX))
- {
- return PAL_ATTEST_ERROR;
- }
-
- *alg_id = (int32_t)item.val.int64;
-
- return PAL_ATTEST_SUCCESS;
-}
-
-/**
- @brief - This API will verify the claims
- @param - decode_context : The buffer containing the challenge
- item : context for decoding the data items
- completed_challenge : Buffer containing the challenge
- @return - error status
-**/
-static int parse_claims(QCBORDecodeContext *decode_context, QCBORItem item,
- struct q_useful_buf_c completed_challenge)
-{
- int i, count = 0;
- int status = PAL_ATTEST_SUCCESS;
-
- /* Parse each claim and validate their data type */
- while (status == PAL_ATTEST_SUCCESS)
- {
- status = QCBORDecode_GetNext(decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- break;
-
- mandatory_claims |= 1 << (EAT_CBOR_ARM_RANGE_BASE - item.label.int64);
- if (item.uLabelType == QCBOR_TYPE_INT64)
- {
- if (item.label.int64 == EAT_CBOR_ARM_LABEL_NONCE)
- {
- if (item.uDataType == QCBOR_TYPE_BYTE_STRING)
- {
- /* Given challenge vs challenge in token */
- if (UsefulBuf_Compare(item.val.string, completed_challenge))
- return PAL_ATTEST_TOKEN_CHALLENGE_MISMATCH;
- }
- else
- return PAL_ATTEST_TOKEN_NOT_SUPPORTED;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_BOOT_SEED ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_UEID)
- {
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_ORIGINATION ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_PROFILE_DEFINITION ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_HW_VERSION)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_CLIENT_ID ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE)
- {
- if (item.uDataType != QCBOR_TYPE_INT64)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_SW_COMPONENTS)
- {
- if (item.uDataType != QCBOR_TYPE_ARRAY)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- sw_component_present = 1;
- status = QCBORDecode_GetNext(decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- continue;
-
- count = item.val.uCount;
- for (i = 0; i <= count; i++)
- {
- mandaroty_sw_components |= 1 << item.label.int64;
-
- if (item.label.int64 == EAT_CBOR_SW_COMPONENT_MEASUREMENT)
- {
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_MEASUREMENT_DESC)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_VERSION)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_SIGNER_ID)
- {
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_EPOCH)
- {
- if (item.uDataType != QCBOR_TYPE_INT64)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_TYPE)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
-
- if (i < count)
- {
- status = QCBORDecode_GetNext(decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- }
-
- }
- }
- else
- {
- /* ToDo: Add other claim types */
- }
- }
-
- if (status == QCBOR_ERR_HIT_END)
- return PAL_ATTEST_SUCCESS;
- else
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-}
-
-/**
- @brief - This API will verify the attestation token
- @param - challenge : The buffer containing the challenge
- challenge_size : Size of the challenge buffer
- token : The buffer containing the attestation token
- token_size : Size of the token buffer
- @return - error status
-**/
-int32_t pal_initial_attest_verify_token(uint8_t *challenge, uint32_t challenge_size,
- uint8_t *token, uint32_t token_size)
-{
- int32_t status = PAL_ATTEST_SUCCESS;
- bool short_circuit;
- int32_t cose_algorithm_id;
- QCBORItem item;
- QCBORDecodeContext decode_context;
- struct q_useful_buf_c completed_challenge;
- struct q_useful_buf_c completed_token;
- struct q_useful_buf_c payload;
- struct q_useful_buf_c signature;
- struct q_useful_buf_c protected_headers;
- struct q_useful_buf_c kid;
- struct q_useful_buf_c x_cord;
- struct q_useful_buf_c y_cord;
- struct q_useful_buf_c cose_key_to_hash;
- struct q_useful_buf_c key_hash;
- struct q_useful_buf_c token_hash;
- USEFUL_BUF_MAKE_STACK_UB(buf_to_hold_x_coord, T_COSE_CRYPTO_EC_P256_COORD_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buf_to_hold_y_coord, T_COSE_CRYPTO_EC_P256_COORD_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_kid, T_COSE_CRYPTO_SHA256_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_cose_key, MAX_ENCODED_COSE_KEY_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_encoded_key, MAX_ENCODED_COSE_KEY_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_token_hash, T_COSE_CRYPTO_SHA256_SIZE);
-
- kid.ptr = buffer_for_encoded_key.ptr;
-
- memcpy(buf_to_hold_x_coord.ptr, (const void *)attest_key.pubx_key, attest_key.pubx_key_size);
- memcpy(buf_to_hold_y_coord.ptr, (const void *)attest_key.puby_key, attest_key.puby_key_size);
-
- /* Update size */
- buf_to_hold_x_coord.len = attest_key.pubx_key_size;
- buf_to_hold_y_coord.len = attest_key.puby_key_size;
-
- x_cord.ptr = buf_to_hold_x_coord.ptr;
- x_cord.len = buf_to_hold_x_coord.len;
- y_cord.ptr = buf_to_hold_y_coord.ptr;
- y_cord.len = buf_to_hold_y_coord.len;
-
- /* Construct the token buffer for validation */
- completed_token.ptr = token;
- completed_token.len = token_size;
-
- /* Construct the challenge buffer for validation */
- completed_challenge.ptr = challenge;
- completed_challenge.len = challenge_size;
-
-/*
- -------------------------
- | CBOR Array Type |
- -------------------------
- | Protected Headers |
- -------------------------
- | Unprotected Headers |
- -------------------------
- | Payload |
- -------------------------
- | Signature |
- -------------------------
-*/
-
- /* Initialize the decorder */
- QCBORDecode_Init(&decode_context, completed_token, QCBOR_DECODE_MODE_NORMAL);
-
- /* Get the Header */
- QCBORDecode_GetNext(&decode_context, &item);
-
- /* Check the CBOR Array type. Check if the count is 4.
- * Only COSE_SIGN1 is supported now.
- */
- if (item.uDataType != QCBOR_TYPE_ARRAY || item.val.uCount != 4 ||
- !QCBORDecode_IsTagged(&decode_context, &item, CBOR_TAG_COSE_SIGN1))
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- /* Get the next headers */
- QCBORDecode_GetNext(&decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- protected_headers = item.val.string;
-
- /* Parse the protected headers and check the data type and value*/
- status = parse_protected_headers(protected_headers, &cose_algorithm_id);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Parse the unprotected headers and check the data type and value */
- short_circuit = false;
- status = parse_unprotected_headers(&decode_context, &kid, &short_circuit);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Encode the given public key */
- status = pal_encode_cose_key(&cose_key_to_hash, buffer_for_cose_key, x_cord, y_cord);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Create hash of the given public key */
- status = pal_create_sha256(cose_key_to_hash, buffer_for_kid, &key_hash);
- if (status != PSA_SUCCESS)
- return status;
-
- /* Compare the hash of the public key in token and hash of the given public key */
- if (kid.len != key_hash.len)
- {
- return PAL_ATTEST_HASH_LENGTH_MISMATCH;
- }
-
- if (memcmp(kid.ptr, key_hash.ptr, kid.len) != 0)
- {
- return PAL_ATTEST_HASH_MISMATCH;
- }
-
- /* Get the payload */
- QCBORDecode_GetNext(&decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- payload = item.val.string;
-
- /* Get the digital signature */
- QCBORDecode_GetNext(&decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- signature = item.val.string;
-
- /* Compute the hash from the token */
- status = pal_compute_hash(cose_algorithm_id, buffer_for_token_hash, &token_hash,
- protected_headers, payload);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Verify the signature */
- status = pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Initialize the Decoder and validate the payload format */
- QCBORDecode_Init(&decode_context, payload, QCBOR_DECODE_MODE_NORMAL);
- status = QCBORDecode_GetNext(&decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- if (item.uDataType != QCBOR_TYPE_MAP)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- /* Parse the payload and check the data type of each claim */
- status = parse_claims(&decode_context, item, completed_challenge);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- if ((mandatory_claims & MANDATORY_CLAIM_WITH_SW_COMP) == MANDATORY_CLAIM_WITH_SW_COMP)
- {
- if ((mandaroty_sw_components & MANDATORY_SW_COMP) != MANDATORY_SW_COMP)
- return PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS;
- }
- else if ((mandatory_claims & MANDATORY_CLAIM_NO_SW_COMP) != MANDATORY_CLAIM_NO_SW_COMP)
- {
- return PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS;
- }
-
- return PAL_ATTEST_SUCCESS;
-}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_eat.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_eat.h
index 8a0c5455..fae5434e 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_eat.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_eat.h
@@ -15,43 +15,17 @@
* limitations under the License.
**/
+#ifndef _PAL_ATTESTATION_EAT_H_
+#define _PAL_ATTESTATION_EAT_H_
+
#include "qcbor.h"
#include "pal_common.h"
-#include "psa/crypto.h"
#define PAL_ATTEST_MIN_ERROR 30
-/* NIST P-256 also known as secp256r1 */
-#define P_256 1
-
-#define COSE_HEADER_PARAM_ALG 1
-#define COSE_HEADER_PARAM_KID 4
-
-#define COSE_KEY_COMMON_KTY 1
-#define COSE_KEY_TYPE_EC2 2
-#define COSE_KEY_PARAM_CRV -1
-#define COSE_KEY_PARAM_X_COORDINATE -2
-#define COSE_KEY_PARAM_Y_COORDINATE -3
#define COSE_ALGORITHM_ES256 -7
#define COSE_ALG_SHA256_PROPRIETARY -72000
-/**
- * The size of X and Y coordinate in 2 parameter style EC public
- * key. Format is as defined in [COSE (RFC 8152)]
- * (https://tools.ietf.org/html/rfc8152) and [SEC 1: Elliptic Curve
- * Cryptography](http://www.secg.org/sec1-v2.pdf).
- *
- * This size is well-known and documented in public standards.
- */
-#define T_COSE_CRYPTO_EC_P256_COORD_SIZE 32
-#define T_COSE_CRYPTO_SHA256_SIZE 32
-
-#define MAX_ENCODED_COSE_KEY_SIZE \
- 1 + /* 1 byte to encode map */ \
- 2 + /* 2 bytes to encode key type */ \
- 2 + /* 2 bytes to encode curve */ \
- 2 * /* the X and Y coordinates at 32 bytes each */ \
- (T_COSE_CRYPTO_EC_P256_COORD_SIZE + 1 + 2)
#define USEFUL_BUF_MAKE_STACK_UB UsefulBuf_MAKE_STACK_UB
#define COSE_SIG_CONTEXT_STRING_SIGNATURE1 "Signature1"
@@ -78,71 +52,9 @@
sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \
2 + /* Overhead for encoding string */ \
T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \
- 3 * ( /* 3 NULL bstrs for fields not used */ \
+ 3 * (/* 3 NULL bstrs for fields not used */ \
1 /* size of a NULL bstr */ \
)
-
-/*
- CBOR Label for proprietary header indicating short-circuit
- signing was used. Just a random number in the proprietary
- label space */
-#define T_COSE_SHORT_CIRCUIT_LABEL (-8675309)
-
-#define EAT_CBOR_ARM_RANGE_BASE (-75000)
-#define EAT_CBOR_ARM_LABEL_PROFILE_DEFINITION (EAT_CBOR_ARM_RANGE_BASE - 0)
-#define EAT_CBOR_ARM_LABEL_CLIENT_ID (EAT_CBOR_ARM_RANGE_BASE - 1)
-#define EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE (EAT_CBOR_ARM_RANGE_BASE - 2)
-#define EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID (EAT_CBOR_ARM_RANGE_BASE - 3)
-#define EAT_CBOR_ARM_LABEL_BOOT_SEED (EAT_CBOR_ARM_RANGE_BASE - 4)
-#define EAT_CBOR_ARM_LABEL_HW_VERSION (EAT_CBOR_ARM_RANGE_BASE - 5)
-#define EAT_CBOR_ARM_LABEL_SW_COMPONENTS (EAT_CBOR_ARM_RANGE_BASE - 6)
-#define EAT_CBOR_ARM_LABEL_NO_SW_COMPONENTS (EAT_CBOR_ARM_RANGE_BASE - 7)
-#define EAT_CBOR_ARM_LABEL_NONCE (EAT_CBOR_ARM_RANGE_BASE - 8)
-#define EAT_CBOR_ARM_LABEL_UEID (EAT_CBOR_ARM_RANGE_BASE - 9)
-#define EAT_CBOR_ARM_LABEL_ORIGINATION (EAT_CBOR_ARM_RANGE_BASE - 10)
-
-#define CBOR_ARM_TOTAL_CLAIM_INSTANCE 10
-
-#define EAT_CBOR_SW_COMPONENT_TYPE (1u)
-#define EAT_CBOR_SW_COMPONENT_MEASUREMENT (2u)
-#define EAT_CBOR_SW_COMPONENT_EPOCH (3u)
-#define EAT_CBOR_SW_COMPONENT_VERSION (4u)
-#define EAT_CBOR_SW_COMPONENT_SIGNER_ID (5u)
-#define EAT_CBOR_SW_COMPONENT_MEASUREMENT_DESC (6u)
-
-#define MANDATORY_CLAIM_WITH_SW_COMP (1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_NONCE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_UEID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_CLIENT_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_BOOT_SEED) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_SW_COMPONENTS))
-
-#define MANDATORY_CLAIM_NO_SW_COMP (1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_NONCE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_UEID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_CLIENT_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_BOOT_SEED) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_NO_SW_COMPONENTS))
-
-#define MANDATORY_SW_COMP (1 << EAT_CBOR_SW_COMPONENT_MEASUREMENT | \
- 1 << EAT_CBOR_SW_COMPONENT_SIGNER_ID)
-
#define NULL_USEFUL_BUF_C NULLUsefulBufC
enum attestation_error_code {
@@ -158,13 +70,11 @@ enum attestation_error_code {
PAL_ATTEST_HASH_BUFFER_SIZE,
PAL_ATTEST_ERR_PROTECTED_HEADERS,
PAL_ATTEST_ERR_SIGN_STRUCT,
+ PAL_ATTEST_ERR_KEY_FAIL,
+ PAL_ATTEST_ERR_SIGNATURE_FAIL,
+ PAL_ATTEST_ERR_CBOR_STRUCTURE,
+ PAL_ATTEST_ERR_SMALL_BUFFER,
PAL_ATTEST_ERROR,
};
-struct items_to_get_t {
- int64_t label;
- QCBORItem item;
-};
-
-int32_t pal_initial_attest_verify_token(uint8_t *challenge, uint32_t challenge_size,
- uint8_t *token, uint32_t token_size);
+#endif /* _PAL_ATTESTATION_EAT_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c
index 2d99f74d..dd41690e 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -26,28 +26,39 @@
**/
int32_t pal_attestation_function(int type, va_list valist)
{
- uint8_t *challenge, *token;
- uint32_t challenge_size, *token_size, verify_token_size;
+ uint8_t *challenge, *token;
+ size_t challenge_size, *token_size, token_buffer_size;
+ int32_t cose_algorithm_id;
+ struct q_useful_buf buffer_for_hash;
+ struct q_useful_buf_c *hash, payload, protected_headers, token_hash, signature;
switch (type)
{
case PAL_INITIAL_ATTEST_GET_TOKEN:
challenge = va_arg(valist, uint8_t*);
- challenge_size = va_arg(valist, uint32_t);
+ challenge_size = va_arg(valist, size_t);
token = va_arg(valist, uint8_t*);
- token_size = va_arg(valist, uint32_t*);
- return psa_initial_attest_get_token(challenge, challenge_size, token, token_size);
+ token_buffer_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token(challenge, challenge_size, token, token_buffer_size,
+ token_size);
case PAL_INITIAL_ATTEST_GET_TOKEN_SIZE:
- challenge_size = va_arg(valist, uint32_t);
- token_size = va_arg(valist, uint32_t*);
+ challenge_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
return psa_initial_attest_get_token_size(challenge_size, token_size);
- case PAL_INITIAL_ATTEST_VERIFY_TOKEN:
- challenge = va_arg(valist, uint8_t*);
- challenge_size = va_arg(valist, uint32_t);
- token = va_arg(valist, uint8_t*);
- verify_token_size = va_arg(valist, uint32_t);
- return pal_initial_attest_verify_token(challenge, challenge_size,
- token, verify_token_size);
+ case PAL_INITIAL_ATTEST_COMPUTE_HASH:
+ cose_algorithm_id = va_arg(valist, int32_t);
+ buffer_for_hash = va_arg(valist, struct q_useful_buf);
+ hash = va_arg(valist, struct q_useful_buf_c*);
+ protected_headers = va_arg(valist, struct q_useful_buf_c);
+ payload = va_arg(valist, struct q_useful_buf_c);
+ return pal_compute_hash(cose_algorithm_id, buffer_for_hash, hash,
+ protected_headers, payload);
+ case PAL_INITIAL_ATTEST_VERIFY_WITH_PK:
+ cose_algorithm_id = va_arg(valist, int32_t);
+ token_hash = va_arg(valist, struct q_useful_buf_c);
+ signature = va_arg(valist, struct q_useful_buf_c);
+ return pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature);
default:
return PAL_STATUS_UNSUPPORTED_FUNC;
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.h
index 12f6ee94..3ab7ebb4 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.h
@@ -15,8 +15,8 @@
* limitations under the License.
**/
-#ifndef _PAL_INITIAL_ATTESTATION_H_
-#define _PAL_INITIAL_ATTESTATION_H_
+#ifndef _PAL_ATTESTATION_INTF_H_
+#define _PAL_ATTESTATION_INTF_H_
#include "pal_attestation_crypto.h"
@@ -24,7 +24,9 @@ enum attestation_function_code {
PAL_INITIAL_ATTEST_GET_TOKEN = 0x1,
PAL_INITIAL_ATTEST_GET_TOKEN_SIZE = 0x2,
PAL_INITIAL_ATTEST_VERIFY_TOKEN = 0x3,
+ PAL_INITIAL_ATTEST_COMPUTE_HASH = 0x4,
+ PAL_INITIAL_ATTEST_VERIFY_WITH_PK = 0x5,
};
int32_t pal_attestation_function(int type, va_list valist);
-#endif /* _PAL_INITIAL_ATTESTATION_H_ */
+#endif /* _PAL_ATTESTATION_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
index 4f04ab01..abfdc5d6 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
@@ -26,33 +26,35 @@
**/
uint32_t pal_its_function(int type, va_list valist)
{
- psa_its_uid_t uid;
- uint32_t data_length, offset;
- const void *p_write_data;
- void *p_read_data;
- psa_its_create_flags_t its_create_flags;
- struct psa_its_info_t *its_p_info;
+ psa_storage_uid_t uid;
+ uint32_t data_size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t its_create_flags;
+ struct psa_storage_info_t *its_p_info;
switch (type)
{
case PAL_ITS_SET:
- uid = va_arg(valist, psa_its_uid_t);
- data_length = va_arg(valist, uint32_t);
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
p_write_data = va_arg(valist, const void*);
- its_create_flags = va_arg(valist, psa_its_create_flags_t);
- return psa_its_set(uid, data_length, p_write_data, its_create_flags);
+ its_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_its_set(uid, data_size, p_write_data, its_create_flags);
case PAL_ITS_GET:
- uid = va_arg(valist, psa_its_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
offset = va_arg(valist, uint32_t);
- data_length = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
p_read_data = va_arg(valist, void*);
- return psa_its_get(uid, offset, data_length, p_read_data);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_its_get(uid, offset, data_size, p_read_data, p_data_length);
case PAL_ITS_GET_INFO:
- uid = va_arg(valist, psa_its_uid_t);
- its_p_info = va_arg(valist, struct psa_its_info_t*);
+ uid = va_arg(valist, psa_storage_uid_t);
+ its_p_info = va_arg(valist, struct psa_storage_info_t*);
return psa_its_get_info(uid, its_p_info);
case PAL_ITS_REMOVE:
- uid = va_arg(valist, psa_its_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
return psa_its_remove(uid);
default:
return PAL_STATUS_UNSUPPORTED_FUNC;
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.c
index a4241533..0dd07c57 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.c
@@ -26,45 +26,47 @@
**/
uint32_t pal_ps_function(int type, va_list valist)
{
- psa_ps_uid_t uid;
- uint32_t data_length, size, offset;
- const void *p_write_data;
- void *p_read_data;
- psa_ps_create_flags_t ps_create_flags;
- struct psa_ps_info_t *ps_p_info;
+ psa_storage_uid_t uid;
+ uint32_t data_size, size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t ps_create_flags;
+ struct psa_storage_info_t *ps_p_info;
switch (type)
{
case PAL_PS_SET:
- uid = va_arg(valist, psa_ps_uid_t);
- data_length = va_arg(valist, uint32_t);
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
p_write_data = va_arg(valist, const void*);
- ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
- return psa_ps_set(uid, data_length, p_write_data, ps_create_flags);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_ps_set(uid, data_size, p_write_data, ps_create_flags);
case PAL_PS_GET:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
offset = va_arg(valist, uint32_t);
- data_length = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
p_read_data = va_arg(valist, void*);
- return psa_ps_get(uid, offset, data_length, p_read_data);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_ps_get(uid, offset, data_size, p_read_data, p_data_length);
case PAL_PS_GET_INFO:
- uid = va_arg(valist, psa_ps_uid_t);
- ps_p_info = va_arg(valist, struct psa_ps_info_t*);
+ uid = va_arg(valist, psa_storage_uid_t);
+ ps_p_info = va_arg(valist, struct psa_storage_info_t*);
return psa_ps_get_info(uid, ps_p_info);
case PAL_PS_REMOVE:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
return psa_ps_remove(uid);
case PAL_PS_CREATE:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
size = va_arg(valist, uint32_t);
- ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
return psa_ps_create(uid, size, ps_create_flags);
case PAL_PS_SET_EXTENDED:
- uid = va_arg(valist, psa_ps_uid_t);
+ uid = va_arg(valist, psa_storage_uid_t);
offset = va_arg(valist, uint32_t);
- data_length = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
p_write_data = va_arg(valist, const void*);
- return psa_ps_set_extended(uid, offset, data_length, p_write_data);
+ return psa_ps_set_extended(uid, offset, data_size, p_write_data);
case PAL_PS_GET_SUPPORT:
return psa_ps_get_support();
default:
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/spe/pal_driver_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/spe/pal_driver_intf.h
deleted file mode 100644
index cef34ca8..00000000
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/spe/pal_driver_intf.h
+++ /dev/null
@@ -1,35 +0,0 @@
- /** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- **/
-
-#ifndef _PAL_DRIVER_INTF_H_
-#define _PAL_DRIVER_INTF_H_
-
-#include "pal_uart.h"
-#include "pal_nvmem.h"
-#include "pal_wd_cmsdk.h"
-
-void pal_uart_init(uint32_t uart_base_addr);
-void pal_print(char *str, int32_t data);
-int pal_nvmem_write(addr_t base, uint32_t offset, void *buffer, int size);
-int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size);
-int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us);
-int pal_wd_timer_enable(addr_t base_addr);
-int pal_wd_timer_disable(addr_t base_addr);
-int pal_wd_timer_is_enabled(addr_t base_addr);
-void pal_generate_interrupt(void);
-void pal_disable_interrupt(void);
-#endif /* _PAL_DRIVER_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/target.cfg b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/target.cfg
index 629efb53..20c1ab8d 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/target.cfg
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/target.cfg
@@ -52,5 +52,3 @@ dut.0.ns_start_addr_of_combine_test_binary = 0x28120000;
// Is combine_test_binary available in RAM?
dut.0.combine_test_binary_in_ram = AVAILABLE;
-
-dut.0.implemented_psa_firmware_isolation_level = LEVEL1;
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/target.cmake b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/target.cmake
new file mode 100644
index 00000000..5388ca1a
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/target.cmake
@@ -0,0 +1,109 @@
+#/** @file
+# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+# PAL C source files part of NSPE library
+list(APPEND PAL_SRC_C_NSPE )
+
+# PAL ASM source files part of NSPE library
+list(APPEND PAL_SRC_ASM_NSPE )
+
+# PAL C source files part of SPE library - driver partition
+list(APPEND PAL_SRC_C_DRIVER_SP )
+
+# PAL ASM source files part of SPE library - driver partition
+list(APPEND PAL_SRC_ASM_DRIVER_SP )
+
+
+# Listing all the sources required for given target
+if(${SUITE} STREQUAL "IPC")
+ list(APPEND PAL_SRC_C_NSPE
+ # driver functionalities are implemented as RoT-services
+ # and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ipc_intf.c
+ )
+ list(APPEND PAL_SRC_C_DRIVER_SP
+ # Driver files will be compiled as part of driver partition
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/spe/pal_driver_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/pl011/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+else()
+ list(APPEND PAL_SRC_C_NSPE
+ # driver files will be compiled as part of NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_empty_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ns_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/pl011/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+endif()
+if(${SUITE} STREQUAL "CRYPTO")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto/pal_crypto_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "PROTECTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage/pal_protected_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c
+ )
+endif()
+
+# Create NSPE library
+add_library(${PSA_TARGET_PAL_NSPE_LIB} STATIC ${PAL_SRC_C_NSPE} ${PAL_SRC_ASM_NSPE})
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE ${psa_inc_path})
+endforeach()
+
+list(APPEND PAL_DRIVER_INCLUDE_PATHS
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem
+ ${PSA_ROOT_DIR}/platform/drivers/uart/pl011
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk
+)
+
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PAL_DRIVER_INCLUDE_PATHS}
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation
+)
+
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PSA_QCBOR_INCLUDE_PATH}
+)
+endif()
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/Makefile b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/Makefile
deleted file mode 100644
index 894cec4d..00000000
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/Makefile
+++ /dev/null
@@ -1,160 +0,0 @@
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-include $(SOURCE)/tools/makefiles/toolchain.mk
-
-# Make variables to select correct instances of PAL files
-
-## PSA_IPC_IMPLEMENTED must be true for IPC SUITE
-PSA_IPC_IMPLEMENTED:=1
-
-## PSA_CRYPTO_IMPLEMENTED must be true for CRYPTO SUITE
-PSA_CRYPTO_IMPLEMENTED:=0
-
-## PSA_PROTECTED_STORAGE_IMPLEMENTED must be true for PROTECTED_STORAGE SUITE
-PSA_PROTECTED_STORAGE_IMPLEMENTED:=0
-
-## PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED must be true for INTERNAL_TRUSTED_STORAGE SUITE
-PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED:=0
-
-## PSA_INITIAL_ATTESTATION_IMPLEMENTED must be true for INITIAL_ATTESTATION SUITE
-PSA_INITIAL_ATTESTATION_IMPLEMENTED:=0
-
-# Make variables holding NSPE/SPE source files
-
-## PAL C source files part of NSPE library
-SRC_C_NSPE=
-
-## PAL ASM source files part of NSPE library
-SRC_ASM_NSPE=
-
-## PAL C source files part of SPE library - driver partition
-SRC_C_DRIVER_SP=
-
-## PAL ASM source files part of SPE library - driver partition
-SRC_ASM_DRIVER_SP=
-
-ifeq (${PSA_IPC_IMPLEMENTED},1)
-# When PSA_IPC_IMPLEMENTED=1, driver functionalities are implemented as RoT-services
-# and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
-SRC_C_NSPE += pal_client_api_intf.c
-SRC_C_NSPE += pal_driver_ipc_intf.c
-
-# Driver files will be compiled as part of driver partition
-SRC_C_DRIVER_SP += pal_driver_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
-else
-
-# When PSA_IPC_IMPLEMENTED=0, driver files will be compiled as part of NSPE
-SRC_C_NSPE += pal_client_api_empty_intf.c
-SRC_C_NSPE += pal_driver_ns_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
-endif
-
-ifeq (${PSA_CRYPTO_IMPLEMENTED},1)
-SRC_C_NSPE += pal_crypto_intf.c
-else
-SRC_C_NSPE += pal_crypto_empty_intf.c
-endif
-
-ifeq (${PSA_PROTECTED_STORAGE_IMPLEMENTED},1)
-SRC_C_NSPE += pal_protected_storage_intf.c
-else
-SRC_C_NSPE += pal_protected_storage_empty_intf.c
-endif
-
-ifeq (${PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED},1)
-SRC_C_NSPE += pal_internal_trusted_storage_intf.c
-else
-SRC_C_NSPE += pal_internal_trusted_storage_empty_intf.c
-endif
-
-ifeq (${PSA_INITIAL_ATTESTATION_IMPLEMENTED},1)
-SRC_C_NSPE += pal_attestation_intf.c
-SRC_C_NSPE += pal_attestation_eat.c
-SRC_C_NSPE += pal_attestation_crypto.c
-else
-SRC_C_NSPE += pal_attestation_empty_intf.c
-endif
-
-INCLUDE= -I$(SOURCE)/platform/targets/$(TARGET)/nspe \
- -I$(SOURCE)/platform/targets/$(TARGET)/spe \
- -I$(BUILD)/platform/$(TARGET)/ \
- -I$(SOURCE)/platform/drivers/uart/cmsdk \
- -I$(SOURCE)/platform/drivers/nvmem/ \
- -I$(SOURCE)/platform/drivers/watchdog/cmsdk \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/common \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/crypto \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation/ext/inc \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/internal_trusted_storage \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/protected_storage \
-
-VPATH=$(SOURCE)/platform/targets/$(TARGET)/: \
- $(SOURCE)/platform/targets/$(TARGET)/spe: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe: \
- $(SOURCE)/platform/drivers/uart/cmsdk: \
- $(SOURCE)/platform/drivers/nvmem: \
- $(SOURCE)/platform/drivers/watchdog/cmsdk: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/common: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/crypto: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/initial_attestation/ext/src: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/internal_trusted_storage: \
- $(SOURCE)/platform/targets/$(TARGET)/nspe/protected_storage: \
-
-all: build
-
-ifeq (${PSA_IPC_IMPLEMENTED},1)
-build: mkdir build_nspe_pal build_spe_pal
-else
-build: mkdir build_nspe_pal
-endif
-
-mkdir:
- @mkdir -p $(BUILD)/platform/nspe/
- @mkdir -p $(BUILD)/platform/spe/
-
-# BUILD NSPE PAL
-build_nspe_pal: build_c_nspe build_asm_nspe pal_nspe.a
-
-build_c_nspe: $(SRC_C_NSPE:%.c=$(BUILD)/platform/nspe/%.o)
-build_asm_nspe: $(SRC_ASM_NSPE:%.s=$(BUILD)/platform/nspe/%.o)
-
-$(BUILD)/platform/nspe/%.o : %.c
- $(CC) $(PAL_CDEFS) $(INCLUDE) -o $@ -c $<
-
-$(BUILD)/platform/nspe/%.o : %.s
- $(AS) $(INCLUDE) -o $@ $<
-
-pal_nspe.a:
- $(AR) $(AR_OPTIONS) $(BUILD)/platform/pal_nspe.a $(BUILD)/platform/nspe/*.o
-
-# BUILD SPE PAL
-build_spe_pal: build_driver_sp
-
-build_driver_sp: build_c_driver_sp build_asm_driver_sp
-
-build_c_driver_sp: $(SRC_C_DRIVER_SP:%.c=$(BUILD)/platform/spe/%_driver_sp.o)
-build_asm_driver_sp: $(SRC_ASM_DRIVER_SP:%.s=$(BUILD)/platform/spe/%_driver_sp.o)
-
-# Generated %_driver_sp.o(s) are used in spbuild.mk to create final driver_partition.a
-$(BUILD)/platform/spe/%_driver_sp.o : %.c
- $(CC) $(INCLUDE) -DSPE_BUILD -o $@ -c $<
-
-$(BUILD)/platform/spe/%_driver_sp.o : %.s
- $(AS) $(INCLUDE) -o $@ $<
-
-clean:
- @rm -rf $(BUILD)/platform/nspe/* $(BUILD)/platform/spe/*.a
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/common/driver_partition_psa.json b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/common/driver_partition_psa.json
deleted file mode 100644
index 3e2ec674..00000000
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/common/driver_partition_psa.json
+++ /dev/null
@@ -1,75 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "DRIVER_PARTITION",
- "type": "PSA-ROT",
- "priority": "NORMAL",
- "description": "Implements device services such print, flash read/write,. etc.",
- "entry_point": "driver_main",
- "stack_size": "0x400",
- "services": [{
- "name": "DRIVER_UART_SID",
- "sid": "0x0000FC01",
- "signal": "DRIVER_UART_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_WATCHDOG_SID",
- "sid": "0x0000FC02",
- "signal": "DRIVER_WATCHDOG_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_NVMEM_SID",
- "sid": "0x0000FC03",
- "signal": "DRIVER_NVMEM_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "DRIVER_TEST_SID",
- "sid": "0x0000FC04",
- "signal": "DRIVER_TEST_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "mmio_regions" : [
- {
- "name": "UART_REGION",
- "base": "0x40004000",
- "size": "0x1000",
- "permission": "READ-WRITE"
- },
- {
- "name": "WATCHDOG_REGION",
- "base": "0x40008000",
- "size": "0x1000",
- "permission": "READ-WRITE"
- },
- {
- "name": "NVMEM_REGION",
- "base": "0x2002F000",
- "size": "0x400",
- "permission": "READ-WRITE"
- },
- {
- "name": "DRIVER_PARTITION_MMIO",
- "base": "0x200AF040",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ],
- "irqs": [
- {
- "description": "Using UART TX interrupt to test psa_wait and psa_eoi for irq_signal",
- "signal": "DRIVER_UART_INTR_SIG",
- "line_num": 17
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/ipc/client_partition_psa.json b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/ipc/client_partition_psa.json
deleted file mode 100644
index b93377bd..00000000
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/ipc/client_partition_psa.json
+++ /dev/null
@@ -1,37 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "CLIENT_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Client partition executing client test func from SPE",
- "entry_point": "client_main",
- "stack_size": "0x400",
- "services": [{
- "name": "CLIENT_TEST_DISPATCHER_SID",
- "sid": "0x0000FA01",
- "signal": "CLIENT_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID",
- "DRIVER_TEST_SID",
- "SERVER_TEST_DISPATCHER_SID",
- "SERVER_UNSPECIFED_MINOR_V_SID",
- "SERVER_STRICT_MINOR_VERSION_SID",
- "SERVER_RELAX_MINOR_VERSION_SID",
- "SERVER_SECURE_CONNECT_ONLY_SID",
- "SERVER_CONNECTION_DROP_SID"
- ],
- "mmio_regions" : [
- {
- "name": "CLIENT_PARTITION_MMIO",
- "base": "0x200AF000",
- "size": "0x20",
- "permission": "READ-WRITE"
- }
- ]
-}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/ipc/server_partition_psa.json b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/ipc/server_partition_psa.json
deleted file mode 100644
index 146b8fbc..00000000
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/ipc/server_partition_psa.json
+++ /dev/null
@@ -1,69 +0,0 @@
-{
- "psa_framework_version": 1.0,
- "name": "SERVER_PARTITION",
- "type": "APPLICATION-ROT",
- "priority": "NORMAL",
- "description": "Server partition executing server test func",
- "entry_point": "server_main",
- "stack_size": "0x400",
- "heap_size": "0x100",
- "services": [{
- "name": "SERVER_TEST_DISPATCHER_SID",
- "sid": "0x0000FB01",
- "signal": "SERVER_TEST_DISPATCHER_SIG",
- "non_secure_clients": true,
- "minor_version": 1,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_SECURE_CONNECT_ONLY_SID",
- "sid": "0x0000FB02",
- "signal": "SERVER_SECURE_CONNECT_ONLY_SIG",
- "non_secure_clients": false,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_STRICT_MINOR_VERSION_SID",
- "sid": "0x0000FB03",
- "signal": "SERVER_STRICT_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "STRICT"
- },
- {
- "name": "SERVER_UNSPECIFED_MINOR_V_SID",
- "sid": "0x0000FB04",
- "signal": "SERVER_UNSPECIFED_MINOR_V_SIG",
- "non_secure_clients": true
- },
- {
- "name": "SERVER_RELAX_MINOR_VERSION_SID",
- "sid": "0x0000FB05",
- "signal": "SERVER_RELAX_MINOR_VERSION_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_UNEXTERN_SID",
- "sid": "0x0000FB06",
- "signal": "SERVER_UNEXTERN_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- },
- {
- "name": "SERVER_CONNECTION_DROP_SID",
- "sid": "0x0000FB07",
- "signal": "SERVER_CONNECTION_DROP_SIG",
- "non_secure_clients": true,
- "minor_version": 2,
- "minor_policy": "RELAXED"
- }
- ],
- "dependencies": [
- "DRIVER_UART_SID",
- "DRIVER_NVMEM_SID"
- ]
-}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_intf.c
deleted file mode 100644
index 3df6aa8d..00000000
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_intf.c
+++ /dev/null
@@ -1,340 +0,0 @@
-/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-
-#include "pal_crypto_intf.h"
-
-#define PAL_KEY_SLOT_COUNT 32
-
-/**
- @brief - This API will call the requested crypto function
- @param - type : function code
- valist : variable argument list
- @return - error status
-**/
-int32_t pal_crypto_function(int type, va_list valist)
-{
- int i;
- size_t size, *length, salt_length, label_length, ciphertext_size;
- uint8_t *buffer, *ciphertext;
- const uint8_t *salt, *label, *nonce, *additional_data;
- uint8_t *plaintext;
- uint32_t status;
- const void *extra;
- size_t extra_size, capacity, *gen_cap, nonce_length, additional_data_length;
- psa_key_handle_t handle, *key_handle, target_handle;
- psa_key_type_t key_type, *key_type_out;
- psa_key_policy_t *policy;
- psa_key_usage_t usage, *usage_out;
- psa_key_lifetime_t *lifetime_out;
- psa_algorithm_t alg, *alg_out;
- psa_hash_operation_t *hash_operation;
- psa_mac_operation_t *mac_operation;
- psa_cipher_operation_t *cipher_operation;
- psa_crypto_generator_t *generator;
-
- switch (type)
- {
- case PAL_CRYPTO_INIT:
- return psa_crypto_init();
- case PAL_CRYPTO_GENERATE_RANDOM:
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, int);
- return psa_generate_random(buffer, size);
- case PAL_CRYPTO_IMPORT_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type = va_arg(valist, psa_key_type_t);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, int);
- status = psa_import_key(handle, key_type, buffer, size);
- return status;
- case PAL_CRYPTO_EXPORT_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- buffer = (uint8_t *)(va_arg(valist, uint8_t*));
- size = va_arg(valist, int);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_export_key(handle, buffer, size, length);
- return status;
- case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- buffer = (uint8_t *)(va_arg(valist, uint8_t*));
- size = va_arg(valist, int);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_export_public_key(handle, buffer, size, length);
- return status;
- case PAL_CRYPTO_KEY_POLICY_INIT:
- policy = va_arg(valist, psa_key_policy_t*);
- memset(policy, 0, sizeof(psa_key_policy_t));
- return 0;
- case PAL_CRYPTO_KEY_POLICY_SET_USAGE:
- policy = va_arg(valist, psa_key_policy_t*);
- usage = va_arg(valist, psa_key_usage_t);
- alg = va_arg(valist, psa_algorithm_t);
- psa_key_policy_set_usage(policy, usage, alg);
- return 0;
- case PAL_CRYPTO_SET_KEY_POLICY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_set_key_policy(handle, policy);
- case PAL_CRYPTO_DESTROY_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- status = psa_destroy_key(handle);
- return status;
- case PAL_CRYPTO_GET_KEY_INFORMATION:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type_out = va_arg(valist, psa_key_type_t*);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_get_key_information(handle, key_type_out, length);
- return status;
- case PAL_CRYPTO_GET_KEY_POLICY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_get_key_policy(handle, policy);
- case PAL_CRYPTO_KEY_POLICY_GET_USAGE:
- policy = va_arg(valist, psa_key_policy_t*);
- usage_out = va_arg(valist, psa_key_usage_t*);
- *usage_out = psa_key_policy_get_usage(policy);
- return 0;
- case PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM:
- policy = va_arg(valist, psa_key_policy_t*);
- alg_out = va_arg(valist, psa_algorithm_t*);
- *alg_out = psa_key_policy_get_algorithm(policy);
- return 0;
- case PAL_CRYPTO_GET_KEY_LIFETIME:
- handle = (psa_key_handle_t)va_arg(valist, int);
- lifetime_out = va_arg(valist, psa_key_lifetime_t*);
- return psa_get_key_lifetime(handle, lifetime_out);
- case PAL_CRYPTO_HASH_SETUP:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_hash_setup(hash_operation, alg);
- case PAL_CRYPTO_HASH_UPDATE:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_hash_update(hash_operation, buffer, size);
- case PAL_CRYPTO_HASH_VERIFY:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_hash_verify(hash_operation, buffer, size);
- case PAL_CRYPTO_HASH_FINISH:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_hash_finish(hash_operation, buffer, size, length);
- case PAL_CRYPTO_HASH_ABORT:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- return psa_hash_abort(hash_operation);
- case PAL_CRYPTO_GENERATE_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type = va_arg(valist, psa_key_type_t);
- size = va_arg(valist, size_t);
- extra = va_arg(valist, const void*);
- extra_size = va_arg(valist, size_t);
- return psa_generate_key(handle, key_type, size, extra, extra_size);
- case PAL_CRYPTO_GENERATOR_READ:
- generator = va_arg(valist, psa_crypto_generator_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, int);
- return psa_generator_read(generator, buffer, size);
- case PAL_CRYPTO_KEY_DERIVATION:
- generator = va_arg(valist, psa_crypto_generator_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- salt = va_arg(valist, const uint8_t *);
- salt_length = va_arg(valist, size_t);
- label = va_arg(valist, const uint8_t *);
- label_length = va_arg(valist, size_t);
- capacity = va_arg(valist, size_t);
- return psa_key_derivation(generator, handle, alg, salt, salt_length, label,
- label_length, capacity);
- case PAL_CRYPTO_GET_GENERATOR_CAPACITY:
- generator = va_arg(valist, psa_crypto_generator_t*);
- gen_cap = va_arg(valist, size_t*);
- return psa_get_generator_capacity(generator, gen_cap);
- case PAL_CRYPTO_GENERATOR_IMPORT_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- key_type = va_arg(valist, psa_key_type_t);
- size = va_arg(valist, size_t);
- generator = va_arg(valist, psa_crypto_generator_t*);
- return psa_generator_import_key(handle, key_type, size, generator);
- case PAL_CRYPTO_GENERATOR_ABORT:
- generator = va_arg(valist, psa_crypto_generator_t*);
- return psa_generator_abort(generator);
- case PAL_CRYPTO_AEAD_ENCRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- nonce = va_arg(valist, const uint8_t *);
- nonce_length = va_arg(valist, size_t);
- additional_data = va_arg(valist, const uint8_t *);
- additional_data_length = va_arg(valist, size_t);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_aead_encrypt(handle, alg, nonce, nonce_length, additional_data,
- additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
- case PAL_CRYPTO_AEAD_DECRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- nonce = va_arg(valist, const uint8_t *);
- nonce_length = va_arg(valist, size_t);
- additional_data = va_arg(valist, const uint8_t *);
- additional_data_length = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_aead_decrypt(handle, alg, nonce, nonce_length, additional_data,
- additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
- case PAL_CRYPTO_MAC_SIGN_SETUP:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_mac_sign_setup(mac_operation, handle, alg);
- case PAL_CRYPTO_MAC_UPDATE:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_mac_update(mac_operation, buffer, size);
- case PAL_CRYPTO_MAC_SIGN_FINISH:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- length = (size_t *)va_arg(valist, size_t*);
- return psa_mac_sign_finish(mac_operation, buffer, size, length);
- case PAL_CRYPTO_MAC_VERIFY_SETUP:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_mac_verify_setup(mac_operation, handle, alg);
- case PAL_CRYPTO_MAC_VERIFY_FINISH:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_mac_verify_finish(mac_operation, buffer, size);
- case PAL_CRYPTO_MAC_ABORT:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- return psa_mac_abort(mac_operation);
- case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- salt = va_arg(valist, const uint8_t *);
- salt_length = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_asymmetric_encrypt(handle, alg, plaintext, size, salt, salt_length,
- ciphertext, ciphertext_size, length);
- case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- salt = va_arg(valist, const uint8_t *);
- salt_length = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_asymmetric_decrypt(handle, alg, plaintext, size, salt, salt_length,
- ciphertext, ciphertext_size, length);
- case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_cipher_encrypt_setup(cipher_operation, handle, alg);
- case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_cipher_decrypt_setup(cipher_operation, handle, alg);
- case PAL_CRYPTO_CIPHER_GENERATE_IV:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_cipher_generate_iv(cipher_operation, buffer, size, length);
- case PAL_CRYPTO_CIPHER_SET_IV:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_cipher_set_iv(cipher_operation, buffer, size);
- case PAL_CRYPTO_CIPHER_UPDATE:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- plaintext = va_arg(valist, uint8_t *);
- size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
- length);
- case PAL_CRYPTO_CIPHER_FINISH:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_cipher_finish(cipher_operation, ciphertext, ciphertext_size, length);
- case PAL_CRYPTO_CIPHER_ABORT:
- cipher_operation = va_arg(valist, psa_cipher_operation_t *);
- return psa_cipher_abort(cipher_operation);
- case PAL_CRYPTO_ASYMMTERIC_SIGN:
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_asymmetric_sign(handle, alg, buffer, size, ciphertext, ciphertext_size,
- length);
- case PAL_CRYPTO_ASYMMTERIC_VERIFY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- alg = va_arg(valist, psa_algorithm_t);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- return psa_asymmetric_verify(handle, alg, buffer, size, ciphertext, ciphertext_size);
- case PAL_CRYPTO_KEY_AGREEMENT:
- generator = va_arg(valist, psa_crypto_generator_t*);
- handle = (psa_key_handle_t)va_arg(valist, int);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_key_agreement(generator, handle, buffer, size, alg);
- case PAL_CRYPTO_ALLOCATE_KEY:
- key_handle = (psa_key_handle_t *)va_arg(valist, int*);
- return psa_allocate_key(key_handle);
- case PAL_CRYPTO_COPY_KEY:
- handle = (psa_key_handle_t)va_arg(valist, int);
- target_handle = (psa_key_handle_t)va_arg(valist, int);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_copy_key(handle, target_handle, policy);
- case PAL_CRYPTO_FREE:
- for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
- psa_destroy_key(i);
- return 0;
- default:
- return PAL_STATUS_UNSUPPORTED_FUNC;
- }
-}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_intf.h b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_intf.h
deleted file mode 100644
index d1dabfa4..00000000
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_intf.h
+++ /dev/null
@@ -1,76 +0,0 @@
-/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-#ifndef _PAL_CRYPTO_H_
-#define _PAL_CRYPTO_H_
-
-#include "pal_common.h"
-
-enum crypto_function_code {
- PAL_CRYPTO_INIT = 0x1,
- PAL_CRYPTO_GENERATE_RANDOM = 0x2,
- PAL_CRYPTO_IMPORT_KEY = 0x3,
- PAL_CRYPTO_EXPORT_KEY = 0x4,
- PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
- PAL_CRYPTO_DESTROY_KEY = 0x6,
- PAL_CRYPTO_GET_KEY_INFO = 0x7,
- PAL_CRYPTO_KEY_POLICY_INIT = 0x8,
- PAL_CRYPTO_KEY_POLICY_SET_USAGE = 0x9,
- PAL_CRYPTO_KEY_POLICY_GET_USAGE = 0xA,
- PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM = 0xB,
- PAL_CRYPTO_SET_KEY_POLICY = 0xC,
- PAL_CRYPTO_GET_KEY_POLICY = 0xD,
- PAL_CRYPTO_GET_KEY_INFORMATION = 0xE,
- PAL_CRYPTO_GET_KEY_LIFETIME = 0xF,
- PAL_CRYPTO_HASH_SETUP = 0x11,
- PAL_CRYPTO_HASH_UPDATE = 0x12,
- PAL_CRYPTO_HASH_VERIFY = 0x13,
- PAL_CRYPTO_HASH_FINISH = 0x14,
- PAL_CRYPTO_HASH_ABORT = 0x15,
- PAL_CRYPTO_GENERATE_KEY = 0x16,
- PAL_CRYPTO_GENERATOR_READ = 0x17,
- PAL_CRYPTO_KEY_DERIVATION = 0x18,
- PAL_CRYPTO_GET_GENERATOR_CAPACITY = 0x19,
- PAL_CRYPTO_GENERATOR_IMPORT_KEY = 0x1A,
- PAL_CRYPTO_GENERATOR_ABORT = 0x1B,
- PAL_CRYPTO_AEAD_ENCRYPT = 0x1C,
- PAL_CRYPTO_AEAD_DECRYPT = 0x1D,
- PAL_CRYPTO_MAC_SIGN_SETUP = 0x1E,
- PAL_CRYPTO_MAC_UPDATE = 0x1F,
- PAL_CRYPTO_MAC_SIGN_FINISH = 0x20,
- PAL_CRYPTO_MAC_VERIFY_SETUP = 0x21,
- PAL_CRYPTO_MAC_VERIFY_FINISH = 0x22,
- PAL_CRYPTO_MAC_ABORT = 0x23,
- PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x24,
- PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x25,
- PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x26,
- PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x2A,
- PAL_CRYPTO_CIPHER_GENERATE_IV = 0x2B,
- PAL_CRYPTO_CIPHER_SET_IV = 0x2C,
- PAL_CRYPTO_CIPHER_UPDATE = 0x2D,
- PAL_CRYPTO_CIPHER_FINISH = 0x2E,
- PAL_CRYPTO_CIPHER_ABORT = 0x2F,
- PAL_CRYPTO_ASYMMTERIC_SIGN = 0x30,
- PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x31,
- PAL_CRYPTO_KEY_AGREEMENT = 0x32,
- PAL_CRYPTO_ALLOCATE_KEY = 0x33,
- PAL_CRYPTO_COPY_KEY = 0x34,
- PAL_CRYPTO_FREE = 0xFE,
-};
-
-int32_t pal_crypto_function(int type, va_list valist);
-#endif /* _PAL_CRYPTO_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_crypto.c
deleted file mode 100644
index ae2bdba4..00000000
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_crypto.c
+++ /dev/null
@@ -1,346 +0,0 @@
-/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-#include "pal_attestation_crypto.h"
-
-static uint32_t public_key_registered = 0;
-
-static inline struct q_useful_buf_c useful_buf_head(struct q_useful_buf_c buf,
- size_t amount)
-{
- return UsefulBuf_Head(buf, amount);
-}
-
-static uint32_t check_hash_sizes(void)
-{
- if (T_COSE_CRYPTO_SHA256_SIZE != PSA_HASH_SIZE(PSA_ALG_SHA_256))
- {
- return PAL_ATTEST_HASH_FAIL;
- }
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static psa_ecc_curve_t attest_map_elliptic_curve_type(int32_t cose_curve)
-{
- psa_ecc_curve_t psa_curve;
-
- /*FixMe: Mapping is not complete, missing ones: P384, P521, ED25519, ED448 */
- switch (cose_curve)
- {
- case P_256:
- psa_curve = PSA_ECC_CURVE_SECP256R1;
- break;
- default:
- psa_curve = USHRT_MAX;
- }
-
- return psa_curve;
-}
-
-static psa_algorithm_t cose_hash_alg_id_to_psa(int32_t cose_hash_alg_id)
-{
- psa_algorithm_t status;
-
- switch (cose_hash_alg_id)
- {
- case COSE_ALG_SHA256_PROPRIETARY:
- status = PSA_ALG_SHA_256;
- break;
- default:
- status = PSA_ALG_MD4;
- break;
- }
-
- return status;
-}
-
-static int32_t hash_alg_id_from_sig_alg_id(int32_t cose_sig_alg_id)
-{
- switch (cose_sig_alg_id)
- {
- case COSE_ALGORITHM_ES256:
- return COSE_ALG_SHA256_PROPRIETARY;
- default:
- return INT32_MAX;
- }
-}
-
-int32_t pal_cose_crypto_hash_start(struct pal_cose_crypto_hash *hash_ctx, int32_t cose_hash_alg_id)
-{
- int32_t cose_ret = PAL_ATTEST_SUCCESS;
- psa_status_t psa_ret;
- struct pal_cose_psa_crypto_hash *psa_hash_ctx;
-
- cose_ret = check_hash_sizes();
- if (cose_ret)
- {
- goto error;
- }
-
- if (sizeof(struct pal_cose_crypto_hash) < sizeof(struct pal_cose_psa_crypto_hash))
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- goto error;
- }
-
- psa_hash_ctx = (struct pal_cose_psa_crypto_hash *)hash_ctx;
- psa_ret = psa_hash_setup(&psa_hash_ctx->operation, cose_hash_alg_id_to_psa(cose_hash_alg_id));
-
- if (psa_ret == PAL_ATTEST_SUCCESS)
- {
- psa_hash_ctx->status = PAL_ATTEST_SUCCESS;
- cose_ret = PAL_ATTEST_SUCCESS;
- }
- else if (psa_ret == PSA_ERROR_NOT_SUPPORTED)
- {
- cose_ret = PAL_ATTEST_HASH_UNSUPPORTED;
- }
- else
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- }
-
-error:
- return cose_ret;
-}
-
-void pal_cose_crypto_hash_update(struct pal_cose_crypto_hash *hash_ctx,
- struct q_useful_buf_c data_to_hash)
-{
- struct pal_cose_psa_crypto_hash *psa_hash_ctx;
-
- if (sizeof(struct pal_cose_crypto_hash) < sizeof(struct pal_cose_psa_crypto_hash))
- {
- return;
- }
-
- psa_hash_ctx = (struct pal_cose_psa_crypto_hash *)hash_ctx;
-
- if (psa_hash_ctx->status == PAL_ATTEST_SUCCESS)
- {
- if (data_to_hash.ptr != NULL)
- {
- psa_hash_ctx->status = psa_hash_update(&psa_hash_ctx->operation,
- data_to_hash.ptr,
- data_to_hash.len);
- }
- else
- {
- /* Intentionally do nothing, just computing the size of the token */
- }
- }
-}
-
-int32_t pal_cose_crypto_hash_finish(struct pal_cose_crypto_hash *hash_ctx,
- struct q_useful_buf buffer_to_hold_result,
- struct q_useful_buf_c *hash_result)
-{
- uint32_t cose_ret = PAL_ATTEST_SUCCESS;
- psa_status_t psa_ret;
- struct pal_cose_psa_crypto_hash *psa_hash_ctx;
-
- if (sizeof(struct pal_cose_crypto_hash) < sizeof(struct pal_cose_psa_crypto_hash))
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- goto error;
- }
-
- psa_hash_ctx = (struct pal_cose_psa_crypto_hash *)hash_ctx;
-
- if (psa_hash_ctx->status == PAL_ATTEST_SUCCESS)
- {
- psa_ret = psa_hash_finish(&psa_hash_ctx->operation,
- buffer_to_hold_result.ptr,
- buffer_to_hold_result.len,
- &(hash_result->len));
-
- if (psa_ret == PAL_ATTEST_SUCCESS)
- {
- hash_result->ptr = buffer_to_hold_result.ptr;
- cose_ret = 0;
- }
- else if (psa_ret == PSA_ERROR_BUFFER_TOO_SMALL)
- {
- cose_ret = PAL_ATTEST_HASH_BUFFER_SIZE;
- }
- else
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- }
- }
- else
- {
- cose_ret = PAL_ATTEST_HASH_FAIL;
- }
-
-error:
- return cose_ret;
-}
-
-int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
- struct q_useful_buf_c *hash)
-{
- uint32_t status = PAL_ATTEST_SUCCESS;
- struct pal_cose_crypto_hash hash_ctx;
-
- status = pal_cose_crypto_hash_start(&hash_ctx, COSE_ALG_SHA256_PROPRIETARY);
- if (status)
- return status;
-
- pal_cose_crypto_hash_update(&hash_ctx, bytes_to_hash);
- status = pal_cose_crypto_hash_finish(&hash_ctx, buffer_for_hash, hash);
-
- return status;
-}
-
-uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
- struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
- struct q_useful_buf_c payload)
-{
- uint32_t status;
- QCBOREncodeContext cbor_encode_ctx;
- struct q_useful_buf_c tbs_first_part;
- QCBORError qcbor_result;
- struct pal_cose_crypto_hash hash_ctx = {{0}};
- int32_t hash_alg_id;
- UsefulBuf_MAKE_STACK_UB (buffer_for_TBS_first_part, T_COSE_SIZE_OF_TBS);
-
- /* This builds the CBOR-format to-be-signed bytes */
- QCBOREncode_Init(&cbor_encode_ctx, buffer_for_TBS_first_part);
- QCBOREncode_OpenArray(&cbor_encode_ctx);
- /* context */
- QCBOREncode_AddSZString(&cbor_encode_ctx,
- COSE_SIG_CONTEXT_STRING_SIGNATURE1);
- /* body_protected */
- QCBOREncode_AddBytes(&cbor_encode_ctx,
- protected_headers);
- /* sign_protected */
- QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
- /* external_aad */
- QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
- /* fake payload */
- QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
- QCBOREncode_CloseArray(&cbor_encode_ctx);
-
- /* Get the result and convert it to struct q_useful_buf_c representation */
- qcbor_result = QCBOREncode_Finish(&cbor_encode_ctx, &tbs_first_part);
- if (qcbor_result)
- {
- /* Mainly means that the protected_headers were too big
- (which should never happen) */
- status = PAL_ATTEST_ERR_SIGN_STRUCT;
- goto Done;
- }
-
- /* Start the hashing */
- hash_alg_id = hash_alg_id_from_sig_alg_id(cose_alg_id);
-
- /* Don't check hash_alg_id for failure. pal_cose_crypto_hash_start()
- * will handle it properly
- */
- status = pal_cose_crypto_hash_start(&hash_ctx, hash_alg_id);
- if (status)
- goto Done;
-
- /* Hash the first part of the TBS. Take all but the last two
- * bytes. The last two bytes are the fake payload from above. It
- * is replaced by the real payload which is hashed next. The fake
- * payload is needed so the array count is right. This is one of
- * the main things that make it possible to implement with one
- * buffer for the whole cose sign1.
- */
- pal_cose_crypto_hash_update(&hash_ctx, useful_buf_head(tbs_first_part,
- tbs_first_part.len - 2));
-
- /* Hash the payload */
- pal_cose_crypto_hash_update(&hash_ctx, payload);
-
- /* Finish the hash and set up to return it */
- status = pal_cose_crypto_hash_finish(&hash_ctx,
- buffer_for_hash,
- hash);
-
-Done:
- return status;
-}
-
-uint32_t pal_import_attest_key(int32_t alg)
-{
- psa_key_type_t attest_key_type;
- size_t public_key_size;
- psa_status_t status = PSA_SUCCESS;
- psa_key_policy_t policy;
- psa_ecc_curve_t psa_curve;
- psa_key_handle_t public_key_handle;
-
- /* Mapping of COSE curve type to PSA curve types */
- psa_curve = attest_map_elliptic_curve_type(P_256);
- if (psa_curve == USHRT_MAX)
- return PAL_ATTEST_ERROR;
-
- /* Setup the key policy for public key */
- policy = psa_key_policy_init();
- psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_VERIFY, alg);
-
- status = psa_allocate_key(&public_key_handle);
- if (status != PSA_SUCCESS)
- return status;
-
- status = psa_set_key_policy(public_key_handle, &policy);
- if (status != PSA_SUCCESS)
- return status;
-
- attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(psa_curve);
-
- /* Register public key to crypto service */
- public_key_size = attest_key.pubx_key_size + attest_key.puby_key_size;
-
- status = psa_import_key(public_key_handle,
- attest_key_type,
- (const uint8_t *)&attest_public_key,
- public_key_size + 1);
-
- return status;
-}
-
-
-uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id,
- struct q_useful_buf_c token_hash,
- struct q_useful_buf_c signature)
-{
- uint32_t status = PAL_ATTEST_SUCCESS;
-
- if (!public_key_registered)
- {
- status = pal_import_attest_key(cose_algorithm_id);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- public_key_registered = 1;
- }
-
-/*
- * Enable the verify function when Trusted Firmare - M Supports
-
- * Verify the signature a hash or short message using a public key.
- status = psa_asymmetric_verify(public_key_handle,
- cose_algorithm_id, token_hash.ptr, token_hash.len,
- signature.ptr, signature.len);
-*/
- return status;
-}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_eat.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_eat.c
deleted file mode 100644
index 178fdc9c..00000000
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_eat.c
+++ /dev/null
@@ -1,491 +0,0 @@
-/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-#include "pal_attestation_crypto.h"
-
-uint32_t mandatory_claims = 0;
-uint32_t mandaroty_sw_components = 0;
-bool_t sw_component_present = 0;
-
-static int pal_encode_cose_key(struct q_useful_buf_c *cose_key,
- struct q_useful_buf buffer_for_cose_key,
- struct q_useful_buf_c x_cord, struct q_useful_buf_c y_cord)
-{
- uint32_t return_value;
- QCBORError qcbor_result;
- QCBOREncodeContext cbor_encode_ctx;
- int32_t cose_curve_id = P_256;
- struct q_useful_buf_c encoded_key_id;
-
- /* Get the public key x and y */
- /* Encode it into a COSE_Key structure */
- QCBOREncode_Init(&cbor_encode_ctx, buffer_for_cose_key);
- QCBOREncode_OpenMap(&cbor_encode_ctx);
- QCBOREncode_AddInt64ToMapN(&cbor_encode_ctx,
- COSE_KEY_COMMON_KTY,
- COSE_KEY_TYPE_EC2);
- QCBOREncode_AddInt64ToMapN(&cbor_encode_ctx,
- COSE_KEY_PARAM_CRV,
- cose_curve_id);
- QCBOREncode_AddBytesToMapN(&cbor_encode_ctx,
- COSE_KEY_PARAM_X_COORDINATE,
- x_cord);
- QCBOREncode_AddBytesToMapN(&cbor_encode_ctx,
- COSE_KEY_PARAM_Y_COORDINATE,
- y_cord);
- QCBOREncode_CloseMap(&cbor_encode_ctx);
-
- qcbor_result = QCBOREncode_Finish(&cbor_encode_ctx, &encoded_key_id);
- if (qcbor_result != QCBOR_SUCCESS)
- {
- /* Mainly means that the COSE_Key was too big for buffer_for_cose_key */
- return_value = PAL_ATTEST_ERR_PROTECTED_HEADERS;
- goto Done;
- }
-
- /* Finish up and return */
- *cose_key = encoded_key_id;
- return_value = PAL_ATTEST_SUCCESS;
-
-Done:
- return return_value;
-}
-
-
-static int get_items_in_map(QCBORDecodeContext *decode_context,
- struct items_to_get_t *item_list)
-{
- int item_index;
- QCBORItem item;
- struct items_to_get_t *item_ptr = item_list;
-
- /* initialize the data type of all items in the list */
- while (item_ptr->label != 0)
- {
- item_ptr->item.uDataType = QCBOR_TYPE_NONE;
- item_ptr++;
- }
-
- QCBORDecode_GetNext(decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_MAP)
- {
- return PAL_ATTEST_ERROR;
- }
-
- for (item_index = item.val.uCount; item_index != 0; item_index--)
- {
- if (QCBORDecode_GetNext(decode_context, &item) != QCBOR_SUCCESS)
- {
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- if (item.uLabelType != QCBOR_TYPE_INT64)
- {
- continue;
- }
-
- item_ptr = item_list;
- while (item_ptr->label != 0)
- {
- if (item.label.int64 == item_ptr->label)
- {
- item_ptr->item = item;
- }
- item_ptr++;
- }
- }
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static int get_item_in_map(QCBORDecodeContext *decode_context,
- int32_t label,
- QCBORItem *item)
-{
- struct items_to_get_t item_list[2];
-
- item_list[0].label = label;
- item_list[1].label = 0;
-
- if (get_items_in_map(decode_context, item_list))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if (item_list[0].item.uDataType == QCBOR_TYPE_NONE)
- {
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
-
- *item = item_list[0].item;
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static int parse_unprotected_headers(QCBORDecodeContext *decode_context,
- struct q_useful_buf_c *child,
- bool *loop_back)
-{
- struct items_to_get_t item_list[3];
-
- item_list[0].label = COSE_HEADER_PARAM_KID;
- item_list[1].label = T_COSE_SHORT_CIRCUIT_LABEL;
- item_list[2].label = 0;
- *loop_back = false;
-
- if (get_items_in_map(decode_context, item_list))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if (item_list[1].item.uDataType == QCBOR_TYPE_TRUE)
- {
- *loop_back = true;
- }
-
- if (item_list[0].item.uDataType != QCBOR_TYPE_BYTE_STRING)
- {
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
-
- *child = item_list[0].item.val.string;
-
- return PAL_ATTEST_SUCCESS;
-}
-
-static int parse_protected_headers(struct q_useful_buf_c protected_headers,
- int32_t *alg_id)
-{
- QCBORDecodeContext decode_context;
- QCBORItem item;
-
- QCBORDecode_Init(&decode_context, protected_headers, 0);
-
- if (get_item_in_map(&decode_context, COSE_HEADER_PARAM_ALG, &item))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if (QCBORDecode_Finish(&decode_context))
- {
- return PAL_ATTEST_ERROR;
- }
-
- if ((item.uDataType != QCBOR_TYPE_INT64) || (item.val.int64 > INT32_MAX))
- {
- return PAL_ATTEST_ERROR;
- }
-
- *alg_id = (int32_t)item.val.int64;
-
- return PAL_ATTEST_SUCCESS;
-}
-
-/**
- @brief - This API will verify the claims
- @param - decode_context : The buffer containing the challenge
- item : context for decoding the data items
- completed_challenge : Buffer containing the challenge
- @return - error status
-**/
-static int parse_claims(QCBORDecodeContext *decode_context, QCBORItem item,
- struct q_useful_buf_c completed_challenge)
-{
- int i, count = 0;
- int status = PAL_ATTEST_SUCCESS;
-
- /* Parse each claim and validate their data type */
- while (status == PAL_ATTEST_SUCCESS)
- {
- status = QCBORDecode_GetNext(decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- break;
-
- mandatory_claims |= 1 << (EAT_CBOR_ARM_RANGE_BASE - item.label.int64);
- if (item.uLabelType == QCBOR_TYPE_INT64)
- {
- if (item.label.int64 == EAT_CBOR_ARM_LABEL_NONCE)
- {
- if (item.uDataType == QCBOR_TYPE_BYTE_STRING)
- {
- /* Given challenge vs challenge in token */
- if (UsefulBuf_Compare(item.val.string, completed_challenge))
- return PAL_ATTEST_TOKEN_CHALLENGE_MISMATCH;
- }
- else
- return PAL_ATTEST_TOKEN_NOT_SUPPORTED;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_BOOT_SEED ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_UEID)
- {
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_ORIGINATION ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_PROFILE_DEFINITION ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_HW_VERSION)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_CLIENT_ID ||
- item.label.int64 == EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE)
- {
- if (item.uDataType != QCBOR_TYPE_INT64)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_ARM_LABEL_SW_COMPONENTS)
- {
- if (item.uDataType != QCBOR_TYPE_ARRAY)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- sw_component_present = 1;
- status = QCBORDecode_GetNext(decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- continue;
-
- count = item.val.uCount;
- for (i = 0; i <= count; i++)
- {
- mandaroty_sw_components |= 1 << item.label.int64;
-
- if (item.label.int64 == EAT_CBOR_SW_COMPONENT_MEASUREMENT)
- {
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_MEASUREMENT_DESC)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_VERSION)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_SIGNER_ID)
- {
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_EPOCH)
- {
- if (item.uDataType != QCBOR_TYPE_INT64)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- else if (item.label.int64 == EAT_CBOR_SW_COMPONENT_TYPE)
- {
- if (item.uDataType != QCBOR_TYPE_TEXT_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
-
- if (i < count)
- {
- status = QCBORDecode_GetNext(decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
- }
- }
-
- }
- }
- else
- {
- /* ToDo: Add other claim types */
- }
- }
-
- if (status == QCBOR_ERR_HIT_END)
- return PAL_ATTEST_SUCCESS;
- else
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-}
-
-/**
- @brief - This API will verify the attestation token
- @param - challenge : The buffer containing the challenge
- challenge_size : Size of the challenge buffer
- token : The buffer containing the attestation token
- token_size : Size of the token buffer
- @return - error status
-**/
-int32_t pal_initial_attest_verify_token(uint8_t *challenge, uint32_t challenge_size,
- uint8_t *token, uint32_t token_size)
-{
- int32_t status = PAL_ATTEST_SUCCESS;
- bool short_circuit;
- int32_t cose_algorithm_id;
- QCBORItem item;
- QCBORDecodeContext decode_context;
- struct q_useful_buf_c completed_challenge;
- struct q_useful_buf_c completed_token;
- struct q_useful_buf_c payload;
- struct q_useful_buf_c signature;
- struct q_useful_buf_c protected_headers;
- struct q_useful_buf_c kid;
- struct q_useful_buf_c x_cord;
- struct q_useful_buf_c y_cord;
- struct q_useful_buf_c cose_key_to_hash;
- struct q_useful_buf_c key_hash;
- struct q_useful_buf_c token_hash;
- USEFUL_BUF_MAKE_STACK_UB(buf_to_hold_x_coord, T_COSE_CRYPTO_EC_P256_COORD_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buf_to_hold_y_coord, T_COSE_CRYPTO_EC_P256_COORD_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_kid, T_COSE_CRYPTO_SHA256_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_cose_key, MAX_ENCODED_COSE_KEY_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_encoded_key, MAX_ENCODED_COSE_KEY_SIZE);
- USEFUL_BUF_MAKE_STACK_UB(buffer_for_token_hash, T_COSE_CRYPTO_SHA256_SIZE);
-
- kid.ptr = buffer_for_encoded_key.ptr;
-
- memcpy(buf_to_hold_x_coord.ptr, (const void *)attest_key.pubx_key, attest_key.pubx_key_size);
- memcpy(buf_to_hold_y_coord.ptr, (const void *)attest_key.puby_key, attest_key.puby_key_size);
-
- /* Update size */
- buf_to_hold_x_coord.len = attest_key.pubx_key_size;
- buf_to_hold_y_coord.len = attest_key.puby_key_size;
-
- x_cord.ptr = buf_to_hold_x_coord.ptr;
- x_cord.len = buf_to_hold_x_coord.len;
- y_cord.ptr = buf_to_hold_y_coord.ptr;
- y_cord.len = buf_to_hold_y_coord.len;
-
- /* Construct the token buffer for validation */
- completed_token.ptr = token;
- completed_token.len = token_size;
-
- /* Construct the challenge buffer for validation */
- completed_challenge.ptr = challenge;
- completed_challenge.len = challenge_size;
-
-/*
- -------------------------
- | CBOR Array Type |
- -------------------------
- | Protected Headers |
- -------------------------
- | Unprotected Headers |
- -------------------------
- | Payload |
- -------------------------
- | Signature |
- -------------------------
-*/
-
- /* Initialize the decorder */
- QCBORDecode_Init(&decode_context, completed_token, QCBOR_DECODE_MODE_NORMAL);
-
- /* Get the Header */
- QCBORDecode_GetNext(&decode_context, &item);
-
- /* Check the CBOR Array type. Check if the count is 4.
- * Only COSE_SIGN1 is supported now.
- */
- if (item.uDataType != QCBOR_TYPE_ARRAY || item.val.uCount != 4 ||
- !QCBORDecode_IsTagged(&decode_context, &item, CBOR_TAG_COSE_SIGN1))
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- /* Get the next headers */
- QCBORDecode_GetNext(&decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- protected_headers = item.val.string;
-
- /* Parse the protected headers and check the data type and value*/
- status = parse_protected_headers(protected_headers, &cose_algorithm_id);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Parse the unprotected headers and check the data type and value */
- short_circuit = false;
- status = parse_unprotected_headers(&decode_context, &kid, &short_circuit);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Encode the given public key */
- status = pal_encode_cose_key(&cose_key_to_hash, buffer_for_cose_key, x_cord, y_cord);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Create hash of the given public key */
- status = pal_create_sha256(cose_key_to_hash, buffer_for_kid, &key_hash);
- if (status != PSA_SUCCESS)
- return status;
-
- /* Compare the hash of the public key in token and hash of the given public key */
- if (kid.len != key_hash.len)
- {
- return PAL_ATTEST_HASH_LENGTH_MISMATCH;
- }
-
- if (memcmp(kid.ptr, key_hash.ptr, kid.len) != 0)
- {
- return PAL_ATTEST_HASH_MISMATCH;
- }
-
- /* Get the payload */
- QCBORDecode_GetNext(&decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- payload = item.val.string;
-
- /* Get the digital signature */
- QCBORDecode_GetNext(&decode_context, &item);
- if (item.uDataType != QCBOR_TYPE_BYTE_STRING)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- signature = item.val.string;
-
- /* Compute the hash from the token */
- status = pal_compute_hash(cose_algorithm_id, buffer_for_token_hash, &token_hash,
- protected_headers, payload);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Verify the signature */
- status = pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- /* Initialize the Decoder and validate the payload format */
- QCBORDecode_Init(&decode_context, payload, QCBOR_DECODE_MODE_NORMAL);
- status = QCBORDecode_GetNext(&decode_context, &item);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- if (item.uDataType != QCBOR_TYPE_MAP)
- return PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING;
-
- /* Parse the payload and check the data type of each claim */
- status = parse_claims(&decode_context, item, completed_challenge);
- if (status != PAL_ATTEST_SUCCESS)
- return status;
-
- if ((mandatory_claims & MANDATORY_CLAIM_WITH_SW_COMP) == MANDATORY_CLAIM_WITH_SW_COMP)
- {
- if ((mandaroty_sw_components & MANDATORY_SW_COMP) != MANDATORY_SW_COMP)
- return PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS;
- }
- else if ((mandatory_claims & MANDATORY_CLAIM_NO_SW_COMP) != MANDATORY_CLAIM_NO_SW_COMP)
- {
- return PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS;
- }
-
- return PAL_ATTEST_SUCCESS;
-}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_eat.h b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_eat.h
deleted file mode 100644
index 8a0c5455..00000000
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_eat.h
+++ /dev/null
@@ -1,170 +0,0 @@
-/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-#include "qcbor.h"
-#include "pal_common.h"
-#include "psa/crypto.h"
-
-#define PAL_ATTEST_MIN_ERROR 30
-
-/* NIST P-256 also known as secp256r1 */
-#define P_256 1
-
-#define COSE_HEADER_PARAM_ALG 1
-#define COSE_HEADER_PARAM_KID 4
-
-#define COSE_KEY_COMMON_KTY 1
-#define COSE_KEY_TYPE_EC2 2
-#define COSE_KEY_PARAM_CRV -1
-#define COSE_KEY_PARAM_X_COORDINATE -2
-#define COSE_KEY_PARAM_Y_COORDINATE -3
-#define COSE_ALGORITHM_ES256 -7
-#define COSE_ALG_SHA256_PROPRIETARY -72000
-
-/**
- * The size of X and Y coordinate in 2 parameter style EC public
- * key. Format is as defined in [COSE (RFC 8152)]
- * (https://tools.ietf.org/html/rfc8152) and [SEC 1: Elliptic Curve
- * Cryptography](http://www.secg.org/sec1-v2.pdf).
- *
- * This size is well-known and documented in public standards.
- */
-#define T_COSE_CRYPTO_EC_P256_COORD_SIZE 32
-#define T_COSE_CRYPTO_SHA256_SIZE 32
-
-#define MAX_ENCODED_COSE_KEY_SIZE \
- 1 + /* 1 byte to encode map */ \
- 2 + /* 2 bytes to encode key type */ \
- 2 + /* 2 bytes to encode curve */ \
- 2 * /* the X and Y coordinates at 32 bytes each */ \
- (T_COSE_CRYPTO_EC_P256_COORD_SIZE + 1 + 2)
-#define USEFUL_BUF_MAKE_STACK_UB UsefulBuf_MAKE_STACK_UB
-
-#define COSE_SIG_CONTEXT_STRING_SIGNATURE1 "Signature1"
-
-/* Private value. Intentionally not documented for Doxygen.
- * This is the size allocated for the encoded protected headers. It
- * needs to be big enough for make_protected_header() to succeed. It
- * currently sized for one header with an algorithm ID up to 32 bits
- * long -- one byte for the wrapping map, one byte for the label, 5
- * bytes for the ID. If this is made accidentially too small, QCBOR will
- * only return an error, and not overrun any buffers.
- *
- * 9 extra bytes are added, rounding it up to 16 total, in case some
- * other protected header is to be added.
- */
-#define T_COSE_SIGN1_MAX_PROT_HEADER (1+1+5+9)
-
-/**
- * This is the size of the first part of the CBOR encoded TBS
- * bytes. It is around 20 bytes. See create_tbs_hash().
- */
-#define T_COSE_SIZE_OF_TBS \
- 1 + /* For opening the array */ \
- sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \
- 2 + /* Overhead for encoding string */ \
- T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \
- 3 * ( /* 3 NULL bstrs for fields not used */ \
- 1 /* size of a NULL bstr */ \
- )
-
-/*
- CBOR Label for proprietary header indicating short-circuit
- signing was used. Just a random number in the proprietary
- label space */
-#define T_COSE_SHORT_CIRCUIT_LABEL (-8675309)
-
-#define EAT_CBOR_ARM_RANGE_BASE (-75000)
-#define EAT_CBOR_ARM_LABEL_PROFILE_DEFINITION (EAT_CBOR_ARM_RANGE_BASE - 0)
-#define EAT_CBOR_ARM_LABEL_CLIENT_ID (EAT_CBOR_ARM_RANGE_BASE - 1)
-#define EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE (EAT_CBOR_ARM_RANGE_BASE - 2)
-#define EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID (EAT_CBOR_ARM_RANGE_BASE - 3)
-#define EAT_CBOR_ARM_LABEL_BOOT_SEED (EAT_CBOR_ARM_RANGE_BASE - 4)
-#define EAT_CBOR_ARM_LABEL_HW_VERSION (EAT_CBOR_ARM_RANGE_BASE - 5)
-#define EAT_CBOR_ARM_LABEL_SW_COMPONENTS (EAT_CBOR_ARM_RANGE_BASE - 6)
-#define EAT_CBOR_ARM_LABEL_NO_SW_COMPONENTS (EAT_CBOR_ARM_RANGE_BASE - 7)
-#define EAT_CBOR_ARM_LABEL_NONCE (EAT_CBOR_ARM_RANGE_BASE - 8)
-#define EAT_CBOR_ARM_LABEL_UEID (EAT_CBOR_ARM_RANGE_BASE - 9)
-#define EAT_CBOR_ARM_LABEL_ORIGINATION (EAT_CBOR_ARM_RANGE_BASE - 10)
-
-#define CBOR_ARM_TOTAL_CLAIM_INSTANCE 10
-
-#define EAT_CBOR_SW_COMPONENT_TYPE (1u)
-#define EAT_CBOR_SW_COMPONENT_MEASUREMENT (2u)
-#define EAT_CBOR_SW_COMPONENT_EPOCH (3u)
-#define EAT_CBOR_SW_COMPONENT_VERSION (4u)
-#define EAT_CBOR_SW_COMPONENT_SIGNER_ID (5u)
-#define EAT_CBOR_SW_COMPONENT_MEASUREMENT_DESC (6u)
-
-#define MANDATORY_CLAIM_WITH_SW_COMP (1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_NONCE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_UEID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_CLIENT_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_BOOT_SEED) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_SW_COMPONENTS))
-
-#define MANDATORY_CLAIM_NO_SW_COMP (1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_NONCE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_UEID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_IMPLEMENTATION_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_CLIENT_ID) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_SECURITY_LIFECYCLE) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_BOOT_SEED) | \
- 1 << (EAT_CBOR_ARM_RANGE_BASE \
- - EAT_CBOR_ARM_LABEL_NO_SW_COMPONENTS))
-
-#define MANDATORY_SW_COMP (1 << EAT_CBOR_SW_COMPONENT_MEASUREMENT | \
- 1 << EAT_CBOR_SW_COMPONENT_SIGNER_ID)
-
-#define NULL_USEFUL_BUF_C NULLUsefulBufC
-
-enum attestation_error_code {
- PAL_ATTEST_SUCCESS = 0,
- PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING = PAL_ATTEST_MIN_ERROR,
- PAL_ATTEST_TOKEN_CHALLENGE_MISMATCH,
- PAL_ATTEST_TOKEN_NOT_SUPPORTED,
- PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS,
- PAL_ATTEST_HASH_LENGTH_MISMATCH,
- PAL_ATTEST_HASH_MISMATCH,
- PAL_ATTEST_HASH_FAIL,
- PAL_ATTEST_HASH_UNSUPPORTED,
- PAL_ATTEST_HASH_BUFFER_SIZE,
- PAL_ATTEST_ERR_PROTECTED_HEADERS,
- PAL_ATTEST_ERR_SIGN_STRUCT,
- PAL_ATTEST_ERROR,
-};
-
-struct items_to_get_t {
- int64_t label;
- QCBORItem item;
-};
-
-int32_t pal_initial_attest_verify_token(uint8_t *challenge, uint32_t challenge_size,
- uint8_t *token, uint32_t token_size);
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_intf.c
deleted file mode 100644
index 2d99f74d..00000000
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_intf.c
+++ /dev/null
@@ -1,54 +0,0 @@
-/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-
-#include "pal_attestation_intf.h"
-
-/**
- @brief - This API will call the requested attestation function
- @param - type : function code
- valist : variable argument list
- @return - error status
-**/
-int32_t pal_attestation_function(int type, va_list valist)
-{
- uint8_t *challenge, *token;
- uint32_t challenge_size, *token_size, verify_token_size;
-
- switch (type)
- {
- case PAL_INITIAL_ATTEST_GET_TOKEN:
- challenge = va_arg(valist, uint8_t*);
- challenge_size = va_arg(valist, uint32_t);
- token = va_arg(valist, uint8_t*);
- token_size = va_arg(valist, uint32_t*);
- return psa_initial_attest_get_token(challenge, challenge_size, token, token_size);
- case PAL_INITIAL_ATTEST_GET_TOKEN_SIZE:
- challenge_size = va_arg(valist, uint32_t);
- token_size = va_arg(valist, uint32_t*);
- return psa_initial_attest_get_token_size(challenge_size, token_size);
- case PAL_INITIAL_ATTEST_VERIFY_TOKEN:
- challenge = va_arg(valist, uint8_t*);
- challenge_size = va_arg(valist, uint32_t);
- token = va_arg(valist, uint8_t*);
- verify_token_size = va_arg(valist, uint32_t);
- return pal_initial_attest_verify_token(challenge, challenge_size,
- token, verify_token_size);
- default:
- return PAL_STATUS_UNSUPPORTED_FUNC;
- }
-}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/spe/pal_driver_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/spe/pal_driver_intf.c
deleted file mode 100644
index fd307839..00000000
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/spe/pal_driver_intf.c
+++ /dev/null
@@ -1,132 +0,0 @@
- /** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- **/
-
-#include "pal_driver_intf.h"
-
-/**
- @brief - This function initializes the UART
- @param - uart base addr
- @return - void
-**/
-void pal_uart_init(uint32_t uart_base_addr)
-{
- pal_uart_cmsdk_init(uart_base_addr);
-}
-
-/**
- @brief - This function parses the input string and writes bytes into UART TX FIFO
- @param - str : Input String
- - data : Value for format specifier
-**/
-
-void pal_print(char *str, int32_t data)
-{
- pal_cmsdk_print(str,data);
-
-}
-
-
-/**
- @brief - Writes into given non-volatile address.
- @param - base : Base address of nvmem
- offset : Offset
- buffer : Pointer to source address
- size : Number of bytes
- @return - 1/0
-**/
-int pal_nvmem_write(addr_t base, uint32_t offset, void *buffer, int size)
-{
- return nvmem_write(base, offset, buffer, size);
-}
-
-/**
- @brief - Reads from given non-volatile address.
- @param - base : Base address of nvmem
- offset : Offset
- buffer : Pointer to source address
- size : Number of bytes
- @return - 1/0
-**/
-int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size)
-{
- return nvmem_read(base, offset, buffer, size);
-}
-
-
-/**
- @brief - Initializes an hardware watchdog timer
- @param - base_addr : Base address of the watchdog module
- - time_us : Time in micro seconds
- - timer_tick_us : Number of ticks per micro second
- @return - SUCCESS/FAILURE
-**/
-int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
-{
- return(pal_wd_cmsdk_init(base_addr,time_us, timer_tick_us));
-
-}
-
-/**
- @brief - Enables a hardware watchdog timer
- @param - base_addr : Base address of the watchdog module
- @return - SUCCESS/FAILURE
-**/
-int pal_wd_timer_enable(addr_t base_addr)
-{
- return(pal_wd_cmsdk_enable(base_addr));
-}
-
-/**
- @brief - Disables a hardware watchdog timer
- @param - base_addr : Base address of the watchdog module
- @return - SUCCESS/FAILURE
-**/
-int pal_wd_timer_disable(addr_t base_addr)
-{
- return (pal_wd_cmsdk_disable(base_addr));
-}
-
-/**
- @brief - Checks whether hardware watchdog timer is enabled
- @param - base_addr : Base address of the watchdog module
- @return - Enabled : 1, Disabled : 0
-**/
-int pal_wd_timer_is_enabled(addr_t base_addr)
-{
- return (pal_wd_cmsdk_is_enabled(base_addr));
-}
-
-/**
- @brief - Trigger interrupt for irq signal assigned to driver partition
- before return to caller.
- @param - void
- @return - void
-**/
-void pal_generate_interrupt(void)
-{
- pal_uart_cmsdk_generate_irq();
-}
-
-/**
- @brief - Disable interrupt that was generated using pal_generate_interrupt API.
- @param - void
- @return - void
-**/
-void pal_disable_interrupt(void)
-{
- pal_uart_cmsdk_disable_irq();
-}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/spe/pal_driver_intf.h b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/spe/pal_driver_intf.h
deleted file mode 100644
index cef34ca8..00000000
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/spe/pal_driver_intf.h
+++ /dev/null
@@ -1,35 +0,0 @@
- /** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- **/
-
-#ifndef _PAL_DRIVER_INTF_H_
-#define _PAL_DRIVER_INTF_H_
-
-#include "pal_uart.h"
-#include "pal_nvmem.h"
-#include "pal_wd_cmsdk.h"
-
-void pal_uart_init(uint32_t uart_base_addr);
-void pal_print(char *str, int32_t data);
-int pal_nvmem_write(addr_t base, uint32_t offset, void *buffer, int size);
-int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size);
-int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us);
-int pal_wd_timer_enable(addr_t base_addr);
-int pal_wd_timer_disable(addr_t base_addr);
-int pal_wd_timer_is_enabled(addr_t base_addr);
-void pal_generate_interrupt(void);
-void pal_disable_interrupt(void);
-#endif /* _PAL_DRIVER_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_empty_intf.c
new file mode 100644
index 00000000..0030ef04
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_empty_intf.c
@@ -0,0 +1,95 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_client_api_intf.h"
+
+/**
+ * @brief - Retrieve the version of the PSA Framework API that is implemented.
+ * This is a wrapper API for psa_framework_version API.
+ * @param - void
+ * @return - The PSA Framework API version.
+ */
+
+uint32_t pal_ipc_framework_version(void)
+{
+ return 0;
+}
+
+/**
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
+ * This is a wrapper API for the psa_version API.
+ * @param - sid The Root of Trust Service ID
+ * @return - version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * Service not present on the system.
+ */
+
+uint32_t pal_ipc_version(uint32_t sid)
+{
+ return PSA_VERSION_NONE;
+}
+
+/**
+ * @brief - Connect to given sid.
+ * This is a wrapper API for the psa_connect API.
+ * @param - sid : RoT service id
+ * @param - version : version of RoT service
+ * @return - psa_handle_t : return connection handle
+ */
+
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
+{
+ return PSA_NULL_HANDLE;
+}
+
+/**
+ * @brief Call a connected Root of Trust Service.
+ * This is a wrapper API for the psa_call API.
+ * The caller must provide an array of ::psa_invec_t structures as the input payload.
+ *
+ * @param -handle Handle for the connection.
+ * @param -type Request type.
+ * @param -in_vec Array of psa_invec structures.
+ * @param -in_len Number of psa_invec structures in in_vec.
+ * @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
+ * @param -out_len Number of psa_outvec structures in out_vec.
+ * @return -psa_status_t
+ */
+
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
+{
+ return (PSA_SUCCESS - 1);
+}
+
+/**
+ * @brief Close a connection to a Root of Trust Service.
+ * This is a wrapper API for the psa_close API.
+ * Sends the PSA_IPC_DISCONNECT message to the Root of Trust Service so it can clean up resources.
+ *
+ * @param handle Handle for the connection.
+ * @return void
+ */
+
+void pal_ipc_close(psa_handle_t handle)
+{
+ return;
+}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_intf.c
similarity index 81%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_intf.c
rename to api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_intf.c
index 20ddd118..68af13d3 100644
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_intf.c
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_intf.c
@@ -32,10 +32,10 @@ uint32_t pal_ipc_framework_version(void)
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - Version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
* Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
*/
@@ -49,14 +49,14 @@ uint32_t pal_ipc_version(uint32_t sid)
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
* Note - Return PSA_NULL_HANDLE if PSA IPC is not implemented.
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
- return (psa_connect(sid, minor_version));
+ return (psa_connect(sid, version));
}
/**
@@ -65,6 +65,7 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -74,12 +75,13 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
- return (psa_call(handle, in_vec, in_len, out_vec, out_len));
+ return (psa_call(handle, type, in_vec, in_len, out_vec, out_len));
}
/**
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_intf.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_intf.h
new file mode 100644
index 00000000..89b4da66
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_client_api_intf.h
@@ -0,0 +1,33 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CLIENT_API_H_
+#define _PAL_CLIENT_API_H_
+
+#include "pal_common.h"
+
+uint32_t pal_ipc_framework_version(void);
+uint32_t pal_ipc_version(uint32_t sid);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version);
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
+void pal_ipc_close(psa_handle_t handle);
+#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_common.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_common.h
similarity index 96%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_common.h
rename to api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_common.h
index 3ebe1e10..0a63b026 100644
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_common.h
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_common.h
@@ -24,10 +24,8 @@
#include
#include
-#ifndef TARGET_CFG_BUILD
#include "pal_config.h"
#include "pal_crypto_config.h"
-#endif
/* typedef's */
typedef uint8_t bool_t;
@@ -87,7 +85,7 @@ typedef enum {
* Redefining some of the client.h elements for compilation to go through
* when PSA IPC APIs are not implemented.
*/
-#if (PSA_IPC_IMPLEMENTED == 0)
+#ifndef IPC
#ifndef PSA_VERSION_NONE
#define PSA_VERSION_NONE (0)
@@ -113,6 +111,6 @@ typedef struct psa_outvec {
size_t len;
} psa_outvec;
-#endif /* PSA_IPC_IMPLEMENTED */
+#endif /* IPC */
#endif /* _PAL_COMMON_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_config.h
new file mode 100644
index 00000000..b8ddc57d
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_config.h
@@ -0,0 +1,97 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CONFIG_H_
+#define _PAL_CONFIG_H_
+
+/* Define PSA test suite dependent macros for non-cmake build */
+#if !defined(PSA_CMAKE_BUILD)
+
+/* Print verbosity = TEST */
+#define VERBOSE 3
+
+/* NSPE or SPE VAL build? */
+#define VAL_NSPE_BUILD
+
+/* NSPE or SPE TEST build? */
+#define NONSECURE_TEST_BUILD
+
+/* Combine test archive or binary? */
+#define TEST_COMBINE_ARCHIVE
+
+/* If not defined, skip watchdog programming */
+#define WATCHDOG_AVAILABLE
+
+/* Are Dynamic memory APIs available to secure partition? */
+#define SP_HEAP_MEM_SUPP
+
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
+#endif /* PSA_CMAKE_BUILD */
+
+/* Version of crypto spec used in attestation */
+#define CRYPTO_VERSION_BETA3
+
+/* Use hardcoded public key */
+//#define PLATFORM_OVERRIDE_ATTEST_PK
+
+/* Platform specific max UID's size */
+#define PLATFORM_MAX_UID_SIZE 512
+
+/*
+ * Include of PSA defined Header files
+ */
+#ifdef IPC
+/* psa/client.h: Contains the PSA Client API elements */
+#include "psa/client.h"
+
+/*
+ * psa_manifest/sid.h: Macro definitions derived from manifest files that map from RoT Service
+ * names to Service IDs (SIDs). Partition manifest parse build tool must provide the implementation
+ * of this file.
+*/
+#include "psa_manifest/sid.h"
+
+/*
+ * psa_manifest/pid.h: Secure Partition IDs
+ * Macro definitions that map from Secure Partition names to Secure Partition IDs.
+ * Partition manifest parse build tool must provide the implementation of this file.
+*/
+#include "psa_manifest/pid.h"
+#endif
+
+#ifdef CRYPTO
+/* psa/crypto.h: Contains the PSA Crypto API elements */
+#include "psa/crypto.h"
+#endif
+
+#ifdef INTERNAL_TRUSTED_STORAGE
+/* psa/internal_trusted_storage.h: Contains the PSA ITS API elements */
+#include "psa/internal_trusted_storage.h"
+#endif
+
+#ifdef PROTECTED_STORAGE
+/* psa/protected_storage.h: Contains the PSA PS API elements */
+#include "psa/protected_storage.h"
+#endif
+
+#ifdef INITIAL_ATTESTATION
+/* psa/initial_attestation.h: Contains the PSA Initial Attestation API elements */
+#include "psa/initial_attestation.h"
+#endif
+
+#endif /* _PAL_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_driver_ipc_intf.c
similarity index 77%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_driver_ipc_intf.c
rename to api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_driver_ipc_intf.c
index f8f773fb..139f04fc 100644
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_driver_ipc_intf.c
@@ -33,20 +33,20 @@ int pal_uart_init_ns(uint32_t uart_base_addr)
{&uart_base_addr, sizeof(uart_base_addr)},
{NULL, 0}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return(PAL_STATUS_ERROR);
- }
+ status_of_call = pal_ipc_call(print_handle, 0, data, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
- status_of_call = pal_ipc_call(print_handle, data, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_SUCCESS;
+ }
+ else
{
- return(PAL_STATUS_ERROR);
+ return PAL_STATUS_ERROR;
}
-
- pal_ipc_close(print_handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -62,7 +62,6 @@ int pal_print_ns(char *str, int32_t data)
char *p = str;
psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
- pal_status_t status = PAL_STATUS_SUCCESS;
uart_fn_type_t uart_fn = UART_PRINT;
while (*p != '\0')
@@ -74,22 +73,21 @@ int pal_print_ns(char *str, int32_t data)
psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)},
{str, string_len+1},
{&data, sizeof(data)}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(print_handle, 0, data1, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(print_handle, data1, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- status = PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(print_handle);
- return status;
}
/**
@@ -111,22 +109,20 @@ int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick
wd_param.wd_timer_tick_us = timer_tick_us;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -146,22 +142,20 @@ int pal_wd_timer_enable_ns(addr_t base_addr)
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -181,22 +175,20 @@ int pal_wd_timer_disable_ns(addr_t base_addr)
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -220,22 +212,20 @@ int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)}};
psa_outvec outvec[1] = {{buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, outvec, 1);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, outvec, 1);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- psa_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -258,22 +248,20 @@ int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
nvmem_param.size = size;
psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 2, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 2, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_driver_ns_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_driver_ns_intf.c
similarity index 100%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_driver_ns_intf.c
rename to api-tests/platform/targets/tgt_ff_tfm_an521/nspe/common/pal_driver_ns_intf.c
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_config.h
similarity index 90%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_config.h
rename to api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_config.h
index 6d71d2ec..0e95f723 100644
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/crypto/pal_crypto_config.h
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -78,10 +78,10 @@
*
* Comment macros to disable the types
*/
-#define ARCH_TEST_DES
-#define ARCH_TEST_DES_1KEY
-#define ARCH_TEST_DES_2KEY
-#define ARCH_TEST_DES_3KEY
+//#define ARCH_TEST_DES
+//#define ARCH_TEST_DES_1KEY
+//#define ARCH_TEST_DES_2KEY
+//#define ARCH_TEST_DES_3KEY
/**
* \def ARCH_TEST_RAW
@@ -104,7 +104,7 @@
*
* Enable the ARC4 key type.
*/
-#define ARCH_TEST_ARC4
+//#define ARCH_TEST_ARC4
/**
* \def ARCH_TEST_CIPER_MODE_CTR
@@ -227,21 +227,21 @@
*
* Comment macros to disable the types
*/
-#define ARCH_TEST_MD2
-#define ARCH_TEST_MD4
-#define ARCH_TEST_MD5
-#define ARCH_TEST_RIPEMD160
-#define ARCH_TEST_SHA1
+//#define ARCH_TEST_MD2
+//#define ARCH_TEST_MD4
+//#define ARCH_TEST_MD5
+//#define ARCH_TEST_RIPEMD160
+//#define ARCH_TEST_SHA1
#define ARCH_TEST_SHA224
#define ARCH_TEST_SHA256
#define ARCH_TEST_SHA384
#define ARCH_TEST_SHA512
-#define ARCH_TEST_SHA512_224
-#define ARCH_TEST_SHA512_256
-#define ARCH_TEST_SHA3_224
-#define ARCH_TEST_SHA3_256
-#define ARCH_TEST_SHA3_384
-#define ARCH_TEST_SHA3_512
+//#define ARCH_TEST_SHA512_224
+//#define ARCH_TEST_SHA512_256
+//#define ARCH_TEST_SHA3_224
+//#define ARCH_TEST_SHA3_256
+//#define ARCH_TEST_SHA3_384
+//#define ARCH_TEST_SHA3_512
/**
* \def ARCH_TEST_HKDF
@@ -318,6 +318,12 @@
*/
#define ARCH_TEST_DETERMINISTIC_ECDSA
+/**
+ * \def ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
+ *
+ * Enable ECC support for asymmetric API.
+*/
+//#define ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
#include "pal_crypto_config_check.h"
#endif /* _PAL_CRYPTO_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_config_check.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_config_check.h
new file mode 100644
index 00000000..443e0bc2
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_config_check.h
@@ -0,0 +1,223 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+/**
+ * \file pal_crypto_config_check.h
+ *
+ * \brief Consistency checks for configuration options
+ *
+ */
+
+#ifndef _PAL_CRYPTO_CONFIG_CHECK_H_
+#define _PAL_CRYPTO_CONFIG_CHECK_H_
+
+#if defined(ARCH_TEST_RSA_1024) && !defined(ARCH_TEST_RSA)
+#error "ARCH_TEST_RSA_1024 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_2048) && !defined(ARCH_TEST_RSA)
+#error "ARCH_TEST_RSA_2048 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_3072) && !defined(ARCH_TEST_RSA)
+#error "ARCH_TEST_RSA_3072 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP192R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP192R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP224R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP224R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP256R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP256R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP384R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP384R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_AES_128) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_AES_128 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_AES_256) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_AES_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_AES_512) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_AES_512 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_DES_1KEY) && !defined(ARCH_TEST_DES)
+#error "ARCH_TEST_DES_1KEY defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_DES_2KEY) && !defined(ARCH_TEST_DES)
+#error "ARCH_TEST_DES_2KEY defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_DES_3KEY) && !defined(ARCH_TEST_DES)
+#error "ARCH_TEST_DES_3KEY defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CIPER_MODE_CTR) && !defined(ARCH_TEST_CIPER)
+#error "ARCH_TEST_CIPER_MODE_CTR defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CIPER_MODE_CFB) && !defined(ARCH_TEST_CIPER)
+#error "ARCH_TEST_CIPER_MODE_CFB defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CIPER_MODE_CBC) && !defined(ARCH_TEST_CIPER)
+#error "ARCH_TEST_CIPER_MODE_CBC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CTR_AES) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CTR))
+#error "ARCH_TEST_CTR_AES defined, but not all prerequisites"
+#endif
+
+#if (defined(ARCH_TEST_CBC_AES) || defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CBC))
+#error "ARCH_TEST_CBC_AES defined, but not all prerequisites"
+#endif
+
+#if (defined(ARCH_TEST_CBC_NO_PADDING)) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_CIPER_MODE_CBC))
+#error "ARCH_TEST_CBC_NO_PADDING defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CFB_AES) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CFB))
+#error "ARCH_TEST_CFB_AES defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_PKCS1V15_SIGN) &&\
+ (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15))
+#error "ARCH_TEST_RSA_PKCS1V15_SIGN defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_PKCS1V15_SIGN_RAW) &&\
+ (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15))
+#error "ARCH_TEST_RSA_PKCS1V15_SIGN_RAW defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_PKCS1V15_CRYPT) &&\
+ (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15))
+#error "ARCH_TEST_RSA_PKCS1V15_CRYPT defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CBC_PKCS7) && !defined(ARCH_TEST_CIPER_MODE_CBC)
+#error "ARCH_TEST_CBC_PKCS7 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_HMAC) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_HMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_MD2) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_MD2 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_MD4) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_MD4 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_MD5) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_MD5 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RIPEMD160) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_RIPEMD160 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA1) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA224) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA224 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA256) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA512) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA512 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA512_224) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA512_224 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA512_256) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA512_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_224) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_224 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_256) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_384) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_512) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_HKDF) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_HKDF defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CMAC) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_CMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_GMAC) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_GMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_HMAC) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_HMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CCM) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_CCM defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_GCM) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_GCM defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECDH) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECDH defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECDSA) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECDSA defined, but not all prerequisites"
+#endif
+
+#endif /* _PAL_CRYPTO_CONFIG_CHECK_H_ */
diff --git a/api-tests/tools/makefiles/linker/test.sct b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_empty_intf.c
similarity index 59%
rename from api-tests/tools/makefiles/linker/test.sct
rename to api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_empty_intf.c
index 4d5a7a91..2a28f397 100644
--- a/api-tests/tools/makefiles/linker/test.sct
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_empty_intf.c
@@ -1,4 +1,5 @@
-/* Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,20 +15,16 @@
* limitations under the License.
**/
-#define TEST_CODE_START 0x0
-#define TEST_INFO_SIZE 0x100
-#define TEST_TEXT_SIZE 0x1A00
-#define TEST_DATA_SIZE 0x1800
+#include
+#include "pal_common.h"
-LR_CODE TEST_CODE_START
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_crypto_function(int type, va_list valist)
{
-
- ER_CODE TEST_CODE_START (TEST_INFO_SIZE+TEST_TEXT_SIZE+TEST_DATA_SIZE)
- {
- test_entry_nspe.o(.acs_test_info +FIRST)
- * (+CODE)
- * (+RO)
- * (+ZI +RW)
- }
-
+ return PAL_STATUS_ERROR;
}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_intf.c
new file mode 100644
index 00000000..1e61e8c3
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_intf.c
@@ -0,0 +1,516 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_crypto_intf.h"
+
+#define PAL_KEY_SLOT_COUNT 32
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_crypto_function(int type, va_list valist)
+{
+ int i;
+ psa_status_t status;
+ uint8_t *buffer, *ciphertext, *plaintext;
+ const uint8_t *nonce, *additional_data, *salt, *peer;
+ size_t *length, size, ciphertext_size, nonce_length;
+ size_t salt_length, peer_length, additional_data_length;
+#ifdef NOT_SUPPORTED
+ size_t *tag_length, plaintext_size;
+ psa_aead_operation_t *aead_operation;
+#endif
+ psa_key_attributes_t *attributes;
+ psa_key_handle_t *handle, key_handle;
+ psa_key_type_t *key_type_out, key_type;
+ psa_key_usage_t *usage_out, usage;
+ psa_key_id_t *key_id_out, key_id;
+ psa_key_lifetime_t *key_lifetime_out, key_lifetime;
+ psa_algorithm_t *key_alg_out, key_alg, alg;
+ psa_hash_operation_t *hash_operation, *target_operation;
+ psa_mac_operation_t *mac_operation;
+ psa_cipher_operation_t *cipher_operation;
+ psa_key_derivation_operation_t *derive_operation;
+ psa_key_derivation_step_t step;
+
+ switch (type)
+ {
+ case PAL_CRYPTO_INIT:
+ return psa_crypto_init();
+ case PAL_CRYPTO_GENERATE_RANDOM:
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, int);
+ return psa_generate_random(buffer, size);
+ case PAL_CRYPTO_IMPORT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ status = psa_import_key(attributes, buffer, size, handle);
+ return status;
+ case PAL_CRYPTO_SET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type = va_arg(valist, psa_key_type_t);
+ psa_set_key_type(attributes, key_type);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ size = va_arg(valist, size_t);
+ psa_set_key_bits(attributes, size);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ATTRIBUTES:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ return psa_get_key_attributes(key_handle, attributes);
+ case PAL_CRYPTO_GET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type_out = va_arg(valist, psa_key_type_t *);
+ *key_type_out = psa_get_key_type(attributes);
+ return 0;
+ case PAL_CRYPTO_EXPORT_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage = va_arg(valist, psa_key_usage_t);
+ psa_set_key_usage_flags(attributes, usage);
+ return 0;
+ case PAL_CRYPTO_RESET_KEY_ATTRIBUTES:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ psa_reset_key_attributes(attributes);
+ return 0;
+ case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_public_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id = va_arg(valist, psa_key_id_t);
+ psa_set_key_id(attributes, key_id);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime = va_arg(valist, psa_key_lifetime_t);
+ psa_set_key_lifetime(attributes, key_lifetime);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg = va_arg(valist, psa_algorithm_t);
+ psa_set_key_algorithm(attributes, key_alg);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id_out = va_arg(valist, psa_key_id_t *);
+ *key_id_out = psa_get_key_id(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime_out = va_arg(valist, psa_key_lifetime_t *);
+ *key_lifetime_out = psa_get_key_lifetime(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage_out = va_arg(valist, psa_key_usage_t *);
+ *usage_out = psa_get_key_usage_flags(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg_out = va_arg(valist, psa_algorithm_t *);
+ *key_alg_out = psa_get_key_algorithm(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ length = va_arg(valist, size_t *);
+ *length = psa_get_key_bits(attributes);
+ return 0;
+ case PAL_CRYPTO_DESTROY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_destroy_key(key_handle);
+ case PAL_CRYPTO_HASH_SETUP:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_hash_setup(hash_operation, alg);
+ case PAL_CRYPTO_HASH_UPDATE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_update(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_VERIFY:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_verify(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_FINISH:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_finish(hash_operation, buffer, size, length);
+ case PAL_CRYPTO_HASH_ABORT:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_abort(hash_operation);
+#ifdef NOT_SUPPORTED
+ case PAL_CRYPTO_HASH_COMPUTE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_compute(alg, plaintext, plaintext_size, buffer, size, length);
+ case PAL_CRYPTO_HASH_COMPARE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size);
+#endif
+ case PAL_CRYPTO_HASH_CLONE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ target_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_clone(hash_operation, target_operation);
+ case PAL_CRYPTO_GENERATE_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_generate_key(attributes, handle);
+ case PAL_CRYPTO_AEAD_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_encrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_AEAD_ENCRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_encrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_DECRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_decrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_GENERATE_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_generate_nonce(aead_operation, buffer, size, length);
+ case PAL_CRYPTO_AEAD_SET_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_set_nonce(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_SET_LENGTHS:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ size = va_arg(valist, size_t);
+ plaintext_size = va_arg(valist, size_t);
+ return psa_aead_set_lengths(aead_operation, size, plaintext_size);
+ case PAL_CRYPTO_AEAD_UPDATE_AD:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_update_ad(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_UPDATE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_update(aead_operation, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_FINISH:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ tag_length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_finish(aead_operation, ciphertext, ciphertext_size, length, buffer,
+ size, tag_length);
+ case PAL_CRYPTO_AEAD_VERIFY:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_verify(aead_operation, plaintext, plaintext_size, length, buffer, size);
+ case PAL_CRYPTO_AEAD_ABORT:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ return psa_aead_abort(aead_operation);
+#endif
+ case PAL_CRYPTO_MAC_SIGN_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_sign_setup(mac_operation, key_handle, alg);
+ case PAL_CRYPTO_MAC_UPDATE:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_update(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_SIGN_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_mac_sign_finish(mac_operation, buffer, size, length);
+ case PAL_CRYPTO_MAC_VERIFY_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_verify_setup(mac_operation, key_handle, alg);
+ case PAL_CRYPTO_MAC_VERIFY_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_verify_finish(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_ABORT:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ return psa_mac_abort(mac_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_MAC_COMPUTE:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_mac_compute(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_MAC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size);
+ case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_encrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_decrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_encrypt_setup(cipher_operation, key_handle, alg);
+ case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_decrypt_setup(cipher_operation, key_handle, alg);
+ case PAL_CRYPTO_CIPHER_GENERATE_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_generate_iv(cipher_operation, buffer, size, length);
+ case PAL_CRYPTO_CIPHER_SET_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_cipher_set_iv(cipher_operation, buffer, size);
+ case PAL_CRYPTO_CIPHER_UPDATE:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_FINISH:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_finish(cipher_operation, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ABORT:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ return psa_cipher_abort(cipher_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_CIPHER_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_encrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+#endif
+ case PAL_CRYPTO_ASYMMTERIC_SIGN:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_sign(key_handle, alg, buffer, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_ASYMMTERIC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_asymmetric_verify(key_handle, alg, buffer, size, ciphertext,
+ ciphertext_size);
+ case PAL_CRYPTO_RAW_KEY_AGREEMENT:
+ alg = va_arg(valist, psa_algorithm_t);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_raw_key_agreement(alg, key_handle, peer, peer_length, buffer, size, length);
+ case PAL_CRYPTO_COPY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_copy_key(key_handle, attributes, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SETUP:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_key_derivation_setup(derive_operation, alg);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_input_bytes(derive_operation, step, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_key_derivation_input_key(derive_operation, step, key_handle);
+ case PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ return psa_key_derivation_key_agreement(derive_operation, step, key_handle, peer,
+ peer_length);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_output_bytes(derive_operation, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_key_derivation_output_key(attributes, derive_operation, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_set_capacity(derive_operation, size);
+ case PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ length = va_arg(valist, size_t *);
+ return psa_key_derivation_get_capacity(derive_operation, length);
+ case PAL_CRYPTO_KEY_DERIVATION_ABORT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ return psa_key_derivation_abort(derive_operation);
+ case PAL_CRYPTO_OPEN_KEY:
+ key_id = va_arg(valist, psa_key_id_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_open_key(key_id, handle);
+ case PAL_CRYPTO_CLOSE_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_close_key(key_handle);
+ case PAL_CRYPTO_FREE:
+ for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
+ psa_destroy_key(i);
+ return 0;
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_intf.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_intf.h
new file mode 100644
index 00000000..671dfa0b
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/crypto/pal_crypto_intf.h
@@ -0,0 +1,103 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CRYPTO_INTF_H_
+#define _PAL_CRYPTO_INTF_H_
+
+#include "pal_common.h"
+
+enum crypto_function_code {
+ PAL_CRYPTO_INIT = 0x1,
+ PAL_CRYPTO_GENERATE_RANDOM = 0x2,
+ PAL_CRYPTO_IMPORT_KEY = 0x3,
+ PAL_CRYPTO_EXPORT_KEY = 0x4,
+ PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
+ PAL_CRYPTO_DESTROY_KEY = 0x6,
+ PAL_CRYPTO_HASH_SETUP = 0x7,
+ PAL_CRYPTO_HASH_UPDATE = 0x8,
+ PAL_CRYPTO_HASH_VERIFY = 0x9,
+ PAL_CRYPTO_HASH_FINISH = 0xA,
+ PAL_CRYPTO_HASH_ABORT = 0xB,
+ PAL_CRYPTO_GENERATE_KEY = 0xC,
+ PAL_CRYPTO_AEAD_ENCRYPT = 0xD,
+ PAL_CRYPTO_AEAD_DECRYPT = 0xE,
+ PAL_CRYPTO_MAC_SIGN_SETUP = 0xF,
+ PAL_CRYPTO_MAC_UPDATE = 0x10,
+ PAL_CRYPTO_MAC_SIGN_FINISH = 0x11,
+ PAL_CRYPTO_MAC_VERIFY_SETUP = 0x12,
+ PAL_CRYPTO_MAC_VERIFY_FINISH = 0x13,
+ PAL_CRYPTO_MAC_ABORT = 0x14,
+ PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x15,
+ PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x16,
+ PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x17,
+ PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x18,
+ PAL_CRYPTO_CIPHER_GENERATE_IV = 0x19,
+ PAL_CRYPTO_CIPHER_SET_IV = 0x1A,
+ PAL_CRYPTO_CIPHER_UPDATE = 0x1B,
+ PAL_CRYPTO_CIPHER_FINISH = 0x1C,
+ PAL_CRYPTO_CIPHER_ABORT = 0x1D,
+ PAL_CRYPTO_ASYMMTERIC_SIGN = 0x1E,
+ PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x1F,
+ PAL_CRYPTO_COPY_KEY = 0x20,
+ PAL_CRYPTO_SET_KEY_TYPE = 0x21,
+ PAL_CRYPTO_SET_KEY_BITS = 0x22,
+ PAL_CRYPTO_GET_KEY_ATTRIBUTES = 0x23,
+ PAL_CRYPTO_GET_KEY_TYPE = 0x24,
+ PAL_CRYPTO_SET_KEY_USAGE_FLAGS = 0x25,
+ PAL_CRYPTO_RESET_KEY_ATTRIBUTES = 0x26,
+ PAL_CRYPTO_SET_KEY_ID = 0x27,
+ PAL_CRYPTO_SET_KEY_LIFETIME = 0x28,
+ PAL_CRYPTO_SET_KEY_ALGORITHM = 0x29,
+ PAL_CRYPTO_GET_KEY_ID = 0x2A,
+ PAL_CRYPTO_GET_KEY_LIFETIME = 0x2B,
+ PAL_CRYPTO_GET_KEY_USAGE_FLAGS = 0x2C,
+ PAL_CRYPTO_GET_KEY_ALGORITHM = 0x2D,
+ PAL_CRYPTO_GET_KEY_BITS = 0x2E,
+ PAL_CRYPTO_HASH_COMPUTE = 0x2F,
+ PAL_CRYPTO_HASH_COMPARE = 0x30,
+ PAL_CRYPTO_KEY_DERIVATION_SETUP = 0x31,
+ PAL_CRYPTO_KEY_DERIVATION_ABORT = 0x32,
+ PAL_CRYPTO_RAW_KEY_AGREEMENT = 0x33,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES = 0x34,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY = 0x35,
+ PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT = 0x36,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES = 0x37,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY = 0x38,
+ PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY = 0x39,
+ PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY = 0x3A,
+ PAL_CRYPTO_HASH_CLONE = 0x3B,
+ PAL_CRYPTO_MAC_COMPUTE = 0x3C,
+ PAL_CRYPTO_MAC_VERIFY = 0x3D,
+ PAL_CRYPTO_CIPHER_ENCRYPT = 0x3F,
+ PAL_CRYPTO_CIPHER_DECRYPT = 0x40,
+ PAL_CRYPTO_OPEN_KEY = 0x41,
+ PAL_CRYPTO_CLOSE_KEY = 0x42,
+ PAL_CRYPTO_AEAD_ENCRYPT_SETUP = 0x43,
+ PAL_CRYPTO_AEAD_DECRYPT_SETUP = 0x44,
+ PAL_CRYPTO_AEAD_GENERATE_NONCE = 0x45,
+ PAL_CRYPTO_AEAD_SET_NONCE = 0x46,
+ PAL_CRYPTO_AEAD_SET_LENGTHS = 0X47,
+ PAL_CRYPTO_AEAD_UPDATE_AD = 0x48,
+ PAL_CRYPTO_AEAD_UPDATE = 0x49,
+ PAL_CRYPTO_AEAD_FINISH = 0x4A,
+ PAL_CRYPTO_AEAD_VERIFY = 0x4B,
+ PAL_CRYPTO_AEAD_ABORT = 0x4C,
+ PAL_CRYPTO_FREE = 0xFE,
+};
+
+int32_t pal_crypto_function(int type, va_list valist);
+#endif /* _PAL_CRYPTO_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c
new file mode 100644
index 00000000..91be54df
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.c
@@ -0,0 +1,344 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_attestation_crypto.h"
+
+static uint32_t public_key_registered;
+static psa_key_handle_t public_key_handle;
+
+static inline struct q_useful_buf_c useful_buf_head(struct q_useful_buf_c buf,
+ size_t amount)
+{
+ return UsefulBuf_Head(buf, amount);
+}
+
+static psa_algorithm_t cose_hash_alg_id_to_psa(int32_t cose_hash_alg_id)
+{
+ psa_algorithm_t status;
+
+ switch (cose_hash_alg_id)
+ {
+ case COSE_ALG_SHA256_PROPRIETARY:
+ status = PSA_ALG_SHA_256;
+ break;
+ default:
+ status = PSA_ALG_MD4;
+ break;
+ }
+
+ return status;
+}
+
+static int32_t hash_alg_id_from_sig_alg_id(int32_t cose_sig_alg_id)
+{
+ switch (cose_sig_alg_id)
+ {
+ case COSE_ALGORITHM_ES256:
+ return COSE_ALG_SHA256_PROPRIETARY;
+ default:
+ return INT32_MAX;
+ }
+}
+
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id)
+{
+ psa_algorithm_t psa_alg;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+ /* Map the algorithm ID */
+ psa_alg = cose_hash_alg_id_to_psa(cose_hash_alg_id);
+
+ /* Actually do the hash set up */
+ status = psa_hash_setup(psa_hash, psa_alg);
+
+ return status;
+
+}
+
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf_c data_to_hash)
+{
+ if (data_to_hash.ptr == NULL) {
+ /* No data was passed in to be hashed indicating the mode of use is
+ * the computation of the size of hash. This mode is hashing is used
+ * by t_cose when it is requested to compute the size of the signed
+ * data it might compute, which is in turn used to compute the
+ * size of a would be token. When computing the size, the size
+ * like this, there is nothing to do in update()
+ */
+ return;
+ }
+
+ /* Actually hash the data */
+ psa_hash_update(psa_hash, data_to_hash.ptr, data_to_hash.len);
+}
+
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf buffer_to_hold_result,
+ struct q_useful_buf_c *hash_result)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+ /* Actually finish up the hash */
+ status = psa_hash_finish(psa_hash, buffer_to_hold_result.ptr,
+ buffer_to_hold_result.len, &(hash_result->len));
+ hash_result->ptr = buffer_to_hold_result.ptr;
+
+ return status;
+
+}
+
+int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
+
+ status = pal_cose_crypto_hash_start(&psa_hash, COSE_ALG_SHA256_PROPRIETARY);
+ if (status != PSA_SUCCESS)
+ goto Done;
+
+ pal_cose_crypto_hash_update(&psa_hash, bytes_to_hash);
+
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
+ if (status != PSA_SUCCESS)
+ goto Done;
+Done:
+ return status;
+}
+
+uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
+ struct q_useful_buf_c payload)
+{
+ uint32_t status;
+ QCBOREncodeContext cbor_encode_ctx;
+ struct q_useful_buf_c tbs_first_part;
+ QCBORError qcbor_result;
+ int32_t hash_alg_id;
+ UsefulBuf_MAKE_STACK_UB (buffer_for_TBS_first_part, T_COSE_SIZE_OF_TBS);
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
+
+ /* This builds the CBOR-format to-be-signed bytes */
+ QCBOREncode_Init(&cbor_encode_ctx, buffer_for_TBS_first_part);
+ QCBOREncode_OpenArray(&cbor_encode_ctx);
+
+ /* context */
+ QCBOREncode_AddSZString(&cbor_encode_ctx, COSE_SIG_CONTEXT_STRING_SIGNATURE1);
+
+ /* body_protected */
+ QCBOREncode_AddBytes(&cbor_encode_ctx, protected_headers);
+
+ /* sign_protected is not used for Sign1 */
+ /* external_aad */
+ QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
+
+ /* The short fake payload. */
+ QCBOREncode_AddBytesLenOnly(&cbor_encode_ctx, payload);
+ QCBOREncode_CloseArray(&cbor_encode_ctx);
+
+ /* Get the result and convert it to struct q_useful_buf_c representation */
+ qcbor_result = QCBOREncode_Finish(&cbor_encode_ctx, &tbs_first_part);
+ if (qcbor_result)
+ {
+ /* Mainly means that the protected_headers were too big
+ * (which should never happen)
+ */
+ status = PAL_ATTEST_ERR_SIGN_STRUCT;
+ goto Done;
+ }
+
+ /* Start the hashing */
+ hash_alg_id = hash_alg_id_from_sig_alg_id(cose_alg_id);
+
+ /* Don't check hash_alg_id for failure. pal_cose_crypto_hash_start()
+ * will handle it properly
+ */
+ status = pal_cose_crypto_hash_start(&psa_hash, hash_alg_id);
+ if (status)
+ goto Done;
+
+ /* This is hashing of the first part, all the CBOR
+ * except the payload.
+ */
+ pal_cose_crypto_hash_update(&psa_hash, useful_buf_head(tbs_first_part, tbs_first_part.len));
+
+ /* Hash the payload, the second part. */
+ pal_cose_crypto_hash_update(&psa_hash, payload);
+
+ /* Finish the hash and set up to return it */
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
+
+Done:
+ return status;
+}
+
+static int32_t pal_attest_get_public_key(uint8_t *public_key_buff, size_t public_key_buf_size,
+ size_t *public_key_len, psa_ecc_curve_t *elliptic_curve_type)
+{
+ int32_t status = PAL_ATTEST_ERROR;
+
+#ifdef PLATFORM_OVERRIDE_ATTEST_PK
+ if (public_key_buf_size < (attest_key.pubx_key_size + attest_key.puby_key_size + 1))
+ return PAL_ATTEST_ERR_SMALL_BUFFER;
+
+ *public_key_len = (attest_key.pubx_key_size + attest_key.puby_key_size + 1);
+ *elliptic_curve_type = PSA_ECC_CURVE_SECP256R1;
+ memcpy(public_key_buff, (void *)&attest_public_key, *public_key_len);
+ status = PSA_SUCCESS;
+#else
+ status = tfm_initial_attest_get_public_key(public_key_buff,
+ public_key_buf_size,
+ public_key_len,
+ elliptic_curve_type);
+#endif
+
+ return status;
+}
+
+static uint32_t pal_import_attest_key(psa_algorithm_t key_alg)
+{
+ psa_status_t status = PAL_ATTEST_ERROR;
+ psa_key_usage_t usage = PSA_KEY_USAGE_VERIFY;
+ psa_ecc_curve_t ecc_curve;
+ psa_key_type_t attest_key_type;
+ size_t public_key_size;
+ uint8_t public_key_buff[ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH] = {0};
+
+#if defined(CRYPTO_VERSION_BETA1) || defined(CRYPTO_VERSION_BETA2)
+ psa_key_policy_t policy;
+
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+
+ /* Setup the key policy for public key */
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage(&policy, usage, key_alg);
+
+ status = psa_allocate_key(&public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ status = psa_set_key_policy(public_key_handle, &policy);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ /* Import the public key */
+ status = psa_import_key(public_key_handle,
+ attest_key_type,
+ public_key_buff,
+ public_key_size);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+
+#elif defined(CRYPTO_VERSION_BETA3)
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+
+ /* Set the attributes for the public key */
+ psa_set_key_type(&attributes, attest_key_type);
+ psa_set_key_bits(&attributes, public_key_size);
+ psa_set_key_usage_flags(&attributes, usage);
+ psa_set_key_algorithm(&attributes, key_alg);
+ psa_set_key_bits(&attributes, 0);
+
+ /* Import the public key */
+ status = psa_import_key(&attributes,
+ public_key_buff,
+ public_key_size,
+ &public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+#endif
+
+ return status;
+}
+
+static uint32_t pal_destroy_attest_key(void)
+{
+ psa_status_t status;
+
+ if (!public_key_registered)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ status = psa_destroy_key(public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 0;
+
+ return PAL_ATTEST_SUCCESS;
+}
+
+uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id,
+ struct q_useful_buf_c token_hash,
+ struct q_useful_buf_c signature)
+{
+ int32_t status = PAL_ATTEST_ERROR;
+ psa_algorithm_t key_alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
+
+ /* Register the attestation public key */
+ status = pal_import_attest_key(key_alg);
+ if (status != PAL_ATTEST_SUCCESS)
+ return status;
+
+ /* Verify the signature */
+ status = psa_asymmetric_verify(public_key_handle,
+ key_alg, token_hash.ptr, token_hash.len,
+ signature.ptr, signature.len);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_SIGNATURE_FAIL;
+
+ /* Unregister the attestation public key */
+ status = pal_destroy_attest_key();
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ return PAL_ATTEST_SUCCESS;
+}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_crypto.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.h
similarity index 76%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_crypto.h
rename to api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.h
index 2d63ad13..559a24c1 100644
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_crypto.h
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_crypto.h
@@ -15,16 +15,19 @@
* limitations under the License.
**/
-#include "pal_common.h"
+#ifndef _PAL_ATTESTATION_CRYPTO_H_
+#define _PAL_ATTESTATION_CRYPTO_H_
+
#include "pal_attestation_eat.h"
-#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH (1 + 2 * PSA_BITS_TO_BYTES(256))
-typedef struct{
+typedef struct {
uint8_t *pubx_key;
- uint32_t pubx_key_size;
+ size_t pubx_key_size;
uint8_t *puby_key;
- uint32_t puby_key_size;
+ size_t puby_key_size;
} ecc_key_t;
struct ecc_public_key_t {
@@ -47,29 +50,14 @@ static const struct ecc_public_key_t attest_public_key = {
0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64},
};
-struct pal_cose_crypto_hash {
- /* Can't put the actual size here without creating dependecy on
- * actual hash implementation, so this is a fairly large and
- * accommodating size.
- */
- uint8_t bytes[128];
-};
-
-struct pal_cose_psa_crypto_hash {
- psa_status_t status;
- psa_hash_operation_t operation;
-};
-
-static const uint8_t initial_attestation_public_x_key[] =
-{
+static const uint8_t initial_attestation_public_x_key[] = {
0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F
};
-static const uint8_t initial_attestation_public_y_key[] =
-{
+static const uint8_t initial_attestation_public_y_key[] = {
0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
@@ -84,10 +72,10 @@ static const ecc_key_t attest_key = {
sizeof(initial_attestation_public_y_key)
};
-int32_t pal_cose_crypto_hash_start(struct pal_cose_crypto_hash *hash_ctx, int32_t cose_hash_alg_id);
-void pal_cose_crypto_hash_update(struct pal_cose_crypto_hash *hash_ctx,
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id);
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
struct q_useful_buf_c data_to_hash);
-int32_t pal_cose_crypto_hash_finish(struct pal_cose_crypto_hash *hash_ctx,
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
struct q_useful_buf buffer_to_hold_result,
struct q_useful_buf_c *hash_result);
int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
@@ -95,8 +83,6 @@ int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf b
uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
struct q_useful_buf_c payload);
-uint32_t pal_import_attest_key(int32_t alg);
uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash,
struct q_useful_buf_c signature);
-
-
+#endif /* _PAL_ATTESTATION_CRYPTO_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_eat.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_eat.h
new file mode 100644
index 00000000..ea2cf93a
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_eat.h
@@ -0,0 +1,80 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_EAT_H_
+#define _PAL_ATTESTATION_EAT_H_
+
+#include "qcbor.h"
+#include "pal_common.h"
+
+#define PAL_ATTEST_MIN_ERROR 30
+
+#define COSE_ALGORITHM_ES256 -7
+#define COSE_ALG_SHA256_PROPRIETARY -72000
+
+#define USEFUL_BUF_MAKE_STACK_UB UsefulBuf_MAKE_STACK_UB
+
+#define COSE_SIG_CONTEXT_STRING_SIGNATURE1 "Signature1"
+
+/* Private value. Intentionally not documented for Doxygen.
+ * This is the size allocated for the encoded protected headers. It
+ * needs to be big enough for make_protected_header() to succeed. It
+ * currently sized for one header with an algorithm ID up to 32 bits
+ * long -- one byte for the wrapping map, one byte for the label, 5
+ * bytes for the ID. If this is made accidentially too small, QCBOR will
+ * only return an error, and not overrun any buffers.
+ *
+ * 9 extra bytes are added, rounding it up to 16 total, in case some
+ * other protected header is to be added.
+ */
+#define T_COSE_SIGN1_MAX_PROT_HEADER (1+1+5+9)
+
+/**
+ * This is the size of the first part of the CBOR encoded TBS
+ * bytes. It is around 20 bytes. See create_tbs_hash().
+ */
+#define T_COSE_SIZE_OF_TBS \
+ 1 + /* For opening the array */ \
+ sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \
+ 2 + /* Overhead for encoding string */ \
+ T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \
+ 3 * (/* 3 NULL bstrs for fields not used */ \
+ 1 /* size of a NULL bstr */ \
+ )
+#define NULL_USEFUL_BUF_C NULLUsefulBufC
+
+enum attestation_error_code {
+ PAL_ATTEST_SUCCESS = 0,
+ PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING = PAL_ATTEST_MIN_ERROR,
+ PAL_ATTEST_TOKEN_CHALLENGE_MISMATCH,
+ PAL_ATTEST_TOKEN_NOT_SUPPORTED,
+ PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS,
+ PAL_ATTEST_HASH_LENGTH_MISMATCH,
+ PAL_ATTEST_HASH_MISMATCH,
+ PAL_ATTEST_HASH_FAIL,
+ PAL_ATTEST_HASH_UNSUPPORTED,
+ PAL_ATTEST_HASH_BUFFER_SIZE,
+ PAL_ATTEST_ERR_PROTECTED_HEADERS,
+ PAL_ATTEST_ERR_SIGN_STRUCT,
+ PAL_ATTEST_ERR_KEY_FAIL,
+ PAL_ATTEST_ERR_SIGNATURE_FAIL,
+ PAL_ATTEST_ERR_CBOR_STRUCTURE,
+ PAL_ATTEST_ERR_SMALL_BUFFER,
+ PAL_ATTEST_ERROR,
+};
+
+#endif /* _PAL_ATTESTATION_EAT_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_empty_intf.c
similarity index 100%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_empty_intf.c
rename to api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_empty_intf.c
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.c
new file mode 100644
index 00000000..dd41690e
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.c
@@ -0,0 +1,65 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_attestation_intf.h"
+
+/**
+ @brief - This API will call the requested attestation function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_attestation_function(int type, va_list valist)
+{
+ uint8_t *challenge, *token;
+ size_t challenge_size, *token_size, token_buffer_size;
+ int32_t cose_algorithm_id;
+ struct q_useful_buf buffer_for_hash;
+ struct q_useful_buf_c *hash, payload, protected_headers, token_hash, signature;
+
+ switch (type)
+ {
+ case PAL_INITIAL_ATTEST_GET_TOKEN:
+ challenge = va_arg(valist, uint8_t*);
+ challenge_size = va_arg(valist, size_t);
+ token = va_arg(valist, uint8_t*);
+ token_buffer_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token(challenge, challenge_size, token, token_buffer_size,
+ token_size);
+ case PAL_INITIAL_ATTEST_GET_TOKEN_SIZE:
+ challenge_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token_size(challenge_size, token_size);
+ case PAL_INITIAL_ATTEST_COMPUTE_HASH:
+ cose_algorithm_id = va_arg(valist, int32_t);
+ buffer_for_hash = va_arg(valist, struct q_useful_buf);
+ hash = va_arg(valist, struct q_useful_buf_c*);
+ protected_headers = va_arg(valist, struct q_useful_buf_c);
+ payload = va_arg(valist, struct q_useful_buf_c);
+ return pal_compute_hash(cose_algorithm_id, buffer_for_hash, hash,
+ protected_headers, payload);
+ case PAL_INITIAL_ATTEST_VERIFY_WITH_PK:
+ cose_algorithm_id = va_arg(valist, int32_t);
+ token_hash = va_arg(valist, struct q_useful_buf_c);
+ signature = va_arg(valist, struct q_useful_buf_c);
+ return pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_intf.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.h
similarity index 82%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_intf.h
rename to api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.h
index 12f6ee94..3ab7ebb4 100644
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/initial_attestation/pal_attestation_intf.h
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/initial_attestation/pal_attestation_intf.h
@@ -15,8 +15,8 @@
* limitations under the License.
**/
-#ifndef _PAL_INITIAL_ATTESTATION_H_
-#define _PAL_INITIAL_ATTESTATION_H_
+#ifndef _PAL_ATTESTATION_INTF_H_
+#define _PAL_ATTESTATION_INTF_H_
#include "pal_attestation_crypto.h"
@@ -24,7 +24,9 @@ enum attestation_function_code {
PAL_INITIAL_ATTEST_GET_TOKEN = 0x1,
PAL_INITIAL_ATTEST_GET_TOKEN_SIZE = 0x2,
PAL_INITIAL_ATTEST_VERIFY_TOKEN = 0x3,
+ PAL_INITIAL_ATTEST_COMPUTE_HASH = 0x4,
+ PAL_INITIAL_ATTEST_VERIFY_WITH_PK = 0x5,
};
int32_t pal_attestation_function(int type, va_list valist);
-#endif /* _PAL_INITIAL_ATTESTATION_H_ */
+#endif /* _PAL_ATTESTATION_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
new file mode 100644
index 00000000..133cfa9d
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested internal trusted storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_its_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
new file mode 100644
index 00000000..abfdc5d6
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
@@ -0,0 +1,62 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_internal_trusted_storage_intf.h"
+
+/**
+ @brief - This API will call the requested internal trusted storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_its_function(int type, va_list valist)
+{
+ psa_storage_uid_t uid;
+ uint32_t data_size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t its_create_flags;
+ struct psa_storage_info_t *its_p_info;
+
+ switch (type)
+ {
+ case PAL_ITS_SET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ its_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_its_set(uid, data_size, p_write_data, its_create_flags);
+ case PAL_ITS_GET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_its_get(uid, offset, data_size, p_read_data, p_data_length);
+ case PAL_ITS_GET_INFO:
+ uid = va_arg(valist, psa_storage_uid_t);
+ its_p_info = va_arg(valist, struct psa_storage_info_t*);
+ return psa_its_get_info(uid, its_p_info);
+ case PAL_ITS_REMOVE:
+ uid = va_arg(valist, psa_storage_uid_t);
+ return psa_its_remove(uid);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
new file mode 100644
index 00000000..6db6aac6
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+#define _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum its_function_code {
+ PAL_ITS_SET = 0x1,
+ PAL_ITS_GET = 0x2,
+ PAL_ITS_GET_INFO = 0x3,
+ PAL_ITS_REMOVE = 0x4,
+};
+
+uint32_t pal_its_function(int type, va_list valist);
+#endif /* _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_empty_intf.c
new file mode 100644
index 00000000..ee9b13da
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested protected storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_ps_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.c
new file mode 100644
index 00000000..0dd07c57
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.c
@@ -0,0 +1,77 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_protected_storage_intf.h"
+
+/**
+ @brief - This API will call the requested protected storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_ps_function(int type, va_list valist)
+{
+ psa_storage_uid_t uid;
+ uint32_t data_size, size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t ps_create_flags;
+ struct psa_storage_info_t *ps_p_info;
+
+ switch (type)
+ {
+ case PAL_PS_SET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_ps_set(uid, data_size, p_write_data, ps_create_flags);
+ case PAL_PS_GET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_ps_get(uid, offset, data_size, p_read_data, p_data_length);
+ case PAL_PS_GET_INFO:
+ uid = va_arg(valist, psa_storage_uid_t);
+ ps_p_info = va_arg(valist, struct psa_storage_info_t*);
+ return psa_ps_get_info(uid, ps_p_info);
+ case PAL_PS_REMOVE:
+ uid = va_arg(valist, psa_storage_uid_t);
+ return psa_ps_remove(uid);
+ case PAL_PS_CREATE:
+ uid = va_arg(valist, psa_storage_uid_t);
+ size = va_arg(valist, uint32_t);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_ps_create(uid, size, ps_create_flags);
+ case PAL_PS_SET_EXTENDED:
+ uid = va_arg(valist, psa_storage_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ return psa_ps_set_extended(uid, offset, data_size, p_write_data);
+ case PAL_PS_GET_SUPPORT:
+ return psa_ps_get_support();
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.h b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.h
new file mode 100644
index 00000000..a338cdf7
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/nspe/protected_storage/pal_protected_storage_intf.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_PROTECTED_STORAGE_INTF_H_
+#define _PAL_PROTECTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum ps_function_code {
+ PAL_PS_SET = 0x1,
+ PAL_PS_GET = 0x2,
+ PAL_PS_GET_INFO = 0x3,
+ PAL_PS_REMOVE = 0x4,
+ PAL_PS_CREATE = 0x5,
+ PAL_PS_SET_EXTENDED = 0x6,
+ PAL_PS_GET_SUPPORT = 0x7,
+};
+
+uint32_t pal_ps_function(int type, va_list valist);
+#endif /* _PAL_PROTECTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/spe/pal_driver_intf.c b/api-tests/platform/targets/tgt_ff_tfm_an521/spe/pal_driver_intf.c
similarity index 100%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/spe/pal_driver_intf.c
rename to api-tests/platform/targets/tgt_ff_tfm_an521/spe/pal_driver_intf.c
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/spe/pal_driver_intf.h b/api-tests/platform/targets/tgt_ff_tfm_an521/spe/pal_driver_intf.h
similarity index 100%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/spe/pal_driver_intf.h
rename to api-tests/platform/targets/tgt_ff_tfm_an521/spe/pal_driver_intf.h
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/target.cfg b/api-tests/platform/targets/tgt_ff_tfm_an521/target.cfg
new file mode 100644
index 00000000..729388ea
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/target.cfg
@@ -0,0 +1,78 @@
+///** @file
+// * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+// * SPDX-License-Identifier : Apache-2.0
+// *
+// * Licensed under the Apache License, Version 2.0 (the "License");
+// * you may not use this file except in compliance with the License.
+// * You may obtain a copy of the License at
+// *
+// * http://www.apache.org/licenses/LICENSE-2.0
+// *
+// * Unless required by applicable law or agreed to in writing, software
+// * distributed under the License is distributed on an "AS IS" BASIS,
+// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// * See the License for the specific language governing permissions and
+// * limitations under the License.
+//**/
+
+// UART device info
+uart.num=1;
+uart.0.base = 0x50202000; // UART2_S
+uart.0.size = 0xFFF;
+uart.0.intr_id = 0xFF;
+uart.0.permission = TYPE_READ_WRITE;
+
+// Watchdog device info
+watchdog.num = 1;
+watchdog.0.base = 0x50081000; // APB_WATCHDOG_BASE_S
+watchdog.0.size = 0xFFF;
+watchdog.0.intr_id = 0xFF;
+watchdog.0.permission = TYPE_READ_WRITE;
+watchdog.0.num_of_tick_per_micro_sec = 0x3; //(sys_feq/1000000)
+watchdog.0.timeout_in_micro_sec_low = 0xF4240; //1.0 sec : 1 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_medium = 0x1E8480; //2.0 sec : 2 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_high = 0x4C4B40; //5.0 sec : 5 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_crypto = 0x1312D00; //18.0 sec : 18 * 1000 * 1000
+
+// Range of 1KB Non-volatile memory to preserve data over reset. Ex, NVRAM and FLASH
+nvmem.num =1;
+nvmem.0.start = 0x102FFC00; // (FLASH0_BASE_S + FLASH0_SIZE - 0x400)
+nvmem.0.end = 0x102FFFFF;
+nvmem.0.permission = TYPE_READ_WRITE;
+
+// Miscellaneous - Test scatter info
+dut.num = 1;
+
+// Start address of 12KB NS memory for test ELF
+dut.0.ns_test_addr = 0x281E0000;
+
+// Start address of combine_test_binary in memory. Memory can be main memory or secondary memory.
+// Size of combine_test_binary = Summation of size of each test ELF file
+dut.0.ns_start_addr_of_combine_test_binary = 0x281F0000;
+
+// Is combine_test_binary available in RAM?
+dut.0.combine_test_binary_in_ram = AVAILABLE;
+
+
+// ###################################################################
+// Following Target configuration parameters are required for IPC tests
+// only. Avoid updating them if you are running dev_apis tests.
+// ###################################################################
+
+// Assign free memory range for isolation testing. Choose the addresses
+// for these memory regions such that it follows below condition:
+// nspe_mmio.0.start < server_partition_mmio.0.start < driver_partition_mmio.0.start.
+nspe_mmio.num=1;
+nspe_mmio.0.start = 0x00300F00;
+nspe_mmio.0.end = 0x00300F1F;
+nspe_mmio.0.permission = TYPE_READ_WRITE;
+
+server_partition_mmio.num=1;
+server_partition_mmio.0.start = 0x3801FC00;
+server_partition_mmio.0.end = 0x3801FD00;
+server_partition_mmio.0.permission = TYPE_READ_WRITE;
+
+driver_partition_mmio.num=1;
+driver_partition_mmio.0.start = 0x3801FE00;
+driver_partition_mmio.0.end = 0x3801FF00;
+driver_partition_mmio.0.permission = TYPE_READ_WRITE;
diff --git a/api-tests/platform/targets/tgt_ff_tfm_an521/target.cmake b/api-tests/platform/targets/tgt_ff_tfm_an521/target.cmake
new file mode 100644
index 00000000..d33dcc93
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_an521/target.cmake
@@ -0,0 +1,109 @@
+#/** @file
+# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+# PAL C source files part of NSPE library
+list(APPEND PAL_SRC_C_NSPE )
+
+# PAL ASM source files part of NSPE library
+list(APPEND PAL_SRC_ASM_NSPE )
+
+# PAL C source files part of SPE library - driver partition
+list(APPEND PAL_SRC_C_DRIVER_SP )
+
+# PAL ASM source files part of SPE library - driver partition
+list(APPEND PAL_SRC_ASM_DRIVER_SP )
+
+
+# Listing all the sources required for given target
+if(${SUITE} STREQUAL "IPC")
+ list(APPEND PAL_SRC_C_NSPE
+ # driver functionalities are implemented as RoT-services
+ # and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ipc_intf.c
+ )
+ list(APPEND PAL_SRC_C_DRIVER_SP
+ # Driver files will be compiled as part of driver partition
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/spe/pal_driver_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/cmsdk/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+else()
+ list(APPEND PAL_SRC_C_NSPE
+ # driver files will be compiled as part of NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_empty_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ns_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/cmsdk/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+endif()
+if(${SUITE} STREQUAL "CRYPTO")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto/pal_crypto_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "PROTECTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage/pal_protected_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c
+ )
+endif()
+
+# Create NSPE library
+add_library(${PSA_TARGET_PAL_NSPE_LIB} STATIC ${PAL_SRC_C_NSPE} ${PAL_SRC_ASM_NSPE})
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE ${psa_inc_path})
+endforeach()
+
+list(APPEND PAL_DRIVER_INCLUDE_PATHS
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem
+ ${PSA_ROOT_DIR}/platform/drivers/uart/cmsdk
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk
+)
+
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PAL_DRIVER_INCLUDE_PATHS}
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation
+)
+
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PSA_QCBOR_INCLUDE_PATH}
+)
+endif()
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_empty_intf.c
new file mode 100644
index 00000000..0030ef04
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_empty_intf.c
@@ -0,0 +1,95 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_client_api_intf.h"
+
+/**
+ * @brief - Retrieve the version of the PSA Framework API that is implemented.
+ * This is a wrapper API for psa_framework_version API.
+ * @param - void
+ * @return - The PSA Framework API version.
+ */
+
+uint32_t pal_ipc_framework_version(void)
+{
+ return 0;
+}
+
+/**
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
+ * This is a wrapper API for the psa_version API.
+ * @param - sid The Root of Trust Service ID
+ * @return - version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * Service not present on the system.
+ */
+
+uint32_t pal_ipc_version(uint32_t sid)
+{
+ return PSA_VERSION_NONE;
+}
+
+/**
+ * @brief - Connect to given sid.
+ * This is a wrapper API for the psa_connect API.
+ * @param - sid : RoT service id
+ * @param - version : version of RoT service
+ * @return - psa_handle_t : return connection handle
+ */
+
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
+{
+ return PSA_NULL_HANDLE;
+}
+
+/**
+ * @brief Call a connected Root of Trust Service.
+ * This is a wrapper API for the psa_call API.
+ * The caller must provide an array of ::psa_invec_t structures as the input payload.
+ *
+ * @param -handle Handle for the connection.
+ * @param -type Request type.
+ * @param -in_vec Array of psa_invec structures.
+ * @param -in_len Number of psa_invec structures in in_vec.
+ * @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
+ * @param -out_len Number of psa_outvec structures in out_vec.
+ * @return -psa_status_t
+ */
+
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
+{
+ return (PSA_SUCCESS - 1);
+}
+
+/**
+ * @brief Close a connection to a Root of Trust Service.
+ * This is a wrapper API for the psa_close API.
+ * Sends the PSA_IPC_DISCONNECT message to the Root of Trust Service so it can clean up resources.
+ *
+ * @param handle Handle for the connection.
+ * @return void
+ */
+
+void pal_ipc_close(psa_handle_t handle)
+{
+ return;
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_intf.c
similarity index 81%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_intf.c
rename to api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_intf.c
index 20ddd118..68af13d3 100644
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_client_api_intf.c
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_intf.c
@@ -32,10 +32,10 @@ uint32_t pal_ipc_framework_version(void)
}
/**
- * @brief - Retrieve the minor version of a Root of Trust Service by its SID.
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
* This is a wrapper API for the psa_version API.
* @param - sid The Root of Trust Service ID
- * @return - Minor version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * @return - Version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
* Service not present on the system.
* Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
*/
@@ -49,14 +49,14 @@ uint32_t pal_ipc_version(uint32_t sid)
* @brief - Connect to given sid.
* This is a wrapper API for the psa_connect API.
* @param - sid : RoT service id
- * @param - minor_version : minor_version of RoT service
+ * @param - version : version of RoT service
* @return - psa_handle_t : return connection handle
* Note - Return PSA_NULL_HANDLE if PSA IPC is not implemented.
*/
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
{
- return (psa_connect(sid, minor_version));
+ return (psa_connect(sid, version));
}
/**
@@ -65,6 +65,7 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
* The caller must provide an array of ::psa_invec_t structures as the input payload.
*
* @param -handle Handle for the connection.
+ * @param -type Request type.
* @param -in_vec Array of psa_invec structures.
* @param -in_len Number of psa_invec structures in in_vec.
* @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
@@ -74,12 +75,13 @@ psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version)
*/
psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len)
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
{
- return (psa_call(handle, in_vec, in_len, out_vec, out_len));
+ return (psa_call(handle, type, in_vec, in_len, out_vec, out_len));
}
/**
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_intf.h
new file mode 100644
index 00000000..89b4da66
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_client_api_intf.h
@@ -0,0 +1,33 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CLIENT_API_H_
+#define _PAL_CLIENT_API_H_
+
+#include "pal_common.h"
+
+uint32_t pal_ipc_framework_version(void);
+uint32_t pal_ipc_version(uint32_t sid);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version);
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
+void pal_ipc_close(psa_handle_t handle);
+#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_common.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_common.h
similarity index 96%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_common.h
rename to api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_common.h
index 3ebe1e10..0a63b026 100644
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_common.h
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_common.h
@@ -24,10 +24,8 @@
#include
#include
-#ifndef TARGET_CFG_BUILD
#include "pal_config.h"
#include "pal_crypto_config.h"
-#endif
/* typedef's */
typedef uint8_t bool_t;
@@ -87,7 +85,7 @@ typedef enum {
* Redefining some of the client.h elements for compilation to go through
* when PSA IPC APIs are not implemented.
*/
-#if (PSA_IPC_IMPLEMENTED == 0)
+#ifndef IPC
#ifndef PSA_VERSION_NONE
#define PSA_VERSION_NONE (0)
@@ -113,6 +111,6 @@ typedef struct psa_outvec {
size_t len;
} psa_outvec;
-#endif /* PSA_IPC_IMPLEMENTED */
+#endif /* IPC */
#endif /* _PAL_COMMON_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_config.h
new file mode 100644
index 00000000..b8ddc57d
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_config.h
@@ -0,0 +1,97 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CONFIG_H_
+#define _PAL_CONFIG_H_
+
+/* Define PSA test suite dependent macros for non-cmake build */
+#if !defined(PSA_CMAKE_BUILD)
+
+/* Print verbosity = TEST */
+#define VERBOSE 3
+
+/* NSPE or SPE VAL build? */
+#define VAL_NSPE_BUILD
+
+/* NSPE or SPE TEST build? */
+#define NONSECURE_TEST_BUILD
+
+/* Combine test archive or binary? */
+#define TEST_COMBINE_ARCHIVE
+
+/* If not defined, skip watchdog programming */
+#define WATCHDOG_AVAILABLE
+
+/* Are Dynamic memory APIs available to secure partition? */
+#define SP_HEAP_MEM_SUPP
+
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
+#endif /* PSA_CMAKE_BUILD */
+
+/* Version of crypto spec used in attestation */
+#define CRYPTO_VERSION_BETA3
+
+/* Use hardcoded public key */
+//#define PLATFORM_OVERRIDE_ATTEST_PK
+
+/* Platform specific max UID's size */
+#define PLATFORM_MAX_UID_SIZE 512
+
+/*
+ * Include of PSA defined Header files
+ */
+#ifdef IPC
+/* psa/client.h: Contains the PSA Client API elements */
+#include "psa/client.h"
+
+/*
+ * psa_manifest/sid.h: Macro definitions derived from manifest files that map from RoT Service
+ * names to Service IDs (SIDs). Partition manifest parse build tool must provide the implementation
+ * of this file.
+*/
+#include "psa_manifest/sid.h"
+
+/*
+ * psa_manifest/pid.h: Secure Partition IDs
+ * Macro definitions that map from Secure Partition names to Secure Partition IDs.
+ * Partition manifest parse build tool must provide the implementation of this file.
+*/
+#include "psa_manifest/pid.h"
+#endif
+
+#ifdef CRYPTO
+/* psa/crypto.h: Contains the PSA Crypto API elements */
+#include "psa/crypto.h"
+#endif
+
+#ifdef INTERNAL_TRUSTED_STORAGE
+/* psa/internal_trusted_storage.h: Contains the PSA ITS API elements */
+#include "psa/internal_trusted_storage.h"
+#endif
+
+#ifdef PROTECTED_STORAGE
+/* psa/protected_storage.h: Contains the PSA PS API elements */
+#include "psa/protected_storage.h"
+#endif
+
+#ifdef INITIAL_ATTESTATION
+/* psa/initial_attestation.h: Contains the PSA Initial Attestation API elements */
+#include "psa/initial_attestation.h"
+#endif
+
+#endif /* _PAL_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_driver_ipc_intf.c
similarity index 77%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_driver_ipc_intf.c
rename to api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_driver_ipc_intf.c
index f8f773fb..139f04fc 100644
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_driver_ipc_intf.c
@@ -33,20 +33,20 @@ int pal_uart_init_ns(uint32_t uart_base_addr)
{&uart_base_addr, sizeof(uart_base_addr)},
{NULL, 0}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return(PAL_STATUS_ERROR);
- }
+ status_of_call = pal_ipc_call(print_handle, 0, data, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
- status_of_call = pal_ipc_call(print_handle, data, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_SUCCESS;
+ }
+ else
{
- return(PAL_STATUS_ERROR);
+ return PAL_STATUS_ERROR;
}
-
- pal_ipc_close(print_handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -62,7 +62,6 @@ int pal_print_ns(char *str, int32_t data)
char *p = str;
psa_handle_t print_handle = 0;
psa_status_t status_of_call = PSA_SUCCESS;
- pal_status_t status = PAL_STATUS_SUCCESS;
uart_fn_type_t uart_fn = UART_PRINT;
while (*p != '\0')
@@ -74,22 +73,21 @@ int pal_print_ns(char *str, int32_t data)
psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)},
{str, string_len+1},
{&data, sizeof(data)}};
- print_handle = pal_ipc_connect(DRIVER_UART_SID, 0);
- if (print_handle < 0)
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(print_handle, 0, data1, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(print_handle, data1, 3, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- status = PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(print_handle);
- return status;
}
/**
@@ -111,22 +109,20 @@ int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick
wd_param.wd_timer_tick_us = timer_tick_us;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -146,22 +142,20 @@ int pal_wd_timer_enable_ns(addr_t base_addr)
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -181,22 +175,20 @@ int pal_wd_timer_disable_ns(addr_t base_addr)
wd_param.wd_timer_tick_us = 0;
psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
- handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -220,22 +212,20 @@ int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)}};
psa_outvec outvec[1] = {{buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, outvec, 1);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 1, outvec, 1);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- psa_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
@@ -258,22 +248,20 @@ int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
nvmem_param.size = size;
psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
- handle = pal_ipc_connect(DRIVER_NVMEM_SID, 0);
- if (handle < 0)
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
{
- return PAL_STATUS_ERROR;
+ status_of_call = pal_ipc_call(handle, 0, invec, 2, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
}
else
{
- status_of_call = pal_ipc_call(handle, invec, 2, NULL, 0);
- if (status_of_call != PSA_SUCCESS)
- {
- pal_ipc_close(handle);
- return PAL_STATUS_ERROR;
- }
+ return PAL_STATUS_ERROR;
}
- pal_ipc_close(handle);
- return PAL_STATUS_SUCCESS;
}
/**
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_driver_ns_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_driver_ns_intf.c
similarity index 98%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_driver_ns_intf.c
rename to api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_driver_ns_intf.c
index 2af6fcc7..338df6cb 100644
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/common/pal_driver_ns_intf.c
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/common/pal_driver_ns_intf.c
@@ -27,7 +27,7 @@
**/
int pal_uart_init_ns(uint32_t uart_base_addr)
{
- pal_uart_cmsdk_init(uart_base_addr);
+ pal_uart_pl011_init(uart_base_addr);
return PAL_STATUS_SUCCESS;
}
@@ -40,7 +40,7 @@ int pal_uart_init_ns(uint32_t uart_base_addr)
int pal_print_ns(char *str, int32_t data)
{
- pal_cmsdk_print(str, data);
+ pal_uart_pl011_print(str, data);
return PAL_STATUS_SUCCESS;
}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config.h
new file mode 100644
index 00000000..6f3eca7c
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config.h
@@ -0,0 +1,329 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+/*
+ * \file pal_crypto_config.h
+ *
+ * \brief Configuration options for crypto tests (set of defines)
+ *
+ * This set of compile-time options may be used to enable
+ * or disable features selectively for crypto test suite
+ */
+
+#ifndef _PAL_CRYPTO_CONFIG_H_
+#define _PAL_CRYPTO_CONFIG_H_
+/**
+ * \def ARCH_TEST_RSA
+ *
+ * Enable the RSA public-key cryptosystem.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_RSA
+#define ARCH_TEST_RSA_1024
+#define ARCH_TEST_RSA_2048
+#define ARCH_TEST_RSA_3072
+
+/**
+ * \def ARCH_TEST_ECC
+ * \def ARCH_TEST_ECC_CURVE_SECPXXXR1
+ *
+ * Enable the elliptic curve
+ * Enable specific curves within the Elliptic Curve
+ * module. By default all supported curves are enabled.
+ *
+ * Requires: ARCH_TEST_ECC
+ * Comment macros to disable the curve
+ */
+#define ARCH_TEST_ECC
+#define ARCH_TEST_ECC_CURVE_SECP192R1
+#define ARCH_TEST_ECC_CURVE_SECP224R1
+#define ARCH_TEST_ECC_CURVE_SECP256R1
+#define ARCH_TEST_ECC_CURVE_SECP384R1
+
+/**
+ * \def ARCH_TEST_AES
+ *
+ * Enable the AES block cipher.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_AES
+#define ARCH_TEST_AES_128
+#define ARCH_TEST_AES_192
+#define ARCH_TEST_AES_256
+#define ARCH_TEST_AES_512
+
+/**
+ * \def ARCH_TEST_DES
+ *
+ * Enable the DES block cipher.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+//#define ARCH_TEST_DES
+//#define ARCH_TEST_DES_1KEY
+//#define ARCH_TEST_DES_2KEY
+//#define ARCH_TEST_DES_3KEY
+
+/**
+ * \def ARCH_TEST_RAW
+ *
+ * A "key" of this type cannot be used for any cryptographic operation.
+ * Applications may use this type to store arbitrary data in the keystore.
+ */
+#define ARCH_TEST_RAW
+
+/**
+ * \def ARCH_TEST_CIPER
+ *
+ * Enable the generic cipher layer.
+ */
+
+#define ARCH_TEST_CIPER
+
+/**
+ * \def ARCH_TEST_ARC4
+ *
+ * Enable the ARC4 key type.
+ */
+//#define ARCH_TEST_ARC4
+
+/**
+ * \def ARCH_TEST_CIPER_MODE_CTR
+ *
+ * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPER
+ */
+#define ARCH_TEST_CIPER_MODE_CTR
+
+/**
+ * \def ARCH_TEST_CIPER_MODE_CFB
+ *
+ * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPER
+ */
+#define ARCH_TEST_CIPER_MODE_CFB
+
+/**
+ * \def ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPER
+ */
+#define ARCH_TEST_CIPER_MODE_CBC
+
+/**
+ * \def ARCH_TEST_CTR_AES
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CTR
+ */
+#define ARCH_TEST_CTR_AES
+
+/**
+ * \def ARCH_TEST_CBC_AES
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_AES
+#define ARCH_TEST_CBC_AES_NO_PADDING
+
+/**
+ * \def ARCH_TEST_CBC_NO_PADDING
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_NO_PADDING
+
+/**
+ * \def ARCH_TEST_CFB_AES
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CFB
+ */
+#define ARCH_TEST_CFB_AES
+
+/**
+ * \def ARCH_TEST_PKCS1V15_*
+ *
+ * Enable support for PKCS#1 v1.5 encoding.
+ * Enable support for PKCS#1 v1.5 operations.
+ * Enable support for RSA-OAEP
+ *
+ * Requires: ARCH_TEST_RSA, ARCH_TEST_PKCS1V15
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_PKCS1V15
+#define ARCH_TEST_RSA_PKCS1V15_SIGN
+#define ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
+#define ARCH_TEST_RSA_PKCS1V15_CRYPT
+#define ARCH_TEST_RSA_OAEP
+
+/**
+ * \def ARCH_TEST_CBC_PKCS7
+ *
+ * Requires: ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_PKCS7
+
+/**
+ * \def ARCH_TEST_ASYMMETRIC_ENCRYPTION
+ *
+ * Enable support for Asymmetric encryption algorithms
+ */
+#define ARCH_TEST_ASYMMETRIC_ENCRYPTION
+
+/**
+ * \def ARCH_TEST_HASH
+ *
+ * Enable the hash algorithm.
+ */
+#define ARCH_TEST_HASH
+
+/**
+ * \def ARCH_TEST_HMAC
+ *
+ * The key policy determines which underlying hash algorithm the key can be
+ * used for.
+ *
+ * Requires: ARCH_TEST_HASH
+ */
+#define ARCH_TEST_HMAC
+
+/**
+ * \def ARCH_TEST_MDX
+ * \def ARCH_TEST_SHAXXX
+ *
+ * Enable the MDX algorithm.
+ * Enable the SHAXXX algorithm.
+ *
+ * Requires: ARCH_TEST_HASH
+ *
+ * Comment macros to disable the types
+ */
+//#define ARCH_TEST_MD2
+//#define ARCH_TEST_MD4
+//#define ARCH_TEST_MD5
+//#define ARCH_TEST_RIPEMD160
+//#define ARCH_TEST_SHA1
+#define ARCH_TEST_SHA224
+#define ARCH_TEST_SHA256
+#define ARCH_TEST_SHA384
+#define ARCH_TEST_SHA512
+//#define ARCH_TEST_SHA512_224
+//#define ARCH_TEST_SHA512_256
+//#define ARCH_TEST_SHA3_224
+//#define ARCH_TEST_SHA3_256
+//#define ARCH_TEST_SHA3_384
+//#define ARCH_TEST_SHA3_512
+
+/**
+ * \def ARCH_TEST_HKDF
+ *
+ * Enable the HKDF algorithm (RFC 5869).
+ *
+ * Requires: ARCH_TEST_HASH
+*/
+#define ARCH_TEST_HKDF
+
+/**
+ * \def ARCH_TEST_xMAC
+ *
+ * Enable the xMAC (Cipher/Hash/G-based Message Authentication Code) mode for block
+ * ciphers.
+ * Requires: ARCH_TEST_AES or ARCH_TEST_DES
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CMAC
+//#define ARCH_TEST_GMAC
+#define ARCH_TEST_HMAC
+
+/**
+ * \def ARCH_TEST_CCM
+ *
+ * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
+ *
+ * Requires: ARCH_TEST_AES
+ */
+#define ARCH_TEST_CCM
+
+/**
+ * \def ARCH_TEST_GCM
+ *
+ * Enable the Galois/Counter Mode (GCM) for AES.
+ *
+ * Requires: ARCH_TEST_AES
+ *
+ */
+#define ARCH_TEST_GCM
+
+/**
+ * \def ARCH_TEST_TRUNCATED_MAC
+ *
+ * Enable support for RFC 6066 truncated HMAC in SSL.
+ *
+ * Comment this macro to disable support for truncated HMAC in SSL
+ */
+#define ARCH_TEST_TRUNCATED_MAC
+
+
+/**
+ * \def ARCH_TEST_ECDH
+ *
+ * Enable the elliptic curve Diffie-Hellman library.
+ *
+ * Requires: ARCH_TEST_ECC
+ */
+#define ARCH_TEST_ECDH
+
+/**
+ * \def ARCH_TEST_ECDSA
+ *
+ * Enable the elliptic curve DSA library.
+ * Requires: ARCH_TEST_ECC
+ */
+#define ARCH_TEST_ECDSA
+
+/**
+ * \def ARCH_TEST_DETERMINISTIC_ECDSA
+ *
+ * Enable deterministic ECDSA (RFC 6979).
+*/
+#define ARCH_TEST_DETERMINISTIC_ECDSA
+
+/**
+ * \def ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
+ *
+ * Enable ECC support for asymmetric API.
+*/
+//#define ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
+#include "pal_crypto_config_check.h"
+
+#endif /* _PAL_CRYPTO_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config_check.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config_check.h
new file mode 100644
index 00000000..443e0bc2
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_config_check.h
@@ -0,0 +1,223 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+/**
+ * \file pal_crypto_config_check.h
+ *
+ * \brief Consistency checks for configuration options
+ *
+ */
+
+#ifndef _PAL_CRYPTO_CONFIG_CHECK_H_
+#define _PAL_CRYPTO_CONFIG_CHECK_H_
+
+#if defined(ARCH_TEST_RSA_1024) && !defined(ARCH_TEST_RSA)
+#error "ARCH_TEST_RSA_1024 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_2048) && !defined(ARCH_TEST_RSA)
+#error "ARCH_TEST_RSA_2048 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_3072) && !defined(ARCH_TEST_RSA)
+#error "ARCH_TEST_RSA_3072 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP192R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP192R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP224R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP224R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP256R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP256R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP384R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP384R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_AES_128) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_AES_128 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_AES_256) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_AES_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_AES_512) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_AES_512 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_DES_1KEY) && !defined(ARCH_TEST_DES)
+#error "ARCH_TEST_DES_1KEY defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_DES_2KEY) && !defined(ARCH_TEST_DES)
+#error "ARCH_TEST_DES_2KEY defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_DES_3KEY) && !defined(ARCH_TEST_DES)
+#error "ARCH_TEST_DES_3KEY defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CIPER_MODE_CTR) && !defined(ARCH_TEST_CIPER)
+#error "ARCH_TEST_CIPER_MODE_CTR defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CIPER_MODE_CFB) && !defined(ARCH_TEST_CIPER)
+#error "ARCH_TEST_CIPER_MODE_CFB defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CIPER_MODE_CBC) && !defined(ARCH_TEST_CIPER)
+#error "ARCH_TEST_CIPER_MODE_CBC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CTR_AES) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CTR))
+#error "ARCH_TEST_CTR_AES defined, but not all prerequisites"
+#endif
+
+#if (defined(ARCH_TEST_CBC_AES) || defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CBC))
+#error "ARCH_TEST_CBC_AES defined, but not all prerequisites"
+#endif
+
+#if (defined(ARCH_TEST_CBC_NO_PADDING)) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_CIPER_MODE_CBC))
+#error "ARCH_TEST_CBC_NO_PADDING defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CFB_AES) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CFB))
+#error "ARCH_TEST_CFB_AES defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_PKCS1V15_SIGN) &&\
+ (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15))
+#error "ARCH_TEST_RSA_PKCS1V15_SIGN defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_PKCS1V15_SIGN_RAW) &&\
+ (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15))
+#error "ARCH_TEST_RSA_PKCS1V15_SIGN_RAW defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_PKCS1V15_CRYPT) &&\
+ (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15))
+#error "ARCH_TEST_RSA_PKCS1V15_CRYPT defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CBC_PKCS7) && !defined(ARCH_TEST_CIPER_MODE_CBC)
+#error "ARCH_TEST_CBC_PKCS7 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_HMAC) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_HMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_MD2) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_MD2 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_MD4) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_MD4 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_MD5) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_MD5 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RIPEMD160) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_RIPEMD160 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA1) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA224) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA224 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA256) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA512) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA512 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA512_224) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA512_224 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA512_256) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA512_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_224) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_224 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_256) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_384) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_512) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_HKDF) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_HKDF defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CMAC) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_CMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_GMAC) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_GMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_HMAC) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_HMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CCM) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_CCM defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_GCM) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_GCM defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECDH) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECDH defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECDSA) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECDSA defined, but not all prerequisites"
+#endif
+
+#endif /* _PAL_CRYPTO_CONFIG_CHECK_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_empty_intf.c
new file mode 100644
index 00000000..2a28f397
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_crypto_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.c
new file mode 100644
index 00000000..7bad480c
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.c
@@ -0,0 +1,517 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_crypto_intf.h"
+
+#define PAL_KEY_SLOT_COUNT 32
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_crypto_function(int type, va_list valist)
+{
+ int i;
+ psa_status_t status;
+ uint8_t *buffer, *ciphertext, *plaintext;
+ const uint8_t *nonce, *additional_data, *salt, *peer;
+ size_t *length, size, ciphertext_size, nonce_length;
+ size_t salt_length, peer_length, additional_data_length;
+#ifdef NOT_SUPPORTED
+ size_t *tag_length, plaintext_size;
+ psa_aead_operation_t *aead_operation;
+#endif
+ psa_key_attributes_t *attributes;
+ psa_key_handle_t *handle, key_handle;
+ psa_key_type_t *key_type_out, key_type;
+ psa_key_usage_t *usage_out, usage;
+ psa_key_id_t *key_id_out, key_id;
+ psa_key_lifetime_t *key_lifetime_out, key_lifetime;
+ psa_algorithm_t *key_alg_out, key_alg, alg;
+ psa_hash_operation_t *hash_operation, *target_operation;
+ psa_mac_operation_t *mac_operation;
+ psa_cipher_operation_t *cipher_operation;
+ psa_key_derivation_operation_t *derive_operation;
+ psa_key_derivation_step_t step;
+
+ switch (type)
+ {
+ case PAL_CRYPTO_INIT:
+ return psa_crypto_init();
+ case PAL_CRYPTO_GENERATE_RANDOM:
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, int);
+ return psa_generate_random(buffer, size);
+ case PAL_CRYPTO_IMPORT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ status = psa_import_key(attributes, buffer, size, handle);
+ return status;
+ case PAL_CRYPTO_SET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type = va_arg(valist, psa_key_type_t);
+ psa_set_key_type(attributes, key_type);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ size = va_arg(valist, size_t);
+ psa_set_key_bits(attributes, size);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ATTRIBUTES:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ return psa_get_key_attributes(key_handle, attributes);
+ case PAL_CRYPTO_GET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type_out = va_arg(valist, psa_key_type_t *);
+ *key_type_out = psa_get_key_type(attributes);
+ return 0;
+ case PAL_CRYPTO_EXPORT_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage = va_arg(valist, psa_key_usage_t);
+ psa_set_key_usage_flags(attributes, usage);
+ return 0;
+ case PAL_CRYPTO_RESET_KEY_ATTRIBUTES:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ psa_reset_key_attributes(attributes);
+ return 0;
+ case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_public_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id = va_arg(valist, psa_key_id_t);
+ psa_set_key_id(attributes, key_id);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime = va_arg(valist, psa_key_lifetime_t);
+ psa_set_key_lifetime(attributes, key_lifetime);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg = va_arg(valist, psa_algorithm_t);
+ psa_set_key_algorithm(attributes, key_alg);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id_out = va_arg(valist, psa_key_id_t *);
+ *key_id_out = psa_get_key_id(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime_out = va_arg(valist, psa_key_lifetime_t *);
+ *key_lifetime_out = psa_get_key_lifetime(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage_out = va_arg(valist, psa_key_usage_t *);
+ *usage_out = psa_get_key_usage_flags(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg_out = va_arg(valist, psa_algorithm_t *);
+ *key_alg_out = psa_get_key_algorithm(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ length = va_arg(valist, size_t *);
+ *length = psa_get_key_bits(attributes);
+ return 0;
+ case PAL_CRYPTO_DESTROY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_destroy_key(key_handle);
+ case PAL_CRYPTO_HASH_SETUP:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_hash_setup(hash_operation, alg);
+ case PAL_CRYPTO_HASH_UPDATE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_update(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_VERIFY:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_verify(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_FINISH:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_finish(hash_operation, buffer, size, length);
+ case PAL_CRYPTO_HASH_ABORT:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_abort(hash_operation);
+#ifdef NOT_SUPPORTED
+ case PAL_CRYPTO_HASH_COMPUTE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_compute(alg, plaintext, plaintext_size, buffer, size, length);
+ case PAL_CRYPTO_HASH_COMPARE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size);
+#endif
+ case PAL_CRYPTO_HASH_CLONE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ target_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_clone(hash_operation, target_operation);
+ case PAL_CRYPTO_GENERATE_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_generate_key(attributes, handle);
+ case PAL_CRYPTO_AEAD_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_encrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_AEAD_ENCRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_encrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_DECRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_decrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_GENERATE_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_generate_nonce(aead_operation, buffer, size, length);
+ case PAL_CRYPTO_AEAD_SET_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_set_nonce(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_SET_LENGTHS:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ size = va_arg(valist, size_t);
+ plaintext_size = va_arg(valist, size_t);
+ return psa_aead_set_lengths(aead_operation, size, plaintext_size);
+ case PAL_CRYPTO_AEAD_UPDATE_AD:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_update_ad(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_UPDATE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_update(aead_operation, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_FINISH:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ tag_length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_finish(aead_operation, ciphertext, ciphertext_size, length, buffer,
+ size, tag_length);
+ case PAL_CRYPTO_AEAD_VERIFY:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_verify(aead_operation, plaintext, plaintext_size, length, buffer, size);
+ case PAL_CRYPTO_AEAD_ABORT:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ return psa_aead_abort(aead_operation);
+#endif
+ case PAL_CRYPTO_MAC_SIGN_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_sign_setup(mac_operation, key_handle, alg);
+ case PAL_CRYPTO_MAC_UPDATE:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_update(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_SIGN_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_mac_sign_finish(mac_operation, buffer, size, length);
+ case PAL_CRYPTO_MAC_VERIFY_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_verify_setup(mac_operation, key_handle, alg);
+ case PAL_CRYPTO_MAC_VERIFY_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_verify_finish(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_ABORT:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ return psa_mac_abort(mac_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_MAC_COMPUTE:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_mac_compute(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_MAC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size);
+#endif
+ case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_encrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_decrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_encrypt_setup(cipher_operation, key_handle, alg);
+ case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_decrypt_setup(cipher_operation, key_handle, alg);
+ case PAL_CRYPTO_CIPHER_GENERATE_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_generate_iv(cipher_operation, buffer, size, length);
+ case PAL_CRYPTO_CIPHER_SET_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_cipher_set_iv(cipher_operation, buffer, size);
+ case PAL_CRYPTO_CIPHER_UPDATE:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_FINISH:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_finish(cipher_operation, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ABORT:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ return psa_cipher_abort(cipher_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_CIPHER_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_encrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+#endif
+ case PAL_CRYPTO_ASYMMTERIC_SIGN:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_sign(key_handle, alg, buffer, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_ASYMMTERIC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_asymmetric_verify(key_handle, alg, buffer, size, ciphertext,
+ ciphertext_size);
+ case PAL_CRYPTO_RAW_KEY_AGREEMENT:
+ alg = va_arg(valist, psa_algorithm_t);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_raw_key_agreement(alg, key_handle, peer, peer_length, buffer, size, length);
+ case PAL_CRYPTO_COPY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_copy_key(key_handle, attributes, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SETUP:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_key_derivation_setup(derive_operation, alg);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_input_bytes(derive_operation, step, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_key_derivation_input_key(derive_operation, step, key_handle);
+ case PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ return psa_key_derivation_key_agreement(derive_operation, step, key_handle, peer,
+ peer_length);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_output_bytes(derive_operation, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_key_derivation_output_key(attributes, derive_operation, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_set_capacity(derive_operation, size);
+ case PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ length = va_arg(valist, size_t *);
+ return psa_key_derivation_get_capacity(derive_operation, length);
+ case PAL_CRYPTO_KEY_DERIVATION_ABORT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ return psa_key_derivation_abort(derive_operation);
+ case PAL_CRYPTO_OPEN_KEY:
+ key_id = va_arg(valist, psa_key_id_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_open_key(key_id, handle);
+ case PAL_CRYPTO_CLOSE_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_close_key(key_handle);
+ case PAL_CRYPTO_FREE:
+ for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
+ psa_destroy_key(i);
+ return 0;
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.h
new file mode 100644
index 00000000..671dfa0b
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/crypto/pal_crypto_intf.h
@@ -0,0 +1,103 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CRYPTO_INTF_H_
+#define _PAL_CRYPTO_INTF_H_
+
+#include "pal_common.h"
+
+enum crypto_function_code {
+ PAL_CRYPTO_INIT = 0x1,
+ PAL_CRYPTO_GENERATE_RANDOM = 0x2,
+ PAL_CRYPTO_IMPORT_KEY = 0x3,
+ PAL_CRYPTO_EXPORT_KEY = 0x4,
+ PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
+ PAL_CRYPTO_DESTROY_KEY = 0x6,
+ PAL_CRYPTO_HASH_SETUP = 0x7,
+ PAL_CRYPTO_HASH_UPDATE = 0x8,
+ PAL_CRYPTO_HASH_VERIFY = 0x9,
+ PAL_CRYPTO_HASH_FINISH = 0xA,
+ PAL_CRYPTO_HASH_ABORT = 0xB,
+ PAL_CRYPTO_GENERATE_KEY = 0xC,
+ PAL_CRYPTO_AEAD_ENCRYPT = 0xD,
+ PAL_CRYPTO_AEAD_DECRYPT = 0xE,
+ PAL_CRYPTO_MAC_SIGN_SETUP = 0xF,
+ PAL_CRYPTO_MAC_UPDATE = 0x10,
+ PAL_CRYPTO_MAC_SIGN_FINISH = 0x11,
+ PAL_CRYPTO_MAC_VERIFY_SETUP = 0x12,
+ PAL_CRYPTO_MAC_VERIFY_FINISH = 0x13,
+ PAL_CRYPTO_MAC_ABORT = 0x14,
+ PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x15,
+ PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x16,
+ PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x17,
+ PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x18,
+ PAL_CRYPTO_CIPHER_GENERATE_IV = 0x19,
+ PAL_CRYPTO_CIPHER_SET_IV = 0x1A,
+ PAL_CRYPTO_CIPHER_UPDATE = 0x1B,
+ PAL_CRYPTO_CIPHER_FINISH = 0x1C,
+ PAL_CRYPTO_CIPHER_ABORT = 0x1D,
+ PAL_CRYPTO_ASYMMTERIC_SIGN = 0x1E,
+ PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x1F,
+ PAL_CRYPTO_COPY_KEY = 0x20,
+ PAL_CRYPTO_SET_KEY_TYPE = 0x21,
+ PAL_CRYPTO_SET_KEY_BITS = 0x22,
+ PAL_CRYPTO_GET_KEY_ATTRIBUTES = 0x23,
+ PAL_CRYPTO_GET_KEY_TYPE = 0x24,
+ PAL_CRYPTO_SET_KEY_USAGE_FLAGS = 0x25,
+ PAL_CRYPTO_RESET_KEY_ATTRIBUTES = 0x26,
+ PAL_CRYPTO_SET_KEY_ID = 0x27,
+ PAL_CRYPTO_SET_KEY_LIFETIME = 0x28,
+ PAL_CRYPTO_SET_KEY_ALGORITHM = 0x29,
+ PAL_CRYPTO_GET_KEY_ID = 0x2A,
+ PAL_CRYPTO_GET_KEY_LIFETIME = 0x2B,
+ PAL_CRYPTO_GET_KEY_USAGE_FLAGS = 0x2C,
+ PAL_CRYPTO_GET_KEY_ALGORITHM = 0x2D,
+ PAL_CRYPTO_GET_KEY_BITS = 0x2E,
+ PAL_CRYPTO_HASH_COMPUTE = 0x2F,
+ PAL_CRYPTO_HASH_COMPARE = 0x30,
+ PAL_CRYPTO_KEY_DERIVATION_SETUP = 0x31,
+ PAL_CRYPTO_KEY_DERIVATION_ABORT = 0x32,
+ PAL_CRYPTO_RAW_KEY_AGREEMENT = 0x33,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES = 0x34,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY = 0x35,
+ PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT = 0x36,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES = 0x37,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY = 0x38,
+ PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY = 0x39,
+ PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY = 0x3A,
+ PAL_CRYPTO_HASH_CLONE = 0x3B,
+ PAL_CRYPTO_MAC_COMPUTE = 0x3C,
+ PAL_CRYPTO_MAC_VERIFY = 0x3D,
+ PAL_CRYPTO_CIPHER_ENCRYPT = 0x3F,
+ PAL_CRYPTO_CIPHER_DECRYPT = 0x40,
+ PAL_CRYPTO_OPEN_KEY = 0x41,
+ PAL_CRYPTO_CLOSE_KEY = 0x42,
+ PAL_CRYPTO_AEAD_ENCRYPT_SETUP = 0x43,
+ PAL_CRYPTO_AEAD_DECRYPT_SETUP = 0x44,
+ PAL_CRYPTO_AEAD_GENERATE_NONCE = 0x45,
+ PAL_CRYPTO_AEAD_SET_NONCE = 0x46,
+ PAL_CRYPTO_AEAD_SET_LENGTHS = 0X47,
+ PAL_CRYPTO_AEAD_UPDATE_AD = 0x48,
+ PAL_CRYPTO_AEAD_UPDATE = 0x49,
+ PAL_CRYPTO_AEAD_FINISH = 0x4A,
+ PAL_CRYPTO_AEAD_VERIFY = 0x4B,
+ PAL_CRYPTO_AEAD_ABORT = 0x4C,
+ PAL_CRYPTO_FREE = 0xFE,
+};
+
+int32_t pal_crypto_function(int type, va_list valist);
+#endif /* _PAL_CRYPTO_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c
new file mode 100644
index 00000000..91be54df
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.c
@@ -0,0 +1,344 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_attestation_crypto.h"
+
+static uint32_t public_key_registered;
+static psa_key_handle_t public_key_handle;
+
+static inline struct q_useful_buf_c useful_buf_head(struct q_useful_buf_c buf,
+ size_t amount)
+{
+ return UsefulBuf_Head(buf, amount);
+}
+
+static psa_algorithm_t cose_hash_alg_id_to_psa(int32_t cose_hash_alg_id)
+{
+ psa_algorithm_t status;
+
+ switch (cose_hash_alg_id)
+ {
+ case COSE_ALG_SHA256_PROPRIETARY:
+ status = PSA_ALG_SHA_256;
+ break;
+ default:
+ status = PSA_ALG_MD4;
+ break;
+ }
+
+ return status;
+}
+
+static int32_t hash_alg_id_from_sig_alg_id(int32_t cose_sig_alg_id)
+{
+ switch (cose_sig_alg_id)
+ {
+ case COSE_ALGORITHM_ES256:
+ return COSE_ALG_SHA256_PROPRIETARY;
+ default:
+ return INT32_MAX;
+ }
+}
+
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id)
+{
+ psa_algorithm_t psa_alg;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+ /* Map the algorithm ID */
+ psa_alg = cose_hash_alg_id_to_psa(cose_hash_alg_id);
+
+ /* Actually do the hash set up */
+ status = psa_hash_setup(psa_hash, psa_alg);
+
+ return status;
+
+}
+
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf_c data_to_hash)
+{
+ if (data_to_hash.ptr == NULL) {
+ /* No data was passed in to be hashed indicating the mode of use is
+ * the computation of the size of hash. This mode is hashing is used
+ * by t_cose when it is requested to compute the size of the signed
+ * data it might compute, which is in turn used to compute the
+ * size of a would be token. When computing the size, the size
+ * like this, there is nothing to do in update()
+ */
+ return;
+ }
+
+ /* Actually hash the data */
+ psa_hash_update(psa_hash, data_to_hash.ptr, data_to_hash.len);
+}
+
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf buffer_to_hold_result,
+ struct q_useful_buf_c *hash_result)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+ /* Actually finish up the hash */
+ status = psa_hash_finish(psa_hash, buffer_to_hold_result.ptr,
+ buffer_to_hold_result.len, &(hash_result->len));
+ hash_result->ptr = buffer_to_hold_result.ptr;
+
+ return status;
+
+}
+
+int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
+
+ status = pal_cose_crypto_hash_start(&psa_hash, COSE_ALG_SHA256_PROPRIETARY);
+ if (status != PSA_SUCCESS)
+ goto Done;
+
+ pal_cose_crypto_hash_update(&psa_hash, bytes_to_hash);
+
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
+ if (status != PSA_SUCCESS)
+ goto Done;
+Done:
+ return status;
+}
+
+uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
+ struct q_useful_buf_c payload)
+{
+ uint32_t status;
+ QCBOREncodeContext cbor_encode_ctx;
+ struct q_useful_buf_c tbs_first_part;
+ QCBORError qcbor_result;
+ int32_t hash_alg_id;
+ UsefulBuf_MAKE_STACK_UB (buffer_for_TBS_first_part, T_COSE_SIZE_OF_TBS);
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
+
+ /* This builds the CBOR-format to-be-signed bytes */
+ QCBOREncode_Init(&cbor_encode_ctx, buffer_for_TBS_first_part);
+ QCBOREncode_OpenArray(&cbor_encode_ctx);
+
+ /* context */
+ QCBOREncode_AddSZString(&cbor_encode_ctx, COSE_SIG_CONTEXT_STRING_SIGNATURE1);
+
+ /* body_protected */
+ QCBOREncode_AddBytes(&cbor_encode_ctx, protected_headers);
+
+ /* sign_protected is not used for Sign1 */
+ /* external_aad */
+ QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
+
+ /* The short fake payload. */
+ QCBOREncode_AddBytesLenOnly(&cbor_encode_ctx, payload);
+ QCBOREncode_CloseArray(&cbor_encode_ctx);
+
+ /* Get the result and convert it to struct q_useful_buf_c representation */
+ qcbor_result = QCBOREncode_Finish(&cbor_encode_ctx, &tbs_first_part);
+ if (qcbor_result)
+ {
+ /* Mainly means that the protected_headers were too big
+ * (which should never happen)
+ */
+ status = PAL_ATTEST_ERR_SIGN_STRUCT;
+ goto Done;
+ }
+
+ /* Start the hashing */
+ hash_alg_id = hash_alg_id_from_sig_alg_id(cose_alg_id);
+
+ /* Don't check hash_alg_id for failure. pal_cose_crypto_hash_start()
+ * will handle it properly
+ */
+ status = pal_cose_crypto_hash_start(&psa_hash, hash_alg_id);
+ if (status)
+ goto Done;
+
+ /* This is hashing of the first part, all the CBOR
+ * except the payload.
+ */
+ pal_cose_crypto_hash_update(&psa_hash, useful_buf_head(tbs_first_part, tbs_first_part.len));
+
+ /* Hash the payload, the second part. */
+ pal_cose_crypto_hash_update(&psa_hash, payload);
+
+ /* Finish the hash and set up to return it */
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
+
+Done:
+ return status;
+}
+
+static int32_t pal_attest_get_public_key(uint8_t *public_key_buff, size_t public_key_buf_size,
+ size_t *public_key_len, psa_ecc_curve_t *elliptic_curve_type)
+{
+ int32_t status = PAL_ATTEST_ERROR;
+
+#ifdef PLATFORM_OVERRIDE_ATTEST_PK
+ if (public_key_buf_size < (attest_key.pubx_key_size + attest_key.puby_key_size + 1))
+ return PAL_ATTEST_ERR_SMALL_BUFFER;
+
+ *public_key_len = (attest_key.pubx_key_size + attest_key.puby_key_size + 1);
+ *elliptic_curve_type = PSA_ECC_CURVE_SECP256R1;
+ memcpy(public_key_buff, (void *)&attest_public_key, *public_key_len);
+ status = PSA_SUCCESS;
+#else
+ status = tfm_initial_attest_get_public_key(public_key_buff,
+ public_key_buf_size,
+ public_key_len,
+ elliptic_curve_type);
+#endif
+
+ return status;
+}
+
+static uint32_t pal_import_attest_key(psa_algorithm_t key_alg)
+{
+ psa_status_t status = PAL_ATTEST_ERROR;
+ psa_key_usage_t usage = PSA_KEY_USAGE_VERIFY;
+ psa_ecc_curve_t ecc_curve;
+ psa_key_type_t attest_key_type;
+ size_t public_key_size;
+ uint8_t public_key_buff[ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH] = {0};
+
+#if defined(CRYPTO_VERSION_BETA1) || defined(CRYPTO_VERSION_BETA2)
+ psa_key_policy_t policy;
+
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+
+ /* Setup the key policy for public key */
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage(&policy, usage, key_alg);
+
+ status = psa_allocate_key(&public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ status = psa_set_key_policy(public_key_handle, &policy);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ /* Import the public key */
+ status = psa_import_key(public_key_handle,
+ attest_key_type,
+ public_key_buff,
+ public_key_size);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+
+#elif defined(CRYPTO_VERSION_BETA3)
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+
+ /* Set the attributes for the public key */
+ psa_set_key_type(&attributes, attest_key_type);
+ psa_set_key_bits(&attributes, public_key_size);
+ psa_set_key_usage_flags(&attributes, usage);
+ psa_set_key_algorithm(&attributes, key_alg);
+ psa_set_key_bits(&attributes, 0);
+
+ /* Import the public key */
+ status = psa_import_key(&attributes,
+ public_key_buff,
+ public_key_size,
+ &public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+#endif
+
+ return status;
+}
+
+static uint32_t pal_destroy_attest_key(void)
+{
+ psa_status_t status;
+
+ if (!public_key_registered)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ status = psa_destroy_key(public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 0;
+
+ return PAL_ATTEST_SUCCESS;
+}
+
+uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id,
+ struct q_useful_buf_c token_hash,
+ struct q_useful_buf_c signature)
+{
+ int32_t status = PAL_ATTEST_ERROR;
+ psa_algorithm_t key_alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
+
+ /* Register the attestation public key */
+ status = pal_import_attest_key(key_alg);
+ if (status != PAL_ATTEST_SUCCESS)
+ return status;
+
+ /* Verify the signature */
+ status = psa_asymmetric_verify(public_key_handle,
+ key_alg, token_hash.ptr, token_hash.len,
+ signature.ptr, signature.len);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_SIGNATURE_FAIL;
+
+ /* Unregister the attestation public key */
+ status = pal_destroy_attest_key();
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ return PAL_ATTEST_SUCCESS;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.h
new file mode 100644
index 00000000..559a24c1
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_crypto.h
@@ -0,0 +1,88 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_CRYPTO_H_
+#define _PAL_ATTESTATION_CRYPTO_H_
+
+#include "pal_attestation_eat.h"
+
+#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH (1 + 2 * PSA_BITS_TO_BYTES(256))
+
+typedef struct {
+ uint8_t *pubx_key;
+ size_t pubx_key_size;
+ uint8_t *puby_key;
+ size_t puby_key_size;
+} ecc_key_t;
+
+struct ecc_public_key_t {
+ const uint8_t a;
+ uint8_t public_key[]; /* X-coordinate || Y-coordinate */
+};
+
+static const struct ecc_public_key_t attest_public_key = {
+ /* Constant byte */
+ 0x04,
+ /* X-coordinate */
+ {0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
+ 0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
+ 0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
+ 0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F,
+ /* Y-coordinate */
+ 0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
+ 0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
+ 0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
+ 0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64},
+};
+
+static const uint8_t initial_attestation_public_x_key[] = {
+ 0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
+ 0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
+ 0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
+ 0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F
+};
+
+static const uint8_t initial_attestation_public_y_key[] = {
+ 0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
+ 0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
+ 0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
+ 0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64
+};
+
+/* Initialize the structure with given public key */
+static const ecc_key_t attest_key = {
+ (uint8_t *)initial_attestation_public_x_key,
+ sizeof(initial_attestation_public_x_key),
+ (uint8_t *)initial_attestation_public_y_key,
+ sizeof(initial_attestation_public_y_key)
+};
+
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id);
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf_c data_to_hash);
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf buffer_to_hold_result,
+ struct q_useful_buf_c *hash_result);
+int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash);
+uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
+ struct q_useful_buf_c payload);
+uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash,
+ struct q_useful_buf_c signature);
+#endif /* _PAL_ATTESTATION_CRYPTO_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.h
new file mode 100644
index 00000000..ea2cf93a
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_eat.h
@@ -0,0 +1,80 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_EAT_H_
+#define _PAL_ATTESTATION_EAT_H_
+
+#include "qcbor.h"
+#include "pal_common.h"
+
+#define PAL_ATTEST_MIN_ERROR 30
+
+#define COSE_ALGORITHM_ES256 -7
+#define COSE_ALG_SHA256_PROPRIETARY -72000
+
+#define USEFUL_BUF_MAKE_STACK_UB UsefulBuf_MAKE_STACK_UB
+
+#define COSE_SIG_CONTEXT_STRING_SIGNATURE1 "Signature1"
+
+/* Private value. Intentionally not documented for Doxygen.
+ * This is the size allocated for the encoded protected headers. It
+ * needs to be big enough for make_protected_header() to succeed. It
+ * currently sized for one header with an algorithm ID up to 32 bits
+ * long -- one byte for the wrapping map, one byte for the label, 5
+ * bytes for the ID. If this is made accidentially too small, QCBOR will
+ * only return an error, and not overrun any buffers.
+ *
+ * 9 extra bytes are added, rounding it up to 16 total, in case some
+ * other protected header is to be added.
+ */
+#define T_COSE_SIGN1_MAX_PROT_HEADER (1+1+5+9)
+
+/**
+ * This is the size of the first part of the CBOR encoded TBS
+ * bytes. It is around 20 bytes. See create_tbs_hash().
+ */
+#define T_COSE_SIZE_OF_TBS \
+ 1 + /* For opening the array */ \
+ sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \
+ 2 + /* Overhead for encoding string */ \
+ T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \
+ 3 * (/* 3 NULL bstrs for fields not used */ \
+ 1 /* size of a NULL bstr */ \
+ )
+#define NULL_USEFUL_BUF_C NULLUsefulBufC
+
+enum attestation_error_code {
+ PAL_ATTEST_SUCCESS = 0,
+ PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING = PAL_ATTEST_MIN_ERROR,
+ PAL_ATTEST_TOKEN_CHALLENGE_MISMATCH,
+ PAL_ATTEST_TOKEN_NOT_SUPPORTED,
+ PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS,
+ PAL_ATTEST_HASH_LENGTH_MISMATCH,
+ PAL_ATTEST_HASH_MISMATCH,
+ PAL_ATTEST_HASH_FAIL,
+ PAL_ATTEST_HASH_UNSUPPORTED,
+ PAL_ATTEST_HASH_BUFFER_SIZE,
+ PAL_ATTEST_ERR_PROTECTED_HEADERS,
+ PAL_ATTEST_ERR_SIGN_STRUCT,
+ PAL_ATTEST_ERR_KEY_FAIL,
+ PAL_ATTEST_ERR_SIGNATURE_FAIL,
+ PAL_ATTEST_ERR_CBOR_STRUCTURE,
+ PAL_ATTEST_ERR_SMALL_BUFFER,
+ PAL_ATTEST_ERROR,
+};
+
+#endif /* _PAL_ATTESTATION_EAT_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_empty_intf.c
new file mode 100644
index 00000000..faf3f493
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested attestation function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_attestation_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c
new file mode 100644
index 00000000..dd41690e
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.c
@@ -0,0 +1,65 @@
+/** @file
+ * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_attestation_intf.h"
+
+/**
+ @brief - This API will call the requested attestation function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_attestation_function(int type, va_list valist)
+{
+ uint8_t *challenge, *token;
+ size_t challenge_size, *token_size, token_buffer_size;
+ int32_t cose_algorithm_id;
+ struct q_useful_buf buffer_for_hash;
+ struct q_useful_buf_c *hash, payload, protected_headers, token_hash, signature;
+
+ switch (type)
+ {
+ case PAL_INITIAL_ATTEST_GET_TOKEN:
+ challenge = va_arg(valist, uint8_t*);
+ challenge_size = va_arg(valist, size_t);
+ token = va_arg(valist, uint8_t*);
+ token_buffer_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token(challenge, challenge_size, token, token_buffer_size,
+ token_size);
+ case PAL_INITIAL_ATTEST_GET_TOKEN_SIZE:
+ challenge_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token_size(challenge_size, token_size);
+ case PAL_INITIAL_ATTEST_COMPUTE_HASH:
+ cose_algorithm_id = va_arg(valist, int32_t);
+ buffer_for_hash = va_arg(valist, struct q_useful_buf);
+ hash = va_arg(valist, struct q_useful_buf_c*);
+ protected_headers = va_arg(valist, struct q_useful_buf_c);
+ payload = va_arg(valist, struct q_useful_buf_c);
+ return pal_compute_hash(cose_algorithm_id, buffer_for_hash, hash,
+ protected_headers, payload);
+ case PAL_INITIAL_ATTEST_VERIFY_WITH_PK:
+ cose_algorithm_id = va_arg(valist, int32_t);
+ token_hash = va_arg(valist, struct q_useful_buf_c);
+ signature = va_arg(valist, struct q_useful_buf_c);
+ return pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.h
new file mode 100644
index 00000000..3ab7ebb4
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/initial_attestation/pal_attestation_intf.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_INTF_H_
+#define _PAL_ATTESTATION_INTF_H_
+
+#include "pal_attestation_crypto.h"
+
+enum attestation_function_code {
+ PAL_INITIAL_ATTEST_GET_TOKEN = 0x1,
+ PAL_INITIAL_ATTEST_GET_TOKEN_SIZE = 0x2,
+ PAL_INITIAL_ATTEST_VERIFY_TOKEN = 0x3,
+ PAL_INITIAL_ATTEST_COMPUTE_HASH = 0x4,
+ PAL_INITIAL_ATTEST_VERIFY_WITH_PK = 0x5,
+};
+
+int32_t pal_attestation_function(int type, va_list valist);
+#endif /* _PAL_ATTESTATION_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
new file mode 100644
index 00000000..133cfa9d
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested internal trusted storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_its_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
new file mode 100644
index 00000000..abfdc5d6
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
@@ -0,0 +1,62 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_internal_trusted_storage_intf.h"
+
+/**
+ @brief - This API will call the requested internal trusted storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_its_function(int type, va_list valist)
+{
+ psa_storage_uid_t uid;
+ uint32_t data_size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t its_create_flags;
+ struct psa_storage_info_t *its_p_info;
+
+ switch (type)
+ {
+ case PAL_ITS_SET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ its_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_its_set(uid, data_size, p_write_data, its_create_flags);
+ case PAL_ITS_GET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_its_get(uid, offset, data_size, p_read_data, p_data_length);
+ case PAL_ITS_GET_INFO:
+ uid = va_arg(valist, psa_storage_uid_t);
+ its_p_info = va_arg(valist, struct psa_storage_info_t*);
+ return psa_its_get_info(uid, its_p_info);
+ case PAL_ITS_REMOVE:
+ uid = va_arg(valist, psa_storage_uid_t);
+ return psa_its_remove(uid);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
new file mode 100644
index 00000000..6db6aac6
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+#define _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum its_function_code {
+ PAL_ITS_SET = 0x1,
+ PAL_ITS_GET = 0x2,
+ PAL_ITS_GET_INFO = 0x3,
+ PAL_ITS_REMOVE = 0x4,
+};
+
+uint32_t pal_its_function(int type, va_list valist);
+#endif /* _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_empty_intf.c
new file mode 100644
index 00000000..ee9b13da
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested protected storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_ps_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.c
new file mode 100644
index 00000000..0dd07c57
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.c
@@ -0,0 +1,77 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_protected_storage_intf.h"
+
+/**
+ @brief - This API will call the requested protected storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_ps_function(int type, va_list valist)
+{
+ psa_storage_uid_t uid;
+ uint32_t data_size, size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t ps_create_flags;
+ struct psa_storage_info_t *ps_p_info;
+
+ switch (type)
+ {
+ case PAL_PS_SET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_ps_set(uid, data_size, p_write_data, ps_create_flags);
+ case PAL_PS_GET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_ps_get(uid, offset, data_size, p_read_data, p_data_length);
+ case PAL_PS_GET_INFO:
+ uid = va_arg(valist, psa_storage_uid_t);
+ ps_p_info = va_arg(valist, struct psa_storage_info_t*);
+ return psa_ps_get_info(uid, ps_p_info);
+ case PAL_PS_REMOVE:
+ uid = va_arg(valist, psa_storage_uid_t);
+ return psa_ps_remove(uid);
+ case PAL_PS_CREATE:
+ uid = va_arg(valist, psa_storage_uid_t);
+ size = va_arg(valist, uint32_t);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_ps_create(uid, size, ps_create_flags);
+ case PAL_PS_SET_EXTENDED:
+ uid = va_arg(valist, psa_storage_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ return psa_ps_set_extended(uid, offset, data_size, p_write_data);
+ case PAL_PS_GET_SUPPORT:
+ return psa_ps_get_support();
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.h
new file mode 100644
index 00000000..a338cdf7
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/nspe/protected_storage/pal_protected_storage_intf.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_PROTECTED_STORAGE_INTF_H_
+#define _PAL_PROTECTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum ps_function_code {
+ PAL_PS_SET = 0x1,
+ PAL_PS_GET = 0x2,
+ PAL_PS_GET_INFO = 0x3,
+ PAL_PS_REMOVE = 0x4,
+ PAL_PS_CREATE = 0x5,
+ PAL_PS_SET_EXTENDED = 0x6,
+ PAL_PS_GET_SUPPORT = 0x7,
+};
+
+uint32_t pal_ps_function(int type, va_list valist);
+#endif /* _PAL_PROTECTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_a/spe/pal_driver_intf.c
similarity index 93%
rename from api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.c
rename to api-tests/platform/targets/tgt_ff_tfm_musca_a/spe/pal_driver_intf.c
index 4d522071..1dfd9639 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.c
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/spe/pal_driver_intf.c
@@ -35,7 +35,7 @@ void pal_uart_init(uint32_t uart_base_addr)
void pal_print(char *str, int32_t data)
{
- pal_uart_pl011_print(str,data);
+ pal_uart_pl011_print(str, data);
}
@@ -75,7 +75,7 @@ int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size)
**/
int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
{
- return(pal_wd_cmsdk_init(base_addr,time_us, timer_tick_us));
+ return pal_wd_cmsdk_init(base_addr, time_us, timer_tick_us);
}
@@ -86,7 +86,7 @@ int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us
**/
int pal_wd_timer_enable(addr_t base_addr)
{
- return(pal_wd_cmsdk_enable(base_addr));
+ return pal_wd_cmsdk_enable(base_addr);
}
/**
@@ -96,7 +96,7 @@ int pal_wd_timer_enable(addr_t base_addr)
**/
int pal_wd_timer_disable(addr_t base_addr)
{
- return (pal_wd_cmsdk_disable(base_addr));
+ return pal_wd_cmsdk_disable(base_addr);
}
/**
@@ -106,7 +106,7 @@ int pal_wd_timer_disable(addr_t base_addr)
**/
int pal_wd_timer_is_enabled(addr_t base_addr)
{
- return (pal_wd_cmsdk_is_enabled(base_addr));
+ return pal_wd_cmsdk_is_enabled(base_addr);
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_an521/spe/pal_driver_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_a/spe/pal_driver_intf.h
similarity index 100%
rename from api-tests/platform/targets/tgt_dev_apis_tfm_an521/spe/pal_driver_intf.h
rename to api-tests/platform/targets/tgt_ff_tfm_musca_a/spe/pal_driver_intf.h
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cfg b/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cfg
new file mode 100644
index 00000000..fbf0022c
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cfg
@@ -0,0 +1,78 @@
+///** @file
+// * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+// * SPDX-License-Identifier : Apache-2.0
+// *
+// * Licensed under the Apache License, Version 2.0 (the "License");
+// * you may not use this file except in compliance with the License.
+// * You may obtain a copy of the License at
+// *
+// * http://www.apache.org/licenses/LICENSE-2.0
+// *
+// * Unless required by applicable law or agreed to in writing, software
+// * distributed under the License is distributed on an "AS IS" BASIS,
+// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// * See the License for the specific language governing permissions and
+// * limitations under the License.
+//**/
+
+// UART device info
+uart.num=1;
+uart.0.base = 0x40102000; // MUSCA_UART1_NS_BASE
+uart.0.size = 0xFFF;
+uart.0.intr_id = 0xFF;
+uart.0.permission = TYPE_READ_WRITE;
+
+// Watchdog device info
+watchdog.num = 1;
+watchdog.0.base = 0x50081000; // MUSCA_CMSDK_WATCHDOG_S_BASE
+watchdog.0.size = 0xFFF;
+watchdog.0.intr_id = 0xFF;
+watchdog.0.permission = TYPE_READ_WRITE;
+watchdog.0.num_of_tick_per_micro_sec = 0x3; //(sys_feq/1000000)
+watchdog.0.timeout_in_micro_sec_low = 0xF4240; //1.0 sec : 1 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_medium = 0x1E8480; //2.0 sec : 2 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_high = 0x4C4B40; //5.0 sec : 5 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_crypto = 0x1312D00; //18.0 sec : 18 * 1000 * 1000
+
+// Range of 1KB Non-volatile memory to preserve data over reset. Ex, NVRAM and FLASH
+nvmem.num =1;
+nvmem.0.start = 0x30017800;
+nvmem.0.end = 0x30017BFF;
+nvmem.0.permission = TYPE_READ_WRITE;
+
+// Miscellaneous - Test scatter info
+dut.num = 1;
+
+// Start address of 12KB NS memory for test ELF
+dut.0.ns_test_addr = 0x281E0000;
+
+// Start address of combine_test_binary in memory. Memory can be main memory or secondary memory.
+// Size of combine_test_binary = Summation of size of each test ELF file
+dut.0.ns_start_addr_of_combine_test_binary = 0x281F0000;
+
+// Is combine_test_binary available in RAM?
+dut.0.combine_test_binary_in_ram = AVAILABLE;
+
+
+// ###################################################################
+// Following Target configuration parameters are required for IPC tests
+// only. Avoid updating them if you are running dev_apis tests.
+// ###################################################################
+
+// Assign free memory range for isolation testing. Choose the addresses
+// for these memory regions such that it follows below condition:
+// nspe_mmio.0.start < server_partition_mmio.0.start < driver_partition_mmio.0.start.
+nspe_mmio.num=1;
+nspe_mmio.0.start = 0x00200F00;
+nspe_mmio.0.end = 0x00200F1F;
+nspe_mmio.0.permission = TYPE_READ_WRITE;
+
+server_partition_mmio.num=1;
+server_partition_mmio.0.start = 0x30017C00;
+server_partition_mmio.0.end = 0x30017D00;
+server_partition_mmio.0.permission = TYPE_READ_WRITE;
+
+driver_partition_mmio.num=1;
+driver_partition_mmio.0.start = 0x30017E00;
+driver_partition_mmio.0.end = 0x30017F00;
+driver_partition_mmio.0.permission = TYPE_READ_WRITE;
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cmake b/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cmake
new file mode 100644
index 00000000..5388ca1a
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_a/target.cmake
@@ -0,0 +1,109 @@
+#/** @file
+# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+# PAL C source files part of NSPE library
+list(APPEND PAL_SRC_C_NSPE )
+
+# PAL ASM source files part of NSPE library
+list(APPEND PAL_SRC_ASM_NSPE )
+
+# PAL C source files part of SPE library - driver partition
+list(APPEND PAL_SRC_C_DRIVER_SP )
+
+# PAL ASM source files part of SPE library - driver partition
+list(APPEND PAL_SRC_ASM_DRIVER_SP )
+
+
+# Listing all the sources required for given target
+if(${SUITE} STREQUAL "IPC")
+ list(APPEND PAL_SRC_C_NSPE
+ # driver functionalities are implemented as RoT-services
+ # and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ipc_intf.c
+ )
+ list(APPEND PAL_SRC_C_DRIVER_SP
+ # Driver files will be compiled as part of driver partition
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/spe/pal_driver_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/pl011/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+else()
+ list(APPEND PAL_SRC_C_NSPE
+ # driver files will be compiled as part of NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_empty_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ns_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/pl011/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+endif()
+if(${SUITE} STREQUAL "CRYPTO")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto/pal_crypto_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "PROTECTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage/pal_protected_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c
+ )
+endif()
+
+# Create NSPE library
+add_library(${PSA_TARGET_PAL_NSPE_LIB} STATIC ${PAL_SRC_C_NSPE} ${PAL_SRC_ASM_NSPE})
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE ${psa_inc_path})
+endforeach()
+
+list(APPEND PAL_DRIVER_INCLUDE_PATHS
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem
+ ${PSA_ROOT_DIR}/platform/drivers/uart/pl011
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk
+)
+
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PAL_DRIVER_INCLUDE_PATHS}
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation
+)
+
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PSA_QCBOR_INCLUDE_PATH}
+)
+endif()
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_empty_intf.c
new file mode 100644
index 00000000..b11cae21
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_empty_intf.c
@@ -0,0 +1,95 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_client_api_intf.h"
+
+/**
+ * @brief - Retrieve the version of the PSA Framework API that is implemented.
+ * This is a wrapper API for psa_framework_version API.
+ * @param - void
+ * @return - The PSA Framework API version.
+ */
+
+uint32_t pal_ipc_framework_version(void)
+{
+ return 0;
+}
+
+/**
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
+ * This is a wrapper API for the psa_version API.
+ * @param - sid The Root of Trust Service ID
+ * @return - version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * Service not present on the system.
+ */
+
+uint32_t pal_ipc_version(uint32_t sid)
+{
+ return PSA_VERSION_NONE;
+}
+
+/**
+ * @brief - Connect to given sid.
+ * This is a wrapper API for the psa_connect API.
+ * @param - sid : RoT service id
+ * @param - version : version of RoT service
+ * @return - psa_handle_t : return connection handle
+ */
+
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
+{
+ return PSA_NULL_HANDLE;
+}
+
+/**
+ * @brief Call a connected Root of Trust Service.
+ * This is a wrapper API for the psa_call API.
+ * The caller must provide an array of ::psa_invec_t structures as the input payload.
+ *
+ * @param -handle Handle for the connection.
+ * @param -type Request type.
+ * @param -in_vec Array of psa_invec structures.
+ * @param -in_len Number of psa_invec structures in in_vec.
+ * @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
+ * @param -out_len Number of psa_outvec structures in out_vec.
+ * @return -psa_status_t
+ */
+
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
+{
+ return (PSA_SUCCESS - 1);
+}
+
+/**
+ * @brief Close a connection to a Root of Trust Service.
+ * This is a wrapper API for the psa_close API.
+ * Sends the PSA_IPC_DISCONNECT message to the Root of Trust Service so it can clean up resources.
+ *
+ * @param handle Handle for the connection.
+ * @return void
+ */
+
+void pal_ipc_close(psa_handle_t handle)
+{
+ return;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_intf.c
new file mode 100644
index 00000000..7f13ec72
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_intf.c
@@ -0,0 +1,99 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_client_api_intf.h"
+
+/**
+ * @brief - Retrieve the version of the PSA Framework API that is implemented.
+ * This is a wrapper API for psa_framework_version API.
+ * @param - void
+ * @return - The PSA Framework API version.
+ * Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
+ */
+
+uint32_t pal_ipc_framework_version(void)
+{
+ return psa_framework_version();
+}
+
+/**
+ * @brief - Retrieve the version of a Root of Trust Service by its SID.
+ * This is a wrapper API for the psa_version API.
+ * @param - sid The Root of Trust Service ID
+ * @return - Version of Root of Trust Service or PSA_VERSION_NONE if Root of Trust
+ * Service not present on the system.
+ * Note - Return PAL_STATUS_ERROR if PSA IPC is not implemented.
+ */
+
+uint32_t pal_ipc_version(uint32_t sid)
+{
+ return psa_version(sid);
+}
+
+/**
+ * @brief - Connect to given sid.
+ * This is a wrapper API for the psa_connect API.
+ * @param - sid : RoT service id
+ * @param - version : version of RoT service
+ * @return - psa_handle_t : return connection handle
+ * Note - Return PSA_NULL_HANDLE if PSA IPC is not implemented.
+ */
+
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version)
+{
+ return psa_connect(sid, version);
+}
+
+/**
+ * @brief Call a connected Root of Trust Service.
+ * This is a wrapper API for the psa_call API.
+ * The caller must provide an array of ::psa_invec_t structures as the input payload.
+ *
+ * @param -handle Handle for the connection.
+ * @param -type Request type.
+ * @param -in_vec Array of psa_invec structures.
+ * @param -in_len Number of psa_invec structures in in_vec.
+ * @param -out_vec Array of psa_outvec structures for optional Root of Trust Service response.
+ * @param -out_len Number of psa_outvec structures in out_vec.
+ * @return -psa_status_t
+ * Note - Return -1 if PSA IPC is not implemented.
+ */
+
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len)
+{
+ return psa_call(handle, type, in_vec, in_len, out_vec, out_len);
+}
+
+/**
+ * @brief Close a connection to a Root of Trust Service.
+ * This is a wrapper API for the psa_close API.
+ * Sends the PSA_IPC_DISCONNECT message to the Root of Trust Service so it can clean up resources.
+ *
+ * @param - handle Handle for the connection.
+ * @return - void
+ */
+
+void pal_ipc_close(psa_handle_t handle)
+{
+ psa_close(handle);
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_intf.h
new file mode 100644
index 00000000..0f8090ad
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_client_api_intf.h
@@ -0,0 +1,33 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CLIENT_API_H_
+#define _PAL_CLIENT_API_H_
+
+#include "pal_common.h"
+
+uint32_t pal_ipc_framework_version(void);
+uint32_t pal_ipc_version(uint32_t sid);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t version);
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ int32_t type,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
+void pal_ipc_close(psa_handle_t handle);
+#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_common.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_common.h
new file mode 100644
index 00000000..a628d4d7
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_common.h
@@ -0,0 +1,115 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_COMMON_H_
+#define _PAL_COMMON_H_
+
+#include
+#include
+#include
+#include
+#include
+
+#include "pal_config.h"
+#include "pal_crypto_config.h"
+
+/* typedef's */
+typedef uint8_t bool_t;
+typedef uint32_t addr_t;
+typedef uint32_t test_id_t;
+typedef uint32_t block_id_t;
+typedef char char8_t;
+typedef uint32_t cfg_id_t;
+
+#define PAL_STATUS_UNSUPPORTED_FUNC 0xFF
+
+typedef enum {
+ PAL_STATUS_SUCCESS = 0x0,
+ PAL_STATUS_ERROR = 0x80
+} pal_status_t;
+
+typedef enum {
+ NVMEM_READ = 0x1,
+ NVMEM_WRITE = 0x2,
+} nvmem_fn_type_t;
+
+typedef struct {
+ nvmem_fn_type_t nvmem_fn_type;
+ addr_t base;
+ uint32_t offset;
+ int size;
+} nvmem_param_t;
+
+typedef enum {
+ WD_INIT_SEQ = 0x1,
+ WD_ENABLE_SEQ = 0x2,
+ WD_DISABLE_SEQ = 0x3,
+ WD_STATUS_SEQ = 0x4,
+} wd_fn_type_t;
+
+typedef enum {
+ WD_LOW_TIMEOUT = 0x1,
+ WD_MEDIUM_TIMEOUT = 0x2,
+ WD_HIGH_TIMEOUT = 0x3,
+ WD_CRYPTO_TIMEOUT = 0x4,
+} wd_timeout_type_t;
+
+typedef struct {
+ wd_fn_type_t wd_fn_type;
+ addr_t wd_base_addr;
+ uint32_t wd_time_us;
+ uint32_t wd_timer_tick_us;
+} wd_param_t;
+
+typedef enum {
+ UART_INIT = 0x1,
+ UART_PRINT = 0x2,
+} uart_fn_type_t;
+
+/*
+ * Redefining some of the client.h elements for compilation to go through
+ * when PSA IPC APIs are not implemented.
+ */
+#ifndef IPC
+
+#ifndef PSA_VERSION_NONE
+#define PSA_VERSION_NONE (0)
+#endif
+
+#ifndef PSA_SUCCESS
+#define PSA_SUCCESS (0)
+typedef int32_t psa_status_t;
+#endif
+typedef int32_t psa_handle_t;
+
+#ifndef PSA_NULL_HANDLE
+#define PSA_NULL_HANDLE ((psa_handle_t)0)
+#endif
+
+typedef struct psa_invec {
+ const void *base;
+ size_t len;
+} psa_invec;
+
+typedef struct psa_outvec {
+ void *base;
+ size_t len;
+} psa_outvec;
+
+#endif /* IPC */
+
+#endif /* _PAL_COMMON_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_config.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_config.h
similarity index 51%
rename from api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_config.h
rename to api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_config.h
index e3f70ad7..3af5cdb6 100644
--- a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/common/pal_config.h
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_config.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,66 +18,44 @@
#ifndef _PAL_CONFIG_H_
#define _PAL_CONFIG_H_
-/*
- * List of macros used by test suite
- */
-#if !defined(PSA_IPC_IMPLEMENTED)
-#define PSA_IPC_IMPLEMENTED 0
-#endif
-
-#if !defined(PSA_CRYPTO_IMPLEMENTED)
-#define PSA_CRYPTO_IMPLEMENTED 0
-#endif
+/* Define PSA test suite dependent macros for non-cmake build */
+#if !defined(PSA_CMAKE_BUILD)
-#if !defined(PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED)
-#define PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED 0
-#endif
+/* Print verbosity = TEST */
+#define VERBOSE 3
-#if !defined(PSA_PROTECTED_STORAGE_IMPLEMENTED)
-#define PSA_PROTECTED_STORAGE_IMPLEMENTED 0
-#endif
+/* NSPE or SPE VAL build? */
+#define VAL_NSPE_BUILD
-#if !defined(PSA_INITIAL_ATTESTATION_IMPLEMENTED)
-#define PSA_INITIAL_ATTESTATION_IMPLEMENTED 0
-#endif
+/* NSPE or SPE TEST build? */
+#define NONSECURE_TEST_BUILD
-#if (PSA_IPC_IMPLEMENTED == 0) && \
- (PSA_CRYPTO_IMPLEMENTED == 0) && \
- (PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED == 0) && \
- (PSA_PROTECTED_STORAGE_IMPLEMENTED == 0) && \
- (PSA_INITIAL_ATTESTATION_IMPLEMENTED == 0)
-#error "You must define at least one of these macros to run test suite"
-#endif
+/* Combine test archive or binary? */
+#define TEST_COMBINE_ARCHIVE
-#if !defined(VERBOSE)
-#define VERBOSE 3 /* Print verbosity = TEST */
-#endif
+/* If not defined, skip watchdog programming */
+#define WATCHDOG_AVAILABLE
-#if (!defined(VAL_NSPE_BUILD) && !defined(SPE_BUILD))
-#define VAL_NSPE_BUILD 1
-#endif
+/* Are Dynamic memory APIs available to secure partition? */
+#define SP_HEAP_MEM_SUPP
-#if (!defined(NONSECURE_TEST_BUILD) && !defined(SPE_BUILD))
-#define NONSECURE_TEST_BUILD 1
-#endif
+/* PSA Isolation level supported by platform */
+#define PLATFORM_PSA_ISOLATION_LEVEL 3
+#endif /* PSA_CMAKE_BUILD */
-#if !defined(TEST_COMBINE_ARCHIVE)
-#define TEST_COMBINE_ARCHIVE 0 /* Combine test archive or binary? */
-#endif
+/* Version of crypto spec used in attestation */
+#define CRYPTO_VERSION_BETA3
-#if !defined(WATCHDOG_AVAILABLE)
-#define WATCHDOG_AVAILABLE 0 /* If zero, skip watchdog programming */
-#endif
+/* Use hardcoded public key */
+//#define PLATFORM_OVERRIDE_ATTEST_PK
-#if !defined(SP_HEAP_MEM_SUPP)
-#define SP_HEAP_MEM_SUPP 0 /* Are Dynamic funcs available to secure partition? */
-#endif
+/* Platform specific max UID's size */
+#define PLATFORM_MAX_UID_SIZE 512
/*
* Include of PSA defined Header files
*/
-
-#if PSA_IPC_IMPLEMENTED
+#ifdef IPC
/* psa/client.h: Contains the PSA Client API elements */
#include "psa/client.h"
@@ -96,22 +74,22 @@
#include "psa_manifest/pid.h"
#endif
-#if PSA_CRYPTO_IMPLEMENTED
+#ifdef CRYPTO
/* psa/crypto.h: Contains the PSA Crypto API elements */
#include "psa/crypto.h"
#endif
-#if PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED
+#ifdef INTERNAL_TRUSTED_STORAGE
/* psa/internal_trusted_storage.h: Contains the PSA ITS API elements */
#include "psa/internal_trusted_storage.h"
#endif
-#if PSA_PROTECTED_STORAGE_IMPLEMENTED
+#ifdef PROTECTED_STORAGE
/* psa/protected_storage.h: Contains the PSA PS API elements */
#include "psa/protected_storage.h"
#endif
-#if PSA_INITIAL_ATTESTATION_IMPLEMENTED
+#ifdef INITIAL_ATTESTATION
/* psa/initial_attestation.h: Contains the PSA Initial Attestation API elements */
#include "psa/initial_attestation.h"
#endif
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_driver_ipc_intf.c
new file mode 100644
index 00000000..bfe1e982
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_driver_ipc_intf.c
@@ -0,0 +1,293 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_client_api_intf.h"
+
+/**
+ @brief - This function initializes the UART
+ @param - uart base addr
+ @return - SUCCESS/FAILURE
+**/
+int pal_uart_init_ns(uint32_t uart_base_addr)
+{
+ psa_handle_t print_handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+ uart_fn_type_t uart_fn = UART_INIT;
+
+ psa_invec data[3] = {{&uart_fn, sizeof(uart_fn)},
+ {&uart_base_addr, sizeof(uart_base_addr)},
+ {NULL, 0} };
+
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
+ {
+ status_of_call = pal_ipc_call(print_handle, 0, data, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - This function parses the input string and writes bytes into UART TX FIFO
+ @param - str : Input String
+ - data : Value for format specifier
+ @return - SUCCESS/FAILURE
+**/
+
+int pal_print_ns(char *str, int32_t data)
+{
+ int string_len = 0;
+ char *p = str;
+ psa_handle_t print_handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+ uart_fn_type_t uart_fn = UART_PRINT;
+
+ while (*p != '\0')
+ {
+ string_len++;
+ p++;
+ }
+
+ psa_invec data1[3] = {{&uart_fn, sizeof(uart_fn)},
+ {str, string_len+1},
+ {&data, sizeof(data)} };
+
+ print_handle = pal_ipc_connect(DRIVER_UART_SID, DRIVER_UART_VERSION);
+ if (PSA_HANDLE_IS_VALID(print_handle))
+ {
+ status_of_call = pal_ipc_call(print_handle, 0, data1, 3, NULL, 0);
+ pal_ipc_close(print_handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Initializes an hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ - time_us : Time in micro seconds
+ - timer_tick_us : Number of ticks per micro second
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_INIT_SEQ;
+ wd_param.wd_base_addr = base_addr;
+ wd_param.wd_time_us = time_us;
+ wd_param.wd_timer_tick_us = timer_tick_us;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} };
+
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Enables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_enable_ns(addr_t base_addr)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_ENABLE_SEQ;
+ wd_param.wd_base_addr = base_addr;
+ wd_param.wd_time_us = 0;
+ wd_param.wd_timer_tick_us = 0;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} };
+
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Disables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_disable_ns(addr_t base_addr)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_DISABLE_SEQ;
+ wd_param.wd_base_addr = base_addr;
+ wd_param.wd_time_us = 0;
+ wd_param.wd_timer_tick_us = 0;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)} };
+
+ handle = pal_ipc_connect(DRIVER_WATCHDOG_SID, DRIVER_WATCHDOG_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Reads from given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ nvmem_param_t nvmem_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ nvmem_param.nvmem_fn_type = NVMEM_READ;
+ nvmem_param.base = base;
+ nvmem_param.offset = offset;
+ nvmem_param.size = size;
+ psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)} };
+ psa_outvec outvec[1] = {{buffer, size} };
+
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 1, outvec, 1);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Writes into given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ nvmem_param_t nvmem_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ nvmem_param.nvmem_fn_type = NVMEM_WRITE;
+ nvmem_param.base = base;
+ nvmem_param.offset = offset;
+ nvmem_param.size = size;
+ psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size} };
+
+ handle = pal_ipc_connect(DRIVER_NVMEM_SID, DRIVER_NVMEM_VERSION);
+ if (PSA_HANDLE_IS_VALID(handle))
+ {
+ status_of_call = pal_ipc_call(handle, 0, invec, 2, NULL, 0);
+ pal_ipc_close(handle);
+ if (status_of_call != PSA_SUCCESS)
+ return PAL_STATUS_ERROR;
+
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ * @brief - This function will read peripherals using SPI commands
+ * @param - addr : address of the peripheral
+ * data : read buffer
+ * len : length of the read buffer in bytes
+ * @return - error status
+**/
+int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len)
+{
+ return 0xFF;
+}
+
+/**
+ * @brief - Terminates the simulation at the end of all tests completion.
+ * By default, it put cpus into power down mode.
+ * @param - void
+ * @return - void
+**/
+void pal_terminate_simulation(void)
+{
+ /* Add logic to terminate the simluation */
+
+ while (1)
+ {
+ asm volatile("WFI");
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_driver_ns_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_driver_ns_intf.c
new file mode 100644
index 00000000..7ad6ce85
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/common/pal_driver_ns_intf.c
@@ -0,0 +1,145 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_uart.h"
+#include "pal_nvmem.h"
+#include "pal_wd_cmsdk.h"
+
+/**
+ @brief - This function initializes the UART
+ @param - uart base addr
+ @return - SUCCESS/FAILURE
+**/
+int pal_uart_init_ns(uint32_t uart_base_addr)
+{
+ pal_uart_pl011_init(uart_base_addr);
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - This function parses the input string and writes bytes into UART TX FIFO
+ @param - str : Input String
+ - data : Value for format specifier
+ @return - SUCCESS/FAILURE
+**/
+
+int pal_print_ns(char *str, int32_t data)
+{
+ pal_uart_pl011_print(str, data);
+ return PAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Initializes an hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ - time_us : Time in micro seconds
+ - timer_tick_us : Number of ticks per micro second
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
+{
+ return pal_wd_cmsdk_init(base_addr, time_us, timer_tick_us);
+}
+
+/**
+ @brief - Enables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_enable_ns(addr_t base_addr)
+{
+ return pal_wd_cmsdk_enable(base_addr);
+}
+
+/**
+ @brief - Disables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_disable_ns(addr_t base_addr)
+{
+ return pal_wd_cmsdk_disable(base_addr);
+}
+
+/**
+ @brief - Reads from given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ if (nvmem_read(base, offset, buffer, size))
+ {
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ @brief - Writes into given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - SUCCESS/FAILURE
+**/
+int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ if (nvmem_write(base, offset, buffer, size))
+ {
+ return PAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return PAL_STATUS_ERROR;
+ }
+}
+
+/**
+ * @brief - This function will read peripherals using SPI commands
+ * @param - addr : address of the peripheral
+ * data : read buffer
+ * len : length of the read buffer in bytes
+ * @return - error status
+**/
+int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len)
+{
+ return 0xFF;
+}
+
+/**
+ * @brief - Terminates the simulation at the end of all tests completion.
+ * By default, it put cpus into power down mode.
+ * @param - void
+ * @return - void
+**/
+void pal_terminate_simulation(void)
+{
+ /* Add logic to terminate the simluation */
+
+ while (1)
+ {
+ asm volatile("WFI");
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config.h
new file mode 100644
index 00000000..aaa1bc56
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config.h
@@ -0,0 +1,329 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+/*
+ * \file pal_crypto_config.h
+ *
+ * \brief Configuration options for crypto tests (set of defines)
+ *
+ * This set of compile-time options may be used to enable
+ * or disable features selectively for crypto test suite
+ */
+
+#ifndef _PAL_CRYPTO_CONFIG_H_
+#define _PAL_CRYPTO_CONFIG_H_
+/**
+ * \def ARCH_TEST_RSA
+ *
+ * Enable the RSA public-key cryptosystem.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_RSA
+#define ARCH_TEST_RSA_1024
+#define ARCH_TEST_RSA_2048
+#define ARCH_TEST_RSA_3072
+
+/**
+ * \def ARCH_TEST_ECC
+ * \def ARCH_TEST_ECC_CURVE_SECPXXXR1
+ *
+ * Enable the elliptic curve
+ * Enable specific curves within the Elliptic Curve
+ * module. By default all supported curves are enabled.
+ *
+ * Requires: ARCH_TEST_ECC
+ * Comment macros to disable the curve
+ */
+#define ARCH_TEST_ECC
+#define ARCH_TEST_ECC_CURVE_SECP192R1
+#define ARCH_TEST_ECC_CURVE_SECP224R1
+#define ARCH_TEST_ECC_CURVE_SECP256R1
+#define ARCH_TEST_ECC_CURVE_SECP384R1
+
+/**
+ * \def ARCH_TEST_AES
+ *
+ * Enable the AES block cipher.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_AES
+#define ARCH_TEST_AES_128
+#define ARCH_TEST_AES_192
+#define ARCH_TEST_AES_256
+#define ARCH_TEST_AES_512
+
+/**
+ * \def ARCH_TEST_DES
+ *
+ * Enable the DES block cipher.
+ * By default all supported keys are enabled.
+ *
+ * Comment macros to disable the types
+ */
+//#define ARCH_TEST_DES
+//#define ARCH_TEST_DES_1KEY
+//#define ARCH_TEST_DES_2KEY
+//#define ARCH_TEST_DES_3KEY
+
+/**
+ * \def ARCH_TEST_RAW
+ *
+ * A "key" of this type cannot be used for any cryptographic operation.
+ * Applications may use this type to store arbitrary data in the keystore.
+ */
+#define ARCH_TEST_RAW
+
+/**
+ * \def ARCH_TEST_CIPER
+ *
+ * Enable the generic cipher layer.
+ */
+
+#define ARCH_TEST_CIPER
+
+/**
+ * \def ARCH_TEST_ARC4
+ *
+ * Enable the ARC4 key type.
+ */
+//#define ARCH_TEST_ARC4
+
+/**
+ * \def ARCH_TEST_CIPER_MODE_CTR
+ *
+ * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPER
+ */
+#define ARCH_TEST_CIPER_MODE_CTR
+
+/**
+ * \def ARCH_TEST_CIPER_MODE_CFB
+ *
+ * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPER
+ */
+#define ARCH_TEST_CIPER_MODE_CFB
+
+/**
+ * \def ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
+ *
+ * Requires: ARCH_TEST_CIPER
+ */
+#define ARCH_TEST_CIPER_MODE_CBC
+
+/**
+ * \def ARCH_TEST_CTR_AES
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CTR
+ */
+#define ARCH_TEST_CTR_AES
+
+/**
+ * \def ARCH_TEST_CBC_AES
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_AES
+#define ARCH_TEST_CBC_AES_NO_PADDING
+
+/**
+ * \def ARCH_TEST_CBC_NO_PADDING
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_NO_PADDING
+
+/**
+ * \def ARCH_TEST_CFB_AES
+ *
+ * Requires: ARCH_TEST_CIPER, ARCH_TEST_AES, ARCH_TEST_CIPER_MODE_CFB
+ */
+#define ARCH_TEST_CFB_AES
+
+/**
+ * \def ARCH_TEST_PKCS1V15_*
+ *
+ * Enable support for PKCS#1 v1.5 encoding.
+ * Enable support for PKCS#1 v1.5 operations.
+ * Enable support for RSA-OAEP
+ *
+ * Requires: ARCH_TEST_RSA, ARCH_TEST_PKCS1V15
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_PKCS1V15
+#define ARCH_TEST_RSA_PKCS1V15_SIGN
+#define ARCH_TEST_RSA_PKCS1V15_SIGN_RAW
+#define ARCH_TEST_RSA_PKCS1V15_CRYPT
+#define ARCH_TEST_RSA_OAEP
+
+/**
+ * \def ARCH_TEST_CBC_PKCS7
+ *
+ * Requires: ARCH_TEST_CIPER_MODE_CBC
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CBC_PKCS7
+
+/**
+ * \def ARCH_TEST_ASYMMETRIC_ENCRYPTION
+ *
+ * Enable support for Asymmetric encryption algorithms
+ */
+#define ARCH_TEST_ASYMMETRIC_ENCRYPTION
+
+/**
+ * \def ARCH_TEST_HASH
+ *
+ * Enable the hash algorithm.
+ */
+#define ARCH_TEST_HASH
+
+/**
+ * \def ARCH_TEST_HMAC
+ *
+ * The key policy determines which underlying hash algorithm the key can be
+ * used for.
+ *
+ * Requires: ARCH_TEST_HASH
+ */
+#define ARCH_TEST_HMAC
+
+/**
+ * \def ARCH_TEST_MDX
+ * \def ARCH_TEST_SHAXXX
+ *
+ * Enable the MDX algorithm.
+ * Enable the SHAXXX algorithm.
+ *
+ * Requires: ARCH_TEST_HASH
+ *
+ * Comment macros to disable the types
+ */
+//#define ARCH_TEST_MD2
+//#define ARCH_TEST_MD4
+//#define ARCH_TEST_MD5
+//#define ARCH_TEST_RIPEMD160
+//#define ARCH_TEST_SHA1
+#define ARCH_TEST_SHA224
+#define ARCH_TEST_SHA256
+#define ARCH_TEST_SHA384
+#define ARCH_TEST_SHA512
+//#define ARCH_TEST_SHA512_224
+//#define ARCH_TEST_SHA512_256
+//#define ARCH_TEST_SHA3_224
+//#define ARCH_TEST_SHA3_256
+//#define ARCH_TEST_SHA3_384
+//#define ARCH_TEST_SHA3_512
+
+/**
+ * \def ARCH_TEST_HKDF
+ *
+ * Enable the HKDF algorithm (RFC 5869).
+ *
+ * Requires: ARCH_TEST_HASH
+*/
+#define ARCH_TEST_HKDF
+
+/**
+ * \def ARCH_TEST_xMAC
+ *
+ * Enable the xMAC (Cipher/Hash/G-based Message Authentication Code) mode for block
+ * ciphers.
+ * Requires: ARCH_TEST_AES or ARCH_TEST_DES
+ *
+ * Comment macros to disable the types
+ */
+#define ARCH_TEST_CMAC
+//#define ARCH_TEST_GMAC
+#define ARCH_TEST_HMAC
+
+/**
+ * \def ARCH_TEST_CCM
+ *
+ * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
+ *
+ * Requires: ARCH_TEST_AES
+ */
+#define ARCH_TEST_CCM
+
+/**
+ * \def ARCH_TEST_GCM
+ *
+ * Enable the Galois/Counter Mode (GCM) for AES.
+ *
+ * Requires: ARCH_TEST_AES
+ *
+ */
+#define ARCH_TEST_GCM
+
+/**
+ * \def ARCH_TEST_TRUNCATED_MAC
+ *
+ * Enable support for RFC 6066 truncated HMAC in SSL.
+ *
+ * Comment this macro to disable support for truncated HMAC in SSL
+ */
+#define ARCH_TEST_TRUNCATED_MAC
+
+
+/**
+ * \def ARCH_TEST_ECDH
+ *
+ * Enable the elliptic curve Diffie-Hellman library.
+ *
+ * Requires: ARCH_TEST_ECC
+ */
+#define ARCH_TEST_ECDH
+
+/**
+ * \def ARCH_TEST_ECDSA
+ *
+ * Enable the elliptic curve DSA library.
+ * Requires: ARCH_TEST_ECC
+ */
+#define ARCH_TEST_ECDSA
+
+/**
+ * \def ARCH_TEST_DETERMINISTIC_ECDSA
+ *
+ * Enable deterministic ECDSA (RFC 6979).
+*/
+#define ARCH_TEST_DETERMINISTIC_ECDSA
+
+/**
+ * \def ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
+ *
+ * Enable ECC support for asymmetric API.
+*/
+//#define ARCH_TEST_ECC_ASYMMETRIC_API_SUPPORT
+#include "pal_crypto_config_check.h"
+
+#endif /* _PAL_CRYPTO_CONFIG_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config_check.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config_check.h
new file mode 100644
index 00000000..f75cc1bc
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_config_check.h
@@ -0,0 +1,223 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+/**
+ * \file pal_crypto_config_check.h
+ *
+ * \brief Consistency checks for configuration options
+ *
+ */
+
+#ifndef _PAL_CRYPTO_CONFIG_CHECK_H_
+#define _PAL_CRYPTO_CONFIG_CHECK_H_
+
+#if defined(ARCH_TEST_RSA_1024) && !defined(ARCH_TEST_RSA)
+#error "ARCH_TEST_RSA_1024 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_2048) && !defined(ARCH_TEST_RSA)
+#error "ARCH_TEST_RSA_2048 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_3072) && !defined(ARCH_TEST_RSA)
+#error "ARCH_TEST_RSA_3072 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP192R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP192R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP224R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP224R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP256R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP256R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECC_CURVE_SECP384R1) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECC_CURVE_SECP384R1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_AES_128) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_AES_128 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_AES_256) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_AES_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_AES_512) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_AES_512 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_DES_1KEY) && !defined(ARCH_TEST_DES)
+#error "ARCH_TEST_DES_1KEY defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_DES_2KEY) && !defined(ARCH_TEST_DES)
+#error "ARCH_TEST_DES_2KEY defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_DES_3KEY) && !defined(ARCH_TEST_DES)
+#error "ARCH_TEST_DES_3KEY defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CIPER_MODE_CTR) && !defined(ARCH_TEST_CIPER)
+#error "ARCH_TEST_CIPER_MODE_CTR defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CIPER_MODE_CFB) && !defined(ARCH_TEST_CIPER)
+#error "ARCH_TEST_CIPER_MODE_CFB defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CIPER_MODE_CBC) && !defined(ARCH_TEST_CIPER)
+#error "ARCH_TEST_CIPER_MODE_CBC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CTR_AES) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CTR))
+#error "ARCH_TEST_CTR_AES defined, but not all prerequisites"
+#endif
+
+#if (defined(ARCH_TEST_CBC_AES) || defined(ARCH_TEST_CBC_AES_NO_PADDING)) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CBC))
+#error "ARCH_TEST_CBC_AES defined, but not all prerequisites"
+#endif
+
+#if (defined(ARCH_TEST_CBC_NO_PADDING)) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_CIPER_MODE_CBC))
+#error "ARCH_TEST_CBC_NO_PADDING defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CFB_AES) &&\
+ (!defined(ARCH_TEST_CIPER) || !defined(ARCH_TEST_AES) || !defined(ARCH_TEST_CIPER_MODE_CFB))
+#error "ARCH_TEST_CFB_AES defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_PKCS1V15_SIGN) &&\
+ (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15))
+#error "ARCH_TEST_RSA_PKCS1V15_SIGN defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_PKCS1V15_SIGN_RAW) &&\
+ (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15))
+#error "ARCH_TEST_RSA_PKCS1V15_SIGN_RAW defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RSA_PKCS1V15_CRYPT) &&\
+ (!defined(ARCH_TEST_RSA) || !defined(ARCH_TEST_PKCS1V15))
+#error "ARCH_TEST_RSA_PKCS1V15_CRYPT defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CBC_PKCS7) && !defined(ARCH_TEST_CIPER_MODE_CBC)
+#error "ARCH_TEST_CBC_PKCS7 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_HMAC) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_HMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_MD2) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_MD2 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_MD4) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_MD4 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_MD5) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_MD5 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_RIPEMD160) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_RIPEMD160 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA1) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA1 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA224) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA224 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA256) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA512) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA512 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA512_224) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA512_224 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA512_256) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA512_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_224) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_224 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_256) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_384) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_SHA3_512) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_SHA3_256 defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_HKDF) && !defined(ARCH_TEST_HASH)
+#error "ARCH_TEST_HKDF defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CMAC) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_CMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_GMAC) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_GMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_HMAC) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_HMAC defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_CCM) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_CCM defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_GCM) && !defined(ARCH_TEST_AES)
+#error "ARCH_TEST_GCM defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECDH) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECDH defined, but not all prerequisites"
+#endif
+
+#if defined(ARCH_TEST_ECDSA) && !defined(ARCH_TEST_ECC)
+#error "ARCH_TEST_ECDSA defined, but not all prerequisites"
+#endif
+
+#endif /* _PAL_CRYPTO_CONFIG_CHECK_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_empty_intf.c
new file mode 100644
index 00000000..6c1e9ab7
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_crypto_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c
new file mode 100644
index 00000000..61beb444
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_intf.c
@@ -0,0 +1,516 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_crypto_intf.h"
+
+#define PAL_KEY_SLOT_COUNT 32
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_crypto_function(int type, va_list valist)
+{
+ int i;
+ psa_status_t status;
+ uint8_t *buffer, *ciphertext, *plaintext;
+ const uint8_t *nonce, *additional_data, *salt, *peer;
+ size_t *length, size, ciphertext_size, nonce_length;
+ size_t salt_length, peer_length, additional_data_length;
+#ifdef NOT_SUPPORTED
+ size_t *tag_length, plaintext_size;
+ psa_aead_operation_t *aead_operation;
+#endif
+ psa_key_attributes_t *attributes;
+ psa_key_handle_t *handle, key_handle;
+ psa_key_type_t *key_type_out, key_type;
+ psa_key_usage_t *usage_out, usage;
+ psa_key_id_t *key_id_out, key_id;
+ psa_key_lifetime_t *key_lifetime_out, key_lifetime;
+ psa_algorithm_t *key_alg_out, key_alg, alg;
+ psa_hash_operation_t *hash_operation, *target_operation;
+ psa_mac_operation_t *mac_operation;
+ psa_cipher_operation_t *cipher_operation;
+ psa_key_derivation_operation_t *derive_operation;
+ psa_key_derivation_step_t step;
+
+ switch (type)
+ {
+ case PAL_CRYPTO_INIT:
+ return psa_crypto_init();
+ case PAL_CRYPTO_GENERATE_RANDOM:
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, int);
+ return psa_generate_random(buffer, size);
+ case PAL_CRYPTO_IMPORT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ buffer = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ status = psa_import_key(attributes, buffer, size, handle);
+ return status;
+ case PAL_CRYPTO_SET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type = va_arg(valist, psa_key_type_t);
+ psa_set_key_type(attributes, key_type);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ size = va_arg(valist, size_t);
+ psa_set_key_bits(attributes, size);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ATTRIBUTES:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ return psa_get_key_attributes(key_handle, attributes);
+ case PAL_CRYPTO_GET_KEY_TYPE:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_type_out = va_arg(valist, psa_key_type_t *);
+ *key_type_out = psa_get_key_type(attributes);
+ return 0;
+ case PAL_CRYPTO_EXPORT_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage = va_arg(valist, psa_key_usage_t);
+ psa_set_key_usage_flags(attributes, usage);
+ return 0;
+ case PAL_CRYPTO_RESET_KEY_ATTRIBUTES:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ psa_reset_key_attributes(attributes);
+ return 0;
+ case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t *));
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t *);
+ return psa_export_public_key(key_handle, buffer, size, length);
+ case PAL_CRYPTO_SET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id = va_arg(valist, psa_key_id_t);
+ psa_set_key_id(attributes, key_id);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime = va_arg(valist, psa_key_lifetime_t);
+ psa_set_key_lifetime(attributes, key_lifetime);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg = va_arg(valist, psa_algorithm_t);
+ psa_set_key_algorithm(attributes, key_alg);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ID:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_id_out = va_arg(valist, psa_key_id_t *);
+ *key_id_out = psa_get_key_id(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_LIFETIME:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_lifetime_out = va_arg(valist, psa_key_lifetime_t *);
+ *key_lifetime_out = psa_get_key_lifetime(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_USAGE_FLAGS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ usage_out = va_arg(valist, psa_key_usage_t *);
+ *usage_out = psa_get_key_usage_flags(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_ALGORITHM:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ key_alg_out = va_arg(valist, psa_algorithm_t *);
+ *key_alg_out = psa_get_key_algorithm(attributes);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_BITS:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ length = va_arg(valist, size_t *);
+ *length = psa_get_key_bits(attributes);
+ return 0;
+ case PAL_CRYPTO_DESTROY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_destroy_key(key_handle);
+ case PAL_CRYPTO_HASH_SETUP:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_hash_setup(hash_operation, alg);
+ case PAL_CRYPTO_HASH_UPDATE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_update(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_VERIFY:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_verify(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_FINISH:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_finish(hash_operation, buffer, size, length);
+ case PAL_CRYPTO_HASH_ABORT:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_abort(hash_operation);
+#ifdef NOT_SUPPORTED
+ case PAL_CRYPTO_HASH_COMPUTE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_compute(alg, plaintext, plaintext_size, buffer, size, length);
+ case PAL_CRYPTO_HASH_COMPARE:
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_compare(alg, plaintext, plaintext_size, buffer, size);
+#endif
+ case PAL_CRYPTO_HASH_CLONE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ target_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_clone(hash_operation, target_operation);
+ case PAL_CRYPTO_GENERATE_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_generate_key(attributes, handle);
+ case PAL_CRYPTO_AEAD_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_encrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_decrypt(key_handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_AEAD_ENCRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_encrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_DECRYPT_SETUP:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_aead_decrypt_setup(aead_operation, key_handle, alg);
+ case PAL_CRYPTO_AEAD_GENERATE_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_generate_nonce(aead_operation, buffer, size, length);
+ case PAL_CRYPTO_AEAD_SET_NONCE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_set_nonce(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_SET_LENGTHS:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ size = va_arg(valist, size_t);
+ plaintext_size = va_arg(valist, size_t);
+ return psa_aead_set_lengths(aead_operation, size, plaintext_size);
+ case PAL_CRYPTO_AEAD_UPDATE_AD:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_update_ad(aead_operation, buffer, size);
+ case PAL_CRYPTO_AEAD_UPDATE:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_update(aead_operation, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_FINISH:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ tag_length = (size_t *)va_arg(valist, size_t*);
+ return psa_aead_finish(aead_operation, ciphertext, ciphertext_size, length, buffer,
+ size, tag_length);
+ case PAL_CRYPTO_AEAD_VERIFY:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_aead_verify(aead_operation, plaintext, plaintext_size, length, buffer, size);
+ case PAL_CRYPTO_AEAD_ABORT:
+ aead_operation = va_arg(valist, psa_aead_operation_t *);
+ return psa_aead_abort(aead_operation);
+#endif
+ case PAL_CRYPTO_MAC_SIGN_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_sign_setup(mac_operation, key_handle, alg);
+ case PAL_CRYPTO_MAC_UPDATE:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_update(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_SIGN_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_mac_sign_finish(mac_operation, buffer, size, length);
+ case PAL_CRYPTO_MAC_VERIFY_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_verify_setup(mac_operation, key_handle, alg);
+ case PAL_CRYPTO_MAC_VERIFY_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_verify_finish(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_ABORT:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ return psa_mac_abort(mac_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_MAC_COMPUTE:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_mac_compute(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size, length);
+ case PAL_CRYPTO_MAC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t*);
+ plaintext_size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t*);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_mac_verify(key_handle, alg, plaintext, plaintext_size, ciphertext,
+ ciphertext_size);
+ case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_encrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_decrypt(key_handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_encrypt_setup(cipher_operation, key_handle, alg);
+ case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_decrypt_setup(cipher_operation, key_handle, alg);
+ case PAL_CRYPTO_CIPHER_GENERATE_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_generate_iv(cipher_operation, buffer, size, length);
+ case PAL_CRYPTO_CIPHER_SET_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_cipher_set_iv(cipher_operation, buffer, size);
+ case PAL_CRYPTO_CIPHER_UPDATE:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_FINISH:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_finish(cipher_operation, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ABORT:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ return psa_cipher_abort(cipher_operation);
+#ifdef NO_SUPPORT
+ case PAL_CRYPTO_CIPHER_ENCRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_encrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_DECRYPT:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_decrypt(key_handle, alg, plaintext, size, ciphertext, ciphertext_size,
+ length);
+#endif
+ case PAL_CRYPTO_ASYMMTERIC_SIGN:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_sign(key_handle, alg, buffer, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_ASYMMTERIC_VERIFY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_asymmetric_verify(key_handle, alg, buffer, size, ciphertext,
+ ciphertext_size);
+ case PAL_CRYPTO_RAW_KEY_AGREEMENT:
+ alg = va_arg(valist, psa_algorithm_t);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_raw_key_agreement(alg, key_handle, peer, peer_length, buffer, size, length);
+ case PAL_CRYPTO_COPY_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_copy_key(key_handle, attributes, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SETUP:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_key_derivation_setup(derive_operation, alg);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_input_bytes(derive_operation, step, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_key_derivation_input_key(derive_operation, step, key_handle);
+ case PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ step = (psa_key_derivation_step_t)va_arg(valist, int);
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ peer = va_arg(valist, uint8_t*);
+ peer_length = va_arg(valist, size_t);
+ return psa_key_derivation_key_agreement(derive_operation, step, key_handle, peer,
+ peer_length);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_output_bytes(derive_operation, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY:
+ attributes = va_arg(valist, psa_key_attributes_t *);
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_key_derivation_output_key(attributes, derive_operation, handle);
+ case PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ size = va_arg(valist, size_t);
+ return psa_key_derivation_set_capacity(derive_operation, size);
+ case PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ length = va_arg(valist, size_t *);
+ return psa_key_derivation_get_capacity(derive_operation, length);
+ case PAL_CRYPTO_KEY_DERIVATION_ABORT:
+ derive_operation = va_arg(valist, psa_key_derivation_operation_t *);
+ return psa_key_derivation_abort(derive_operation);
+ case PAL_CRYPTO_OPEN_KEY:
+ key_id = va_arg(valist, psa_key_id_t);
+ handle = (psa_key_handle_t *)va_arg(valist, int *);
+ return psa_open_key(key_id, handle);
+ case PAL_CRYPTO_CLOSE_KEY:
+ key_handle = (psa_key_handle_t)va_arg(valist, int);
+ return psa_close_key(key_handle);
+ case PAL_CRYPTO_FREE:
+ for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
+ psa_destroy_key(i);
+ return 0;
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_intf.h
new file mode 100644
index 00000000..83071cea
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/crypto/pal_crypto_intf.h
@@ -0,0 +1,103 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CRYPTO_INTF_H_
+#define _PAL_CRYPTO_INTF_H_
+
+#include "pal_common.h"
+
+enum crypto_function_code {
+ PAL_CRYPTO_INIT = 0x1,
+ PAL_CRYPTO_GENERATE_RANDOM = 0x2,
+ PAL_CRYPTO_IMPORT_KEY = 0x3,
+ PAL_CRYPTO_EXPORT_KEY = 0x4,
+ PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
+ PAL_CRYPTO_DESTROY_KEY = 0x6,
+ PAL_CRYPTO_HASH_SETUP = 0x7,
+ PAL_CRYPTO_HASH_UPDATE = 0x8,
+ PAL_CRYPTO_HASH_VERIFY = 0x9,
+ PAL_CRYPTO_HASH_FINISH = 0xA,
+ PAL_CRYPTO_HASH_ABORT = 0xB,
+ PAL_CRYPTO_GENERATE_KEY = 0xC,
+ PAL_CRYPTO_AEAD_ENCRYPT = 0xD,
+ PAL_CRYPTO_AEAD_DECRYPT = 0xE,
+ PAL_CRYPTO_MAC_SIGN_SETUP = 0xF,
+ PAL_CRYPTO_MAC_UPDATE = 0x10,
+ PAL_CRYPTO_MAC_SIGN_FINISH = 0x11,
+ PAL_CRYPTO_MAC_VERIFY_SETUP = 0x12,
+ PAL_CRYPTO_MAC_VERIFY_FINISH = 0x13,
+ PAL_CRYPTO_MAC_ABORT = 0x14,
+ PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x15,
+ PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x16,
+ PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x17,
+ PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x18,
+ PAL_CRYPTO_CIPHER_GENERATE_IV = 0x19,
+ PAL_CRYPTO_CIPHER_SET_IV = 0x1A,
+ PAL_CRYPTO_CIPHER_UPDATE = 0x1B,
+ PAL_CRYPTO_CIPHER_FINISH = 0x1C,
+ PAL_CRYPTO_CIPHER_ABORT = 0x1D,
+ PAL_CRYPTO_ASYMMTERIC_SIGN = 0x1E,
+ PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x1F,
+ PAL_CRYPTO_COPY_KEY = 0x20,
+ PAL_CRYPTO_SET_KEY_TYPE = 0x21,
+ PAL_CRYPTO_SET_KEY_BITS = 0x22,
+ PAL_CRYPTO_GET_KEY_ATTRIBUTES = 0x23,
+ PAL_CRYPTO_GET_KEY_TYPE = 0x24,
+ PAL_CRYPTO_SET_KEY_USAGE_FLAGS = 0x25,
+ PAL_CRYPTO_RESET_KEY_ATTRIBUTES = 0x26,
+ PAL_CRYPTO_SET_KEY_ID = 0x27,
+ PAL_CRYPTO_SET_KEY_LIFETIME = 0x28,
+ PAL_CRYPTO_SET_KEY_ALGORITHM = 0x29,
+ PAL_CRYPTO_GET_KEY_ID = 0x2A,
+ PAL_CRYPTO_GET_KEY_LIFETIME = 0x2B,
+ PAL_CRYPTO_GET_KEY_USAGE_FLAGS = 0x2C,
+ PAL_CRYPTO_GET_KEY_ALGORITHM = 0x2D,
+ PAL_CRYPTO_GET_KEY_BITS = 0x2E,
+ PAL_CRYPTO_HASH_COMPUTE = 0x2F,
+ PAL_CRYPTO_HASH_COMPARE = 0x30,
+ PAL_CRYPTO_KEY_DERIVATION_SETUP = 0x31,
+ PAL_CRYPTO_KEY_DERIVATION_ABORT = 0x32,
+ PAL_CRYPTO_RAW_KEY_AGREEMENT = 0x33,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_BYTES = 0x34,
+ PAL_CRYPTO_KEY_DERIVATION_INPUT_KEY = 0x35,
+ PAL_CRYPTO_KEY_DERIVATION_KEY_AGREEMENT = 0x36,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_BYTES = 0x37,
+ PAL_CRYPTO_KEY_DERIVATION_OUTPUT_KEY = 0x38,
+ PAL_CRYPTO_KEY_DERIVATION_SET_CAPACITY = 0x39,
+ PAL_CRYPTO_KEY_DERIVATION_GET_CAPACITY = 0x3A,
+ PAL_CRYPTO_HASH_CLONE = 0x3B,
+ PAL_CRYPTO_MAC_COMPUTE = 0x3C,
+ PAL_CRYPTO_MAC_VERIFY = 0x3D,
+ PAL_CRYPTO_CIPHER_ENCRYPT = 0x3F,
+ PAL_CRYPTO_CIPHER_DECRYPT = 0x40,
+ PAL_CRYPTO_OPEN_KEY = 0x41,
+ PAL_CRYPTO_CLOSE_KEY = 0x42,
+ PAL_CRYPTO_AEAD_ENCRYPT_SETUP = 0x43,
+ PAL_CRYPTO_AEAD_DECRYPT_SETUP = 0x44,
+ PAL_CRYPTO_AEAD_GENERATE_NONCE = 0x45,
+ PAL_CRYPTO_AEAD_SET_NONCE = 0x46,
+ PAL_CRYPTO_AEAD_SET_LENGTHS = 0X47,
+ PAL_CRYPTO_AEAD_UPDATE_AD = 0x48,
+ PAL_CRYPTO_AEAD_UPDATE = 0x49,
+ PAL_CRYPTO_AEAD_FINISH = 0x4A,
+ PAL_CRYPTO_AEAD_VERIFY = 0x4B,
+ PAL_CRYPTO_AEAD_ABORT = 0x4C,
+ PAL_CRYPTO_FREE = 0xFE,
+};
+
+int32_t pal_crypto_function(int type, va_list valist);
+#endif /* _PAL_CRYPTO_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.c
new file mode 100644
index 00000000..e7ec66b4
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.c
@@ -0,0 +1,344 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_attestation_crypto.h"
+
+static uint32_t public_key_registered;
+static psa_key_handle_t public_key_handle;
+
+static inline struct q_useful_buf_c useful_buf_head(struct q_useful_buf_c buf,
+ size_t amount)
+{
+ return UsefulBuf_Head(buf, amount);
+}
+
+static psa_algorithm_t cose_hash_alg_id_to_psa(int32_t cose_hash_alg_id)
+{
+ psa_algorithm_t status;
+
+ switch (cose_hash_alg_id)
+ {
+ case COSE_ALG_SHA256_PROPRIETARY:
+ status = PSA_ALG_SHA_256;
+ break;
+ default:
+ status = PSA_ALG_MD4;
+ break;
+ }
+
+ return status;
+}
+
+static int32_t hash_alg_id_from_sig_alg_id(int32_t cose_sig_alg_id)
+{
+ switch (cose_sig_alg_id)
+ {
+ case COSE_ALGORITHM_ES256:
+ return COSE_ALG_SHA256_PROPRIETARY;
+ default:
+ return INT32_MAX;
+ }
+}
+
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id)
+{
+ psa_algorithm_t psa_alg;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+ /* Map the algorithm ID */
+ psa_alg = cose_hash_alg_id_to_psa(cose_hash_alg_id);
+
+ /* Actually do the hash set up */
+ status = psa_hash_setup(psa_hash, psa_alg);
+
+ return status;
+
+}
+
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf_c data_to_hash)
+{
+ if (data_to_hash.ptr == NULL) {
+ /* No data was passed in to be hashed indicating the mode of use is
+ * the computation of the size of hash. This mode is hashing is used
+ * by t_cose when it is requested to compute the size of the signed
+ * data it might compute, which is in turn used to compute the
+ * size of a would be token. When computing the size, the size
+ * like this, there is nothing to do in update()
+ */
+ return;
+ }
+
+ /* Actually hash the data */
+ psa_hash_update(psa_hash, data_to_hash.ptr, data_to_hash.len);
+}
+
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf buffer_to_hold_result,
+ struct q_useful_buf_c *hash_result)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+ /* Actually finish up the hash */
+ status = psa_hash_finish(psa_hash, buffer_to_hold_result.ptr,
+ buffer_to_hold_result.len, &(hash_result->len));
+ hash_result->ptr = buffer_to_hold_result.ptr;
+
+ return status;
+
+}
+
+int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
+
+ status = pal_cose_crypto_hash_start(&psa_hash, COSE_ALG_SHA256_PROPRIETARY);
+ if (status != PSA_SUCCESS)
+ goto Done;
+
+ pal_cose_crypto_hash_update(&psa_hash, bytes_to_hash);
+
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
+ if (status != PSA_SUCCESS)
+ goto Done;
+Done:
+ return status;
+}
+
+uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
+ struct q_useful_buf_c payload)
+{
+ uint32_t status;
+ QCBOREncodeContext cbor_encode_ctx;
+ struct q_useful_buf_c tbs_first_part;
+ QCBORError qcbor_result;
+ int32_t hash_alg_id;
+ UsefulBuf_MAKE_STACK_UB (buffer_for_TBS_first_part, T_COSE_SIZE_OF_TBS);
+ psa_hash_operation_t psa_hash = PSA_HASH_OPERATION_INIT;
+
+ /* This builds the CBOR-format to-be-signed bytes */
+ QCBOREncode_Init(&cbor_encode_ctx, buffer_for_TBS_first_part);
+ QCBOREncode_OpenArray(&cbor_encode_ctx);
+
+ /* context */
+ QCBOREncode_AddSZString(&cbor_encode_ctx, COSE_SIG_CONTEXT_STRING_SIGNATURE1);
+
+ /* body_protected */
+ QCBOREncode_AddBytes(&cbor_encode_ctx, protected_headers);
+
+ /* sign_protected is not used for Sign1 */
+ /* external_aad */
+ QCBOREncode_AddBytes(&cbor_encode_ctx, NULL_USEFUL_BUF_C);
+
+ /* The short fake payload. */
+ QCBOREncode_AddBytesLenOnly(&cbor_encode_ctx, payload);
+ QCBOREncode_CloseArray(&cbor_encode_ctx);
+
+ /* Get the result and convert it to struct q_useful_buf_c representation */
+ qcbor_result = QCBOREncode_Finish(&cbor_encode_ctx, &tbs_first_part);
+ if (qcbor_result)
+ {
+ /* Mainly means that the protected_headers were too big
+ * (which should never happen)
+ */
+ status = PAL_ATTEST_ERR_SIGN_STRUCT;
+ goto Done;
+ }
+
+ /* Start the hashing */
+ hash_alg_id = hash_alg_id_from_sig_alg_id(cose_alg_id);
+
+ /* Don't check hash_alg_id for failure. pal_cose_crypto_hash_start()
+ * will handle it properly
+ */
+ status = pal_cose_crypto_hash_start(&psa_hash, hash_alg_id);
+ if (status)
+ goto Done;
+
+ /* This is hashing of the first part, all the CBOR
+ * except the payload.
+ */
+ pal_cose_crypto_hash_update(&psa_hash, useful_buf_head(tbs_first_part, tbs_first_part.len));
+
+ /* Hash the payload, the second part. */
+ pal_cose_crypto_hash_update(&psa_hash, payload);
+
+ /* Finish the hash and set up to return it */
+ status = pal_cose_crypto_hash_finish(&psa_hash, buffer_for_hash, hash);
+
+Done:
+ return status;
+}
+
+static int32_t pal_attest_get_public_key(uint8_t *public_key_buff, size_t public_key_buf_size,
+ size_t *public_key_len, psa_ecc_curve_t *elliptic_curve_type)
+{
+ int32_t status = PAL_ATTEST_ERROR;
+
+#ifdef PLATFORM_OVERRIDE_ATTEST_PK
+ if (public_key_buf_size < (attest_key.pubx_key_size + attest_key.puby_key_size + 1))
+ return PAL_ATTEST_ERR_SMALL_BUFFER;
+
+ *public_key_len = (attest_key.pubx_key_size + attest_key.puby_key_size + 1);
+ *elliptic_curve_type = PSA_ECC_CURVE_SECP256R1;
+ memcpy(public_key_buff, (void *)&attest_public_key, *public_key_len);
+ status = PSA_SUCCESS;
+#else
+ status = tfm_initial_attest_get_public_key(public_key_buff,
+ public_key_buf_size,
+ public_key_len,
+ elliptic_curve_type);
+#endif
+
+ return status;
+}
+
+static uint32_t pal_import_attest_key(psa_algorithm_t key_alg)
+{
+ psa_status_t status = PAL_ATTEST_ERROR;
+ psa_key_usage_t usage = PSA_KEY_USAGE_VERIFY;
+ psa_ecc_curve_t ecc_curve;
+ psa_key_type_t attest_key_type;
+ size_t public_key_size;
+ uint8_t public_key_buff[ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH] = {0};
+
+#if defined(CRYPTO_VERSION_BETA1) || defined(CRYPTO_VERSION_BETA2)
+ psa_key_policy_t policy;
+
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+
+ /* Setup the key policy for public key */
+ policy = psa_key_policy_init();
+ psa_key_policy_set_usage(&policy, usage, key_alg);
+
+ status = psa_allocate_key(&public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ status = psa_set_key_policy(public_key_handle, &policy);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ /* Import the public key */
+ status = psa_import_key(public_key_handle,
+ attest_key_type,
+ public_key_buff,
+ public_key_size);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+
+#elif defined(CRYPTO_VERSION_BETA3)
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ if (!public_key_registered)
+ {
+ status = pal_attest_get_public_key(public_key_buff,
+ sizeof(public_key_buff),
+ &public_key_size,
+ &ecc_curve);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ if (ecc_curve == USHRT_MAX)
+ return PAL_ATTEST_ERROR;
+
+ /* Set key type for public key */
+ attest_key_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve);
+
+ /* Set the attributes for the public key */
+ psa_set_key_type(&attributes, attest_key_type);
+ psa_set_key_bits(&attributes, public_key_size);
+ psa_set_key_usage_flags(&attributes, usage);
+ psa_set_key_algorithm(&attributes, key_alg);
+ psa_set_key_bits(&attributes, 0);
+
+ /* Import the public key */
+ status = psa_import_key(&attributes,
+ public_key_buff,
+ public_key_size,
+ &public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 1;
+ }
+#endif
+
+ return status;
+}
+
+static uint32_t pal_destroy_attest_key(void)
+{
+ psa_status_t status;
+
+ if (!public_key_registered)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ status = psa_destroy_key(public_key_handle);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ public_key_registered = 0;
+
+ return PAL_ATTEST_SUCCESS;
+}
+
+uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id,
+ struct q_useful_buf_c token_hash,
+ struct q_useful_buf_c signature)
+{
+ int32_t status = PAL_ATTEST_ERROR;
+ psa_algorithm_t key_alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
+
+ /* Register the attestation public key */
+ status = pal_import_attest_key(key_alg);
+ if (status != PAL_ATTEST_SUCCESS)
+ return status;
+
+ /* Verify the signature */
+ status = psa_asymmetric_verify(public_key_handle,
+ key_alg, token_hash.ptr, token_hash.len,
+ signature.ptr, signature.len);
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_SIGNATURE_FAIL;
+
+ /* Unregister the attestation public key */
+ status = pal_destroy_attest_key();
+ if (status != PSA_SUCCESS)
+ return PAL_ATTEST_ERR_KEY_FAIL;
+
+ return PAL_ATTEST_SUCCESS;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.h
new file mode 100644
index 00000000..9ca96375
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_crypto.h
@@ -0,0 +1,88 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_CRYPTO_H_
+#define _PAL_ATTESTATION_CRYPTO_H_
+
+#include "pal_attestation_eat.h"
+
+#define ATTEST_PUBLIC_KEY_SLOT 4
+#define ECC_CURVE_SECP256R1_PULBIC_KEY_LENGTH (1 + 2 * PSA_BITS_TO_BYTES(256))
+
+typedef struct {
+ uint8_t *pubx_key;
+ size_t pubx_key_size;
+ uint8_t *puby_key;
+ size_t puby_key_size;
+} ecc_key_t;
+
+struct ecc_public_key_t {
+ const uint8_t a;
+ uint8_t public_key[]; /* X-coordinate || Y-coordinate */
+};
+
+static const struct ecc_public_key_t attest_public_key = {
+ /* Constant byte */
+ 0x04,
+ /* X-coordinate */
+ {0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
+ 0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
+ 0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
+ 0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F,
+ /* Y-coordinate */
+ 0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
+ 0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
+ 0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
+ 0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64},
+};
+
+static const uint8_t initial_attestation_public_x_key[] = {
+ 0x79, 0xEB, 0xA9, 0x0E, 0x8B, 0xF4, 0x50, 0xA6,
+ 0x75, 0x15, 0x76, 0xAD, 0x45, 0x99, 0xB0, 0x7A,
+ 0xDF, 0x93, 0x8D, 0xA3, 0xBB, 0x0B, 0xD1, 0x7D,
+ 0x00, 0x36, 0xED, 0x49, 0xA2, 0xD0, 0xFC, 0x3F
+};
+
+static const uint8_t initial_attestation_public_y_key[] = {
+ 0xBF, 0xCD, 0xFA, 0x89, 0x56, 0xB5, 0x68, 0xBF,
+ 0xDB, 0x86, 0x73, 0xE6, 0x48, 0xD8, 0xB5, 0x8D,
+ 0x92, 0x99, 0x55, 0xB1, 0x4A, 0x26, 0xC3, 0x08,
+ 0x0F, 0x34, 0x11, 0x7D, 0x97, 0x1D, 0x68, 0x64
+};
+
+/* Initialize the structure with given public key */
+static const ecc_key_t attest_key = {
+ (uint8_t *)initial_attestation_public_x_key,
+ sizeof(initial_attestation_public_x_key),
+ (uint8_t *)initial_attestation_public_y_key,
+ sizeof(initial_attestation_public_y_key)
+};
+
+int32_t pal_cose_crypto_hash_start(psa_hash_operation_t *psa_hash, int32_t cose_hash_alg_id);
+void pal_cose_crypto_hash_update(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf_c data_to_hash);
+int32_t pal_cose_crypto_hash_finish(psa_hash_operation_t *psa_hash,
+ struct q_useful_buf buffer_to_hold_result,
+ struct q_useful_buf_c *hash_result);
+int pal_create_sha256(struct q_useful_buf_c bytes_to_hash, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash);
+uint32_t pal_compute_hash(int32_t cose_alg_id, struct q_useful_buf buffer_for_hash,
+ struct q_useful_buf_c *hash, struct q_useful_buf_c protected_headers,
+ struct q_useful_buf_c payload);
+uint32_t pal_crypto_pub_key_verify(int32_t cose_algorithm_id, struct q_useful_buf_c token_hash,
+ struct q_useful_buf_c signature);
+#endif /* _PAL_ATTESTATION_CRYPTO_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_eat.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_eat.h
new file mode 100644
index 00000000..fa61d6a3
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_eat.h
@@ -0,0 +1,80 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_EAT_H_
+#define _PAL_ATTESTATION_EAT_H_
+
+#include "qcbor.h"
+#include "pal_common.h"
+
+#define PAL_ATTEST_MIN_ERROR 30
+
+#define COSE_ALGORITHM_ES256 -7
+#define COSE_ALG_SHA256_PROPRIETARY -72000
+
+#define USEFUL_BUF_MAKE_STACK_UB UsefulBuf_MAKE_STACK_UB
+
+#define COSE_SIG_CONTEXT_STRING_SIGNATURE1 "Signature1"
+
+/* Private value. Intentionally not documented for Doxygen.
+ * This is the size allocated for the encoded protected headers. It
+ * needs to be big enough for make_protected_header() to succeed. It
+ * currently sized for one header with an algorithm ID up to 32 bits
+ * long -- one byte for the wrapping map, one byte for the label, 5
+ * bytes for the ID. If this is made accidentially too small, QCBOR will
+ * only return an error, and not overrun any buffers.
+ *
+ * 9 extra bytes are added, rounding it up to 16 total, in case some
+ * other protected header is to be added.
+ */
+#define T_COSE_SIGN1_MAX_PROT_HEADER (1+1+5+9)
+
+/**
+ * This is the size of the first part of the CBOR encoded TBS
+ * bytes. It is around 20 bytes. See create_tbs_hash().
+ */
+#define T_COSE_SIZE_OF_TBS \
+ 1 + /* For opening the array */ \
+ sizeof(COSE_SIG_CONTEXT_STRING_SIGNATURE1) + /* "Signature1" */ \
+ 2 + /* Overhead for encoding string */ \
+ T_COSE_SIGN1_MAX_PROT_HEADER + /* entire protected headers */ \
+ 3 * (/* 3 NULL bstrs for fields not used */ \
+ 1 /* size of a NULL bstr */ \
+ )
+#define NULL_USEFUL_BUF_C NULLUsefulBufC
+
+enum attestation_error_code {
+ PAL_ATTEST_SUCCESS = 0,
+ PAL_ATTEST_TOKEN_ERR_CBOR_FORMATTING = PAL_ATTEST_MIN_ERROR,
+ PAL_ATTEST_TOKEN_CHALLENGE_MISMATCH,
+ PAL_ATTEST_TOKEN_NOT_SUPPORTED,
+ PAL_ATTEST_TOKEN_NOT_ALL_MANDATORY_CLAIMS,
+ PAL_ATTEST_HASH_LENGTH_MISMATCH,
+ PAL_ATTEST_HASH_MISMATCH,
+ PAL_ATTEST_HASH_FAIL,
+ PAL_ATTEST_HASH_UNSUPPORTED,
+ PAL_ATTEST_HASH_BUFFER_SIZE,
+ PAL_ATTEST_ERR_PROTECTED_HEADERS,
+ PAL_ATTEST_ERR_SIGN_STRUCT,
+ PAL_ATTEST_ERR_KEY_FAIL,
+ PAL_ATTEST_ERR_SIGNATURE_FAIL,
+ PAL_ATTEST_ERR_CBOR_STRUCTURE,
+ PAL_ATTEST_ERR_SMALL_BUFFER,
+ PAL_ATTEST_ERROR,
+};
+
+#endif /* _PAL_ATTESTATION_EAT_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_empty_intf.c
new file mode 100644
index 00000000..99c94667
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested attestation function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_attestation_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c
new file mode 100644
index 00000000..009b79f1
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.c
@@ -0,0 +1,65 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_attestation_intf.h"
+
+/**
+ @brief - This API will call the requested attestation function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_attestation_function(int type, va_list valist)
+{
+ uint8_t *challenge, *token;
+ size_t challenge_size, *token_size, token_buffer_size;
+ int32_t cose_algorithm_id;
+ struct q_useful_buf buffer_for_hash;
+ struct q_useful_buf_c *hash, payload, protected_headers, token_hash, signature;
+
+ switch (type)
+ {
+ case PAL_INITIAL_ATTEST_GET_TOKEN:
+ challenge = va_arg(valist, uint8_t*);
+ challenge_size = va_arg(valist, size_t);
+ token = va_arg(valist, uint8_t*);
+ token_buffer_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token(challenge, challenge_size, token, token_buffer_size,
+ token_size);
+ case PAL_INITIAL_ATTEST_GET_TOKEN_SIZE:
+ challenge_size = va_arg(valist, size_t);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token_size(challenge_size, token_size);
+ case PAL_INITIAL_ATTEST_COMPUTE_HASH:
+ cose_algorithm_id = va_arg(valist, int32_t);
+ buffer_for_hash = va_arg(valist, struct q_useful_buf);
+ hash = va_arg(valist, struct q_useful_buf_c*);
+ protected_headers = va_arg(valist, struct q_useful_buf_c);
+ payload = va_arg(valist, struct q_useful_buf_c);
+ return pal_compute_hash(cose_algorithm_id, buffer_for_hash, hash,
+ protected_headers, payload);
+ case PAL_INITIAL_ATTEST_VERIFY_WITH_PK:
+ cose_algorithm_id = va_arg(valist, int32_t);
+ token_hash = va_arg(valist, struct q_useful_buf_c);
+ signature = va_arg(valist, struct q_useful_buf_c);
+ return pal_crypto_pub_key_verify(cose_algorithm_id, token_hash, signature);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.h
new file mode 100644
index 00000000..235d578d
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/initial_attestation/pal_attestation_intf.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_ATTESTATION_INTF_H_
+#define _PAL_ATTESTATION_INTF_H_
+
+#include "pal_attestation_crypto.h"
+
+enum attestation_function_code {
+ PAL_INITIAL_ATTEST_GET_TOKEN = 0x1,
+ PAL_INITIAL_ATTEST_GET_TOKEN_SIZE = 0x2,
+ PAL_INITIAL_ATTEST_VERIFY_TOKEN = 0x3,
+ PAL_INITIAL_ATTEST_COMPUTE_HASH = 0x4,
+ PAL_INITIAL_ATTEST_VERIFY_WITH_PK = 0x5,
+};
+
+int32_t pal_attestation_function(int type, va_list valist);
+#endif /* _PAL_ATTESTATION_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
new file mode 100644
index 00000000..fa0ceb3b
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested internal trusted storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_its_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
new file mode 100644
index 00000000..31269ee3
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
@@ -0,0 +1,62 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_internal_trusted_storage_intf.h"
+
+/**
+ @brief - This API will call the requested internal trusted storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_its_function(int type, va_list valist)
+{
+ psa_storage_uid_t uid;
+ uint32_t data_size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t its_create_flags;
+ struct psa_storage_info_t *its_p_info;
+
+ switch (type)
+ {
+ case PAL_ITS_SET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ its_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_its_set(uid, data_size, p_write_data, its_create_flags);
+ case PAL_ITS_GET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_its_get(uid, offset, data_size, p_read_data, p_data_length);
+ case PAL_ITS_GET_INFO:
+ uid = va_arg(valist, psa_storage_uid_t);
+ its_p_info = va_arg(valist, struct psa_storage_info_t*);
+ return psa_its_get_info(uid, its_p_info);
+ case PAL_ITS_REMOVE:
+ uid = va_arg(valist, psa_storage_uid_t);
+ return psa_its_remove(uid);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
new file mode 100644
index 00000000..82d0ccf4
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+#define _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum its_function_code {
+ PAL_ITS_SET = 0x1,
+ PAL_ITS_GET = 0x2,
+ PAL_ITS_GET_INFO = 0x3,
+ PAL_ITS_REMOVE = 0x4,
+};
+
+uint32_t pal_its_function(int type, va_list valist);
+#endif /* _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_empty_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_empty_intf.c
new file mode 100644
index 00000000..bfd4b470
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_empty_intf.c
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include
+#include "pal_common.h"
+
+/**
+ @brief - This API will call the requested protected storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_ps_function(int type, va_list valist)
+{
+ return PAL_STATUS_ERROR;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.c
new file mode 100644
index 00000000..cc010272
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.c
@@ -0,0 +1,77 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_protected_storage_intf.h"
+
+/**
+ @brief - This API will call the requested protected storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_ps_function(int type, va_list valist)
+{
+ psa_storage_uid_t uid;
+ uint32_t data_size, size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ size_t *p_data_length;
+ psa_storage_create_flags_t ps_create_flags;
+ struct psa_storage_info_t *ps_p_info;
+
+ switch (type)
+ {
+ case PAL_PS_SET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ data_size = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_ps_set(uid, data_size, p_write_data, ps_create_flags);
+ case PAL_PS_GET:
+ uid = va_arg(valist, psa_storage_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ p_data_length = va_arg(valist, size_t*);
+ return psa_ps_get(uid, offset, data_size, p_read_data, p_data_length);
+ case PAL_PS_GET_INFO:
+ uid = va_arg(valist, psa_storage_uid_t);
+ ps_p_info = va_arg(valist, struct psa_storage_info_t*);
+ return psa_ps_get_info(uid, ps_p_info);
+ case PAL_PS_REMOVE:
+ uid = va_arg(valist, psa_storage_uid_t);
+ return psa_ps_remove(uid);
+ case PAL_PS_CREATE:
+ uid = va_arg(valist, psa_storage_uid_t);
+ size = va_arg(valist, uint32_t);
+ ps_create_flags = va_arg(valist, psa_storage_create_flags_t);
+ return psa_ps_create(uid, size, ps_create_flags);
+ case PAL_PS_SET_EXTENDED:
+ uid = va_arg(valist, psa_storage_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_size = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ return psa_ps_set_extended(uid, offset, data_size, p_write_data);
+ case PAL_PS_GET_SUPPORT:
+ return psa_ps_get_support();
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+}
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.h
new file mode 100644
index 00000000..53d7c6cd
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/nspe/protected_storage/pal_protected_storage_intf.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_PROTECTED_STORAGE_INTF_H_
+#define _PAL_PROTECTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum ps_function_code {
+ PAL_PS_SET = 0x1,
+ PAL_PS_GET = 0x2,
+ PAL_PS_GET_INFO = 0x3,
+ PAL_PS_REMOVE = 0x4,
+ PAL_PS_CREATE = 0x5,
+ PAL_PS_SET_EXTENDED = 0x6,
+ PAL_PS_GET_SUPPORT = 0x7,
+};
+
+uint32_t pal_ps_function(int type, va_list valist);
+#endif /* _PAL_PROTECTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/spe/pal_driver_intf.c b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/spe/pal_driver_intf.c
similarity index 91%
rename from api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/spe/pal_driver_intf.c
rename to api-tests/platform/targets/tgt_ff_tfm_musca_b1/spe/pal_driver_intf.c
index 4d522071..5c6b4874 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_b1/spe/pal_driver_intf.c
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/spe/pal_driver_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -35,7 +35,7 @@ void pal_uart_init(uint32_t uart_base_addr)
void pal_print(char *str, int32_t data)
{
- pal_uart_pl011_print(str,data);
+ pal_uart_pl011_print(str, data);
}
@@ -75,7 +75,7 @@ int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size)
**/
int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
{
- return(pal_wd_cmsdk_init(base_addr,time_us, timer_tick_us));
+ return pal_wd_cmsdk_init(base_addr, time_us, timer_tick_us);
}
@@ -86,7 +86,7 @@ int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us
**/
int pal_wd_timer_enable(addr_t base_addr)
{
- return(pal_wd_cmsdk_enable(base_addr));
+ return pal_wd_cmsdk_enable(base_addr);
}
/**
@@ -96,7 +96,7 @@ int pal_wd_timer_enable(addr_t base_addr)
**/
int pal_wd_timer_disable(addr_t base_addr)
{
- return (pal_wd_cmsdk_disable(base_addr));
+ return pal_wd_cmsdk_disable(base_addr);
}
/**
@@ -106,7 +106,7 @@ int pal_wd_timer_disable(addr_t base_addr)
**/
int pal_wd_timer_is_enabled(addr_t base_addr)
{
- return (pal_wd_cmsdk_is_enabled(base_addr));
+ return pal_wd_cmsdk_is_enabled(base_addr);
}
/**
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.h b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/spe/pal_driver_intf.h
similarity index 95%
rename from api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.h
rename to api-tests/platform/targets/tgt_ff_tfm_musca_b1/spe/pal_driver_intf.h
index cef34ca8..5153aaf0 100644
--- a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.h
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/spe/pal_driver_intf.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/target.cfg b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cfg
similarity index 76%
rename from api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/target.cfg
rename to api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cfg
index 9a407b80..ef21df18 100644
--- a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/target.cfg
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cfg
@@ -1,5 +1,5 @@
///** @file
-// * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+// * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
// * SPDX-License-Identifier : Apache-2.0
// *
// * Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,14 +17,14 @@
// UART device info
uart.num=1;
-uart.0.base = 0x40004000;
+uart.0.base = 0x40106000; // MUSCA_B1_UART1_NS_BASE
uart.0.size = 0xFFF;
uart.0.intr_id = 0xFF;
uart.0.permission = TYPE_READ_WRITE;
// Watchdog device info
watchdog.num = 1;
-watchdog.0.base = 0x40008000;
+watchdog.0.base = 0x50081000; // MUSCA_B1_CMSDK_WATCHDOG_S_BASE
watchdog.0.size = 0xFFF;
watchdog.0.intr_id = 0xFF;
watchdog.0.permission = TYPE_READ_WRITE;
@@ -36,19 +36,19 @@ watchdog.0.timeout_in_micro_sec_crypto = 0x1312D00; //18.0 sec : 18 * 1000 * 100
// Range of 1KB Non-volatile memory to preserve data over reset. Ex, NVRAM and FLASH
nvmem.num =1;
-nvmem.0.start = 0x2002F000;
-nvmem.0.end = 0x2002F3FF;
+nvmem.0.start = 0x3003F800;
+nvmem.0.end = 0x3003FBFF;
nvmem.0.permission = TYPE_READ_WRITE;
// Miscellaneous - Test scatter info
dut.num = 1;
// Start address of 12KB NS memory for test ELF
-dut.0.ns_test_addr = 0x2007F000;
+dut.0.ns_test_addr = 0x281E0000;
// Start address of combine_test_binary in memory. Memory can be main memory or secondary memory.
-// Size of combine_test_binary = Summation of size of each test ELF file.
-dut.0.ns_start_addr_of_combine_test_binary = 0x2003F000;
+// Size of combine_test_binary = Summation of size of each test ELF file
+dut.0.ns_start_addr_of_combine_test_binary = 0x281F0000;
// Is combine_test_binary available in RAM?
dut.0.combine_test_binary_in_ram = AVAILABLE;
@@ -56,29 +56,23 @@ dut.0.combine_test_binary_in_ram = AVAILABLE;
// ###################################################################
// Following Target configuration parameters are required for IPC tests
-// only. Avoid updating them if you are running dev_apis.
+// only. Avoid updating them if you are running dev_apis tests.
// ###################################################################
-// Level of Isolation
-dut.0.implemented_psa_firmware_isolation_level = LEVEL1;
-
-// Are dynamic memory allocation functions available to secure partition?
-dut.0.sp_heap_mem_supp = AVAILABLE;
-
// Assign free memory range for isolation testing. Choose the addresses
// for these memory regions such that it follows below condition:
// nspe_mmio.0.start < server_partition_mmio.0.start < driver_partition_mmio.0.start.
nspe_mmio.num=1;
-nspe_mmio.0.start = 0x200AF000;
-nspe_mmio.0.end = 0x200AF01F;
+nspe_mmio.0.start = 0x00200F00;
+nspe_mmio.0.end = 0x00200F1F;
nspe_mmio.0.permission = TYPE_READ_WRITE;
server_partition_mmio.num=1;
-server_partition_mmio.0.start = 0x200AF020;
-server_partition_mmio.0.end = 0x200AF03F;
+server_partition_mmio.0.start = 0x3003FC00;
+server_partition_mmio.0.end = 0x3003FD00;
server_partition_mmio.0.permission = TYPE_READ_WRITE;
driver_partition_mmio.num=1;
-driver_partition_mmio.0.start = 0x200AF040;
-driver_partition_mmio.0.end = 0x200AF05F;
+driver_partition_mmio.0.start = 0x3003FE00;
+driver_partition_mmio.0.end = 0x3003FF00;
driver_partition_mmio.0.permission = TYPE_READ_WRITE;
diff --git a/api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cmake b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cmake
new file mode 100644
index 00000000..745ef75a
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_tfm_musca_b1/target.cmake
@@ -0,0 +1,109 @@
+#/** @file
+# * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+# PAL C source files part of NSPE library
+list(APPEND PAL_SRC_C_NSPE )
+
+# PAL ASM source files part of NSPE library
+list(APPEND PAL_SRC_ASM_NSPE )
+
+# PAL C source files part of SPE library - driver partition
+list(APPEND PAL_SRC_C_DRIVER_SP )
+
+# PAL ASM source files part of SPE library - driver partition
+list(APPEND PAL_SRC_ASM_DRIVER_SP )
+
+
+# Listing all the sources required for given target
+if(${SUITE} STREQUAL "IPC")
+ list(APPEND PAL_SRC_C_NSPE
+ # driver functionalities are implemented as RoT-services
+ # and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ipc_intf.c
+ )
+ list(APPEND PAL_SRC_C_DRIVER_SP
+ # Driver files will be compiled as part of driver partition
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/spe/pal_driver_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/pl011/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+else()
+ list(APPEND PAL_SRC_C_NSPE
+ # driver files will be compiled as part of NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_client_api_empty_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common/pal_driver_ns_intf.c
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem/pal_nvmem.c
+ ${PSA_ROOT_DIR}/platform/drivers/uart/pl011/pal_uart.c
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+ )
+endif()
+if(${SUITE} STREQUAL "CRYPTO")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto/pal_crypto_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "PROTECTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage/pal_protected_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INTERNAL_TRUSTED_STORAGE")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage/pal_internal_trusted_storage_intf.c
+ )
+endif()
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+ list(APPEND PAL_SRC_C_NSPE
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_intf.c
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation/pal_attestation_crypto.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/UsefulBuf.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/ieee754.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_decode.c
+ ${CMAKE_CURRENT_BINARY_DIR}/${PSA_TARGET_QCBOR}/src/qcbor_encode.c
+ )
+endif()
+
+# Create NSPE library
+add_library(${PSA_TARGET_PAL_NSPE_LIB} STATIC ${PAL_SRC_C_NSPE} ${PAL_SRC_ASM_NSPE})
+
+# PSA Include directories
+foreach(psa_inc_path ${PSA_INCLUDE_PATHS})
+ target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE ${psa_inc_path})
+endforeach()
+
+list(APPEND PAL_DRIVER_INCLUDE_PATHS
+ ${PSA_ROOT_DIR}/platform/drivers/nvmem
+ ${PSA_ROOT_DIR}/platform/drivers/uart/pl011
+ ${PSA_ROOT_DIR}/platform/drivers/watchdog/cmsdk
+)
+
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PAL_DRIVER_INCLUDE_PATHS}
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/common
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/crypto
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/protected_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/internal_trusted_storage
+ ${PSA_ROOT_DIR}/platform/targets/${TARGET}/nspe/initial_attestation
+)
+
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+target_include_directories(${PSA_TARGET_PAL_NSPE_LIB} PRIVATE
+ ${PSA_QCBOR_INCLUDE_PATH}
+)
+endif()
diff --git a/api-tests/dev_apis/crypto/test_c001/source.mk b/api-tests/tools/cmake/common/CMakeExternal.cmake
similarity index 68%
rename from api-tests/dev_apis/crypto/test_c001/source.mk
rename to api-tests/tools/cmake/common/CMakeExternal.cmake
index c24e740a..77d776b0 100644
--- a/api-tests/dev_apis/crypto/test_c001/source.mk
+++ b/api-tests/tools/cmake/common/CMakeExternal.cmake
@@ -1,4 +1,5 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+#/** @file
+# * Copyright (c) 2020, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,7 +15,7 @@
# * limitations under the License.
#**/
-CC_SOURCE = test_entry.c test_c001.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
+if(${SUITE} STREQUAL "INITIAL_ATTESTATION")
+set(PSA_QCBOR_GIT_REPO_LINK https://github.com/laurencelundblade/QCBOR.git)
+set(PSA_QCBOR_GIT_REPO_TAG 42272e466a8472948bf8fca076d113b81b99f0e0)
+endif()
diff --git a/api-tests/ff/ipc/test_i001/source.mk b/api-tests/tools/cmake/common/CMakeSettings.cmake
similarity index 63%
rename from api-tests/ff/ipc/test_i001/source.mk
rename to api-tests/tools/cmake/common/CMakeSettings.cmake
index 979cdc0c..790a58fd 100644
--- a/api-tests/ff/ipc/test_i001/source.mk
+++ b/api-tests/tools/cmake/common/CMakeSettings.cmake
@@ -1,4 +1,5 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+#/** @file
+# * Copyright (c) 2019-2020, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,12 +15,11 @@
# * limitations under the License.
#**/
-CC_SOURCE = test_entry.c test_i001.c
-CC_OPTIONS =
-AS_SOURCE =
-AS_OPTIONS =
+#Stop built in CMakeDetermine.cmake scripts to run.
+set (CMAKE_C_COMPILER_ID_RUN 1)
+#Stop cmake run compiler tests.
+set (CMAKE_C_COMPILER_FORCED true)
-CC_SOURCE_SPE = test_i001.c test_supp_i001.c
-CC_OPTIONS_SPE =
-AS_SOURCE_SPE =
-AS_OPTIONS_SPE =
\ No newline at end of file
+set(CMAKE_STATIC_LIBRARY_PREFIX "")
+set(CMAKE_STATIC_LIBRARY_SUFFIX ".a")
+set(CMAKE_SHARED_LIBRARY_SUFFIX "")
diff --git a/api-tests/tools/cmake/common/Utils.cmake b/api-tests/tools/cmake/common/Utils.cmake
new file mode 100644
index 00000000..67517638
--- /dev/null
+++ b/api-tests/tools/cmake/common/Utils.cmake
@@ -0,0 +1,37 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+# Function to CMake arguments
+function(_check_arguments)
+ foreach(_ARG IN LISTS ARGV)
+ if(NOT DEFINED ${_ARG})
+ message(FATAL_ERROR "[PSA] : ${_ARG} is not passed! Please specify -D${_ARG}=<...> to CMake.")
+ endif()
+ endforeach()
+endfunction(_check_arguments)
+
+# Function to get all the folders inside given parent directory
+function(_get_sub_dir_list result parent_dir)
+ file(GLOB parent_dir_items RELATIVE ${parent_dir} ${parent_dir}/*)
+ set(dir_list "")
+ foreach(item ${parent_dir_items})
+ if(IS_DIRECTORY ${parent_dir}/${item})
+ list(APPEND dir_list ${item})
+ endif()
+ endforeach()
+ set(${result} ${dir_list} PARENT_SCOPE)
+endfunction(_get_sub_dir_list)
diff --git a/api-tests/tools/cmake/compiler/ARMCLANG.cmake b/api-tests/tools/cmake/compiler/ARMCLANG.cmake
new file mode 100644
index 00000000..d96dc9d4
--- /dev/null
+++ b/api-tests/tools/cmake/compiler/ARMCLANG.cmake
@@ -0,0 +1,63 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+set(CMAKE_SYSTEM_NAME Generic)
+set(CMKE_SYSTEM_PROCESSOR ARM)
+
+set(_C_TOOLCHAIN_NAME armclang)
+
+if(WIN32)
+ if (NOT DEFINED ARMCLANG_PATH)
+ set(ARMCLANG_PATH "C:" CACHE PATH "Install directory for ARMCLANG Compiler")
+ endif()
+else(WIN32)
+ if (NOT DEFINED ARMCLANG_PATH)
+ set(ARMCLANG_PATH "/" CACHE PATH "Install directory for ARMCLANG Compiler")
+ endif()
+endif(WIN32)
+
+find_program(
+ _C_TOOLCHAIN_PATH
+ ${_C_TOOLCHAIN_NAME}
+ PATHS env PATH
+ HINTS ${ARMCLANG_PATH}
+ HINTS bin
+)
+
+if(_C_TOOLCHAIN_PATH STREQUAL "_C_TOOLCHAIN_PATH-NOTFOUND")
+ message(FATAL_ERROR "[PSA] : Couldn't find ${_C_TOOLCHAIN_NAME}."
+ " Either put ${_C_TOOLCHAIN_NAME} on the PATH or set ARMCLANG_PATH set properly.")
+endif()
+
+set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY)
+
+foreach(_LNG IN ITEMS "C" "ASM")
+ set(CMAKE_${_LNG}_COMPILER ${_C_TOOLCHAIN_PATH})
+ message(STATUS "[PSA] : ${_LNG} compiler used '${CMAKE_${_LNG}_COMPILER}'")
+endforeach()
+
+if(${CPU_ARCH} STREQUAL armv7m)
+ set(TARGET_SWITCH "-march=armv7-m")
+elseif(${CPU_ARCH} STREQUAL armv8m_ml)
+ set(TARGET_SWITCH "-march=armv8-m.main -mcmse")
+elseif(${CPU_ARCH} STREQUAL armv8m_bl)
+ set(TARGET_SWITCH "-march=armv8-m.base -mcmse")
+endif()
+
+set(CMAKE_C_FLAGS "--target=arm-arm-none-eabi ${TARGET_SWITCH} -Wall -Werror -fshort-enums -fshort-wchar -funsigned-char -fdata-sections -ffunction-sections -mno-unaligned-access -mfpu=none")
+set(CMAKE_ASM_FLAGS "${TARGET_SWITCH} -mthumb")
+set(CMAKE_EXE_LINKER_FLAGS "--strict --map --symbols --xref --info=summarysizes,sizes,totals,unused,veneers --diag_warning=L6204")
diff --git a/api-tests/tools/cmake/compiler/GNUARM.cmake b/api-tests/tools/cmake/compiler/GNUARM.cmake
new file mode 100644
index 00000000..cede575d
--- /dev/null
+++ b/api-tests/tools/cmake/compiler/GNUARM.cmake
@@ -0,0 +1,63 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+set(CMAKE_SYSTEM_NAME Generic)
+set(CMKE_SYSTEM_PROCESSOR ARM)
+
+set(_C_TOOLCHAIN_NAME arm-none-eabi-gcc)
+
+if(WIN32)
+ if (NOT DEFINED GNUARM_PATH)
+ set(GNUARM_PATH "C:" CACHE PATH "Install directory for GNUARM Compiler")
+ endif()
+else(WIN32)
+ if (NOT DEFINED GNUARM_PATH)
+ set(GNUARM_PATH "/" CACHE PATH "Install directory for GNUARM Compiler")
+ endif()
+endif(WIN32)
+
+find_program(
+ _C_TOOLCHAIN_PATH
+ ${_C_TOOLCHAIN_NAME}
+ PATHS env PATH
+ HINTS ${GNUARM_PATH}
+ HINTS bin
+)
+
+if(_C_TOOLCHAIN_PATH STREQUAL "_C_TOOLCHAIN_PATH-NOTFOUND")
+ message(FATAL_ERROR "[PSA] : Couldn't find ${_C_TOOLCHAIN_NAME}."
+ " Either put ${_C_TOOLCHAIN_NAME} on the PATH or set GNUARM_PATH set properly.")
+endif()
+
+set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY)
+
+foreach(_LNG IN ITEMS "C" "ASM")
+ set(CMAKE_${_LNG}_COMPILER ${_C_TOOLCHAIN_PATH})
+ message(STATUS "[PSA] : ${_LNG} compiler used '${CMAKE_${_LNG}_COMPILER}'")
+endforeach()
+
+if(${CPU_ARCH} STREQUAL armv7m)
+ set(TARGET_SWITCH "-march=armv7-m")
+elseif(${CPU_ARCH} STREQUAL armv8m_ml)
+ set(TARGET_SWITCH "-march=armv8-m.main -mcmse")
+elseif(${CPU_ARCH} STREQUAL armv8m_bl)
+ set(TARGET_SWITCH "-march=armv8-m.base -mcmse")
+endif()
+
+set(CMAKE_C_FLAGS "${TARGET_SWITCH} -Wall -Werror -fdata-sections -ffunction-sections -mno-unaligned-access")
+set(CMAKE_ASM_FLAGS "${TARGET_SWITCH} -mthumb")
+set(CMAKE_EXE_LINKER_FLAGS "-Xlinker --fatal-warnings -Xlinker --gc-sections -z max-page-size=0x400 -lgcc -lc -lnosys")
diff --git a/api-tests/tools/cmake/compiler/HOST_GCC.cmake b/api-tests/tools/cmake/compiler/HOST_GCC.cmake
new file mode 100644
index 00000000..e7be183f
--- /dev/null
+++ b/api-tests/tools/cmake/compiler/HOST_GCC.cmake
@@ -0,0 +1,51 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+set(CMAKE_SYSTEM_NAME Generic)
+set(CMKE_SYSTEM_PROCESSOR x86_64)
+
+set(_C_TOOLCHAIN_NAME gcc)
+
+if(WIN32)
+ if (NOT DEFINED HOST_GCC_PATH)
+ set(HOST_GCC_PATH "C:" CACHE PATH "Install directory for Host GCC Compiler")
+ endif()
+else(WIN32)
+ if (NOT DEFINED HOST_GCC_PATH)
+ set(HOST_GCC_PATH "/" CACHE PATH "Install directory for Host GCC Compiler")
+ endif()
+endif(WIN32)
+
+find_program(
+ _C_TOOLCHAIN_PATH
+ ${_C_TOOLCHAIN_NAME}
+ PATHS env PATH
+ HINTS ${HOST_GCC_PATH}
+ HINTS bin
+)
+
+if(_C_TOOLCHAIN_PATH STREQUAL "_C_TOOLCHAIN_PATH-NOTFOUND")
+ message(FATAL_ERROR "[PSA] : Couldn't find ${_C_TOOLCHAIN_NAME}."
+ " Either put ${_C_TOOLCHAIN_NAME} on the PATH or set GNUARM_PATH set properly.")
+endif()
+
+set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY)
+
+foreach(_LNG IN ITEMS "C" "ASM")
+ set(CMAKE_${_LNG}_COMPILER ${_C_TOOLCHAIN_PATH})
+ message(STATUS "[PSA] : ${_LNG} compiler used '${CMAKE_${_LNG}_COMPILER}'")
+endforeach()
diff --git a/api-tests/tools/makefiles/Makefile b/api-tests/tools/makefiles/Makefile
deleted file mode 100644
index 1aa790b1..00000000
--- a/api-tests/tools/makefiles/Makefile
+++ /dev/null
@@ -1,131 +0,0 @@
-# * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-ifeq (${SUITE}, ipc)
-SUITE_DIR = ff/$(SUITE)
-else
-SUITE_DIR = dev_apis/$(SUITE)
-endif
-
-export SUITE_IN= $(SOURCE)/$(SUITE_DIR)
-export SUITE_OUT= $(BUILD)/$(SUITE_DIR)
-
-include $(SOURCE)/tools/makefiles/toolchain.mk
-
-
-all: clean target_cfg gen_linker process_testsuite.db build
-
-#Generate target files from User provided data base
-target_cfg:
- @echo ""
- @echo "Processing target configuration..."
- mkdir -p $(BUILD)/platform/${TARGET}/
- @if [ ! -f "$(SOURCE)/platform/targets/$(TARGET)/target.cfg" ]; then { echo "Error: Target Not Found!!!"; exit 1; } fi
- python $(SOURCE)/tools/scripts/targetConfigGen.py ${TARGET} $(SOURCE)/val/common/val_target.h \
- $(SOURCE)/platform/targets/${TARGET}/target.cfg $(BUILD)/platform/${TARGET}/targetConfigGen.c \
- $(BUILD)/platform/${TARGET}/target_database.h target_database ""
- gcc -D__addr_t_defined -DTARGET_CFG_BUILD $(BUILD)/platform/${TARGET}/targetConfigGen.c -o $(BUILD)/platform/${TARGET}/targetConfigGen \
- -I$(SOURCE)/val/nspe -I$(SOURCE)/val/common -I$(SOURCE)/platform/targets/${TARGET}/nspe/common
- ./$(BUILD)/platform/${TARGET}/targetConfigGen
-
-#Read target.cfg and update the addresses in linker script
-gen_linker:
- @echo ""
- @echo "Updating linker files..."
- mkdir -p $(SUITE_OUT)/ $(BUILD)/val/ $(BUILD)/partition/ ;
- perl $(SOURCE)/tools/scripts/process_test_linker_file.pl $(SOURCE) $(SUITE_OUT) ${TARGET} $(TOOLCHAIN)
-
-process_testsuite.db:
- @echo ""
- @echo "Creating testlist..."
-ifeq (${INCLUDE_PANIC_TESTS}, 1)
- $(eval TEST_LIST := $(shell grep -o "^test....." $(SUITE_IN)/testsuite.db > $(SUITE_OUT)/.testlist.txt ; dos2unix $(SUITE_OUT)/.testlist.txt ; cat $(SUITE_OUT)/.testlist.txt))
-else
- $(eval TEST_LIST := $(shell grep -v "^test....., panic_test" $(SUITE_IN)/testsuite.db | grep "^test" > $(SUITE_OUT)/.testlist.txt ; dos2unix $(SUITE_OUT)/.testlist.txt ; cat $(SUITE_OUT)/.testlist.txt))
-endif
- perl $(SOURCE)/tools/scripts/gen_tests_list.pl $(BUILD) $(SUITE_OUT)/.testlist.txt $(SUITE)
-
-
-#Build framework archives and test_combine.elf
-build: build_pal val_nspe.a test_combine.elf partition_build output_list
-
-build_pal:
- @echo ""
- @echo "----------pal build start-------------"
- make -f $(SOURCE)/platform/targets/$(TARGET)/Makefile
- @echo "----------pal build complete-------------"
-
-val_nspe.a:
- @echo ""
- @echo "----------val build start-------------"
- make -f $(SOURCE)/tools/makefiles/valbuild.mk
- @echo "----------val build complete-------------"
-
-test_combine.elf: test.elf
- @echo ""
-ifeq (${TEST_COMBINE_ARCHIVE}, 1)
- @echo "----------Combine NS test objects into archive start-------------"
- $(AR) $(AR_OPTIONS) $(SUITE_OUT)/test_combine.a $(SUITE_OUT)/test*/test_*_nspe.o
- @echo "----------Combine NS test objects into archive complete-------------"
-else
- @echo "----------Combine NS test elfs into binary start-------------"
- perl $(SOURCE)/tools/scripts/test_elf_combine.pl $(SUITE_OUT)/.testlist.txt
- hexdump -v -e ' 1/4 "%08X" "\n"' $(SUITE_OUT)/test_elf_combine.bin > $(SUITE_OUT)/test_elf_combine.hex
- @echo "----------Combine NS test elfs into binary complete-------------"
-endif
-
-test.elf:
- @echo ""
- @echo "----------test build start-------------"
- @$(foreach TEST,$(TEST_LIST), make -f $(SOURCE)/tools/makefiles/testbuild.mk TEST=$(TEST) ;)
- @echo "----------test build complete-------------"
-
-partition_build:
-ifeq (${PSA_IPC_IMPLEMENTED}, 1)
- @echo ""
- @echo "----------test partition build start-------------"
- make -f $(SOURCE)/tools/makefiles/spbuild.mk
- @echo "----------test partition build complete-------------"
-endif
-
-output_list:
- @echo ""
- @echo "Below are the list of output binaries/libraries. Integrate these"
- @echo "to your software stack to execute test suite."
- @echo ""
- @echo "a) NSPE files:"
- @echo " $(BUILD)/val/val_nspe.a"
- @echo " $(BUILD)/platform/pal_nspe.a"
-ifeq (${TEST_COMBINE_ARCHIVE}, 1)
- @echo " $(SUITE_OUT)/test_combine.a"
-else
- @echo " $(SUITE_OUT)/test_elf_combine.bin"
-endif
- @echo ""
-ifeq (${PSA_IPC_IMPLEMENTED}, 1)
- @echo "b) SPE files"
- @echo " $(BUILD)/partition/driver_partition.a"
-endif
-ifeq (${SUITE}, ipc)
- @echo " $(BUILD)/partition/client_partition.a"
- @echo " $(BUILD)/partition/server_partition.a"
-endif
- @echo ""
-
-clean:
- @echo ""
- @echo "Cleaning the build directory..."
- rm -rf $(BUILD)/*
diff --git a/api-tests/tools/makefiles/linker/test.linker b/api-tests/tools/makefiles/linker/test.linker
deleted file mode 100644
index 69fc4d15..00000000
--- a/api-tests/tools/makefiles/linker/test.linker
+++ /dev/null
@@ -1,55 +0,0 @@
-/* Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-ENTRY(TEST_START)
-
-TEST_START = 0x2004F000;
-
-MEMORY
-{
- TEST_INFO (R) : ORIGIN = TEST_START, LENGTH = 0x100
- TEST_TEXT (RX) : ORIGIN = TEST_START +0x100, LENGTH = 0x1A00
- TEST_DATA (RW) : ORIGIN = TEST_START +0x1B00, LENGTH = 0x1800
-}
-
-SECTIONS
-{
- .acs_test_info :
- {
- KEEP(*(.acs_test_info))
- } > TEST_INFO
-
- .text :
- {
- *(.text)
- *(.text*)
- *(.rodata)
- *(.rodata*)
- } > TEST_TEXT
-
- .data :
- {
- *(.data)
- *(.data*)
- } > TEST_DATA
-
- .bss :
- {
- *(.bss)
- *(.bss.*)
- *(COMMON)
- } > TEST_DATA
-}
diff --git a/api-tests/tools/makefiles/spbuild.mk b/api-tests/tools/makefiles/spbuild.mk
deleted file mode 100644
index 1479e744..00000000
--- a/api-tests/tools/makefiles/spbuild.mk
+++ /dev/null
@@ -1,74 +0,0 @@
-# * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-include $(SOURCE)/tools/makefiles/toolchain.mk
-
-INCLUDE= -I$(SOURCE)/val/common/ \
- -I$(SOURCE)/val/nspe/ \
- -I$(SOURCE)/val/spe/ \
- -I$(SOURCE)/ \
- -I$(SOURCE)/ff/partition/common/ \
- -I$(SOURCE)/ff/partition/ipc/ \
- -I$(BUILD)/partition/ \
- -I$(BUILD)/platform/$(TARGET)/ \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/common \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/crypto \
- -I$(SOURCE)/platform/targets/$(TARGET)/spe
-
-VPATH=$(SOURCE)/val/common/:\
- $(SOURCE)/val/nspe/:\
- $(SOURCE)/val/spe/:\
- $(SOURCE)/ff/partition/common/: \
- $(SOURCE)/ff/partition/ipc/
-
-
-CC_SOURCE += driver_partition.c val_driver_service_apis.c
-
-ifeq (${SUITE}, ipc)
-CC_SOURCE += client_partition.c server_partition.c
-all: mkdir compile_c compile_asm driver_partition.a client_partition.a server_partition.a
-else
-all: mkdir compile_c compile_asm driver_partition.a
-endif
-
-
-mkdir:
- @mkdir -p $(BUILD)/partition/
-
-compile_c: $(CC_SOURCE:%.c=$(BUILD)/partition/%.o)
-compile_asm: $(AS_SOURCE:%.s=$(BUILD)/partition/%.o)
-
-$(BUILD)/partition/%.o : %.c
- $(CC) -DSPE_BUILD -o $@ -c $<
-
-$(BUILD)/partition/%.o : %.s
- $(AS) -o $@ $<
-
-client_partition.a:
-ifeq ($(wildcard $(SUITE_OUT)/test_i*/.*),)
- $(AR) $(AR_OPTIONS) $(BUILD)/partition/client_partition.a $(BUILD)/partition/client_partition.o $(SUITE_OUT)/test*/test_l*_spe.o
-else ifeq ($(wildcard $(SUITE_OUT)/test_l*/.*),)
- $(AR) $(AR_OPTIONS) $(BUILD)/partition/client_partition.a $(BUILD)/partition/client_partition.o $(SUITE_OUT)/test*/test_i*_spe.o
-else
- $(AR) $(AR_OPTIONS) $(BUILD)/partition/client_partition.a $(BUILD)/partition/client_partition.o $(SUITE_OUT)/test*/test_i*_spe.o $(SUITE_OUT)/test*/test_l*_spe.o
-endif
-
-server_partition.a:
- $(AR) $(AR_OPTIONS) $(BUILD)/partition/server_partition.a $(BUILD)/partition/server_partition.o $(SUITE_OUT)/test*/test_supp_*_spe.o
-
-driver_partition.a:
- $(AR) $(AR_OPTIONS) $(BUILD)/partition/driver_partition.a $(BUILD)/platform/spe/*_driver_sp.o $(BUILD)/partition/driver_partition.o $(BUILD)/partition/val_driver_service_apis.o
diff --git a/api-tests/tools/makefiles/testbuild.mk b/api-tests/tools/makefiles/testbuild.mk
deleted file mode 100644
index 373111d1..00000000
--- a/api-tests/tools/makefiles/testbuild.mk
+++ /dev/null
@@ -1,78 +0,0 @@
-# * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-include $(SOURCE)/tools/makefiles/toolchain.mk
-include $(SUITE_IN)/$(TEST)/source.mk
-
-INCLUDE= -I$(SOURCE)/val/common/ \
- -I$(SOURCE)/val/nspe/ \
- -I$(SOURCE)/val/spe/ \
- -I$(SOURCE)/ \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/ \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/common \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/crypto \
- -I$(BUILD)/platform/$(TARGET)/ \
- -I$(SUITE_IN)/$(TEST)/\
- -I$(SUITE_IN)/include/ \
- -I$(BUILD)/val/
-
-ifeq (${SUITE}, protected_storage)
-INCLUDE += -I$(SUITE_IN)/../internal_trusted_storage/$(TEST)
-endif
-
-VPATH=$(SOURCE)/val/common/:\
- $(SOURCE)/val/nspe/:\
- $(SOURCE)/val/spe/:\
- $(SUITE_IN)/$(TEST)/:\
- $(SUITE_IN)/include/:
-
-ifeq (${SUITE}, protected_storage)
-VPATH += $(SUITE_IN)/../internal_trusted_storage/$(TEST)/
-endif
-
-
-all: mkdir compile_c_nspe compile_asm_nspe test.elf compile_c_spe compile_asm_spe
-
-mkdir:
- mkdir -p $(SUITE_OUT)/$(TEST)/
-
-compile_c_nspe: $(CC_SOURCE:%.c=$(SUITE_OUT)/$(TEST)/%_nspe.o)
-compile_asm_nspe: $(AS_SOURCE:%.s=$(SUITE_OUT)/$(TEST)/%_nspe.o)
-
-$(SUITE_OUT)/$(TEST)/%_nspe.o : %.c
- $(CC) -D NONSECURE_TEST_BUILD -DVAL_NSPE_BUILD -o $@ -c $<
-
-$(SUITE_OUT)/$(TEST)/%_nspe.o : %.s
- $(AS) -o $@ $<
-
-# Generated %_spe.o(s) are used in spbuild.mk to create final client_partition.a and server_partition.a
-compile_c_spe: $(CC_SOURCE_SPE:%.c=$(SUITE_OUT)/$(TEST)/%_spe.o)
-compile_asm_spe: $(AS_SOURCE_SPE:%.s=$(SUITE_OUT)/$(TEST)/%_spe.o)
-
-$(SUITE_OUT)/$(TEST)/%_spe.o : %.c
- $(CC) -DSPE_BUILD -o $@ -c $<
-
-$(SUITE_OUT)/$(TEST)/%_spe.o : %.s
- $(AS) -o $@ $<
-
-test.elf:
-ifeq (${TOOLCHAIN}, GNUARM)
- $(LD) -Xlinker -Map=$(SUITE_OUT)/$(TEST)/test.map -o $(SUITE_OUT)/$(TEST)/test.elf -T$(SUITE_OUT)/.test.linker $(SUITE_OUT)/$(TEST)/*_nspe.o
-else
- $(LD) --scatter=$(SUITE_OUT)/.test.sct --list=$(SUITE_OUT)/$(TEST)/test.map -o $(SUITE_OUT)/$(TEST)/test.elf $(SUITE_OUT)/$(TEST)/*_nspe.o
-endif
- $(DS) $(SUITE_OUT)/$(TEST)/test.elf > $(SUITE_OUT)/$(TEST)/test.disass
-
diff --git a/api-tests/tools/makefiles/toolchain.mk b/api-tests/tools/makefiles/toolchain.mk
deleted file mode 100644
index 699e6bbb..00000000
--- a/api-tests/tools/makefiles/toolchain.mk
+++ /dev/null
@@ -1,119 +0,0 @@
-# * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-TOOLCHAIN=GNUARM
-PREFIX=
-
-#### GNUARM OPTIONS - START ####
-ifneq (,$(findstring $(TOOLCHAIN),GNUARM-GCC))
- ifeq (${TOOLCHAIN}, GNUARM)
- PREFIX=arm-none-eabi-
- endif
-
- ifeq (${CPU_ARCH}, armv7m)
- TARGET_SWITCH= -march=armv7-m
- else
- ifeq (${CPU_ARCH}, armv8m_ml)
- TARGET_SWITCH= -march=armv8-m.main -mcmse
- else
- TARGET_SWITCH= -march=armv8-m.base -mcmse
- endif
- endif
-
-COMPILER= $(PREFIX)gcc
-ASSEMBLER= $(PREFIX)as
-AR= $(PREFIX)ar
-LINKER= $(PREFIX)gcc
-OBJDUMP=$(PREFIX)objdump
-
-COMPILER_OPTIONS= $(TARGET_SWITCH) -Wall -Werror -fdata-sections -ffunction-sections -mno-unaligned-access
-
-ASSEMBLER_OPTIONS= $(TARGET_SWITCH) -mthumb
-AR_OPTIONS= -rcs
-LINKER_OPTIONS= $(TARGET_SWITCH) -mthumb -Wall -Werror -O0 -fdata-sections \
- -ffunction-sections -Xlinker --fatal-warnings -Xlinker --gc-sections \
- -z max-page-size=0x400 -lgcc -lc -lnosys
-OBJDUMP_OPTIONS= -d
-endif #GNUARM-GCC
-#### GNUARM OPTIONS - END ####
-
-#### ARMCLANG OPTIONS - START ####
-ifeq (${TOOLCHAIN}, ARMCLANG)
-
-COMPILER= armclang
-ASSEMBLER= armclang
-AR= armar
-LINKER= armlink
-OBJDUMP=fromelf
-
- ifeq (${CPU_ARCH}, armv7m)
- TARGET_SWITCH= -march=armv7-m
- TARGET_SWITCH_LD= --cpu=7-M
- else
- ifeq (${CPU_ARCH}, armv8m_ml)
- TARGET_SWITCH= -march=armv8-m.main -mcmse
- TARGET_SWITCH_LD= --cpu=8-M.Main
- else
- TARGET_SWITCH= -march=armv8-m.base -mcmse
- TARGET_SWITCH_LD= --cpu=8-M.Base
- endif
- endif
-
-COMPILER_OPTIONS= --target=arm-arm-none-eabi $(TARGET_SWITCH) -Wall -Werror -fshort-enums -fshort-wchar -funsigned-char -fdata-sections -ffunction-sections -mno-unaligned-access -mfpu=none
-AR_OPTIONS= --create -cr
-LINKER_OPTIONS= --strict --map --symbols --xref --info=summarysizes,sizes,totals,unused,veneers --diag_warning=L6204
-OBJDUMP_OPTIONS= -c -d --datasymbols
-endif
-#### ARMCLANG OPTIONS - END ####
-
-COMPILER_OPTIONS += -DVERBOSE=$(VERBOSE)
-
-ifeq (${TEST_COMBINE_ARCHIVE}, 1)
-COMPILER_OPTIONS += -DTEST_COMBINE_ARCHIVE=1
-endif
-
-ifeq (${WATCHDOG_AVAILABLE}, 1)
-COMPILER_OPTIONS += -DWATCHDOG_AVAILABLE=1
-endif
-
-ifeq (${SP_HEAP_MEM_SUPP}, 1)
-COMPILER_OPTIONS += -DSP_HEAP_MEM_SUPP=1
-endif
-
-ifeq (${PSA_IPC_IMPLEMENTED}, 1)
-COMPILER_OPTIONS += -DPSA_IPC_IMPLEMENTED=1
-endif
-
-ifeq (${PSA_CRYPTO_IMPLEMENTED}, 1)
-COMPILER_OPTIONS += -DPSA_CRYPTO_IMPLEMENTED=1
-endif
-
-ifeq (${PSA_PROTECTED_STORAGE_IMPLEMENTED}, 1)
-COMPILER_OPTIONS += -DPSA_PROTECTED_STORAGE_IMPLEMENTED=1
-endif
-
-ifeq (${PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED}, 1)
-COMPILER_OPTIONS += -DPSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED=1
-endif
-
-ifeq (${PSA_INITIAL_ATTESTATION_IMPLEMENTED}, 1)
-COMPILER_OPTIONS += -DPSA_INITIAL_ATTESTATION_IMPLEMENTED=1
-endif
-
-CC= $(COMPILER) $(COMPILER_OPTIONS) $(CC_OPTIONS) $(USER_INCLUDE) $(INCLUDE)
-AS= $(ASSEMBLER) $(ASSEMBLER_OPTIONS) $(AS_OPTIONS)
-LD= $(LINKER) $(LINKER_OPTIONS)
-DS= $(OBJDUMP) $(OBJDUMP_OPTIONS)
diff --git a/api-tests/tools/makefiles/valbuild.mk b/api-tests/tools/makefiles/valbuild.mk
deleted file mode 100644
index ef0ad4cb..00000000
--- a/api-tests/tools/makefiles/valbuild.mk
+++ /dev/null
@@ -1,52 +0,0 @@
-# * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-include $(SOURCE)/tools/makefiles/toolchain.mk
-
-INCLUDE= -I$(SOURCE)/val/common/ \
- -I$(SOURCE)/val/nspe/ \
- -I$(SOURCE)/val/spe/ \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/ \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/common \
- -I$(SOURCE)/platform/targets/$(TARGET)/nspe/crypto \
- -I$(BUILD)/platform/$(TARGET)/ \
- -I$(BUILD)/val/
-
-VPATH=$(SOURCE)/val/common/:\
- $(SOURCE)/val/nspe/:\
- $(SOURCE)/val/spe/
-
-SRC_COMMON=
-SRC_NS= val_entry.c val_dispatcher.c val_framework.c val_crypto.c val_interfaces.c val_peripherals.c val_target.c val_protected_storage.c val_internal_trusted_storage.c val_attestation.c
-
-all: build
-
-build: mkdir build_common build_ns val_nspe.a
-
-mkdir:
- @mkdir -p $(BUILD)/val/
-
-build_common: $(SRC_COMMON:%.c=$(BUILD)/val/%.o)
-build_ns: $(SRC_NS:%.c=$(BUILD)/val/%.o)
-
-$(BUILD)/val/%.o : %.c
- $(CC) $(INCLUDE) -DVAL_NSPE_BUILD -o $@ -c $<
-
-val_nspe.a:
- $(AR) $(AR_OPTIONS) $(BUILD)/val/val_nspe.a $(BUILD)/val/*.o
-
-clean:
- @rm -rf $(BUILD)/val/*.o $(BUILD)/val/*.a
diff --git a/api-tests/tools/scripts/gen_tests_list.pl b/api-tests/tools/scripts/gen_tests_list.pl
deleted file mode 100644
index f98bb562..00000000
--- a/api-tests/tools/scripts/gen_tests_list.pl
+++ /dev/null
@@ -1,127 +0,0 @@
-#!/usr/bin/env perl
-#/** @file
-# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
-# * SPDX-License-Identifier : Apache-2.0
-# *
-# * Licensed under the Apache License, Version 2.0 (the "License");
-# * you may not use this file except in compliance with the License.
-# * You may obtain a copy of the License at
-# *
-# * http://www.apache.org/licenses/LICENSE-2.0
-# *
-# * Unless required by applicable law or agreed to in writing, software
-# * distributed under the License is distributed on an "AS IS" BASIS,
-# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# * See the License for the specific language governing permissions and
-# * limitations under the License.
-#**/
-
-
-$build=$ARGV[0];
-$tests_list=$ARGV[1];
-$suite=$ARGV[2];
-
-&gen_test_entry_info();
-&gen_secure_tests_list() if ($suite eq "ipc");
-
-sub gen_test_entry_info
-{
- my $test_num = 0;
- my $uniq_test_string = '';
- my $max_test_per_suite = 200;
- my $suite_base = 0;
- my $test_entry_list = "$build/val/test_entry_list.inc";
- my $test_entry_fn_declare_list = "$build/val/test_entry_fn_declare_list.inc";
-
- if ($suite eq "crypto")
- {
- $suite_base = 1;
- }
- elsif ($suite eq "protected_storage")
- {
- $suite_base = 2;
- }
- elsif ($suite eq "internal_trusted_storage")
- {
- $suite_base = 3;
- }
- elsif ($suite eq "initial_attestation")
- {
- $suite_base = 4;
- }
-
- open(IN, $tests_list) or die "Unable to open $tests_list $!";
- open(OUT1, '>', $test_entry_fn_declare_list) or die "Unable to open: $!";
- open(OUT2, '>', $test_entry_list) or die "Unable to open: $!";
-
- while() {
- if($_ !~ /^\//) {# exclude commented lines if any
- chomp($_);
- if($_ =~ /^test_(.+)/) {
- $uniq_test_string = $1;
- $uniq_test_string =~ s/s/p/ if ($suite eq "protected_storage");
- print OUT1 "void test_entry_$uniq_test_string(val_api_t *val_api, psa_api_t *psa_api);\n";
- if($_ =~ /^test_\w0*(\d+)/) {
- $test_num = $1 + ($max_test_per_suite * $suite_base);
- print OUT2 "\t{$test_num, &test_entry_$uniq_test_string},\n";
- }
- }
- }
- }
- close IN;
- close OUT1;
- close OUT2;
- print "Non-secure test entry symbol list:
- $test_entry_list,
- $test_entry_fn_declare_list\n";
-}
-
-sub gen_secure_tests_list
-{
- my $test_num = 0;
- my $test_num_prev = 0;
- my $client_tests_list_declare = "$build/partition/client_tests_list_declare.inc";
- my $client_tests_list = "$build/partition/client_tests_list.inc";
- my $server_tests_list_declare = "$build/partition/server_tests_list_declare.inc";
- my $server_tests_list = "$build/partition/server_tests_list.inc";
-
- open(IN, $tests_list) or die "Unable to open $tests_list $!";
- open(OUT1, '>', $client_tests_list_declare) or die "Unable to open: $!";
- open(OUT2, '>', $client_tests_list) or die "Unable to open: $!";
- open(OUT3, '>', $server_tests_list_declare) or die "Unable to open: $!";
- open(OUT4, '>', $server_tests_list) or die "Unable to open: $!";
-
- while() {
- if($_ !~ /^\//) {# exclude commented lines if any
- chomp($_);
- if($_ =~ /^test_\w(\d+)/) {
- $test_num = $1;
- print OUT1 " extern client_test_t $_\_client_tests_list[];\n";
- print OUT3 " extern server_test_t $_\_server_tests_list[];\n";
-
- if ($test_num - $test_num_prev > 1)
- {
- for ($i = $test_num_prev; $i < ($test_num - 1); $i++)
- {
- print OUT2 "\tNULL,\n";
- print OUT4 "\tNULL,\n";
- }
- }
- print OUT2 "\t$_\_client_tests_list,\n";
- print OUT4 "\t$_\_server_tests_list,\n";
- }
- }
- $test_num_prev = $test_num;
- }
- close IN;
- close OUT1;
- close OUT2;
- close OUT3;
- close OUT4;
-
- print "Secure test entry symbol list:
- $client_tests_list_declare,
- $client_tests_list,
- $server_tests_list_declare,
- $server_tests_list \n\n";
-}
diff --git a/api-tests/tools/scripts/gen_tests_list.py b/api-tests/tools/scripts/gen_tests_list.py
new file mode 100644
index 00000000..7d33bb5a
--- /dev/null
+++ b/api-tests/tools/scripts/gen_tests_list.py
@@ -0,0 +1,126 @@
+#!/usr/bin/python
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+import sys
+
+if (len(sys.argv) != 11):
+ print("\nScript requires following inputs")
+ print("\narg1 : ")
+ print("\narg2 : ")
+ print("\narg3 : ")
+ print("\narg4 :